[gentoo-commits] repo/gentoo:master commit in: net-dns/unbound/ - gentoo-commits

From:	"Robin H. Johnson" <robbat2@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: net-dns/unbound/
Date:	Thu, 13 Sep 2018 22:36:46
Message-Id:	`1536878191.0ce09df81641ea0a9359a6f7e3711030a6dc7526.robbat2@gentoo`

1

commit:     0ce09df81641ea0a9359a6f7e3711030a6dc7526

2

Author:     Robin H. Johnson <robbat2 <AT> gentoo <DOT> org>

3

AuthorDate: Thu Sep 13 22:36:16 2018 +0000

4

Commit:     Robin H. Johnson <robbat2 <AT> gentoo <DOT> org>

5

CommitDate: Thu Sep 13 22:36:31 2018 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0ce09df8

7

8

net-dns/unbound: bump

9

10

Signed-off-by: Robin H. Johnson <robbat2 <AT> gentoo.org>

11

Package-Manager: Portage-2.3.49, Repoman-2.3.10

12

13

 net-dns/unbound/Manifest             |   2 +

14

 net-dns/unbound/unbound-1.7.3.ebuild | 156 +++++++++++++++++++++++++++++++++

15

 net-dns/unbound/unbound-1.8.0.ebuild | 161 +++++++++++++++++++++++++++++++++++

16

 3 files changed, 319 insertions(+)

17

18

diff --git a/net-dns/unbound/Manifest b/net-dns/unbound/Manifest

19

index a047a933fb3..b614941c742 100644

20

--- a/net-dns/unbound/Manifest

21

+++ b/net-dns/unbound/Manifest

22

@@ -7,3 +7,5 @@ DIST unbound-1.6.7.tar.gz 5466931 BLAKE2B 57a051d5ac6d7fbc3d51613305651987670d0f

23

 DIST unbound-1.6.8.tar.gz 5467536 BLAKE2B 06caffbd905c339b3d0667382114bb3e5d5da90988402c8f488f789f9bf6ab87377e6a26aa083a7e9ba3d023f37d3eeba1e069adf8a8a266b23fb8361aeb6e26 SHA512 653d88d5dbc8cf25f7261e4a9869b6591843c7ff27b5d63f979a94505daafbbb61e05d46bedd2d01230355d5f08dd9fe14ed04c5c7340f3f27581b61ad6edfa3

24

 DIST unbound-1.7.0.tar.gz 5538228 BLAKE2B a825e2cbef74b3a78f9802056d6f0992f77e0d40d4d28889c98b9ffa224ec3281b6873eab59134dcca8dc56bdd17202b3817dd28ab30d0a0bb72d749426b7675 SHA512 49b07643da2a89d8ceedce1295f550f74a76f4f11c2df54df55e9c42f03bad1b133789c7b36fb3c4f37d6b331ac302ecfd1249e8ebaaa4333beda8fa250b61d9

25

 DIST unbound-1.7.1.tar.gz 5565938 BLAKE2B 423dde8a13ea3539d86eade96507e6cdb4ac816393e99f58b4e0dc74a79c31bae57c87924ef737a567cc338d02d672f6c059c86d2f28a634f06e5f9a339f4260 SHA512 99a68abf1f60f6ea80cf2973906df44da9c577d8cac969824af1ce9ca385a2e84dd684937480da87cb73c7dc41ad5c00b0013ec74103eadb8fd7dc6f98a89255

26

+DIST unbound-1.7.3.tar.gz 5570604 BLAKE2B 93a4e7cc0e13b3da1057ce4e4518ab2363f03bff7c820095ed30b5fccd2f4245cfade6bf68a424a090967053c7fd727f33352c9e8004bb05d907a878d69c2517 SHA512 34b2e93660e519b2eccefef26a6c7ac09fa3312384cc3bc449ff2b10743bd86bfeb36ec19d35eb913f8d0a3d91ad7923260a66fc799f28b0a2cc06741d80f27a

