1 |
commit: 01d1b4b0b7ad60855d735b3260e9bf8dedd78eda |
2 |
Author: Aaron Bauman <bman <AT> gentoo <DOT> org> |
3 |
AuthorDate: Tue Sep 29 13:52:32 2020 +0000 |
4 |
Commit: Aaron Bauman <bman <AT> gentoo <DOT> org> |
5 |
CommitDate: Tue Sep 29 13:52:32 2020 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=01d1b4b0 |
7 |
|
8 |
Revert "net-dns/opendnssec: drop old EAPI=5" |
9 |
|
10 |
This reverts commit 0253543021b04dd2339f66438542f2c43c876b82. |
11 |
|
12 |
* I dropped LTS release so let's restore them. |
13 |
|
14 |
Signed-off-by: Aaron Bauman <bman <AT> gentoo.org> |
15 |
|
16 |
net-dns/opendnssec/Manifest | 4 + |
17 |
net-dns/opendnssec/opendnssec-1.3.18-r1.ebuild | 204 +++++++++++++++++++++ |
18 |
net-dns/opendnssec/opendnssec-1.4.12-r1.ebuild | 208 +++++++++++++++++++++ |
19 |
net-dns/opendnssec/opendnssec-1.4.8.2.ebuild | 206 +++++++++++++++++++++ |
20 |
net-dns/opendnssec/opendnssec-2.0.1-r1.ebuild | 240 +++++++++++++++++++++++++ |
21 |
5 files changed, 862 insertions(+) |
22 |
|
23 |
diff --git a/net-dns/opendnssec/Manifest b/net-dns/opendnssec/Manifest |
24 |
index b7655458e11..0136e5ba4f9 100644 |
25 |
--- a/net-dns/opendnssec/Manifest |
26 |
+++ b/net-dns/opendnssec/Manifest |
27 |
@@ -1 +1,5 @@ |
28 |
+DIST opendnssec-1.3.18.tar.gz 1143889 BLAKE2B 0443a9d29de479257c05d024a756c176a342032eb17b105c04f5808ba550f1026815f191bce6ada13c54a7b7fea0f816d7754227f3d1c9ed76bc4d602785c2cf SHA512 5df39ba778c9b1245e88b81df7aa491bca0aad2943845284c4f8b4dd729fa69014d45f07bdf99a048ccf668a1c9675a8dd99efcec1abdbd4e06e9738fec6ab6d |
29 |
+DIST opendnssec-1.4.12.tar.gz 1036392 BLAKE2B 3bfbcfe91d7da7c2e4b1c5439f7d55e15612ab6ace6af25fcb9c9eb7ddb2e1055e70684c2bd6bbae57a0c2eb78098b448f7dca198e0d6f9e2e812945a1f06cc2 SHA512 b72b76ab4aec8cc63cc9c020bef9a24b000fd00172a07cf43d57b3a33041bef9e107b71eb7271bb13c3566510599c6a1913cf986a724e169c42dc8bdac8d2e51 |
30 |
+DIST opendnssec-1.4.8.2.tar.gz 1043171 BLAKE2B 20b1fa0d97b776223314937061cd42f4fe0a924e58a159fd0399d23058e2b0fd44d55049947de26c36aade5b5599527fc03f09eeef4e20f8c9beee40dfbcd7fb SHA512 7f2e10b425f60947aca40c61509b07ddc4363105cc882b518ffa816437299d6f881411cb38325f27b3a34c2005953988b39c945362866dd0f1f7c6ef973bfa06 |
31 |
+DIST opendnssec-2.0.1.tar.gz 1101523 BLAKE2B 0446efd04e73e00d204c53164c3c6aaecb9f37014a110ee85d7e7b1728d225aafcf9e6ef31a7dd29cdf2e875e7b653ab6e8178cece65c47a1c5b027facc16130 SHA512 aa12818f92688e087acaff8a6771d2a7da733e04d9e821967d313c7ff880a1056f470b11988eba1e7aad606418c3a4587f654163d74f68e3f61943c74d86d052 |
32 |
DIST opendnssec-2.0.3.tar.gz 1103355 BLAKE2B b64e729003de86e4139efaad60c9feae9f4e19c16a29fdced55d66f5896c4b7d76c4b8c57a8330d55c0c03e87de1ebe6ec49ef9d1b6e215be963680d2c805579 SHA512 4745a9ac317cc65d6f5b14be640687efd5fde2149541f692fb607a458378d27e903f175023c1aa16a777d17cef9cc68f1a84e7e7cdb233466d26756721b34424 |
33 |
|
34 |
diff --git a/net-dns/opendnssec/opendnssec-1.3.18-r1.ebuild b/net-dns/opendnssec/opendnssec-1.3.18-r1.ebuild |
35 |
new file mode 100644 |
36 |
index 00000000000..a37fb6fc331 |
37 |
--- /dev/null |
38 |
+++ b/net-dns/opendnssec/opendnssec-1.3.18-r1.ebuild |
39 |
@@ -0,0 +1,204 @@ |
40 |
+# Copyright 1999-2020 Gentoo Authors |
41 |
+# Distributed under the terms of the GNU General Public License v2 |
42 |
+ |
43 |
+EAPI=5 |
44 |
+ |
45 |
+MY_P="${P/_}" |
46 |
+PKCS11_IUSE="+softhsm opensc external-hsm" |
47 |
+inherit autotools multilib user |
48 |
+ |
49 |
+DESCRIPTION="An open-source turn-key solution for DNSSEC" |
50 |
+HOMEPAGE="https://www.opendnssec.org/" |
51 |
+SRC_URI="https://www.${PN}.org/files/source/${MY_P}.tar.gz" |
52 |
+ |
53 |
+LICENSE="BSD GPL-2" |
54 |
+SLOT="0" |
55 |
+KEYWORDS="~amd64 ~x86" |
56 |
+IUSE="-auditor +curl debug doc eppclient mysql +signer +sqlite test ${PKCS11_IUSE}" |
57 |
+RESTRICT="!test? ( test )" |
58 |
+ |
59 |
+RDEPEND=" |
60 |
+ dev-lang/perl |
61 |
+ dev-libs/libxml2 |
62 |
+ dev-libs/libxslt |
63 |
+ net-libs/ldns |
64 |
+ curl? ( net-misc/curl ) |
65 |
+ mysql? ( |
66 |
+ virtual/mysql |
67 |
+ dev-perl/DBD-mysql |
68 |
+ ) |
69 |
+ opensc? ( dev-libs/opensc ) |
70 |
+ softhsm? ( dev-libs/softhsm:* ) |
71 |
+ sqlite? ( |
72 |
+ dev-db/sqlite:3 |
73 |
+ dev-perl/DBD-SQLite |
74 |
+ ) |
75 |
+" |
76 |
+DEPEND="${RDEPEND} |
77 |
+ doc? ( app-doc/doxygen ) |
78 |
+ test? ( |
79 |
+ app-text/trang |
80 |
+ ) |
81 |
+" |
82 |
+# test? dev-util/cunit # Requires running test DB |
83 |
+ |
84 |
+REQUIRED_USE=" |
