1 |
commit: 0ce09df81641ea0a9359a6f7e3711030a6dc7526 |
2 |
Author: Robin H. Johnson <robbat2 <AT> gentoo <DOT> org> |
3 |
AuthorDate: Thu Sep 13 22:36:16 2018 +0000 |
4 |
Commit: Robin H. Johnson <robbat2 <AT> gentoo <DOT> org> |
5 |
CommitDate: Thu Sep 13 22:36:31 2018 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0ce09df8 |
7 |
|
8 |
net-dns/unbound: bump |
9 |
|
10 |
Signed-off-by: Robin H. Johnson <robbat2 <AT> gentoo.org> |
11 |
Package-Manager: Portage-2.3.49, Repoman-2.3.10 |
12 |
|
13 |
net-dns/unbound/Manifest | 2 + |
14 |
net-dns/unbound/unbound-1.7.3.ebuild | 156 +++++++++++++++++++++++++++++++++ |
15 |
net-dns/unbound/unbound-1.8.0.ebuild | 161 +++++++++++++++++++++++++++++++++++ |
16 |
3 files changed, 319 insertions(+) |
17 |
|
18 |
diff --git a/net-dns/unbound/Manifest b/net-dns/unbound/Manifest |
19 |
index a047a933fb3..b614941c742 100644 |
20 |
--- a/net-dns/unbound/Manifest |
21 |
+++ b/net-dns/unbound/Manifest |
22 |
@@ -7,3 +7,5 @@ DIST unbound-1.6.7.tar.gz 5466931 BLAKE2B 57a051d5ac6d7fbc3d51613305651987670d0f |
23 |
DIST unbound-1.6.8.tar.gz 5467536 BLAKE2B 06caffbd905c339b3d0667382114bb3e5d5da90988402c8f488f789f9bf6ab87377e6a26aa083a7e9ba3d023f37d3eeba1e069adf8a8a266b23fb8361aeb6e26 SHA512 653d88d5dbc8cf25f7261e4a9869b6591843c7ff27b5d63f979a94505daafbbb61e05d46bedd2d01230355d5f08dd9fe14ed04c5c7340f3f27581b61ad6edfa3 |
24 |
DIST unbound-1.7.0.tar.gz 5538228 BLAKE2B a825e2cbef74b3a78f9802056d6f0992f77e0d40d4d28889c98b9ffa224ec3281b6873eab59134dcca8dc56bdd17202b3817dd28ab30d0a0bb72d749426b7675 SHA512 49b07643da2a89d8ceedce1295f550f74a76f4f11c2df54df55e9c42f03bad1b133789c7b36fb3c4f37d6b331ac302ecfd1249e8ebaaa4333beda8fa250b61d9 |
25 |
DIST unbound-1.7.1.tar.gz 5565938 BLAKE2B 423dde8a13ea3539d86eade96507e6cdb4ac816393e99f58b4e0dc74a79c31bae57c87924ef737a567cc338d02d672f6c059c86d2f28a634f06e5f9a339f4260 SHA512 99a68abf1f60f6ea80cf2973906df44da9c577d8cac969824af1ce9ca385a2e84dd684937480da87cb73c7dc41ad5c00b0013ec74103eadb8fd7dc6f98a89255 |
26 |
+DIST unbound-1.7.3.tar.gz 5570604 BLAKE2B 93a4e7cc0e13b3da1057ce4e4518ab2363f03bff7c820095ed30b5fccd2f4245cfade6bf68a424a090967053c7fd727f33352c9e8004bb05d907a878d69c2517 SHA512 34b2e93660e519b2eccefef26a6c7ac09fa3312384cc3bc449ff2b10743bd86bfeb36ec19d35eb913f8d0a3d91ad7923260a66fc799f28b0a2cc06741d80f27a |
27 |
+DIST unbound-1.8.0.tar.gz 5609213 BLAKE2B 41e464df60e03d502f13758e75f9143658b2a496c4fad69804d9d404e23a8d4b5480cc09048197f8593e37feffdffaea33b18a06d864d0d35e986169b49f42e4 SHA512 6c46f5b86b5bd98a7b549b660173d487e59e65385cebd7bc29429b4fee69f2b490651a409c57b072b9b604fa98e289fa82eeecfea8779900038c25b28a6bd064 |
28 |
|
29 |
diff --git a/net-dns/unbound/unbound-1.7.3.ebuild b/net-dns/unbound/unbound-1.7.3.ebuild |
30 |
new file mode 100644 |
31 |
index 00000000000..9edf230ed88 |
32 |
--- /dev/null |
33 |
+++ b/net-dns/unbound/unbound-1.7.3.ebuild |
34 |
@@ -0,0 +1,156 @@ |
35 |
+# Copyright 1999-2018 Gentoo Foundation |
36 |
+# Distributed under the terms of the GNU General Public License v2 |
37 |
+ |
38 |
+EAPI=5 |
39 |
+PYTHON_COMPAT=( python2_7 ) |
40 |
+ |
41 |
+inherit eutils flag-o-matic multilib-minimal python-single-r1 systemd user |
