1 |
commit: 76a0fe9aa1906a7bbe192efb56ef8335d21b9a3c |
2 |
Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org> |
3 |
AuthorDate: Fri Sep 14 22:00:12 2018 +0000 |
4 |
Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org> |
5 |
CommitDate: Fri Sep 14 22:03:47 2018 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=76a0fe9a |
7 |
|
8 |
net-dns/unbound: runscript rewritten |
9 |
|
10 |
- "need net" changed to "use net". If you need to bind service to a specific |
11 |
interface or address add 'rc_need="<interface>"' in /etc/conf.d/<unbound>. |
12 |
|
13 |
- Use "/run" instead of "/var/run". |
14 |
|
15 |
- Verify daemon is really up and running. |
16 |
|
17 |
- It is now possible to pass any by start-stop-daemon supported arguments |
18 |
to start-stop-daemon. |
19 |
|
20 |
- It is now possible to preserve unbound's cache. [Bug 632644] |
21 |
|
22 |
Closes: https://bugs.gentoo.org/632644 |
23 |
Package-Manager: Portage-2.3.49, Repoman-2.3.10 |
24 |
|
25 |
net-dns/unbound/files/unbound-r1.confd | 36 +++++++++ |
26 |
net-dns/unbound/files/unbound-r1.initd | 137 ++++++++++++++++++++++++++++++++ |
27 |
net-dns/unbound/unbound-1.7.3-r1.ebuild | 6 +- |
28 |
net-dns/unbound/unbound-1.8.0-r1.ebuild | 11 ++- |
29 |
4 files changed, 184 insertions(+), 6 deletions(-) |
30 |
|
31 |
diff --git a/net-dns/unbound/files/unbound-r1.confd b/net-dns/unbound/files/unbound-r1.confd |
32 |
new file mode 100644 |
33 |
index 00000000000..c86c65c6496 |
34 |
--- /dev/null |
35 |
+++ b/net-dns/unbound/files/unbound-r1.confd |
36 |
@@ -0,0 +1,36 @@ |
37 |
+# /etc/conf.d/unbound |
38 |
+ |
39 |
+# Configuration file |
40 |
+#UNBOUND_CONFFILE="/etc/unbound/unbound.conf" |
41 |
+ |
42 |
+# PID file |
43 |
+# This is a fallback value which should NOT be changed. If you ever need |
44 |
+# to change PID file, please change value in configuration file instead! |
45 |
+#UNBOUND_PIDFILE="/run/unbound.pid" |
46 |
+ |
47 |
+# You can use this configuration option to pass additional options to the |
48 |
+# start-stop-daemon, see start-stop-daemon(8) for more details. |
49 |
+# Per default we wait 1000ms after we have started the service to ensure |
50 |
+# that the daemon is really up and running. |
51 |
+#UNBOUND_SSDARGS="--wait 1000" |
52 |
+ |
53 |
+# The termination timeout (start-stop-daemon parameter "retry") ensures |
54 |
+# that the service will be terminated within a given time (25 + 5 seconds |
55 |
+# per default) when you are stopping the service. |
56 |
+#UNBOUND_TERMTIMEOUT="TERM/25/KILL/5" |
57 |
+ |
58 |
+# Options to unbound |
59 |
+# See unbound(8) for more details |
60 |
+# Notes: |
61 |
+# * Do not specify another CONFIGFILE but use the variable above to change the location |
62 |
+#UNBOUND_OPTS="" |
63 |
+ |
64 |
+# If you want to preserve unbound's cache, set the following variable to |
65 |
+# a non-zero value. In this case unbound's cache will be dumped to disk |