85 |
+ ^^ ( mysql sqlite ) |
86 |
+ ^^ ( softhsm opensc external-hsm ) |
87 |
+ eppclient? ( curl ) |
88 |
+" |
89 |
+ |
90 |
+PATCHES=( |
91 |
+ "${FILESDIR}/${PN}-fix-localstatedir.patch" |
92 |
+ "${FILESDIR}/${PN}-fix-run-dir.patch" |
93 |
+ "${FILESDIR}/${PN}-1.3.14-drop-privileges.patch" |
94 |
+ "${FILESDIR}/${PN}-1.3.14-use-system-trang.patch" |
95 |
+ "${FILESDIR}/${PN}-1.3.18-eppclient-curl-CVE-2012-5582.patch" |
96 |
+) |
97 |
+ |
98 |
+S="${WORKDIR}/${MY_P}" |
99 |
+ |
100 |
+DOCS=( MIGRATION NEWS ) |
101 |
+ |
102 |
+check_pkcs11_setup() { |
103 |
+ # PKCS#11 HSM's are often only available with proprietary drivers not |
104 |
+ # available in portage tree. |
105 |
+ |
106 |
+ if use softhsm; then |
107 |
+ PKCS11_LIB=softhsm |
108 |
+ if has_version ">=dev-libs/softhsm-1.3.1"; then |
109 |
+ PKCS11_PATH=/usr/$(get_libdir)/softhsm/libsofthsm.so |
110 |
+ else |
111 |
+ PKCS11_PATH=/usr/$(get_libdir)/libsofthsm.so |
112 |
+ fi |
113 |
+ elog "Building with SoftHSM PKCS#11 library support." |
114 |
+ fi |
115 |
+ if use opensc; then |
116 |
+ PKCS11_LIB=opensc |
117 |
+ PKCS11_PATH=/usr/$(get_libdir)/opensc-pkcs11.so |
118 |
+ elog "Building with OpenSC PKCS#11 library support." |
119 |
+ fi |
120 |
+ if use external-hsm; then |
121 |
+ if [[ -n ${PKCS11_SCA6000} ]]; then |
122 |
+ PKCS11_LIB=sca6000 |
123 |
+ PKCS11_PATH=${PKCS11_SCA6000} |
124 |
+ elif [[ -n ${PKCS11_ETOKEN} ]]; then |
125 |
+ PKCS11_LIB=etoken |
126 |
+ PKCS11_PATH=${PKCS11_ETOKEN} |
127 |
+ elif [[ -n ${PKCS11_NCIPHER} ]]; then |
128 |
+ PKCS11_LIB=ncipher |
129 |
+ PKCS11_PATH=${PKCS11_NCIPHER} |
130 |
+ elif [[ -n ${PKCS11_AEPKEYPER} ]]; then |
131 |
+ PKCS11_LIB=aepkeyper |
132 |
+ PKCS11_PATH=${PKCS11_AEPKEYPER} |
133 |
+ else |
134 |
+ ewarn "You enabled USE flag 'external-hsm' but did not specify a path to a PKCS#11" |
135 |
+ ewarn "library. To set a path, set one of the following environment variables:" |
136 |
+ ewarn " for Sun Crypto Accelerator 6000, set: PKCS11_SCA6000=<path>" |
137 |
+ ewarn " for Aladdin eToken, set: PKCS11_ETOKEN=<path>" |
138 |
+ ewarn " for Thales/nCipher netHSM, set: PKCS11_NCIPHER=<path>" |
139 |
+ ewarn " for AEP Keyper, set: PKCS11_AEPKEYPER=<path>" |
140 |
+ ewarn "Example:" |
141 |
+ ewarn " PKCS11_ETOKEN=\"/opt/etoken/lib/libeTPkcs11.so\" emerge -pv opendnssec" |
142 |
+ ewarn "or store the variable into /etc/portage/make.conf" |
143 |
+ die "USE flag 'external-hsm' set but no PKCS#11 library path specified." |
144 |
+ fi |
145 |
+ elog "Building with external PKCS#11 library support ($PKCS11_LIB): ${PKCS11_PATH}" |
146 |
+ fi |
147 |
+} |
148 |
+ |
149 |
+pkg_pretend() { |
150 |
+ local i |
151 |
+ |
152 |
+ for i in eppclient mysql; do |
153 |
+ if use ${i}; then |
154 |
+ ewarn |
155 |
+ ewarn "Usage of ${i} is considered experimental." |
156 |
+ ewarn "Do not report bugs against this feature." |
157 |
+ ewarn |
158 |
+ fi |
159 |
+ done |
160 |
+ |
161 |
+ check_pkcs11_setup |
162 |
+} |
163 |
+ |
164 |
+pkg_setup() { |
165 |
+ enewgroup opendnssec |
166 |
+ enewuser opendnssec -1 -1 -1 opendnssec |
167 |
+ |
168 |
+ # pretend does not preserve variables so we need to run this once more |
169 |
+ check_pkcs11_setup |
170 |
+} |
171 |
+ |
172 |
+src_prepare() { |
173 |
+ base_src_prepare |
174 |
+ eautoreconf |
175 |
+} |
176 |
+ |
177 |
+src_configure() { |
178 |
+ # $(use_with test cunit "${EPREFIX}/usr/") \ |
179 |
+ econf \ |
180 |
+ --without-cunit \ |
181 |
+ --localstatedir="${EPREFIX}/var/" \ |
182 |
+ --disable-static \ |
183 |
+ --with-database-backend=$(use mysql && echo "mysql")$(use sqlite && echo "sqlite3") \ |
184 |
+ --with-pkcs11-${PKCS11_LIB}=${PKCS11_PATH} \ |
185 |
+ --disable-auditor \ |
186 |
+ $(use_with curl) \ |
187 |
+ $(use_enable debug timeshift) \ |
188 |
+ $(use_enable eppclient) \ |
189 |
+ $(use_enable signer) |
190 |
+} |
191 |
+ |
192 |
+src_compile() { |
193 |
+ default |
194 |
+ use doc && emake docs |
195 |
+} |
196 |
+ |
197 |
+src_install() { |
198 |
+ default |
199 |
+ |
200 |
+ # remove useless .la files |
201 |
+ find "${ED}" -name '*.la' -delete |
202 |
+ |
203 |
+ # Remove subversion tags from config files to avoid useless config updates |
204 |
+ sed -i \ |
205 |
+ -e '/<!-- \$Id:/ d' \ |
206 |
+ "${ED}"/etc/opendnssec/* || die |
207 |
+ |
208 |
+ # install update scripts |
209 |
+ insinto /usr/share/opendnssec |
210 |
