1 |
commit: dd1bef5079db755a6da9687a107f794002742aef |
2 |
Author: Marc Schiffbauer <mschiff <AT> gentoo <DOT> org> |
3 |
AuthorDate: Mon Dec 27 10:46:14 2021 +0000 |
4 |
Commit: Marc Schiffbauer <mschiff <AT> gentoo <DOT> org> |
5 |
CommitDate: Mon Dec 27 10:46:14 2021 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=dd1bef50 |
7 |
|
8 |
net-dns/unbound: add 1.14.0 |
9 |
|
10 |
Closes: https://bugs.gentoo.org/830027 |
11 |
Signed-off-by: Marc Schiffbauer <mschiff <AT> gentoo.org> |
12 |
|
13 |
net-dns/unbound/Manifest | 1 + |
14 |
net-dns/unbound/unbound-1.14.0.ebuild | 210 ++++++++++++++++++++++++++++++++++ |
15 |
2 files changed, 211 insertions(+) |
16 |
|
17 |
diff --git a/net-dns/unbound/Manifest b/net-dns/unbound/Manifest |
18 |
index db6d10aad7ec..0b2221565433 100644 |
19 |
--- a/net-dns/unbound/Manifest |
20 |
+++ b/net-dns/unbound/Manifest |
21 |
@@ -1,2 +1,3 @@ |
22 |
DIST unbound-1.13.1.tar.gz 5976957 BLAKE2B 5fabb9205773a1983842e41cf7a4d6c3878fa8beb7c8ccc71ae1edf7738cb9506c3d7bb32cf887b305317ca695bf876d9f5bf9aeb0129b0e9e926d437b3e6eb3 SHA512 f4d26dca28dbcc33a5e65a55147fa01077c331292e88b6a87798cb6c3d4edb0515015d131fd893c92b74d22d9998a640f0adce404e6192d61ebe69a6a599287c |
23 |
DIST unbound-1.13.2.tar.gz 6127915 BLAKE2B 71806edc86b323ff1f9f2d7bd3f699b15da2cd1cfefe9ca6008d74915dd6c7b45690026fb0244531ae563a3ca1b142f21fc8aed97ba4bb0015d8ab9196ff045a SHA512 1e89441446e7a25c6a49bded645f8b348c1758c3be54e3a986041cb1f00c45d152fd469dc52666fb820574db9d51b16f1627dc8afcb9519508d4833ca358191a |
24 |
+DIST unbound-1.14.0.tar.gz 6152326 BLAKE2B ceccfbcbc16370153005f32d19be44bd41a4ac935cb7b9a90128d604c9874b06cc7de8b92dc34585d7957f0ad90ce2f441c2ed092c9307bcf4335f8d99eb8bd3 SHA512 57f91d898b0a5d42e6a2ff1ccaec474f04dd5ad3c98e7eb7aa8d5eaa23b587f3077cf7eddf4df38f537c6d387028f12c2518ff13b7249aa7a1155cd6532a46b5 |
25 |
|
26 |
diff --git a/net-dns/unbound/unbound-1.14.0.ebuild b/net-dns/unbound/unbound-1.14.0.ebuild |
27 |
new file mode 100644 |
28 |
index 000000000000..127dcb9a51ac |
29 |
--- /dev/null |
30 |
+++ b/net-dns/unbound/unbound-1.14.0.ebuild |
31 |
@@ -0,0 +1,210 @@ |
32 |
+# Copyright 1999-2021 Gentoo Authors |
33 |
+# Distributed under the terms of the GNU General Public License v2 |
34 |
+ |
35 |
+EAPI="8" |
36 |
+PYTHON_COMPAT=( python3_{8,9,10} ) |
37 |
+ |
38 |
+inherit autotools flag-o-matic multilib-minimal python-single-r1 systemd |
39 |
+ |
40 |
+MY_P=${PN}-${PV/_/} |
41 |
+DESCRIPTION="A validating, recursive and caching DNS resolver" |
42 |
+HOMEPAGE="https://unbound.net/ https://nlnetlabs.nl/projects/unbound/about/" |
43 |
+SRC_URI="https://nlnetlabs.nl/downloads/unbound/${MY_P}.tar.gz" |
44 |
+ |
45 |
+LICENSE="BSD GPL-2" |
46 |
+SLOT="0/8" # ABI version of libunbound.so |
47 |
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~mips ~ppc ~ppc64 ~x86" |
48 |
+IUSE="debug dnscrypt dnstap +ecdsa ecs gost +http2 python redis selinux static-libs systemd test +tfo threads" |
49 |
+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" |
50 |
+RESTRICT="!test? ( test )" |
51 |
+ |
52 |
+# Note: expat is needed by executable only but the Makefile is custom |
53 |
+# and doesn't make it possible to easily install the library without |
54 |
+# the executables. MULTILIB_USEDEP may be dropped once build system |
55 |
+# is fixed. |
56 |
+ |
57 |
+CDEPEND="acct-group/unbound |