42 |
+ |
43 |
+MY_P=${PN}-${PV/_/} |
44 |
+DESCRIPTION="A validating, recursive and caching DNS resolver" |
45 |
+HOMEPAGE="http://unbound.net/" |
46 |
+SRC_URI="http://unbound.net/downloads/${MY_P}.tar.gz" |
47 |
+ |
48 |
+LICENSE="BSD GPL-2" |
49 |
+SLOT="0" |
50 |
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~mips ~ppc ~ppc64 ~x86" |
51 |
+IUSE="debug dnscrypt dnstap +ecdsa gost libressl python selinux static-libs systemd test threads" |
52 |
+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" |
53 |
+ |
54 |
+# Note: expat is needed by executable only but the Makefile is custom |
55 |
+# and doesn't make it possible to easily install the library without |
56 |
+# the executables. MULTILIB_USEDEP may be dropped once build system |
57 |
+# is fixed. |
58 |
+ |
59 |
+CDEPEND=">=dev-libs/expat-2.1.0-r3[${MULTILIB_USEDEP}] |
60 |
+ >=dev-libs/libevent-2.0.21:0=[${MULTILIB_USEDEP}] |
61 |
+ libressl? ( >=dev-libs/libressl-2.2.4:0[${MULTILIB_USEDEP}] ) |
62 |
+ !libressl? ( >=dev-libs/openssl-1.0.1h-r2:0[${MULTILIB_USEDEP}] ) |
63 |
+ dnscrypt? ( dev-libs/libsodium[${MULTILIB_USEDEP}] ) |
64 |
+ dnstap? ( |
65 |
+ dev-libs/fstrm[${MULTILIB_USEDEP}] |
66 |
+ >=dev-libs/protobuf-c-1.0.2-r1[${MULTILIB_USEDEP}] |
67 |
+ ) |
68 |
+ ecdsa? ( |
69 |
+ !libressl? ( dev-libs/openssl:0[-bindist] ) |
70 |
+ ) |
71 |
+ python? ( ${PYTHON_DEPS} )" |
72 |
+ |
73 |
+DEPEND="${CDEPEND} |
74 |
+ python? ( dev-lang/swig ) |
75 |
+ test? ( |
76 |
+ net-dns/ldns-utils[examples] |
77 |
+ dev-util/splint |
78 |
+ app-text/wdiff |
79 |
+ ) |
80 |
+ systemd? ( sys-apps/systemd ) |
81 |
+ virtual/pkgconfig" |
82 |
+ |
83 |
+RDEPEND="${CDEPEND} |
84 |
+ selinux? ( sec-policy/selinux-bind )" |
85 |
+ |
86 |
+# bug #347415 |
87 |
+RDEPEND="${RDEPEND} |
88 |
+ net-dns/dnssec-root" |
89 |
+ |
90 |
+S=${WORKDIR}/${MY_P} |
91 |
+ |
92 |
+pkg_setup() { |
93 |
+ enewgroup unbound |
94 |
+ enewuser unbound -1 -1 /etc/unbound unbound |
95 |
+ # improve security on existing installs (bug #641042) |
96 |
+ # as well as new installs where unbound homedir has just been created |
97 |
+ if [[ -d "${ROOT}/etc/unbound" ]]; then |
98 |
+ chown --no-dereference --from=unbound root "${ROOT}/etc/unbound" |
99 |
+ fi |
100 |
+ |
101 |
+ use python && python-single-r1_pkg_setup |
102 |
+} |
103 |
+ |
104 |
+src_prepare() { |
105 |
+ # To avoid below error messages, set 'trust-anchor-file' to same value in |
106 |
+ # 'auto-trust-anchor-file'. |
107 |
+ # [23109:0] error: Could not open autotrust file for writing, |
108 |
+ # /etc/dnssec/root-anchors.txt: Permission denied |
109 |
+ epatch "${FILESDIR}"/${PN}-1.5.7-trust-anchor-file.patch |
110 |
+ |
111 |
+ # required for the python part |
112 |
+ multilib_copy_sources |
113 |
+} |
114 |
+ |
115 |
+src_configure() { |
116 |
+ [[ ${CHOST} == *-darwin* ]] || append-ldflags -Wl,-z,noexecstack |
117 |
+ multilib-minimal_src_configure |
118 |
+} |
119 |
+ |
120 |
+multilib_src_configure() { |
121 |
+ econf \ |
122 |
+ $(use_enable debug) \ |
123 |
+ $(use_enable gost) \ |
124 |
+ $(use_enable dnscrypt) \ |
125 |
+ $(use_enable dnstap) \ |