+ use sqlite && doins enforcer/utils/migrate_keyshare_sqlite3.pl |
211 |
+ use mysql && doins enforcer/utils/migrate_keyshare_mysql.pl |
212 |
+ |
213 |
+ # fix permissions |
214 |
+ fowners root:opendnssec /etc/opendnssec |
215 |
+ fowners root:opendnssec /etc/opendnssec/{conf,kasp,zonelist,zonefetch}.xml |
216 |
+ use eppclient && fowners root:opendnssec /etc/opendnssec/eppclientd.conf |
217 |
+ |
218 |
+ fowners opendnssec:opendnssec /var/lib/opendnssec/{,signconf,unsigned,signed,tmp} |
219 |
+ |
220 |
+ # install conf/init script |
221 |
+ newinitd "${FILESDIR}"/opendnssec.initd-1.3.x opendnssec |
222 |
+ newconfd "${FILESDIR}"/opendnssec.confd-1.3.x opendnssec |
223 |
+ use auditor || sed -i 's/^CHECKCONFIG_BIN=.*/CHECKCONFIG_BIN=/' "${D}"/etc/conf.d/opendnssec |
224 |
+} |
225 |
+ |
226 |
+pkg_postinst() { |
227 |
+ if use softhsm; then |
228 |
+ elog "Please make sure that you create your softhsm database in a location writeable" |
229 |
+ elog "by the opendnssec user. You can set its location in /etc/softhsm.conf." |
230 |
+ elog "Suggested configuration is:" |
231 |
+ elog " echo \"0:/var/lib/opendnssec/softhsm_slot0.db\" >> /etc/softhsm.conf" |
232 |
+ elog " softhsm --init-token --slot 0 --label OpenDNSSEC" |
233 |
+ elog " chown opendnssec:opendnssec /var/lib/opendnssec/softhsm_slot0.db" |
234 |
+ fi |
235 |
+ if use auditor; then |
236 |
+ ewarn |
237 |
+ ewarn "Please note that auditor support has been disabled in this version since it" |
238 |
+ ewarn "it depends on ruby 1.8 which has been removed from the portage tree." |
239 |
+ ewarn "USE=auditor is only provided for this warning but will not install the" |
240 |
+ ewarn "auditor anymore." |
241 |
+ ewarn |
242 |
+ fi |
243 |
+} |
244 |
|
245 |
diff --git a/net-dns/opendnssec/opendnssec-1.4.12-r1.ebuild b/net-dns/opendnssec/opendnssec-1.4.12-r1.ebuild |
246 |
new file mode 100644 |
247 |
index 00000000000..7204fc6a5df |
248 |
--- /dev/null |
249 |
+++ b/net-dns/opendnssec/opendnssec-1.4.12-r1.ebuild |
250 |
@@ -0,0 +1,208 @@ |
251 |
+# Copyright 1999-2020 Gentoo Authors |
252 |
+# Distributed under the terms of the GNU General Public License v2 |
253 |
+ |
254 |
+EAPI=5 |
255 |
+ |
256 |
+MY_P="${P/_}" |
257 |
+PKCS11_IUSE="+softhsm opensc external-hsm" |
258 |
+inherit autotools eutils multilib user |
259 |
+ |
260 |
+DESCRIPTION="An open-source turn-key solution for DNSSEC" |
261 |
+HOMEPAGE="https://www.opendnssec.org/" |
262 |
+SRC_URI="https://www.${PN}.org/files/source/${MY_P}.tar.gz" |
263 |
+ |
264 |
+LICENSE="BSD GPL-2" |
265 |
+SLOT="0" |
266 |
+KEYWORDS="~amd64 ~x86" |
267 |
+IUSE="debug doc +mysql +signer sqlite test ${PKCS11_IUSE}" |
268 |
+RESTRICT="!test? ( test )" |
269 |
+ |
270 |
+RDEPEND=" |
271 |
+ dev-lang/perl |
272 |
+ dev-libs/libxml2 |
273 |
+ dev-libs/libxslt |
274 |
+ net-libs/ldns |
275 |
+ mysql? ( |
276 |
+ virtual/mysql |
277 |
+ dev-perl/DBD-mysql |
278 |
+ ) |
279 |
+ opensc? ( dev-libs/opensc ) |
280 |
+ softhsm? ( dev-libs/softhsm:* ) |
281 |
+ sqlite? ( |
282 |
+ dev-db/sqlite:3 |
283 |
+ dev-perl/DBD-SQLite |
284 |
+ ) |
285 |
+" |
286 |
+DEPEND="${RDEPEND} |
287 |
+ doc? ( app-doc/doxygen ) |
288 |
+ test? ( |
289 |
+ app-text/trang |
290 |
+ ) |
291 |
+" |
292 |
+ |
293 |
+REQUIRED_USE=" |
294 |
+ ^^ ( mysql sqlite ) |
295 |
+ ^^ ( softhsm opensc external-hsm ) |
296 |
+" |
297 |
+ |
298 |
+PATCHES=( |
299 |
+ "${FILESDIR}/${PN}-fix-localstatedir.patch" |
300 |
+ "${FILESDIR}/${PN}-fix-run-dir.patch" |
301 |
+ "${FILESDIR}/${PN}-drop-privileges.patch" |
302 |
+ "${FILESDIR}/${PN}-use-system-trang.patch" |
303 |
+) |
304 |
+ |
305 |
+S="${WORKDIR}/${MY_P}" |
306 |
+ |
307 |
+DOCS=( MIGRATION NEWS ) |
308 |
+ |
309 |
+check_pkcs11_setup() { |
310 |
+ # PKCS#11 HSM's are often only available with proprietary drivers not |
311 |
+ # available in portage tree. |
312 |
+ |
313 |
+ if use softhsm; then |
314 |
+ PKCS11_LIB=softhsm |
315 |
+ if has_version ">=dev-libs/softhsm-1.3.1"; then |
316 |
+ PKCS11_PATH=/usr/$(get_libdir)/softhsm/libsofthsm.so |
317 |
+ else |
318 |
+ PKCS11_PATH=/usr/$(get_libdir)/libsofthsm.so |
319 |
+ fi |
320 |
+ elog "Building with SoftHSM PKCS#11 library support." |
321 |
+ fi |
322 |
+ if use opensc; then |
323 |
+ PKCS11_LIB=opensc |
324 |
+ PKCS11_PATH=/usr/$(get_libdir)/opensc-pkcs11.so |
325 |
+ elog "Building with OpenSC PKCS#11 library support." |
326 |
+ fi |
327 |
+ if use external-hsm; then |
328 |