66 |
+# before shutdown and loaded right after start. |
67 |
+# To be able to dump and load cache you have to set up keys (use `unbound-control-setup`) |
68 |
+# and need to set 'control-enable: yes' in your configuration! |
69 |
+# WARNING: If you don't know what you are doing you should NOT use this |
70 |
+# feature. Loading the cache with old or wrong data can result in |
71 |
+# old or wrong data being returned to clients. |
72 |
+#UNBOUND_PRESERVE_CACHE="" |
73 |
|
74 |
diff --git a/net-dns/unbound/files/unbound-r1.initd b/net-dns/unbound/files/unbound-r1.initd |
75 |
new file mode 100644 |
76 |
index 00000000000..54886d1f47a |
77 |
--- /dev/null |
78 |
+++ b/net-dns/unbound/files/unbound-r1.initd |
79 |
@@ -0,0 +1,137 @@ |
80 |
+#!/sbin/openrc-run |
81 |
+# Copyright 1999-2018 Gentoo Foundation |
82 |
+# Distributed under the terms of the GNU General Public License v2 |
83 |
+ |
84 |
+UNBOUND_BINARY=${UNBOUND_BINARY:-"/usr/sbin/unbound"} |
85 |
+UNBOUND_CACHEFILE=${UNBOUND_CACHEFILE:-"/var/lib/unbound/${SVCNAME}.cache"} |
86 |
+UNBOUND_CHECKCONF=${UNBOUND_CHECKCONF:-"/usr/sbin/unbound-checkconf"} |
87 |
+UNBOUND_CONFFILE=${UNBOUND_CONFFILE:-"/etc/unbound/${SVCNAME}.conf"} |
88 |
+UNBOUND_CONTROL=${UNBOUND_CONTROL:-"/usr/sbin/unbound-control"} |
89 |
+UNBOUND_PIDFILE=${UNBOUND_PIDFILE:-"/run/unbound.pid"} |
90 |
+UNBOUND_SSDARGS=${UNBOUND_SSDARGS:-"--wait 1000"} |
91 |
+UNBOUND_TERMTIMEOUT=${UNBOUND_TERMTIMEOUT:-"TERM/25/KILL/5"} |
92 |
+UNBOUND_OPTS=${UNBOUND_OPTS:-""} |
93 |
+UNBOUND_LOAD_CACHE_TIMEOUT=${UNBOUND_LOAD_CACHE_TIMEOUT:-"30"} |
94 |
+ |
95 |
+getconfig() { |
96 |
+ local key="$1" |
97 |
+ local value_default="$2" |
98 |
+ local value= |
99 |
+ |
100 |
+ if service_started ; then |
101 |
+ value="$(service_get_value "${key}")" |
102 |
+ fi |
103 |
+ |
104 |
+ if [ -z "${value}" ] && [ -n "${UNBOUND_CONFFILE}" ] && [ -r "${UNBOUND_CONFFILE}" ] ; then |
105 |
+ value=$("${UNBOUND_CHECKCONF}" -o ${key} "${UNBOUND_CONFFILE}") |
106 |
+ fi |
107 |
+ |
108 |
+ if [ -z "${value}" ] ; then |
109 |
+ # Value not explicitly set in the configfile or configfile does not exist |
110 |
+ # or is not readable |
111 |
+ echo "${value_default}" |
112 |
+ else |
113 |
+ echo "${value}" |
114 |
+ fi |
115 |
+ |
116 |
+ return 0 |
117 |
+} |
118 |
+ |
119 |
+command=${UNBOUND_BINARY} |
120 |
+command_args="${UNBOUND_OPTS} -c \"${UNBOUND_CONFFILE}\"" |
121 |
+start_stop_daemon_args="${UNBOUND_SSDARGS}" |
122 |
+pidfile="$(getconfig pidfile /run/unbound.pid)" |
123 |
+retry="${UNBOUND_TERMTIMEOUT}" |
124 |
+ |
125 |
+required_files="${UNBOUND_CONFFILE}" |
126 |
+ |
127 |
+name="unbound daemon" |
128 |
+extra_commands="configtest" |
129 |
+extra_started_commands="reload save_cache" |
130 |
+description="unbound is a Domain Name Server (DNS) that is used to resolve host names to IP address." |
131 |
