1 |
mschiff 13/11/25 22:54:51 |
2 |
|
3 |
Modified: ChangeLog |
4 |
Added: opendnssec-1.4.2-r2.ebuild |
5 |
opendnssec-1.3.15-r2.ebuild |
6 |
Removed: opendnssec-1.4.2-r1.ebuild |
7 |
opendnssec-1.3.15-r1.ebuild |
8 |
Log: |
9 |
fix opendnssec-fix-run-dir.patch so that ods will use proper run-dir |
10 |
|
11 |
(Portage version: 2.2.7/cvs/Linux x86_64, signed Manifest commit with key 0x296C6CCA35A64134) |
12 |
|
13 |
Revision Changes Path |
14 |
1.36 net-dns/opendnssec/ChangeLog |
15 |
|
16 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-dns/opendnssec/ChangeLog?rev=1.36&view=markup |
17 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-dns/opendnssec/ChangeLog?rev=1.36&content-type=text/plain |
18 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-dns/opendnssec/ChangeLog?r1=1.35&r2=1.36 |
19 |
|
20 |
Index: ChangeLog |
21 |
=================================================================== |
22 |
RCS file: /var/cvsroot/gentoo-x86/net-dns/opendnssec/ChangeLog,v |
23 |
retrieving revision 1.35 |
24 |
retrieving revision 1.36 |
25 |
diff -u -r1.35 -r1.36 |
26 |
--- ChangeLog 12 Nov 2013 09:15:44 -0000 1.35 |
27 |
+++ ChangeLog 25 Nov 2013 22:54:50 -0000 1.36 |
28 |
@@ -1,6 +1,15 @@ |
29 |
# ChangeLog for net-dns/opendnssec |
30 |
# Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2 |
31 |
-# $Header: /var/cvsroot/gentoo-x86/net-dns/opendnssec/ChangeLog,v 1.35 2013/11/12 09:15:44 mschiff Exp $ |
32 |
+# $Header: /var/cvsroot/gentoo-x86/net-dns/opendnssec/ChangeLog,v 1.36 2013/11/25 22:54:50 mschiff Exp $ |
33 |
+ |
34 |
+*opendnssec-1.3.15-r2 (25 Nov 2013) |
35 |
+*opendnssec-1.4.2-r2 (25 Nov 2013) |
36 |
+ |
37 |
+ 25 Nov 2013; Marc Schiffbauer <mschiff@g.o> |
38 |
+ +opendnssec-1.3.15-r2.ebuild, +opendnssec-1.4.2-r2.ebuild, |
39 |
+ -opendnssec-1.3.15-r1.ebuild, -opendnssec-1.4.2-r1.ebuild, |
40 |
+ files/opendnssec-fix-run-dir.patch: |
41 |
+ fix opendnssec-fix-run-dir.patch so that ods will use proper run-dir |
42 |
|
43 |
*opendnssec-1.4.2-r1 (12 Nov 2013) |
44 |
*opendnssec-1.3.15-r1 (12 Nov 2013) |
45 |
|
46 |
|
47 |
|
48 |
1.1 net-dns/opendnssec/opendnssec-1.4.2-r2.ebuild |
49 |
|
50 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-dns/opendnssec/opendnssec-1.4.2-r2.ebuild?rev=1.1&view=markup |
51 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-dns/opendnssec/opendnssec-1.4.2-r2.ebuild?rev=1.1&content-type=text/plain |
52 |
|
53 |
Index: opendnssec-1.4.2-r2.ebuild |
54 |
=================================================================== |
55 |
# Copyright 1999-2013 Gentoo Foundation |
56 |
# Distributed under the terms of the GNU General Public License v2 |
57 |
# $Header: /var/cvsroot/gentoo-x86/net-dns/opendnssec/opendnssec-1.4.2-r2.ebuild,v 1.1 2013/11/25 22:54:50 mschiff Exp $ |
58 |
|
59 |
EAPI=5 |
60 |
|
61 |
MY_P="${P/_}" |
62 |
PKCS11_IUSE="+softhsm opensc external-hsm" |