+ if [[ -n ${PKCS11_SCA6000} ]]; then |
329 |
+ PKCS11_LIB=sca6000 |
330 |
+ PKCS11_PATH=${PKCS11_SCA6000} |
331 |
+ elif [[ -n ${PKCS11_ETOKEN} ]]; then |
332 |
+ PKCS11_LIB=etoken |
333 |
+ PKCS11_PATH=${PKCS11_ETOKEN} |
334 |
+ elif [[ -n ${PKCS11_NCIPHER} ]]; then |
335 |
+ PKCS11_LIB=ncipher |
336 |
+ PKCS11_PATH=${PKCS11_NCIPHER} |
337 |
+ elif [[ -n ${PKCS11_AEPKEYPER} ]]; then |
338 |
+ PKCS11_LIB=aepkeyper |
339 |
+ PKCS11_PATH=${PKCS11_AEPKEYPER} |
340 |
+ else |
341 |
+ ewarn "You enabled USE flag 'external-hsm' but did not specify a path to a PKCS#11" |
342 |
+ ewarn "library. To set a path, set one of the following environment variables:" |
343 |
+ ewarn " for Sun Crypto Accelerator 6000, set: PKCS11_SCA6000=<path>" |
344 |
+ ewarn " for Aladdin eToken, set: PKCS11_ETOKEN=<path>" |
345 |
+ ewarn " for Thales/nCipher netHSM, set: PKCS11_NCIPHER=<path>" |
346 |
+ ewarn " for AEP Keyper, set: PKCS11_AEPKEYPER=<path>" |
347 |
+ ewarn "Example:" |
348 |
+ ewarn " PKCS11_ETOKEN=\"/opt/etoken/lib/libeTPkcs11.so\" emerge -pv opendnssec" |
349 |
+ ewarn "or store the variable into /etc/portage/make.conf" |
350 |
+ die "USE flag 'external-hsm' set but no PKCS#11 library path specified." |
351 |
+ fi |
352 |
+ elog "Building with external PKCS#11 library support ($PKCS11_LIB): ${PKCS11_PATH}" |
353 |
+ fi |
354 |
+} |
355 |
+ |
356 |
+pkg_pretend() { |
357 |
+ check_pkcs11_setup |
358 |
+} |
359 |
+ |
360 |
+pkg_setup() { |
361 |
+ enewgroup opendnssec |
362 |
+ enewuser opendnssec -1 -1 -1 opendnssec |
363 |
+ |
364 |
+ # pretend does not preserve variables so we need to run this once more |
365 |
+ check_pkcs11_setup |
366 |
+} |
367 |
+ |
368 |
+src_prepare() { |
369 |
+ local patch |
370 |
+ default |
371 |
+ for patch in "${PATCHES[@]}"; do |
372 |
+ epatch "$patch" |
373 |
+ done |
374 |
+ eautoreconf |
375 |
+} |
376 |
+ |
377 |
+src_configure() { |
378 |
+ econf \ |
379 |
+ --without-cunit \ |
380 |
+ --localstatedir="${EPREFIX}/var/" \ |
381 |
+ --disable-static \ |
382 |
+ --with-database-backend=$(use mysql && echo "mysql")$(use sqlite && echo "sqlite3") \ |
383 |
+ --with-pkcs11-${PKCS11_LIB}=${PKCS11_PATH} \ |
384 |
+ $(use_enable debug timeshift) \ |
385 |
+ $(use_enable signer) |
386 |
+} |
387 |
+ |
388 |
+src_compile() { |
389 |
+ default |
390 |
+ use doc && emake docs |
391 |
+} |
392 |
+ |
393 |
+src_install() { |
394 |
+ default |
395 |
+ |
396 |
+ # remove useless .la files |
397 |
+ find "${ED}" -name '*.la' -delete |
398 |
+ |
399 |
+ # Remove subversion tags from config files to avoid useless config updates |
400 |
+ sed -i \ |
401 |
+ -e '/<!-- \$Id:/ d' \ |
402 |
+ "${ED}"/etc/opendnssec/* || die |
403 |
+ |
404 |
+ # install update scripts |
405 |
+ insinto /usr/share/opendnssec |
406 |
+ if use sqlite; then |
407 |
+ doins enforcer/utils/migrate_*sqlite* |
408 |
+ fi |
409 |
+ if use mysql; then |
410 |
+ doins enforcer/utils/migrate_*mysql* |
411 |
+ fi |
412 |
+ |
413 |
+ # fix permissions |
414 |
+ fowners root:opendnssec /etc/opendnssec |
415 |
+ fowners root:opendnssec /etc/opendnssec/{addns,conf,kasp,zonelist}.xml |
416 |
+ fowners opendnssec:opendnssec /var/lib/opendnssec/{,signconf,unsigned,signed,tmp} |
417 |
+ |
418 |
+ # install conf/init script |
419 |
+ newinitd "${FILESDIR}"/opendnssec.initd opendnssec |
420 |
+ newconfd "${FILESDIR}"/opendnssec.confd opendnssec |
421 |
+} |
422 |
+ |
423 |
+pkg_postinst() { |
424 |
+ local v |
425 |
+ if use softhsm; then |
426 |
+ elog "Please make sure that you create your softhsm database in a location writeable" |
427 |
+ elog "by the opendnssec user. You can set its location in /etc/softhsm.conf." |
428 |
+ elog "Suggested configuration is:" |
429 |
+ elog " echo \"0:/var/lib/opendnssec/softhsm_slot0.db\" >> /etc/softhsm.conf" |
430 |
+ elog " softhsm --init-token --slot 0 --label OpenDNSSEC" |
431 |
+ elog " chown opendnssec:opendnssec /var/lib/opendnssec/softhsm_slot0.db" |
432 |
+ fi |
433 |
+ |
434 |
+ for v in $REPLACING_VERSIONS; do |
435 |
+ case $v in |
436 |
+ 1.3.*) |
437 |
+ ewarn "" |
438 |
+ ewarn "You are upgrading from version 1.3." |
439 |
+ ewarn "" |
440 |
+ ewarn "Please be aware of the following:" |
441 |
+ ewarn " * OpenDNSSEC now supports both input and output adapters for" |
442 |
+ ewarn " AXFR and IXFR in addition to file transfer." |
443 |
+ ewarn " -> The zonefetch.xml file has been replaced by addns.xml" |
444 |