27

+DIST unbound-1.8.0.tar.gz 5609213 BLAKE2B 41e464df60e03d502f13758e75f9143658b2a496c4fad69804d9d404e23a8d4b5480cc09048197f8593e37feffdffaea33b18a06d864d0d35e986169b49f42e4 SHA512 6c46f5b86b5bd98a7b549b660173d487e59e65385cebd7bc29429b4fee69f2b490651a409c57b072b9b604fa98e289fa82eeecfea8779900038c25b28a6bd064

28

29

diff --git a/net-dns/unbound/unbound-1.7.3.ebuild b/net-dns/unbound/unbound-1.7.3.ebuild

30

new file mode 100644

31

index 00000000000..9edf230ed88

32

--- /dev/null

33

+++ b/net-dns/unbound/unbound-1.7.3.ebuild

34

@@ -0,0 +1,156 @@

35

+# Copyright 1999-2018 Gentoo Foundation

36

+# Distributed under the terms of the GNU General Public License v2

37

+

38

+EAPI=5

39

+PYTHON_COMPAT=( python2_7 )

40

+

41

+inherit eutils flag-o-matic multilib-minimal python-single-r1 systemd user

42

+

43

+MY_P=${PN}-${PV/_/}

44

+DESCRIPTION="A validating, recursive and caching DNS resolver"

45

+HOMEPAGE="http://unbound.net/"

46

+SRC_URI="http://unbound.net/downloads/${MY_P}.tar.gz"

47

+

48

+LICENSE="BSD GPL-2"

49

+SLOT="0"

50

+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~mips ~ppc ~ppc64 ~x86"

51

+IUSE="debug dnscrypt dnstap +ecdsa gost libressl python selinux static-libs systemd test threads"

52

+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"

53

+

54

+# Note: expat is needed by executable only but the Makefile is custom

55

+# and doesn't make it possible to easily install the library without

56

+# the executables. MULTILIB_USEDEP may be dropped once build system

57

+# is fixed.

58

+

59

+CDEPEND=">=dev-libs/expat-2.1.0-r3[${MULTILIB_USEDEP}]

60

+	>=dev-libs/libevent-2.0.21:0=[${MULTILIB_USEDEP}]

61

+	libressl? ( >=dev-libs/libressl-2.2.4:0[${MULTILIB_USEDEP}] )

62

+	!libressl? ( >=dev-libs/openssl-1.0.1h-r2:0[${MULTILIB_USEDEP}] )

63

+	dnscrypt? ( dev-libs/libsodium[${MULTILIB_USEDEP}] )

64

+	dnstap? (

65

+		dev-libs/fstrm[${MULTILIB_USEDEP}]

66

+		>=dev-libs/protobuf-c-1.0.2-r1[${MULTILIB_USEDEP}]

67

+	)

68

+	ecdsa? (

69

+		!libressl? ( dev-libs/openssl:0[-bindist] )

70

+	)

71

+	python? ( ${PYTHON_DEPS} )"

72

+

73

+DEPEND="${CDEPEND}

74

+	python? ( dev-lang/swig )

75

+	test? (

76

+		net-dns/ldns-utils[examples]

77

+		dev-util/splint

78

+		app-text/wdiff

79

+	)

80

+	systemd? ( sys-apps/systemd )

81

+	virtual/pkgconfig"

82

+

83

+RDEPEND="${CDEPEND}

84

+	selinux? ( sec-policy/selinux-bind )"

85

+

86

+# bug #347415

87

+RDEPEND="${RDEPEND}

88

+	net-dns/dnssec-root"

89

+

90

+S=${WORKDIR}/${MY_P}

91

+

92

+pkg_setup() {

93

+	enewgroup unbound

94

+	enewuser unbound -1 -1 /etc/unbound unbound

95

+	# improve security on existing installs (bug #641042)

96

+	# as well as new installs where unbound homedir has just been created

97

+	if [[ -d "${ROOT}/etc/unbound" ]]; then

98

+		chown --no-dereference --from=unbound root "${ROOT}/etc/unbound"

99

+	fi

100

+

101

+	use python && python-single-r1_pkg_setup

102

+}

103

+

104

+src_prepare() {

105

+	# To avoid below error messages, set 'trust-anchor-file' to same value in

106

+	# 'auto-trust-anchor-file'.