126 |
+ $(use_enable ecdsa) \ |
127 |
+ $(use_enable static-libs static) \ |
128 |
+ $(use_enable systemd) \ |
129 |
+ $(multilib_native_use_with python pythonmodule) \ |
130 |
+ $(multilib_native_use_with python pyunbound) \ |
131 |
+ $(use_with threads pthreads) \ |
132 |
+ --disable-flto \ |
133 |
+ --disable-rpath \ |
134 |
+ --with-libevent="${EPREFIX}"/usr \ |
135 |
+ --with-pidfile="${EPREFIX}"/var/run/unbound.pid \ |
136 |
+ --with-rootkey-file="${EPREFIX}"/etc/dnssec/root-anchors.txt \ |
137 |
+ --with-ssl="${EPREFIX}"/usr \ |
138 |
+ --with-libexpat="${EPREFIX}"/usr |
139 |
+ |
140 |
+ # http://unbound.nlnetlabs.nl/pipermail/unbound-users/2011-April/001801.html |
141 |
+ # $(use_enable debug lock-checks) \ |
142 |
+ # $(use_enable debug alloc-checks) \ |
143 |
+ # $(use_enable debug alloc-lite) \ |
144 |
+ # $(use_enable debug alloc-nonregional) \ |
145 |
+} |
146 |
+ |
147 |
+multilib_src_install_all() { |
148 |
+ prune_libtool_files --modules |
149 |
+ use python && python_optimize |
150 |
+ |
151 |
+ newinitd "${FILESDIR}"/unbound.initd unbound |
152 |
+ newconfd "${FILESDIR}"/unbound.confd unbound |
153 |
+ |
154 |
+ systemd_dounit "${FILESDIR}"/unbound.service |
155 |
+ systemd_dounit "${FILESDIR}"/unbound.socket |
156 |
+ systemd_newunit "${FILESDIR}"/unbound_at.service "unbound@.service" |
157 |
+ systemd_dounit "${FILESDIR}"/unbound-anchor.service |
158 |
+ |
159 |
+ dodoc doc/{README,CREDITS,TODO,Changelog,FEATURES} |
160 |
+ |
161 |
+ # bug #315519 |
162 |
+ dodoc contrib/unbound_munin_ |
163 |
+ |
164 |
+ docinto selinux |
165 |
+ dodoc contrib/selinux/* |
166 |
+ |
167 |
+ exeinto /usr/share/${PN} |
168 |
+ doexe contrib/update-anchor.sh |
169 |
+ |
170 |
+ # create space for auto-trust-anchor-file... |
171 |
+ keepdir /etc/unbound/var |
172 |
+ # ... and point example config to it |
173 |
+ sed -i '/# auto-trust-anchor-file:/s,/etc/dnssec/root-anchors.txt,/etc/unbound/var/root-anchors.txt,' "${ED}/etc/unbound/unbound.conf" |
174 |
+} |
175 |
+ |
176 |
+pkg_postinst() { |
177 |
+ # make var/ writable by unbound |
178 |
+ if [[ -d "${ROOT}/etc/unbound/var" ]]; then |
179 |
+ chown --no-dereference --from=root unbound: "${ROOT}/etc/unbound/var" |
180 |
+ fi |
181 |
+ einfo "" |
182 |
+ einfo "If you want unbound to automatically update the root-anchor file for DNSSEC validation" |
183 |
+ einfo "set 'auto-trust-anchor-file: /etc/unbound/var/root-anchors.txt' in /etc/unbound/unbound.conf" |
184 |
+ einfo "and run" |
185 |
+ einfo "" |
186 |
+ einfo " su -s /bin/sh -c '/usr/sbin/unbound-anchor -a /etc/unbound/var/root-anchors.txt' unbound" |
187 |
+ einfo "" |
188 |
+ einfo "as root to create it initially before starting unbound for the first time after enabling this." |
189 |
+ einfo "" |
190 |
+} |
191 |
|
192 |
diff --git a/net-dns/unbound/unbound-1.8.0.ebuild b/net-dns/unbound/unbound-1.8.0.ebuild |
193 |
new file mode 100644 |
194 |
index 00000000000..3f81f97d29d |
195 |
--- /dev/null |
196 |
+++ b/net-dns/unbound/unbound-1.8.0.ebuild |
197 |
@@ -0,0 +1,161 @@ |
198 |
+# Copyright 1999-2018 Gentoo Foundation |
199 |