+ ewarn " to support this enhancement." |
445 |
+ ewarn " -> changes to the KASP database mean that a database" |
446 |
+ ewarn " migration is required to upgrade to 1.4 from earlier" |
447 |
+ ewarn " versions of OpenDNSSEC." |
448 |
+ ewarn " * The auditor is no longer supported." |
449 |
+ ewarn "" |
450 |
+ ewarn "You can find more information here:" |
451 |
+ ewarn " * /usr/share/doc/opendnssec*/MIGRATION*" |
452 |
+ ewarn " * https://wiki.opendnssec.org/display/DOCS/Migrating+zone+fetcher+to+DNS+adapters" |
453 |
+ ewarn " * https://wiki.opendnssec.org/display/DOCS/Migrating+from+earlier+versions+of+OpenDNSSEC" |
454 |
+ ewarn "" |
455 |
+ ;; |
456 |
+ esac |
457 |
+ done |
458 |
+} |
459 |
|
460 |
diff --git a/net-dns/opendnssec/opendnssec-1.4.8.2.ebuild b/net-dns/opendnssec/opendnssec-1.4.8.2.ebuild |
461 |
new file mode 100644 |
462 |
index 00000000000..fa23c0bf555 |
463 |
--- /dev/null |
464 |
+++ b/net-dns/opendnssec/opendnssec-1.4.8.2.ebuild |
465 |
@@ -0,0 +1,206 @@ |
466 |
+# Copyright 1999-2020 Gentoo Authors |
467 |
+# Distributed under the terms of the GNU General Public License v2 |
468 |
+ |
469 |
+EAPI=5 |
470 |
+ |
471 |
+MY_P="${P/_}" |
472 |
+PKCS11_IUSE="+softhsm opensc external-hsm" |
473 |
+inherit autotools multilib user |
474 |
+ |
475 |
+DESCRIPTION="An open-source turn-key solution for DNSSEC" |
476 |
+HOMEPAGE="https://www.opendnssec.org/" |
477 |
+SRC_URI="https://www.${PN}.org/files/source/${MY_P}.tar.gz" |
478 |
+ |
479 |
+LICENSE="BSD GPL-2" |
480 |
+SLOT="0" |
481 |
+KEYWORDS="~amd64 ~x86" |
482 |
+IUSE="debug doc +mysql +signer sqlite test ${PKCS11_IUSE}" |
483 |
+RESTRICT="!test? ( test )" |
484 |
+ |
485 |
+RDEPEND=" |
486 |
+ dev-lang/perl |
487 |
+ dev-libs/libxml2 |
488 |
+ dev-libs/libxslt |
489 |
+ net-libs/ldns |
490 |
+ mysql? ( |
491 |
+ virtual/mysql |
492 |
+ dev-perl/DBD-mysql |
493 |
+ ) |
494 |
+ opensc? ( dev-libs/opensc ) |
495 |
+ softhsm? ( dev-libs/softhsm:* ) |
496 |
+ sqlite? ( |
497 |
+ dev-db/sqlite:3 |
498 |
+ dev-perl/DBD-SQLite |
499 |
+ ) |
500 |
+" |
501 |
+DEPEND="${RDEPEND} |
502 |
+ doc? ( app-doc/doxygen ) |
503 |
+ test? ( |
504 |
+ app-text/trang |
505 |
+ ) |
506 |
+" |
507 |
+ |
508 |
+REQUIRED_USE=" |
509 |
+ ^^ ( mysql sqlite ) |
510 |
+ ^^ ( softhsm opensc external-hsm ) |
511 |
+" |
512 |
+ |
513 |
+PATCHES=( |
514 |
+ "${FILESDIR}/${PN}-fix-localstatedir.patch" |
515 |
+ "${FILESDIR}/${PN}-fix-run-dir.patch" |
516 |
+ "${FILESDIR}/${PN}-drop-privileges.patch" |
517 |
+ "${FILESDIR}/${PN}-use-system-trang.patch" |
518 |
+) |
519 |
+ |
520 |
+S="${WORKDIR}/${MY_P}" |
521 |
+ |
522 |
+DOCS=( MIGRATION NEWS ) |
523 |
+ |
524 |
+check_pkcs11_setup() { |
525 |
+ # PKCS#11 HSM's are often only available with proprietary drivers not |
526 |
+ # available in portage tree. |
527 |
+ |
528 |
+ if use softhsm; then |
529 |
+ PKCS11_LIB=softhsm |
530 |
+ if has_version ">=dev-libs/softhsm-1.3.1"; then |
531 |
+ PKCS11_PATH=/usr/$(get_libdir)/softhsm/libsofthsm.so |
532 |
+ else |
533 |
+ PKCS11_PATH=/usr/$(get_libdir)/libsofthsm.so |
534 |
+ fi |
535 |
+ elog "Building with SoftHSM PKCS#11 library support." |
536 |
+ fi |
537 |
+ if use opensc; then |
538 |
+ PKCS11_LIB=opensc |
539 |
+ PKCS11_PATH=/usr/$(get_libdir)/opensc-pkcs11.so |
540 |
+ elog "Building with OpenSC PKCS#11 library support." |
541 |
+ fi |
542 |
+ if use external-hsm; then |
543 |
+ if [[ -n ${PKCS11_SCA6000} ]]; then |
544 |
+ PKCS11_LIB=sca6000 |
545 |
+ PKCS11_PATH=${PKCS11_SCA6000} |
546 |
+ elif [[ -n ${PKCS11_ETOKEN} ]]; then |
547 |
+ PKCS11_LIB=etoken |
548 |
+ PKCS11_PATH=${PKCS11_ETOKEN} |
549 |
+ elif [[ -n ${PKCS11_NCIPHER} ]]; then |
550 |
+ PKCS11_LIB=ncipher |
551 |
+ PKCS11_PATH=${PKCS11_NCIPHER} |
552 |
+ elif [[ -n ${PKCS11_AEPKEYPER} ]]; then |
553 |
+ PKCS11_LIB=aepkeyper |
554 |
+ PKCS11_PATH=${PKCS11_AEPKEYPER} |
555 |
+ else |
556 |
+ ewarn "You enabled USE flag 'external-hsm' but did not specify a path to a PKCS#11" |
557 |
+ ewarn "library. To set a path, set one of the following environment variables:" |
558 |
+ ewarn " for Sun Crypto Accelerator 6000, set: PKCS11_SCA6000=<path>" |
559 |
+ ewarn " for Aladdin eToken, set: PKCS11_ETOKEN=<path>" |
560 |
+ ewarn " for Thales/nCipher netHSM, set: PKCS11_NCIPHER=<path>" |
561 |
+ ewarn " for AEP Keyper, set: PKCS11_AEPKEYPER=<path>" |
562 |
+ ewarn "Example:" |
563 |
+ ewarn " PKCS11_ETOKEN=\"/opt/etoken/lib/libeTPkcs11.so\" emerge -pv opendnssec" |