107

+	# [23109:0] error: Could not open autotrust file for writing,

108

+	# /etc/dnssec/root-anchors.txt: Permission denied

109

+	epatch "${FILESDIR}"/${PN}-1.5.7-trust-anchor-file.patch

110

+

111

+	# required for the python part

112

+	multilib_copy_sources

113

+}

114

+

115

+src_configure() {

116

+	[[ ${CHOST} == *-darwin* ]] || append-ldflags -Wl,-z,noexecstack

117

+	multilib-minimal_src_configure

118

+}

119

+

120

+multilib_src_configure() {

121

+	econf \

122

+		$(use_enable debug) \

123

+		$(use_enable gost) \

124

+		$(use_enable dnscrypt) \

125

+		$(use_enable dnstap) \

126

+		$(use_enable ecdsa) \

127

+		$(use_enable static-libs static) \

128

+		$(use_enable systemd) \

129

+		$(multilib_native_use_with python pythonmodule) \

130

+		$(multilib_native_use_with python pyunbound) \

131

+		$(use_with threads pthreads) \

132

+		--disable-flto \

133

+		--disable-rpath \

134

+		--with-libevent="${EPREFIX}"/usr \

135

+		--with-pidfile="${EPREFIX}"/var/run/unbound.pid \

136

+		--with-rootkey-file="${EPREFIX}"/etc/dnssec/root-anchors.txt \

137

+		--with-ssl="${EPREFIX}"/usr \

138

+		--with-libexpat="${EPREFIX}"/usr

139

+

140

+		# http://unbound.nlnetlabs.nl/pipermail/unbound-users/2011-April/001801.html

141

+		# $(use_enable debug lock-checks) \

142

+		# $(use_enable debug alloc-checks) \

143

+		# $(use_enable debug alloc-lite) \

144

+		# $(use_enable debug alloc-nonregional) \

145

+}

146

+

147

+multilib_src_install_all() {

148

+	prune_libtool_files --modules

149

+	use python && python_optimize

150

+

151

+	newinitd "${FILESDIR}"/unbound.initd unbound

152

+	newconfd "${FILESDIR}"/unbound.confd unbound

153

+

154

+	systemd_dounit "${FILESDIR}"/unbound.service

155

+	systemd_dounit "${FILESDIR}"/unbound.socket

156

+	systemd_newunit "${FILESDIR}"/unbound_at.service "unbound@.service"

157

+	systemd_dounit "${FILESDIR}"/unbound-anchor.service

158

+

159

+	dodoc doc/{README,CREDITS,TODO,Changelog,FEATURES}

160

+

161

+	# bug #315519

162

+	dodoc contrib/unbound_munin_

163

+

164

+	docinto selinux

165

+	dodoc contrib/selinux/*

166

+

167

+	exeinto /usr/share/${PN}

168

+	doexe contrib/update-anchor.sh

169

+

170

+	# create space for auto-trust-anchor-file...

171

+	keepdir /etc/unbound/var

172

+	# ... and point example config to it

173

+	sed -i '/# auto-trust-anchor-file:/s,/etc/dnssec/root-anchors.txt,/etc/unbound/var/root-anchors.txt,' "${ED}/etc/unbound/unbound.conf"

174

+}

175

+

176

+pkg_postinst() {

177

+	# make var/ writable by unbound

178

+	if [[ -d "${ROOT}/etc/unbound/var" ]]; then

179

+		chown --no-dereference --from=root unbound: "${ROOT}/etc/unbound/var"

180

+	fi

181

+	einfo ""

182

+	einfo "If you want unbound to automatically update the root-anchor file for DNSSEC validation"

183

+	einfo "set 'auto-trust-anchor-file: /etc/unbound/var/root-anchors.txt' in /etc/unbound/unbound.conf"

184

+	einfo "and run"

185

+	einfo ""

186

+	einfo "  su -s /bin/sh -c '/usr/sbin/unbound-anchor -a /etc/unbound/var/root-anchors.txt' unbound"

187

+	einfo ""

188

+	einfo "as root to create it initially before starting unbound for the first time after enabling this."