+# Distributed under the terms of the GNU General Public License v2 |
200 |
+ |
201 |
+EAPI=5 |
202 |
+PYTHON_COMPAT=( python2_7 ) |
203 |
+ |
204 |
+inherit eutils flag-o-matic multilib-minimal python-single-r1 systemd user |
205 |
+ |
206 |
+MY_P=${PN}-${PV/_/} |
207 |
+DESCRIPTION="A validating, recursive and caching DNS resolver" |
208 |
+HOMEPAGE="http://unbound.net/" |
209 |
+SRC_URI="http://unbound.net/downloads/${MY_P}.tar.gz" |
210 |
+ |
211 |
+LICENSE="BSD GPL-2" |
212 |
+SLOT="0" |
213 |
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~mips ~ppc ~ppc64 ~x86" |
214 |
+IUSE="debug dnscrypt dnstap +ecdsa gost libressl python selinux static-libs systemd test threads" |
215 |
+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" |
216 |
+ |
217 |
+# Note: expat is needed by executable only but the Makefile is custom |
218 |
+# and doesn't make it possible to easily install the library without |
219 |
+# the executables. MULTILIB_USEDEP may be dropped once build system |
220 |
+# is fixed. |
221 |
+ |
222 |
+CDEPEND=">=dev-libs/expat-2.1.0-r3[${MULTILIB_USEDEP}] |
223 |
+ >=dev-libs/libevent-2.0.21:0=[${MULTILIB_USEDEP}] |
224 |
+ libressl? ( >=dev-libs/libressl-2.2.4:0[${MULTILIB_USEDEP}] ) |
225 |
+ !libressl? ( >=dev-libs/openssl-1.0.1h-r2:0[${MULTILIB_USEDEP}] ) |
226 |
+ dnscrypt? ( dev-libs/libsodium[${MULTILIB_USEDEP}] ) |
227 |
+ dnstap? ( |
228 |
+ dev-libs/fstrm[${MULTILIB_USEDEP}] |
229 |
+ >=dev-libs/protobuf-c-1.0.2-r1[${MULTILIB_USEDEP}] |
230 |
+ ) |
231 |
+ ecdsa? ( |
232 |
+ !libressl? ( dev-libs/openssl:0[-bindist] ) |
233 |
+ ) |
234 |
+ python? ( ${PYTHON_DEPS} )" |
235 |
+ |
236 |
+DEPEND="${CDEPEND} |
237 |
+ python? ( dev-lang/swig ) |
238 |
+ test? ( |
239 |
+ net-dns/ldns-utils[examples] |
240 |
+ dev-util/splint |
241 |
+ app-text/wdiff |
242 |
+ ) |
243 |
+ systemd? ( sys-apps/systemd ) |
244 |
+ virtual/pkgconfig" |
245 |
+ |
246 |
+RDEPEND="${CDEPEND} |
247 |
+ selinux? ( sec-policy/selinux-bind )" |
248 |
+ |
249 |
+# bug #347415 |
250 |
+RDEPEND="${RDEPEND} |
251 |
+ net-dns/dnssec-root" |
252 |
+ |
253 |
+S=${WORKDIR}/${MY_P} |
254 |
+ |
255 |
+pkg_setup() { |
256 |
+ enewgroup unbound |
257 |
+ enewuser unbound -1 -1 /etc/unbound unbound |
258 |
+ # improve security on existing installs (bug #641042) |
259 |
+ # as well as new installs where unbound homedir has just been created |
260 |
+ if [[ -d "${ROOT}/etc/unbound" ]]; then |
261 |
+ chown --no-dereference --from=unbound root "${ROOT}/etc/unbound" |
262 |
+ fi |
263 |
+ |
264 |
+ use python && python-single-r1_pkg_setup |
265 |
+} |
266 |
+ |
267 |
+src_prepare() { |
268 |
+ # To avoid below error messages, set 'trust-anchor-file' to same value in |
269 |
+ # 'auto-trust-anchor-file'. |
270 |
+ # [23109:0] error: Could not open autotrust file for writing, |
271 |
+ # /etc/dnssec/root-anchors.txt: Permission denied |
272 |
+ epatch "${FILESDIR}"/${PN}-1.5.7-trust-anchor-file.patch |
273 |
+ |
274 |
+ # required for the python part |
275 |
+ multilib_copy_sources |
276 |
+} |
277 |
+ |
278 |
+src_configure() { |
279 |
+ [[ ${CHOST} == *-darwin* ]] || append-ldflags -Wl,-z,noexecstack |
280 |
+ multilib-minimal_src_configure |