564 |
+ ewarn "or store the variable into /etc/portage/make.conf" |
565 |
+ die "USE flag 'external-hsm' set but no PKCS#11 library path specified." |
566 |
+ fi |
567 |
+ elog "Building with external PKCS#11 library support ($PKCS11_LIB): ${PKCS11_PATH}" |
568 |
+ fi |
569 |
+} |
570 |
+ |
571 |
+pkg_pretend() { |
572 |
+ check_pkcs11_setup |
573 |
+} |
574 |
+ |
575 |
+pkg_setup() { |
576 |
+ enewgroup opendnssec |
577 |
+ enewuser opendnssec -1 -1 -1 opendnssec |
578 |
+ |
579 |
+ # pretend does not preserve variables so we need to run this once more |
580 |
+ check_pkcs11_setup |
581 |
+} |
582 |
+ |
583 |
+src_prepare() { |
584 |
+ base_src_prepare |
585 |
+ eautoreconf |
586 |
+} |
587 |
+ |
588 |
+src_configure() { |
589 |
+ econf \ |
590 |
+ --without-cunit \ |
591 |
+ --localstatedir="${EPREFIX}/var/" \ |
592 |
+ --disable-static \ |
593 |
+ --with-database-backend=$(use mysql && echo "mysql")$(use sqlite && echo "sqlite3") \ |
594 |
+ --with-pkcs11-${PKCS11_LIB}=${PKCS11_PATH} \ |
595 |
+ $(use_enable debug timeshift) \ |
596 |
+ $(use_enable signer) |
597 |
+} |
598 |
+ |
599 |
+src_compile() { |
600 |
+ default |
601 |
+ use doc && emake docs |
602 |
+} |
603 |
+ |
604 |
+src_install() { |
605 |
+ default |
606 |
+ |
607 |
+ # remove useless .la files |
608 |
+ find "${ED}" -name '*.la' -delete |
609 |
+ |
610 |
+ # Remove subversion tags from config files to avoid useless config updates |
611 |
+ sed -i \ |
612 |
+ -e '/<!-- \$Id:/ d' \ |
613 |
+ "${ED}"/etc/opendnssec/* || die |
614 |
+ |
615 |
+ # install update scripts |
616 |
+ insinto /usr/share/opendnssec |
617 |
+ if use sqlite; then |
618 |
+ doins enforcer/utils/migrate_keyshare_sqlite3.pl |
619 |
+ doins enforcer/utils/migrate_adapters_1.sqlite3 |
620 |
+ fi |
621 |
+ if use mysql; then |
622 |
+ doins enforcer/utils/migrate_keyshare_mysql.pl |
623 |
+ doins enforcer/utils/migrate_adapters_1.mysql |
624 |
+ fi |
625 |
+ |
626 |
+ # fix permissions |
627 |
+ fowners root:opendnssec /etc/opendnssec |
628 |
+ fowners root:opendnssec /etc/opendnssec/{addns,conf,kasp,zonelist}.xml |
629 |
+ fowners opendnssec:opendnssec /var/lib/opendnssec/{,signconf,unsigned,signed,tmp} |
630 |
+ |
631 |
+ # install conf/init script |
632 |
+ newinitd "${FILESDIR}"/opendnssec.initd opendnssec |
633 |
+ newconfd "${FILESDIR}"/opendnssec.confd opendnssec |
634 |
+} |
635 |
+ |
636 |
+pkg_postinst() { |
637 |
+ local v |
638 |
+ if use softhsm; then |
639 |
+ elog "Please make sure that you create your softhsm database in a location writeable" |
640 |
+ elog "by the opendnssec user. You can set its location in /etc/softhsm.conf." |
641 |
+ elog "Suggested configuration is:" |
642 |
+ elog " echo \"0:/var/lib/opendnssec/softhsm_slot0.db\" >> /etc/softhsm.conf" |
643 |
+ elog " softhsm --init-token --slot 0 --label OpenDNSSEC" |
644 |
+ elog " chown opendnssec:opendnssec /var/lib/opendnssec/softhsm_slot0.db" |
645 |
+ fi |
646 |
+ |
647 |
+ for v in $REPLACING_VERSIONS; do |
648 |
+ case $v in |
649 |
+ 1.3.*) |
650 |
+ ewarn "" |
651 |
+ ewarn "You are upgrading from version 1.3." |
652 |
+ ewarn "" |
653 |
+ ewarn "Please be aware of the following:" |
654 |
+ ewarn " * OpenDNSSEC now supports both input and output adapters for" |
655 |
+ ewarn " AXFR and IXFR in addition to file transfer." |
656 |
+ ewarn " -> The zonefetch.xml file has been replaced by addns.xml" |
657 |
+ ewarn " to support this enhancement." |
658 |
+ ewarn " -> changes to the KASP database mean that a database" |
659 |
+ ewarn " migration is required to upgrade to 1.4 from earlier" |
660 |
+ ewarn " versions of OpenDNSSEC." |
661 |
+ ewarn " * The auditor is no longer supported." |
662 |
+ ewarn "" |
663 |
+ ewarn "You can find more information here:" |
664 |
+ ewarn " * /usr/share/doc/opendnssec*/MIGRATION*" |
665 |
+ ewarn " * https://wiki.opendnssec.org/display/DOCS/Migrating+zone+fetcher+to+DNS+adapters" |
666 |
+ ewarn " * https://wiki.opendnssec.org/display/DOCS/Migrating+from+earlier+versions+of+OpenDNSSEC" |
667 |
+ ewarn "" |
668 |
+ ;; |
669 |
+ esac |
670 |
+ done |
671 |
+} |
672 |
|
673 |
diff --git a/net-dns/opendnssec/opendnssec-2.0.1-r1.ebuild b/net-dns/opendnssec/opendnssec-2.0.1-r1.ebuild |
674 |
new file mode 100644 |
675 |
index 00000000000..b93dc8f5ab2 |
676 |
--- /dev/null |
677 |
+++ b/net-dns/opendnssec/opendnssec-2.0.1-r1.ebuild |
678 |
@@ -0,0 +1,240 @@ |