63 |
inherit base autotools multilib user |
64 |
|
65 |
DESCRIPTION="An open-source turn-key solution for DNSSEC" |
66 |
HOMEPAGE="http://www.opendnssec.org/" |
67 |
SRC_URI="http://www.${PN}.org/files/source/${MY_P}.tar.gz" |
68 |
|
69 |
LICENSE="BSD GPL-2" |
70 |
SLOT="0" |
71 |
KEYWORDS="~amd64 ~x86" |
72 |
IUSE="debug doc +mysql +signer sqlite test ${PKCS11_IUSE}" |
73 |
|
74 |
RDEPEND=" |
75 |
dev-lang/perl |
76 |
dev-libs/libxml2 |
77 |
dev-libs/libxslt |
78 |
net-libs/ldns |
79 |
mysql? ( |
80 |
virtual/mysql |
81 |
dev-perl/DBD-mysql |
82 |
) |
83 |
opensc? ( dev-libs/opensc ) |
84 |
softhsm? ( dev-libs/softhsm ) |
85 |
sqlite? ( |
86 |
dev-db/sqlite:3 |
87 |
dev-perl/DBD-SQLite |
88 |
) |
89 |
" |
90 |
DEPEND="${RDEPEND} |
91 |
doc? ( app-doc/doxygen ) |
92 |
test? ( |
93 |
app-text/trang |
94 |
) |
95 |
" |
96 |
|
97 |
REQUIRED_USE=" |
98 |
^^ ( mysql sqlite ) |
99 |
^^ ( softhsm opensc external-hsm ) |
100 |
" |
101 |
|
102 |
PATCHES=( |
103 |
"${FILESDIR}/${PN}-fix-localstatedir.patch" |
104 |
"${FILESDIR}/${PN}-fix-run-dir.patch" |
105 |
"${FILESDIR}/${PN}-drop-privileges.patch" |
106 |
"${FILESDIR}/${PN}-use-system-trang.patch" |
107 |
) |
108 |
|
109 |
S="${WORKDIR}/${MY_P}" |
110 |
|
111 |
DOCS=( MIGRATION NEWS README ) |
112 |
|
113 |
check_pkcs11_setup() { |
114 |
# PKCS#11 HSM's are often only available with proprietary drivers not |
115 |
# available in portage tree. |
116 |
|
117 |
if use softhsm; then |
118 |
PKCS11_LIB=softhsm |
119 |
if has_version ">=dev-libs/softhsm-1.3.1"; then |
120 |
PKCS11_PATH=/usr/$(get_libdir)/softhsm/libsofthsm.so |
121 |
else |
122 |
PKCS11_PATH=/usr/$(get_libdir)/libsofthsm.so |
123 |
fi |
124 |
elog "Building with SoftHSM PKCS#11 library support." |
125 |
fi |
126 |
if use opensc; then |
127 |
PKCS11_LIB=opensc |
128 |
PKCS11_PATH=/usr/$(get_libdir)/opensc-pkcs11.so |
129 |
elog "Building with OpenSC PKCS#11 library support." |
130 |
fi |
131 |
if use external-hsm; then |
132 |
if [[ -n ${PKCS11_SCA6000} ]]; then |
133 |
PKCS11_LIB=sca6000 |
134 |
PKCS11_PATH=${PKCS11_SCA6000} |
135 |
elif [[ -n ${PKCS11_ETOKEN} ]]; then |
136 |
PKCS11_LIB=etoken |
137 |
PKCS11_PATH=${PKCS11_ETOKEN} |
138 |
elif [[ -n ${PKCS11_NCIPHER} ]]; then |
139 |
PKCS11_LIB=ncipher |
140 |
PKCS11_PATH=${PKCS11_NCIPHER} |
141 |
elif [[ -n ${PKCS11_AEPKEYPER} ]]; then |
142 |
PKCS11_LIB=aepkeyper |
143 |
PKCS11_PATH=${PKCS11_AEPKEYPER} |
144 |
else |
145 |
ewarn "You enabled USE flag 'external-hsm' but did not specify a path to a PKCS#11" |
146 |
ewarn "library. To set a path, set one of the following environment variables:" |
147 |
ewarn " for Sun Crypto Accelerator 6000, set: PKCS11_SCA6000=<path>" |
148 |
ewarn " for Aladdin eToken, set: PKCS11_ETOKEN=<path>" |
149 |
ewarn " for Thales/nCipher netHSM, set: PKCS11_NCIPHER=<path>" |
150 |