58 |
+ acct-user/unbound |
59 |
+ >=dev-libs/expat-2.1.0-r3[${MULTILIB_USEDEP}] |
60 |
+ >=dev-libs/libevent-2.0.21:0=[${MULTILIB_USEDEP}] |
61 |
+ >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}] |
62 |
+ dnscrypt? ( dev-libs/libsodium:=[${MULTILIB_USEDEP}] ) |
63 |
+ dnstap? ( |
64 |
+ dev-libs/fstrm[${MULTILIB_USEDEP}] |
65 |
+ >=dev-libs/protobuf-c-1.0.2-r1:=[${MULTILIB_USEDEP}] |
66 |
+ ) |
67 |
+ ecdsa? ( |
68 |
+ dev-libs/openssl:0[-bindist(-)] |
69 |
+ ) |
70 |
+ http2? ( net-libs/nghttp2:=[${MULTILIB_USEDEP}] ) |
71 |
+ python? ( ${PYTHON_DEPS} ) |
72 |
+ redis? ( dev-libs/hiredis:= ) |
73 |
+ systemd? ( sys-apps/systemd ) |
74 |
+" |
75 |
+ |
76 |
+BDEPEND="virtual/pkgconfig |
77 |
+ python? ( dev-lang/swig ) |
78 |
+ test? ( |
79 |
+ || ( |
80 |
+ net-libs/ldns[examples(-)] |
81 |
+ net-dns/ldns-utils[examples(-)] |
82 |
+ ) |
83 |
+ dev-util/splint |
84 |
+ app-text/wdiff |
85 |
+ ) |
86 |
+" |
87 |
+ |
88 |
+DEPEND="${CDEPEND}" |
89 |
+ |
90 |
+RDEPEND="${CDEPEND} |
91 |
+ net-dns/dnssec-root |
92 |
+ selinux? ( sec-policy/selinux-bind )" |
93 |
+ |
94 |
+# bug #347415 |
95 |
+RDEPEND="${RDEPEND} |
96 |
+ net-dns/dnssec-root" |
97 |
+ |
98 |
+PATCHES=( |
99 |
+ "${FILESDIR}"/${PN}-1.5.7-trust-anchor-file.patch |
100 |
+ "${FILESDIR}"/${PN}-1.6.3-pkg-config.patch |
101 |
+ "${FILESDIR}"/${PN}-1.10.1-find-ar.patch |
102 |
+) |
103 |
+ |
104 |
+S=${WORKDIR}/${MY_P} |
105 |
+ |
106 |
+pkg_setup() { |
107 |
+ use python && python-single-r1_pkg_setup |
108 |
+} |
109 |
+ |
110 |
+src_prepare() { |
111 |
+ default |
112 |
+ |
113 |
+ eautoreconf |
114 |
+ |
115 |
+ # required for the python part |
116 |
+ multilib_copy_sources |
117 |
+} |
118 |
+ |
119 |
+src_configure() { |
120 |
+ [[ ${CHOST} == *-darwin* ]] || append-ldflags -Wl,-z,noexecstack |
121 |
+ multilib-minimal_src_configure |
122 |
+} |
123 |
+ |
124 |
+multilib_src_configure() { |
125 |
+ econf \ |
126 |
+ $(use_enable debug) \ |
127 |
+ $(use_enable gost) \ |
128 |
+ $(use_enable dnscrypt) \ |
129 |
+ $(use_enable dnstap) \ |
130 |
+ $(use_enable ecdsa) \ |
131 |
+ $(use_enable ecs subnet) \ |
132 |
+ $(multilib_native_use_enable redis cachedb) \ |
133 |
+ $(use_enable static-libs static) \ |
134 |
+ $(use_enable systemd) \ |
135 |
+ $(multilib_native_use_with python pythonmodule) \ |
136 |
+ $(multilib_native_use_with python pyunbound) \ |
137 |
+ $(use_with threads pthreads) \ |
138 |
+ $(use_with http2 libnghttp2) \ |
139 |
+ $(use_enable tfo tfo-client) \ |
140 |
+ $(use_enable tfo tfo-server) \ |
141 |
+ --disable-flto \ |
142 |
+ --disable-rpath \ |
143 |
+ --enable-event-api \ |
144 |
+ --enable-ipsecmod \ |
145 |
+ --with-libevent="${EPREFIX}"/usr \ |
146 |
+ $(multilib_native_usex redis --with-libhiredis="${EPREFIX}/usr" --without-libhiredis) \ |
147 |
+ --with-pidfile="${EPREFIX}"/run/unbound.pid \ |
148 |
+ --with-rootkey-file="${EPREFIX}"/etc/dnssec/root-anchors.txt \ |
149 |
+ --with-ssl="${EPREFIX}"/usr \ |
150 |
+ --with-libexpat="${EPREFIX}"/usr |
151 |
+ |
152 |
+ # http://unbound.nlnetlabs.nl/pipermail/unbound-users/2011-April/001801.html |
153 |
+ # $(use_enable debug lock-checks) \ |
154 |
+ # $(use_enable debug alloc-checks) \ |
155 |
+ # $(use_enable debug alloc-lite) \ |
156 |
+ # $(use_enable debug alloc-nonregional) \ |
157 |
+} |
158 |
+ |
159 |