+description_configtest="Run syntax tests for configuration files only." |
132 |
+description_reload="Kills all children and reloads the configuration." |
133 |
+description_save_cache="Saves the current cache to disk." |
134 |
+ |
135 |
+depend() { |
136 |
+ use net logger |
137 |
+ provide dns |
138 |
+ after auth-dns |
139 |
+} |
140 |
+ |
141 |
+configtest() { |
142 |
+ local _config_status= |
143 |
+ |
144 |
+ ebegin "Checking ${SVCNAME} configuration" |
145 |
+ "${UNBOUND_CHECKCONF}" "${UNBOUND_CONFFILE}" 1>/dev/null 2>&1 |
146 |
+ _config_status=$? |
147 |
+ |
148 |
+ if [ ${_config_status} -ne 0 ] ; then |
149 |
+ # Run command again but this time we will show the output |
150 |
+ # Ugly, but ... |
151 |
+ "${UNBOUND_CHECKCONF}" "${UNBOUND_CONFFILE}" |
152 |
+ else |
153 |
+ if [ -n "${UNBOUND_PRESERVE_CACHE}" ] ; then |
154 |
+ local _is_control_enabled=$(getconfig control-enable no) |
155 |
+ if [ "${_is_control_enabled}" != "yes" ] ; then |
156 |
+ eerror "Cannot preserve cache: control-enable is 'no' in the config file!" |
157 |
+ _config_status=2 |
158 |
+ fi |
159 |
+ fi |
160 |
+ fi |
161 |
+ |
162 |
+ eend ${_config_status} "failed, please correct errors above" |
163 |
+} |
164 |
+ |
165 |
+save_cache() { |
166 |
+ if [ "${RC_CMD}" != "restart" ] ; then |
167 |
+ UNBOUND_PRESERVE_CACHE=1 configtest || return 1 |
168 |
+ fi |
169 |
+ |
170 |
+ ebegin "Saving cache to '${UNBOUND_CACHEFILE}'" |
171 |
+ ${UNBOUND_CONTROL} -c "${UNBOUND_CONFFILE}" dump_cache > "${UNBOUND_CACHEFILE}" |
172 |
+ eend $? |
173 |
+} |
174 |
+ |
175 |
+start_pre() { |
176 |
+ if [ "${RC_CMD}" != "restart" ] ; then |
177 |
+ configtest || return 1 |
178 |
+ fi |
179 |
+} |
180 |
+ |
181 |
+start_post() { |
182 |
+ if [ -n "${UNBOUND_PRESERVE_CACHE}" ] ; then |
183 |
+ if [ -s "${UNBOUND_CACHEFILE}" ] ; then |
184 |
+ ebegin "Loading cache from '${UNBOUND_CACHEFILE}'" |
185 |
+ # Loading cache can fail which would block this runscript. |
186 |
+ # Using `timeout` from coreutils will be our safeguard ... |
187 |
+ timeout -k 5 ${UNBOUND_LOAD_CACHE_TIMEOUT} ${UNBOUND_CONTROL} -q -c "${UNBOUND_CONFFILE}" load_cache < "${UNBOUND_CACHEFILE}" |
188 |
+ eend $? |
189 |
+ else |
190 |
+ ewarn "Loading cache from '${UNBOUND_CACHEFILE}' skipped: File does not exists or is empty!" |
191 |
+ fi |
192 |
+ fi |
193 |
+ |
194 |
+ # It is not a fatal error if preserved cache could not be loaded |
195 |
+ return 0 |
196 |
+} |
197 |
+ |
198 |
+stop_pre() { |
199 |
+ if [ "${RC_CMD}" = "restart" ] ; then |
200 |
+ configtest || return 1 |
201 |
+ fi |
202 |
+ |
203 |
+ if [ -n "${UNBOUND_PRESERVE_CACHE}" ] ; then |
204 |
+ save_cache |
205 |
+ fi |
206 |
+ |
207 |
+ # It is not a fatal error if cache cannot be preserved |
208 |
+ return 0 |
209 |
+} |
210 |
+ |
211 |
+reload() { |
212 |
+ configtest || return 1 |
213 |
+ ebegin "Reloading ${SVCNAME}" |
214 |
+ start-stop-daemon --signal HUP --pidfile "${pidfile}" |