ewarn " for AEP Keyper, set: PKCS11_AEPKEYPER=<path>" |
151 |
ewarn "Example:" |
152 |
ewarn " PKCS11_ETOKEN=\"/opt/etoken/lib/libeTPkcs11.so\" emerge -pv opendnssec" |
153 |
ewarn "or store the variable into /etc/make.conf" |
154 |
die "USE flag 'external-hsm' set but no PKCS#11 library path specified." |
155 |
fi |
156 |
elog "Building with external PKCS#11 library support ($PKCS11_LIB): ${PKCS11_PATH}" |
157 |
fi |
158 |
} |
159 |
|
160 |
pkg_pretend() { |
161 |
check_pkcs11_setup |
162 |
} |
163 |
|
164 |
pkg_setup() { |
165 |
enewgroup opendnssec |
166 |
enewuser opendnssec -1 -1 -1 opendnssec |
167 |
|
168 |
# pretend does not preserve variables so we need to run this once more |
169 |
check_pkcs11_setup |
170 |
} |
171 |
|
172 |
src_prepare() { |
173 |
base_src_prepare |
174 |
eautoreconf |
175 |
} |
176 |
|
177 |
src_configure() { |
178 |
econf \ |
179 |
--without-cunit \ |
180 |
--localstatedir="${EPREFIX}/var/" \ |
181 |
--disable-static \ |
182 |
--with-database-backend=$(use mysql && echo "mysql")$(use sqlite && echo "sqlite3") \ |
183 |
--with-pkcs11-${PKCS11_LIB}=${PKCS11_PATH} \ |
184 |
$(use_enable debug timeshift) \ |
185 |
$(use_enable signer) |
186 |
} |
187 |
|
188 |
src_compile() { |
189 |
default |
190 |
use doc && emake docs |
191 |
} |
192 |
|
193 |
src_install() { |
194 |
default |
195 |
|
196 |
# remove useless .la files |
197 |
find "${ED}" -name '*.la' -delete |
198 |
|
199 |
# Remove subversion tags from config files to avoid useless config updates |
200 |
sed -i \ |
201 |
-e '/<!-- \$Id:/ d' \ |
202 |
"${ED}"/etc/opendnssec/* || die |
203 |
|
204 |
# install update scripts |
205 |
insinto /usr/share/opendnssec |
206 |
if use sqlite; then |
207 |
doins enforcer/utils/migrate_keyshare_sqlite3.pl |
208 |
doins enforcer/utils/migrate_adapters_1.sqlite3 |
209 |
fi |
210 |
if use mysql; then |
211 |
doins enforcer/utils/migrate_keyshare_mysql.pl |
212 |
doins enforcer/utils/migrate_adapters_1.mysql |
213 |
fi |
214 |
|
215 |
# fix permissions |
216 |
fowners root:opendnssec /etc/opendnssec |
217 |
fowners root:opendnssec /etc/opendnssec/{addns,conf,kasp,zonelist}.xml |
218 |
fowners opendnssec:opendnssec /var/lib/opendnssec/{,signconf,unsigned,signed,tmp} |
219 |
fowners opendnssec:opendnssec /run/opendnssec |
220 |
|
221 |
# install conf/init script |
222 |
newinitd "${FILESDIR}"/opendnssec.initd opendnssec |
223 |
newconfd "${FILESDIR}"/opendnssec.confd opendnssec |
224 |
} |
225 |
|
226 |
pkg_postinst() { |
227 |
local v |
228 |
if use softhsm; then |
229 |
elog "Please make sure that you create your softhsm database in a location writeable" |
230 |
elog "by the opendnssec user. You can set its location in /etc/softhsm.conf." |
231 |
elog "Suggested configuration is:" |
232 |
elog " echo \"0:/var/lib/opendnssec/softhsm_slot0.db\" >> /etc/softhsm.conf" |
233 |