+multilib_src_install() { |
160 |
+ emake DESTDIR="${D}" install |
161 |
+ systemd_dounit contrib/unbound.service |
162 |
+ systemd_dounit contrib/unbound.socket |
163 |
+} |
164 |
+ |
165 |
+multilib_src_install_all() { |
166 |
+ use python && python_optimize |
167 |
+ |
168 |
+ newinitd "${FILESDIR}"/unbound-r1.initd unbound |
169 |
+ newconfd "${FILESDIR}"/unbound-r1.confd unbound |
170 |
+ |
171 |
+ systemd_newunit "${FILESDIR}"/unbound_at.service "unbound@.service" |
172 |
+ systemd_dounit "${FILESDIR}"/unbound-anchor.service |
173 |
+ |
174 |
+ dodoc doc/{README,CREDITS,TODO,Changelog,FEATURES} |
175 |
+ |
176 |
+ # bug #315519 |
177 |
+ dodoc contrib/unbound_munin_ |
178 |
+ |
179 |
+ docinto selinux |
180 |
+ dodoc contrib/selinux/* |
181 |
+ |
182 |
+ exeinto /usr/share/${PN} |
183 |
+ doexe contrib/update-anchor.sh |
184 |
+ |
185 |
+ # create space for auto-trust-anchor-file... |
186 |
+ keepdir /etc/unbound/var |
187 |
+ fowners root:unbound /etc/unbound/var |
188 |
+ fperms 0770 /etc/unbound/var |
189 |
+ # ... and point example config to it |
190 |
+ sed -i \ |
191 |
+ -e '/# auto-trust-anchor-file:/s,/etc/dnssec/root-anchors.txt,/etc/unbound/var/root-anchors.txt,' \ |
192 |
+ "${ED}/etc/unbound/unbound.conf" \ |
193 |
+ || die |
194 |
+ |
195 |
+ # Used to store cache data |
196 |
+ keepdir /var/lib/${PN} |
197 |
+ fowners root:unbound /var/lib/${PN} |
198 |
+ fperms 0770 /var/lib/${PN} |
199 |
+ |
200 |
+ find "${ED}" -name '*.la' -delete || die |
201 |
+ if ! use static-libs ; then |
202 |
+ find "${ED}" -name "*.a" -delete || die |
203 |
+ fi |
204 |
+} |
205 |
+ |
206 |
+pkg_postinst() { |
207 |
+ if [[ ! -f "${EROOT}/etc/unbound/unbound_control.key" ]] ; then |
208 |
+ einfo "Trying to create unbound control key ..." |
209 |
+ if ! unbound-control-setup &>/dev/null ; then |
210 |
+ ewarn "Failed to create unbound control key!" |
211 |
+ fi |
212 |
+ fi |
213 |
+ |
214 |
+ if [[ ! -f "${EROOT}/etc/unbound/var/root-anchors.txt" ]] ; then |
215 |
+ einfo "" |
216 |
+ einfo "If you want unbound to automatically update the root-anchor file for DNSSEC validation" |
217 |
+ einfo "set 'auto-trust-anchor-file: ${EROOT}/etc/unbound/var/root-anchors.txt' in ${EROOT}/etc/unbound/unbound.conf" |
218 |
+ einfo "and run" |
219 |
+ einfo "" |
220 |
+ einfo " su -s /bin/sh -c '${EROOT}/usr/sbin/unbound-anchor -a ${EROOT}/etc/unbound/var/root-anchors.txt' unbound" |
221 |
+ einfo "" |
222 |
+ einfo "as root to create it initially before starting unbound for the first time after enabling this." |
223 |
+ einfo "" |
224 |
+ fi |
225 |
+ |
226 |
+ # Our user is not available on prefix |
227 |
+ use prefix && return |
228 |
+ |
229 |
+ local _perm_check_testfile=$(mktemp --dry-run "${EPREFIX}"/etc/unbound/var/.pkg_postinst-perm-check.XXXXXXXXX) |
230 |
+ su -s /bin/sh -c "touch ${_perm_check_testfile}" unbound &>/dev/null |
231 |
+ if [ $? -ne 0 ] ; then |
232 |
+ ewarn "WARNING: unbound user cannot write to \"${EPREFIX}/etc/unbound/var\"!" |
233 |
+ ewarn "Run the following commands to restore default permission:" |
234 |
+ ewarn "" |
235 |
+ ewarn " chown root:unbound ${EPREFIX}/etc/unbound/var" |
236 |
+ ewarn " chmod 0770 ${EPREFIX}/etc/unbound/var" |
237 |
+ else |
238 |
+ # Cleanup -- no reason to die here! |
239 |
+ rm -f "${_perm_check_testfile}" |
240 |
+ fi |
241 |
+} |