189

+	einfo ""

190

+}

191

192

diff --git a/net-dns/unbound/unbound-1.8.0.ebuild b/net-dns/unbound/unbound-1.8.0.ebuild

193

new file mode 100644

194

index 00000000000..3f81f97d29d

195

--- /dev/null

196

+++ b/net-dns/unbound/unbound-1.8.0.ebuild

197

@@ -0,0 +1,161 @@

198

+# Copyright 1999-2018 Gentoo Foundation

199

+# Distributed under the terms of the GNU General Public License v2

200

+

201

+EAPI=5

202

+PYTHON_COMPAT=( python2_7 )

203

+

204

+inherit eutils flag-o-matic multilib-minimal python-single-r1 systemd user

205

+

206

+MY_P=${PN}-${PV/_/}

207

+DESCRIPTION="A validating, recursive and caching DNS resolver"

208

+HOMEPAGE="http://unbound.net/"

209

+SRC_URI="http://unbound.net/downloads/${MY_P}.tar.gz"

210

+

211

+LICENSE="BSD GPL-2"

212

+SLOT="0"

213

+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~mips ~ppc ~ppc64 ~x86"

214

+IUSE="debug dnscrypt dnstap +ecdsa gost libressl python selinux static-libs systemd test threads"

215

+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"

216

+

217

+# Note: expat is needed by executable only but the Makefile is custom

218

+# and doesn't make it possible to easily install the library without

219

+# the executables. MULTILIB_USEDEP may be dropped once build system

220

+# is fixed.

221

+

222

+CDEPEND=">=dev-libs/expat-2.1.0-r3[${MULTILIB_USEDEP}]

223

+	>=dev-libs/libevent-2.0.21:0=[${MULTILIB_USEDEP}]

224

+	libressl? ( >=dev-libs/libressl-2.2.4:0[${MULTILIB_USEDEP}] )

225

+	!libressl? ( >=dev-libs/openssl-1.0.1h-r2:0[${MULTILIB_USEDEP}] )

226

+	dnscrypt? ( dev-libs/libsodium[${MULTILIB_USEDEP}] )

227

+	dnstap? (

228

+		dev-libs/fstrm[${MULTILIB_USEDEP}]

229

+		>=dev-libs/protobuf-c-1.0.2-r1[${MULTILIB_USEDEP}]

230

+	)

231

+	ecdsa? (

232

+		!libressl? ( dev-libs/openssl:0[-bindist] )

233

+	)

234

+	python? ( ${PYTHON_DEPS} )"

235

+

236

+DEPEND="${CDEPEND}

237

+	python? ( dev-lang/swig )

238

+	test? (

239

+		net-dns/ldns-utils[examples]

240

+		dev-util/splint

241

+		app-text/wdiff

242

+	)

243

+	systemd? ( sys-apps/systemd )

244

+	virtual/pkgconfig"

245

+

246

+RDEPEND="${CDEPEND}

247

+	selinux? ( sec-policy/selinux-bind )"

248

+

249

+# bug #347415

250

+RDEPEND="${RDEPEND}

251

+	net-dns/dnssec-root"

252

+

253

+S=${WORKDIR}/${MY_P}

254

+

255

+pkg_setup() {

256

+	enewgroup unbound

257

+	enewuser unbound -1 -1 /etc/unbound unbound

258

+	# improve security on existing installs (bug #641042)

259

+	# as well as new installs where unbound homedir has just been created

260

+	if [[ -d "${ROOT}/etc/unbound" ]]; then

261

+		chown --no-dereference --from=unbound root "${ROOT}/etc/unbound"

262

+	fi

263

+

264

+	use python && python-single-r1_pkg_setup

265

+}

266

+

267

+src_prepare() {

268

+	# To avoid below error messages, set 'trust-anchor-file' to same value in

269

+	# 'auto-trust-anchor-file'.