elog " softhsm --init-token --slot 0 --label OpenDNSSEC" |
234 |
elog " chown opendnssec:opendnssec /var/lib/opendnssec/softhsm_slot0.db" |
235 |
fi |
236 |
|
237 |
for v in $REPLACING_VERSIONS; do |
238 |
case $v in |
239 |
1.3.*) |
240 |
ewarn "" |
241 |
ewarn "You are upgrading from version 1.3." |
242 |
ewarn "" |
243 |
ewarn "Please be aware of the following:" |
244 |
ewarn " * OpenDNSSEC now supports both input and output adapters for" |
245 |
ewarn " AXFR and IXFR in addition to file transfer." |
246 |
ewarn " -> The zonefetch.xml file has been replaced by addns.xml" |
247 |
ewarn " to support this enhancement." |
248 |
ewarn " -> changes to the KASP database mean that a database" |
249 |
ewarn " migration is required to upgrade to 1.4 from earlier" |
250 |
ewarn " versions of OpenDNSSEC." |
251 |
ewarn " * The auditor is no longer supported." |
252 |
ewarn "" |
253 |
ewarn "You can find more information here:" |
254 |
ewarn " * /usr/share/doc/opendnssec*/MIGRATION*" |
255 |
ewarn " * https://wiki.opendnssec.org/display/DOCS/Migrating+zone+fetcher+to+DNS+adapters" |
256 |
ewarn " * https://wiki.opendnssec.org/display/DOCS/Migrating+from+earlier+versions+of+OpenDNSSEC" |
257 |
ewarn "" |
258 |
;; |
259 |
esac |
260 |
done |
261 |
} |
262 |
|
263 |
|
264 |
|
265 |
1.1 net-dns/opendnssec/opendnssec-1.3.15-r2.ebuild |
266 |
|
267 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-dns/opendnssec/opendnssec-1.3.15-r2.ebuild?rev=1.1&view=markup |
268 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-dns/opendnssec/opendnssec-1.3.15-r2.ebuild?rev=1.1&content-type=text/plain |
269 |
|
270 |
Index: opendnssec-1.3.15-r2.ebuild |
271 |
=================================================================== |
272 |
# Copyright 1999-2013 Gentoo Foundation |
273 |
# Distributed under the terms of the GNU General Public License v2 |
274 |
# $Header: /var/cvsroot/gentoo-x86/net-dns/opendnssec/opendnssec-1.3.15-r2.ebuild,v 1.1 2013/11/25 22:54:50 mschiff Exp $ |
275 |
|
276 |
EAPI=5 |
277 |
|
278 |
MY_P="${P/_}" |
279 |
PKCS11_IUSE="+softhsm opensc external-hsm" |
280 |
inherit base autotools multilib user |
281 |
|
282 |
DESCRIPTION="An open-source turn-key solution for DNSSEC" |
283 |
HOMEPAGE="http://www.opendnssec.org/" |
284 |
SRC_URI="http://www.${PN}.org/files/source/${MY_P}.tar.gz" |
285 |
|
286 |
LICENSE="BSD GPL-2" |
287 |
SLOT="0" |
288 |
KEYWORDS="~amd64 ~x86" |
289 |
IUSE="+auditor +curl debug doc eppclient mysql +signer +sqlite test ${PKCS11_IUSE}" |
290 |
|
291 |
RDEPEND=" |
292 |
dev-lang/perl |
293 |
dev-libs/libxml2 |
294 |
dev-libs/libxslt |
295 |
net-libs/ldns |
296 |
auditor? ( dev-lang/ruby[ssl] dev-ruby/dnsruby ) |
297 |
curl? ( net-misc/curl ) |
298 |
mysql? ( |
299 |
virtual/mysql |
300 |
dev-perl/DBD-mysql |
301 |
) |
302 |
opensc? ( dev-libs/opensc ) |
303 |
softhsm? ( dev-libs/softhsm ) |
304 |