215 |
+ eend $? |
216 |
+} |
217 |
|
218 |
diff --git a/net-dns/unbound/unbound-1.7.3-r1.ebuild b/net-dns/unbound/unbound-1.7.3-r1.ebuild |
219 |
index d80538d81d7..ee301c92356 100644 |
220 |
--- a/net-dns/unbound/unbound-1.7.3-r1.ebuild |
221 |
+++ b/net-dns/unbound/unbound-1.7.3-r1.ebuild |
222 |
@@ -103,7 +103,7 @@ multilib_src_configure() { |
223 |
--disable-flto \ |
224 |
--disable-rpath \ |
225 |
--with-libevent="${EPREFIX%/}"/usr \ |
226 |
- --with-pidfile="${EPREFIX%/}"/var/run/unbound.pid \ |
227 |
+ --with-pidfile="${EPREFIX%/}"/run/unbound.pid \ |
228 |
--with-rootkey-file="${EPREFIX%/}"/etc/dnssec/root-anchors.txt \ |
229 |
--with-ssl="${EPREFIX%/}"/usr \ |
230 |
--with-libexpat="${EPREFIX%/}"/usr |
231 |
@@ -118,8 +118,8 @@ multilib_src_configure() { |
232 |
multilib_src_install_all() { |
233 |
use python && python_optimize |
234 |
|
235 |
- newinitd "${FILESDIR}"/unbound.initd unbound |
236 |
- newconfd "${FILESDIR}"/unbound.confd unbound |
237 |
+ newinitd "${FILESDIR}"/unbound-r1.initd unbound |
238 |
+ newconfd "${FILESDIR}"/unbound-r1.confd unbound |
239 |
|
240 |
systemd_dounit "${FILESDIR}"/unbound.service |
241 |
systemd_dounit "${FILESDIR}"/unbound.socket |
242 |
|
243 |
diff --git a/net-dns/unbound/unbound-1.8.0-r1.ebuild b/net-dns/unbound/unbound-1.8.0-r1.ebuild |
244 |
index 6d9dee1cdfc..f294360a6d4 100644 |
245 |
--- a/net-dns/unbound/unbound-1.8.0-r1.ebuild |
246 |
+++ b/net-dns/unbound/unbound-1.8.0-r1.ebuild |
247 |
@@ -110,7 +110,7 @@ multilib_src_configure() { |
248 |
--enable-tfo-server \ |
249 |
--with-libevent="${EPREFIX%/}"/usr \ |
250 |
$(multilib_native_usex redis --with-libhiredis="${EPREFIX%/}/usr" --without-libhiredis) \ |
251 |
- --with-pidfile="${EPREFIX%/}"/var/run/unbound.pid \ |
252 |
+ --with-pidfile="${EPREFIX%/}"/run/unbound.pid \ |
253 |
--with-rootkey-file="${EPREFIX%/}"/etc/dnssec/root-anchors.txt \ |
254 |
--with-ssl="${EPREFIX%/}"/usr \ |
255 |
--with-libexpat="${EPREFIX%/}"/usr |
256 |
@@ -125,8 +125,8 @@ multilib_src_configure() { |
257 |
multilib_src_install_all() { |
258 |
use python && python_optimize |
259 |
|
260 |
- newinitd "${FILESDIR}"/unbound.initd unbound |
261 |
- newconfd "${FILESDIR}"/unbound.confd unbound |
262 |
+ newinitd "${FILESDIR}"/unbound-r1.initd unbound |
263 |
+ newconfd "${FILESDIR}"/unbound-r1.confd unbound |
264 |
|
265 |
systemd_dounit "${FILESDIR}"/unbound.service |
266 |
systemd_dounit "${FILESDIR}"/unbound.socket |
267 |
@@ -152,6 +152,11 @@ multilib_src_install_all() { |
268 |
"${ED%/}/etc/unbound/unbound.conf" || \ |
269 |
die |
270 |
|
271 |
+ # Used to store cache data |
272 |
+ keepdir /var/lib/${PN} |
273 |
+ fowners root:unbound /var/lib/${PN} |
274 |
+ fperms 0750 /var/lib/${PN} |
275 |
+ |
276 |
find "${ED}" -name '*.la' -delete || die |
277 |
if ! use static-libs ; then |
278 |
find "${ED}" -name "*.a" -delete || die |