270

+	# [23109:0] error: Could not open autotrust file for writing,

271

+	# /etc/dnssec/root-anchors.txt: Permission denied

272

+	epatch "${FILESDIR}"/${PN}-1.5.7-trust-anchor-file.patch

273

+

274

+	# required for the python part

275

+	multilib_copy_sources

276

+}

277

+

278

+src_configure() {

279

+	[[ ${CHOST} == *-darwin* ]] || append-ldflags -Wl,-z,noexecstack

280

+	multilib-minimal_src_configure

281

+}

282

+

283

+multilib_src_configure() {

284

+	# TODO: cachedb

285

+	econf \

286

+		$(use_enable debug) \

287

+		$(use_enable gost) \

288

+		$(use_enable dnscrypt) \

289

+		$(use_enable dnstap) \

290

+		$(use_enable ecdsa) \

291

+		$(use_enable static-libs static) \

292

+		$(use_enable systemd) \

293

+		$(multilib_native_use_with python pythonmodule) \

294

+		$(multilib_native_use_with python pyunbound) \

295

+		$(use_with threads pthreads) \

296

+		--disable-flto \

297

+		--disable-rpath \

298

+		--enable-ipsecmod \

299

+		--enable-subnet \

300

+		--enable-tfo-client \

301

+		--enable-tfo-server \

302

+		--with-libevent="${EPREFIX}"/usr \

303

+		--with-pidfile="${EPREFIX}"/var/run/unbound.pid \

304

+		--with-rootkey-file="${EPREFIX}"/etc/dnssec/root-anchors.txt \

305

+		--with-ssl="${EPREFIX}"/usr \

306

+		--with-libexpat="${EPREFIX}"/usr

307

+

308

+		# http://unbound.nlnetlabs.nl/pipermail/unbound-users/2011-April/001801.html

309

+		# $(use_enable debug lock-checks) \

310

+		# $(use_enable debug alloc-checks) \

311

+		# $(use_enable debug alloc-lite) \

312

+		# $(use_enable debug alloc-nonregional) \

313

+}

314

+

315

+multilib_src_install_all() {

316

+	prune_libtool_files --modules

317

+	use python && python_optimize

318

+

319

+	newinitd "${FILESDIR}"/unbound.initd unbound

320

+	newconfd "${FILESDIR}"/unbound.confd unbound

321

+

322

+	systemd_dounit "${FILESDIR}"/unbound.service

323

+	systemd_dounit "${FILESDIR}"/unbound.socket

324

+	systemd_newunit "${FILESDIR}"/unbound_at.service "unbound@.service"

325

+	systemd_dounit "${FILESDIR}"/unbound-anchor.service

326

+

327

+	dodoc doc/{README,CREDITS,TODO,Changelog,FEATURES}

328

+

329

+	# bug #315519

330

+	dodoc contrib/unbound_munin_

331

+

332

+	docinto selinux

333

+	dodoc contrib/selinux/*

334

+

335

+	exeinto /usr/share/${PN}

336

+	doexe contrib/update-anchor.sh

337

+

338

+	# create space for auto-trust-anchor-file...

339

+	keepdir /etc/unbound/var

340

+	# ... and point example config to it

341

+	sed -i '/# auto-trust-anchor-file:/s,/etc/dnssec/root-anchors.txt,/etc/unbound/var/root-anchors.txt,' "${ED}/etc/unbound/unbound.conf"

342

+}

343

+

344

+pkg_postinst() {

345

+	# make var/ writable by unbound

346

+	if [[ -d "${ROOT}/etc/unbound/var" ]]; then

347

+		chown --no-dereference --from=root unbound: "${ROOT}/etc/unbound/var"

348

+	fi

349

+	einfo ""

350

+	einfo "If you want unbound to automatically update the root-anchor file for DNSSEC validation"

351

+	einfo "set 'auto-trust-anchor-file: /etc/unbound/var/root-anchors.txt' in /etc/unbound/unbound.conf"

352

+	einfo "and run"

353

+	einfo ""

354

+	einfo "  su -s /bin/sh -c '/usr/sbin/unbound-anchor -a /etc/unbound/var/root-anchors.txt' unbound"

355

+	einfo ""

356

+	einfo "as root to create it initially before starting unbound for the first time after enabling this."