sqlite? ( |
305 |
dev-db/sqlite:3 |
306 |
dev-perl/DBD-SQLite |
307 |
) |
308 |
" |
309 |
DEPEND="${RDEPEND} |
310 |
doc? ( app-doc/doxygen ) |
311 |
test? ( |
312 |
app-text/trang |
313 |
) |
314 |
" |
315 |
# test? dev-util/cunit # Requires running test DB |
316 |
|
317 |
REQUIRED_USE=" |
318 |
^^ ( mysql sqlite ) |
319 |
^^ ( softhsm opensc external-hsm ) |
320 |
eppclient? ( curl ) |
321 |
" |
322 |
|
323 |
PATCHES=( |
324 |
"${FILESDIR}/${PN}-fix-localstatedir.patch" |
325 |
"${FILESDIR}/${PN}-fix-run-dir.patch" |
326 |
"${FILESDIR}/${PN}-1.3.14-drop-privileges.patch" |
327 |
"${FILESDIR}/${PN}-1.3.14-use-system-trang.patch" |
328 |
) |
329 |
|
330 |
S="${WORKDIR}/${MY_P}" |
331 |
|
332 |
DOCS=( MIGRATION NEWS README ) |
333 |
|
334 |
check_pkcs11_setup() { |
335 |
# PKCS#11 HSM's are often only available with proprietary drivers not |
336 |
# available in portage tree. |
337 |
|
338 |
if use softhsm; then |
339 |
PKCS11_LIB=softhsm |
340 |
if has_version ">=dev-libs/softhsm-1.3.1"; then |
341 |
PKCS11_PATH=/usr/$(get_libdir)/softhsm/libsofthsm.so |
342 |
else |
343 |
PKCS11_PATH=/usr/$(get_libdir)/libsofthsm.so |
344 |
fi |
345 |
elog "Building with SoftHSM PKCS#11 library support." |
346 |
fi |
347 |
if use opensc; then |
348 |
PKCS11_LIB=opensc |
349 |
PKCS11_PATH=/usr/$(get_libdir)/opensc-pkcs11.so |
350 |
elog "Building with OpenSC PKCS#11 library support." |
351 |
fi |
352 |
if use external-hsm; then |
353 |
if [[ -n ${PKCS11_SCA6000} ]]; then |
354 |
PKCS11_LIB=sca6000 |
355 |
PKCS11_PATH=${PKCS11_SCA6000} |
356 |
elif [[ -n ${PKCS11_ETOKEN} ]]; then |
357 |
PKCS11_LIB=etoken |
358 |
PKCS11_PATH=${PKCS11_ETOKEN} |
359 |
elif [[ -n ${PKCS11_NCIPHER} ]]; then |
360 |
PKCS11_LIB=ncipher |
361 |
PKCS11_PATH=${PKCS11_NCIPHER} |
362 |
elif [[ -n ${PKCS11_AEPKEYPER} ]]; then |
363 |
PKCS11_LIB=aepkeyper |
364 |
PKCS11_PATH=${PKCS11_AEPKEYPER} |
365 |
else |
366 |
ewarn "You enabled USE flag 'external-hsm' but did not specify a path to a PKCS#11" |
367 |
ewarn "library. To set a path, set one of the following environment variables:" |
368 |
ewarn " for Sun Crypto Accelerator 6000, set: PKCS11_SCA6000=<path>" |
369 |
ewarn " for Aladdin eToken, set: PKCS11_ETOKEN=<path>" |
370 |
ewarn " for Thales/nCipher netHSM, set: PKCS11_NCIPHER=<path>" |
371 |
ewarn " for AEP Keyper, set: PKCS11_AEPKEYPER=<path>" |
372 |
ewarn "Example:" |
373 |
ewarn " PKCS11_ETOKEN=\"/opt/etoken/lib/libeTPkcs11.so\" emerge -pv opendnssec" |
374 |
ewarn "or store the variable into /etc/make.conf" |
375 |
die "USE flag 'external-hsm' set but no PKCS#11 library path specified." |
376 |
fi |
377 |
elog "Building with external PKCS#11 library support ($PKCS11_LIB): ${PKCS11_PATH}" |
378 |
fi |
379 |
} |
380 |
|
381 |
pkg_pretend() { |
382 |
local i |
383 |
|
384 |
for i in eppclient mysql; do |
385 |
if use ${i}; then |
386 |