679 |
+# Copyright 1999-2020 Gentoo Authors |
680 |
+# Distributed under the terms of the GNU General Public License v2 |
681 |
+ |
682 |
+EAPI=5 |
683 |
+ |
684 |
+MY_P="${P/_}" |
685 |
+PKCS11_IUSE="+softhsm opensc external-hsm" |
686 |
+inherit autotools eutils multilib user |
687 |
+ |
688 |
+DESCRIPTION="An open-source turn-key solution for DNSSEC" |
689 |
+HOMEPAGE="https://www.opendnssec.org/" |
690 |
+SRC_URI="https://www.${PN}.org/files/source/${MY_P}.tar.gz" |
691 |
+ |
692 |
+LICENSE="BSD GPL-2" |
693 |
+SLOT="0" |
694 |
+KEYWORDS="~amd64 ~x86" |
695 |
+IUSE="debug doc +mysql readline +signer sqlite test ${PKCS11_IUSE}" |
696 |
+RESTRICT="!test? ( test )" |
697 |
+ |
698 |
+RDEPEND=" |
699 |
+ dev-lang/perl |
700 |
+ dev-libs/libxml2 |
701 |
+ dev-libs/libxslt |
702 |
+ net-libs/ldns |
703 |
+ mysql? ( |
704 |
+ virtual/mysql |
705 |
+ dev-perl/DBD-mysql |
706 |
+ ) |
707 |
+ opensc? ( dev-libs/opensc ) |
708 |
+ readline? ( sys-libs/readline:0 ) |
709 |
+ softhsm? ( dev-libs/softhsm:* ) |
710 |
+ sqlite? ( |
711 |
+ dev-db/sqlite:3 |
712 |
+ dev-perl/DBD-SQLite |
713 |
+ ) |
714 |
+" |
715 |
+DEPEND="${RDEPEND} |
716 |
+ doc? ( app-doc/doxygen ) |
717 |
+ test? ( |
718 |
+ app-text/trang |
719 |
+ ) |
720 |
+" |
721 |
+ |
722 |
+REQUIRED_USE=" |
723 |
+ ^^ ( mysql sqlite ) |
724 |
+ ^^ ( softhsm opensc external-hsm ) |
725 |
+" |
726 |
+ |
727 |
+PATCHES=( |
728 |
+ "${FILESDIR}/${PN}-fix-localstatedir-2.0.x.patch" |
729 |
+ "${FILESDIR}/${PN}-fix-run-dir-2.0.x.patch" |
730 |
+ "${FILESDIR}/${PN}-drop-privileges-2.0.x.patch" |
731 |
+ "${FILESDIR}/${PN}-use-system-trang.patch" |
732 |
+) |
733 |
+ |
734 |
+S="${WORKDIR}/${MY_P}" |
735 |
+ |
736 |
+DOCS=( MIGRATION NEWS ) |
737 |
+ |
738 |
+check_pkcs11_setup() { |
739 |
+ # PKCS#11 HSM's are often only available with proprietary drivers not |
740 |
+ # available in portage tree. |
741 |
+ |
742 |
+ if use softhsm; then |
743 |
+ PKCS11_LIB=softhsm |
744 |
+ if has_version ">=dev-libs/softhsm-1.3.1"; then |
745 |
+ PKCS11_PATH=/usr/$(get_libdir)/softhsm/libsofthsm.so |
746 |
+ else |
747 |
+ PKCS11_PATH=/usr/$(get_libdir)/libsofthsm.so |
748 |
+ fi |
749 |
+ elog "Building with SoftHSM PKCS#11 library support." |
750 |
+ fi |
751 |
+ if use opensc; then |
752 |
+ PKCS11_LIB=opensc |
753 |
+ PKCS11_PATH=/usr/$(get_libdir)/opensc-pkcs11.so |
754 |
+ elog "Building with OpenSC PKCS#11 library support." |
755 |
+ fi |
756 |
+ if use external-hsm; then |
757 |
+ if [[ -n ${PKCS11_SCA6000} ]]; then |
758 |
+ PKCS11_LIB=sca6000 |
759 |
+ PKCS11_PATH=${PKCS11_SCA6000} |
760 |
+ elif [[ -n ${PKCS11_ETOKEN} ]]; then |
761 |
+ PKCS11_LIB=etoken |
762 |
+ PKCS11_PATH=${PKCS11_ETOKEN} |
763 |
+ elif [[ -n ${PKCS11_NCIPHER} ]]; then |
764 |
+ PKCS11_LIB=ncipher |
765 |
+ PKCS11_PATH=${PKCS11_NCIPHER} |
766 |
+ elif [[ -n ${PKCS11_AEPKEYPER} ]]; then |
767 |
+ PKCS11_LIB=aepkeyper |
768 |
+ PKCS11_PATH=${PKCS11_AEPKEYPER} |
769 |
+ else |
770 |
+ ewarn "You enabled USE flag 'external-hsm' but did not specify a path to a PKCS#11" |
771 |
+ ewarn "library. To set a path, set one of the following environment variables:" |
772 |
+ ewarn " for Sun Crypto Accelerator 6000, set: PKCS11_SCA6000=<path>" |
773 |
+ ewarn " for Aladdin eToken, set: PKCS11_ETOKEN=<path>" |
774 |
+ ewarn " for Thales/nCipher netHSM, set: PKCS11_NCIPHER=<path>" |
775 |
+ ewarn " for AEP Keyper, set: PKCS11_AEPKEYPER=<path>" |
776 |
+ ewarn "Example:" |
777 |
+ ewarn " PKCS11_ETOKEN=\"/opt/etoken/lib/libeTPkcs11.so\" emerge -pv opendnssec" |
778 |
+ ewarn "or store the variable into /etc/portage/make.conf" |
779 |
+ die "USE flag 'external-hsm' set but no PKCS#11 library path specified." |
780 |
+ fi |
781 |
+ elog "Building with external PKCS#11 library support ($PKCS11_LIB): ${PKCS11_PATH}" |
782 |
+ fi |
783 |
+} |
784 |
+ |
785 |
+pkg_pretend() { |
786 |
+ if has_version "<net-dns/opendnssec-1.4.10"; then |
787 |
+ ################################################################################ |
788 |
+ eerror "You are already using OpenDNSSEC." |
789 |
+ eerror "In order to migrate to version >=2.0.0 you need to upgrade to" |
790 |
+ eerror "version >=1.4.10 first:" |
791 |
+ eerror "" |
792 |
+ eerror " emerge \"<net-dns/opendnssec-2\"" |
793 |
+ eerror "" |
794 |
+ eerror "See https://github.com/opendnssec/opendnssec/blob/2.0/master/MIGRATION" |
795 |
+ eerror "for details." |
796 |
+ eerror "" |