357

+	einfo ""

358

+}

1	commit: 0ce09df81641ea0a9359a6f7e3711030a6dc7526
2	Author: Robin H. Johnson <robbat2 <AT> gentoo <DOT> org>
3	AuthorDate: Thu Sep 13 22:36:16 2018 +0000
4	Commit: Robin H. Johnson <robbat2 <AT> gentoo <DOT> org>
5	CommitDate: Thu Sep 13 22:36:31 2018 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0ce09df8
7
8	net-dns/unbound: bump
9
10	Signed-off-by: Robin H. Johnson <robbat2 <AT> gentoo.org>
11	Package-Manager: Portage-2.3.49, Repoman-2.3.10
12
13	net-dns/unbound/Manifest \| 2 +
14	net-dns/unbound/unbound-1.7.3.ebuild \| 156 +++++++++++++++++++++++++++++++++
15	net-dns/unbound/unbound-1.8.0.ebuild \| 161 +++++++++++++++++++++++++++++++++++
16	3 files changed, 319 insertions(+)
17
18	diff --git a/net-dns/unbound/Manifest b/net-dns/unbound/Manifest
19	index a047a933fb3..b614941c742 100644
20	--- a/net-dns/unbound/Manifest
21	+++ b/net-dns/unbound/Manifest
22	@@ -7,3 +7,5 @@ DIST unbound-1.6.7.tar.gz 5466931 BLAKE2B 57a051d5ac6d7fbc3d51613305651987670d0f
23	DIST unbound-1.6.8.tar.gz 5467536 BLAKE2B 06caffbd905c339b3d0667382114bb3e5d5da90988402c8f488f789f9bf6ab87377e6a26aa083a7e9ba3d023f37d3eeba1e069adf8a8a266b23fb8361aeb6e26 SHA512 653d88d5dbc8cf25f7261e4a9869b6591843c7ff27b5d63f979a94505daafbbb61e05d46bedd2d01230355d5f08dd9fe14ed04c5c7340f3f27581b61ad6edfa3
24	DIST unbound-1.7.0.tar.gz 5538228 BLAKE2B a825e2cbef74b3a78f9802056d6f0992f77e0d40d4d28889c98b9ffa224ec3281b6873eab59134dcca8dc56bdd17202b3817dd28ab30d0a0bb72d749426b7675 SHA512 49b07643da2a89d8ceedce1295f550f74a76f4f11c2df54df55e9c42f03bad1b133789c7b36fb3c4f37d6b331ac302ecfd1249e8ebaaa4333beda8fa250b61d9
25	DIST unbound-1.7.1.tar.gz 5565938 BLAKE2B 423dde8a13ea3539d86eade96507e6cdb4ac816393e99f58b4e0dc74a79c31bae57c87924ef737a567cc338d02d672f6c059c86d2f28a634f06e5f9a339f4260 SHA512 99a68abf1f60f6ea80cf2973906df44da9c577d8cac969824af1ce9ca385a2e84dd684937480da87cb73c7dc41ad5c00b0013ec74103eadb8fd7dc6f98a89255
26	+DIST unbound-1.7.3.tar.gz 5570604 BLAKE2B 93a4e7cc0e13b3da1057ce4e4518ab2363f03bff7c820095ed30b5fccd2f4245cfade6bf68a424a090967053c7fd727f33352c9e8004bb05d907a878d69c2517 SHA512 34b2e93660e519b2eccefef26a6c7ac09fa3312384cc3bc449ff2b10743bd86bfeb36ec19d35eb913f8d0a3d91ad7923260a66fc799f28b0a2cc06741d80f27a
27	+DIST unbound-1.8.0.tar.gz 5609213 BLAKE2B 41e464df60e03d502f13758e75f9143658b2a496c4fad69804d9d404e23a8d4b5480cc09048197f8593e37feffdffaea33b18a06d864d0d35e986169b49f42e4 SHA512 6c46f5b86b5bd98a7b549b660173d487e59e65385cebd7bc29429b4fee69f2b490651a409c57b072b9b604fa98e289fa82eeecfea8779900038c25b28a6bd064
28
29	diff --git a/net-dns/unbound/unbound-1.7.3.ebuild b/net-dns/unbound/unbound-1.7.3.ebuild
30	new file mode 100644
31	index 00000000000..9edf230ed88
32	--- /dev/null
33	+++ b/net-dns/unbound/unbound-1.7.3.ebuild
34	@@ -0,0 +1,156 @@
35	+# Copyright 1999-2018 Gentoo Foundation