ewarn "Usage of ${i} is considered experimental." |
387 |
ewarn "Do not report bugs against this feature." |
388 |
fi |
389 |
done |
390 |
|
391 |
check_pkcs11_setup |
392 |
} |
393 |
|
394 |
pkg_setup() { |
395 |
enewgroup opendnssec |
396 |
enewuser opendnssec -1 -1 -1 opendnssec |
397 |
|
398 |
# pretend does not preserve variables so we need to run this once more |
399 |
check_pkcs11_setup |
400 |
} |
401 |
|
402 |
src_prepare() { |
403 |
base_src_prepare |
404 |
eautoreconf |
405 |
} |
406 |
|
407 |
src_configure() { |
408 |
# $(use_with test cunit "${EPREFIX}/usr/") \ |
409 |
econf \ |
410 |
--without-cunit \ |
411 |
--localstatedir="${EPREFIX}/var/" \ |
412 |
--disable-static \ |
413 |
--with-database-backend=$(use mysql && echo "mysql")$(use sqlite && echo "sqlite3") \ |
414 |
--with-pkcs11-${PKCS11_LIB}=${PKCS11_PATH} \ |
415 |
$(use_with curl) \ |
416 |
$(use_enable auditor) \ |
417 |
$(use_enable debug timeshift) \ |
418 |
$(use_enable eppclient) \ |
419 |
$(use_enable signer) |
420 |
} |
421 |
|
422 |
src_compile() { |
423 |
default |
424 |
use doc && emake docs |
425 |
} |
426 |
|
427 |
src_install() { |
428 |
default |
429 |
|
430 |
# remove useless .la files |
431 |
find "${ED}" -name '*.la' -delete |
432 |
|
433 |
# Remove subversion tags from config files to avoid useless config updates |
434 |
sed -i \ |
435 |
-e '/<!-- \$Id:/ d' \ |
436 |
"${ED}"/etc/opendnssec/* || die |
437 |
|
438 |
# install update scripts |
439 |
insinto /usr/share/opendnssec |
440 |
use sqlite && doins enforcer/utils/migrate_keyshare_sqlite3.pl |
441 |
use mysql && doins enforcer/utils/migrate_keyshare_mysql.pl |
442 |
|
443 |
# fix permissions |
444 |
fowners root:opendnssec /etc/opendnssec |
445 |
fowners root:opendnssec /etc/opendnssec/{conf,kasp,zonelist,zonefetch}.xml |
446 |
use eppclient && fowners root:opendnssec /etc/opendnssec/eppclientd.conf |
447 |
|
448 |
fowners opendnssec:opendnssec /var/lib/opendnssec/{,signconf,unsigned,signed,tmp} |
449 |
fowners opendnssec:opendnssec /run/opendnssec |
450 |
|
451 |
# install conf/init script |
452 |
newinitd "${FILESDIR}"/opendnssec.initd-1.3.x opendnssec |
453 |
newconfd "${FILESDIR}"/opendnssec.confd-1.3.x opendnssec |
454 |
use auditor || sed -i 's/^CHECKCONFIG_BIN=.*/CHECKCONFIG_BIN=/' "${D}"/etc/conf.d/opendnssec |
455 |
} |
456 |
|
457 |
pkg_postinst() { |
458 |
if use softhsm; then |
459 |
elog "Please make sure that you create your softhsm database in a location writeable" |
460 |
elog "by the opendnssec user. You can set its location in /etc/softhsm.conf." |
461 |
elog "Suggested configuration is:" |
462 |
elog " echo \"0:/var/lib/opendnssec/softhsm_slot0.db\" >> /etc/softhsm.conf" |
463 |
elog " softhsm --init-token --slot 0 --label OpenDNSSEC" |
464 |
elog " chown opendnssec:opendnssec /var/lib/opendnssec/softhsm_slot0.db" |
465 |
fi |
466 |
} |