797 |
+ die "Please upgrade to version >=1.4.10 first for proper db migraion" |
798 |
+ fi |
799 |
+ |
800 |
+ check_pkcs11_setup |
801 |
+} |
802 |
+ |
803 |
+pkg_setup() { |
804 |
+ enewgroup opendnssec |
805 |
+ enewuser opendnssec -1 -1 -1 opendnssec |
806 |
+ |
807 |
+ # pretend does not preserve variables so we need to run this once more |
808 |
+ check_pkcs11_setup |
809 |
+} |
810 |
+ |
811 |
+src_prepare() { |
812 |
+ local patch |
813 |
+ default |
814 |
+ for patch in "${PATCHES[@]}"; do |
815 |
+ epatch "$patch" |
816 |
+ done |
817 |
+ eautoreconf |
818 |
+} |
819 |
+ |
820 |
+src_configure() { |
821 |
+ econf \ |
822 |
+ --without-cunit \ |
823 |
+ --localstatedir="${EPREFIX}/var" \ |
824 |
+ --disable-static \ |
825 |
+ --with-enforcer-database=$(use mysql && echo "mysql")$(use sqlite && echo "sqlite3") \ |
826 |
+ --with-pkcs11-${PKCS11_LIB}=${PKCS11_PATH} \ |
827 |
+ $(use_with readline) \ |
828 |
+ $(use_enable signer) |
829 |
+} |
830 |
+ |
831 |
+src_compile() { |
832 |
+ default |
833 |
+ use doc && emake docs |
834 |
+} |
835 |
+ |
836 |
+src_install() { |
837 |
+ default |
838 |
+ |
839 |
+ # remove useless .la files |
840 |
+ find "${ED}" -name '*.la' -delete |
841 |
+ |
842 |
+ # Remove subversion tags from config files to avoid useless config updates |
843 |
+ sed -i \ |
844 |
+ -e '/<!-- \$Id:/ d' \ |
845 |
+ "${ED}"/etc/opendnssec/* || die |
846 |
+ |
847 |
+ # install db update/migration stuff |
848 |
+ insinto /usr/share/opendnssec/db |
849 |
+ if use sqlite; then |
850 |
+ doins enforcer/utils/convert_mysql_to_sqlite |
851 |
+ fi |
852 |
+ if use mysql; then |
853 |
+ doins enforcer/utils/convert_sqlite_to_mysql |
854 |
+ fi |
855 |
+ |
856 |
+ insinto /usr/share/opendnssec/db/sql |
857 |
+ if use sqlite; then |
858 |
+ doins enforcer/src/db/schema.sqlite |
859 |
+ fi |
860 |
+ if use mysql; then |
861 |
+ doins enforcer/src/db/schema.mysql |
862 |
+ fi |
863 |
+ |
864 |
+ insinto /usr/share/opendnssec/db/1.4-2.0_db_convert |
865 |
+ doins enforcer/utils/1.4-2.0_db_convert/find_problematic_zones.sql |
866 |
+ doins enforcer/utils/1.4-2.0_db_convert/README.md |
867 |
+ if use sqlite; then |
868 |
+ doins enforcer/utils/1.4-2.0_db_convert/sqlite_convert.sql |
869 |
+ doins enforcer/utils/1.4-2.0_db_convert/convert_sqlite |
870 |
+ fi |
871 |
+ if use mysql; then |
872 |
+ doins enforcer/utils/1.4-2.0_db_convert/convert_mysql |
873 |
+ doins enforcer/utils/1.4-2.0_db_convert/mysql_convert.sql |
874 |
+ fi |
875 |
+ |
876 |
+ # patch scripts to find schema files |
877 |
+ sed -i \ |
878 |
+ -e 's,^SCHEMA=../src/db/,SCHEMA=/usr/share/opendnssec/db/sql/,' \ |
879 |
+ -e 's,^SCHEMA=../../src/db/,SCHEMA=/usr/share/opendnssec/db/sql/,' \ |
880 |
+ "${ED}"/usr/share/opendnssec/db/convert_* \ |
881 |
+ "${ED}"/usr/share/opendnssec/db/1.4-2.0_db_convert/convert_* |
882 |
+ |
883 |
+ # fix permissions |
884 |
+ fowners root:opendnssec /etc/opendnssec |
885 |
+ fowners root:opendnssec /etc/opendnssec/{addns,conf,kasp,zonelist}.xml |
886 |
+ fowners opendnssec:opendnssec /var/lib/opendnssec/{,enforcer,signconf,signed,signer,unsigned} |
887 |
+ |
888 |
+ # install conf/init script |
889 |
+ newinitd "${FILESDIR}"/opendnssec.initd opendnssec |
890 |
+ newconfd "${FILESDIR}"/opendnssec.confd opendnssec |
891 |
+} |
892 |
+ |
893 |
+pkg_postinst() { |
894 |
+ local v |
895 |
+ if use softhsm; then |
896 |
+ elog "Please make sure that you create your softhsm database in a location writeable" |
897 |
+ elog "by the opendnssec user. You can set its location in /etc/softhsm.conf." |
898 |
+ elog "Suggested configuration is:" |
899 |
+ elog " echo \"0:/var/lib/opendnssec/softhsm_slot0.db\" >> /etc/softhsm.conf" |
900 |
+ elog " softhsm --init-token --slot 0 --label OpenDNSSEC" |
901 |
+ elog " chown opendnssec:opendnssec /var/lib/opendnssec/softhsm_slot0.db" |
902 |
+ fi |
903 |
+ for v in $REPLACING_VERSIONS; do |
904 |
+ case $v in |
905 |
+ 1.4.*) |
906 |
+ ewarn "" |
907 |
+ ewarn "You are upgrading from version 1.4." |
908 |
+ ewarn "" |
909 |
+ ewarn "A migration is needed from 1.4 to 2.0." |
910 |
+ ewarn "For details see /usr/share/doc/${P}/MIGRATION*" |
911 |
+ ewarn "" |
912 |
+ ewarn "For your convenience the mentioned migration scripts and README" |
913 |
+ ewarn "have been installed to /usr/share/${PN}/db/1.4-2.0_db_convert" |
914 |
+ ewarn "" |
915 |
+ ;; |
916 |
+ esac |
917 |
+ done |
918 |
+} |