36	+# Distributed under the terms of the GNU General Public License v2
37	+
38	+EAPI=5
39	+PYTHON_COMPAT=( python2_7 )
40	+
41	+inherit eutils flag-o-matic multilib-minimal python-single-r1 systemd user
42	+
43	+MY_P=${PN}-${PV/_/}
44	+DESCRIPTION="A validating, recursive and caching DNS resolver"
45	+HOMEPAGE="http://unbound.net/"
46	+SRC_URI="http://unbound.net/downloads/${MY_P}.tar.gz"
47	+
48	+LICENSE="BSD GPL-2"
49	+SLOT="0"
50	+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~mips ~ppc ~ppc64 ~x86"
51	+IUSE="debug dnscrypt dnstap +ecdsa gost libressl python selinux static-libs systemd test threads"
52	+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
53	+
54	+# Note: expat is needed by executable only but the Makefile is custom
55	+# and doesn't make it possible to easily install the library without
56	+# the executables. MULTILIB_USEDEP may be dropped once build system
57	+# is fixed.
58	+
59	+CDEPEND=">=dev-libs/expat-2.1.0-r3[${MULTILIB_USEDEP}]
60	+ >=dev-libs/libevent-2.0.21:0=[${MULTILIB_USEDEP}]
61	+ libressl? ( >=dev-libs/libressl-2.2.4:0[${MULTILIB_USEDEP}] )
62	+ !libressl? ( >=dev-libs/openssl-1.0.1h-r2:0[${MULTILIB_USEDEP}] )
63	+ dnscrypt? ( dev-libs/libsodium[${MULTILIB_USEDEP}] )
64	+ dnstap? (
65	+ dev-libs/fstrm[${MULTILIB_USEDEP}]
66	+ >=dev-libs/protobuf-c-1.0.2-r1[${MULTILIB_USEDEP}]
67	+ )
68	+ ecdsa? (
69	+ !libressl? ( dev-libs/openssl:0[-bindist] )
70	+ )
71	+ python? ( ${PYTHON_DEPS} )"
72	+
73	+DEPEND="${CDEPEND}
74	+ python? ( dev-lang/swig )
75	+ test? (
76	+ net-dns/ldns-utils[examples]
77	+ dev-util/splint
78	+ app-text/wdiff
79	+ )
80	+ systemd? ( sys-apps/systemd )
81	+ virtual/pkgconfig"
82	+
83	+RDEPEND="${CDEPEND}
84	+ selinux? ( sec-policy/selinux-bind )"
85	+
86	+# bug #347415
87	+RDEPEND="${RDEPEND}
88	+ net-dns/dnssec-root"
89	+
90	+S=${WORKDIR}/${MY_P}
91	+
92	+pkg_setup() {
93	+ enewgroup unbound
94	+ enewuser unbound -1 -1 /etc/unbound unbound
95	+ # improve security on existing installs (bug #641042)
96	+ # as well as new installs where unbound homedir has just been created
97	+ if [[ -d "${ROOT}/etc/unbound" ]]; then
98	+ chown --no-dereference --from=unbound root "${ROOT}/etc/unbound"
99	+ fi
100	+
101	+ use python && python-single-r1_pkg_setup
102	+}
103	+
104	+src_prepare() {
105	+ # To avoid below error messages, set 'trust-anchor-file' to same value in
106	+ # 'auto-trust-anchor-file'.
107	+ # [23109:0] error: Could not open autotrust file for writing,
108	+ # /etc/dnssec/root-anchors.txt: Permission denied
109	+ epatch "${FILESDIR}"/${PN}-1.5.7-trust-anchor-file.patch
110	+
111	+ # required for the python part
112	+ multilib_copy_sources
113	+}
114	+
115	+src_configure() {
116	+ [[ ${CHOST} == -darwin ]] \|\| append-ldflags -Wl,-z,noexecstack
117	+ multilib-minimal_src_configure
118	+}
119	+
120	+multilib_src_configure() {
121	+ econf \