281 |
+} |
282 |
+ |
283 |
+multilib_src_configure() { |
284 |
+ # TODO: cachedb |
285 |
+ econf \ |
286 |
+ $(use_enable debug) \ |
287 |
+ $(use_enable gost) \ |
288 |
+ $(use_enable dnscrypt) \ |
289 |
+ $(use_enable dnstap) \ |
290 |
+ $(use_enable ecdsa) \ |
291 |
+ $(use_enable static-libs static) \ |
292 |
+ $(use_enable systemd) \ |
293 |
+ $(multilib_native_use_with python pythonmodule) \ |
294 |
+ $(multilib_native_use_with python pyunbound) \ |
295 |
+ $(use_with threads pthreads) \ |
296 |
+ --disable-flto \ |
297 |
+ --disable-rpath \ |
298 |
+ --enable-ipsecmod \ |
299 |
+ --enable-subnet \ |
300 |
+ --enable-tfo-client \ |
301 |
+ --enable-tfo-server \ |
302 |
+ --with-libevent="${EPREFIX}"/usr \ |
303 |
+ --with-pidfile="${EPREFIX}"/var/run/unbound.pid \ |
304 |
+ --with-rootkey-file="${EPREFIX}"/etc/dnssec/root-anchors.txt \ |
305 |
+ --with-ssl="${EPREFIX}"/usr \ |
306 |
+ --with-libexpat="${EPREFIX}"/usr |
307 |
+ |
308 |
+ # http://unbound.nlnetlabs.nl/pipermail/unbound-users/2011-April/001801.html |
309 |
+ # $(use_enable debug lock-checks) \ |
310 |
+ # $(use_enable debug alloc-checks) \ |
311 |
+ # $(use_enable debug alloc-lite) \ |
312 |
+ # $(use_enable debug alloc-nonregional) \ |
313 |
+} |
314 |
+ |
315 |
+multilib_src_install_all() { |
316 |
+ prune_libtool_files --modules |
317 |
+ use python && python_optimize |
318 |
+ |
319 |
+ newinitd "${FILESDIR}"/unbound.initd unbound |
320 |
+ newconfd "${FILESDIR}"/unbound.confd unbound |
321 |
+ |
322 |
+ systemd_dounit "${FILESDIR}"/unbound.service |
323 |
+ systemd_dounit "${FILESDIR}"/unbound.socket |
324 |
+ systemd_newunit "${FILESDIR}"/unbound_at.service "unbound@.service" |
325 |
+ systemd_dounit "${FILESDIR}"/unbound-anchor.service |
326 |
+ |
327 |
+ dodoc doc/{README,CREDITS,TODO,Changelog,FEATURES} |
328 |
+ |
329 |
+ # bug #315519 |
330 |
+ dodoc contrib/unbound_munin_ |
331 |
+ |
332 |
+ docinto selinux |
333 |
+ dodoc contrib/selinux/* |
334 |
+ |
335 |
+ exeinto /usr/share/${PN} |
336 |
+ doexe contrib/update-anchor.sh |
337 |
+ |
338 |
+ # create space for auto-trust-anchor-file... |
339 |
+ keepdir /etc/unbound/var |
340 |
+ # ... and point example config to it |
341 |
+ sed -i '/# auto-trust-anchor-file:/s,/etc/dnssec/root-anchors.txt,/etc/unbound/var/root-anchors.txt,' "${ED}/etc/unbound/unbound.conf" |
342 |
+} |
343 |
+ |
344 |
+pkg_postinst() { |
345 |
+ # make var/ writable by unbound |
346 |
+ if [[ -d "${ROOT}/etc/unbound/var" ]]; then |
347 |
+ chown --no-dereference --from=root unbound: "${ROOT}/etc/unbound/var" |
348 |
+ fi |
349 |
+ einfo "" |
350 |
+ einfo "If you want unbound to automatically update the root-anchor file for DNSSEC validation" |
351 |
+ einfo "set 'auto-trust-anchor-file: /etc/unbound/var/root-anchors.txt' in /etc/unbound/unbound.conf" |
352 |
+ einfo "and run" |
353 |
+ einfo "" |
354 |
+ einfo " su -s /bin/sh -c '/usr/sbin/unbound-anchor -a /etc/unbound/var/root-anchors.txt' unbound" |
355 |
+ einfo "" |
356 |
+ einfo "as root to create it initially before starting unbound for the first time after enabling this." |
357 |
+ einfo "" |
358 |
+} |