122	+ $(use_enable debug) \
123	+ $(use_enable gost) \
124	+ $(use_enable dnscrypt) \
125	+ $(use_enable dnstap) \
126	+ $(use_enable ecdsa) \
127	+ $(use_enable static-libs static) \
128	+ $(use_enable systemd) \
129	+ $(multilib_native_use_with python pythonmodule) \
130	+ $(multilib_native_use_with python pyunbound) \
131	+ $(use_with threads pthreads) \
132	+ --disable-flto \
133	+ --disable-rpath \
134	+ --with-libevent="${EPREFIX}"/usr \
135	+ --with-pidfile="${EPREFIX}"/var/run/unbound.pid \
136	+ --with-rootkey-file="${EPREFIX}"/etc/dnssec/root-anchors.txt \
137	+ --with-ssl="${EPREFIX}"/usr \
138	+ --with-libexpat="${EPREFIX}"/usr
139	+
140	+ # http://unbound.nlnetlabs.nl/pipermail/unbound-users/2011-April/001801.html
141	+ # $(use_enable debug lock-checks) \
142	+ # $(use_enable debug alloc-checks) \
143	+ # $(use_enable debug alloc-lite) \
144	+ # $(use_enable debug alloc-nonregional) \
145	+}
146	+
147	+multilib_src_install_all() {
148	+ prune_libtool_files --modules
149	+ use python && python_optimize
150	+
151	+ newinitd "${FILESDIR}"/unbound.initd unbound
152	+ newconfd "${FILESDIR}"/unbound.confd unbound
153	+
154	+ systemd_dounit "${FILESDIR}"/unbound.service
155	+ systemd_dounit "${FILESDIR}"/unbound.socket
156	+ systemd_newunit "${FILESDIR}"/unbound_at.service "unbound@.service"
157	+ systemd_dounit "${FILESDIR}"/unbound-anchor.service
158	+
159	+ dodoc doc/{README,CREDITS,TODO,Changelog,FEATURES}
160	+
161	+ # bug #315519
162	+ dodoc contrib/unbound_munin_
163	+
164	+ docinto selinux
165	+ dodoc contrib/selinux/*
166	+
167	+ exeinto /usr/share/${PN}
168	+ doexe contrib/update-anchor.sh
169	+
170	+ # create space for auto-trust-anchor-file...
171	+ keepdir /etc/unbound/var
172	+ # ... and point example config to it
173	+ sed -i '/# auto-trust-anchor-file:/s,/etc/dnssec/root-anchors.txt,/etc/unbound/var/root-anchors.txt,' "${ED}/etc/unbound/unbound.conf"
174	+}
175	+
176	+pkg_postinst() {
177	+ # make var/ writable by unbound
178	+ if [[ -d "${ROOT}/etc/unbound/var" ]]; then
179	+ chown --no-dereference --from=root unbound: "${ROOT}/etc/unbound/var"
180	+ fi
181	+ einfo ""
182	+ einfo "If you want unbound to automatically update the root-anchor file for DNSSEC validation"
183	+ einfo "set 'auto-trust-anchor-file: /etc/unbound/var/root-anchors.txt' in /etc/unbound/unbound.conf"
184	+ einfo "and run"
185	+ einfo ""
186	+ einfo " su -s /bin/sh -c '/usr/sbin/unbound-anchor -a /etc/unbound/var/root-anchors.txt' unbound"
187	+ einfo ""
188	+ einfo "as root to create it initially before starting unbound for the first time after enabling this."
189	+ einfo ""
190	+}
191
192	diff --git a/net-dns/unbound/unbound-1.8.0.ebuild b/net-dns/unbound/unbound-1.8.0.ebuild
193	new file mode 100644
194	index 00000000000..3f81f97d29d
195	--- /dev/null
196	+++ b/net-dns/unbound/unbound-1.8.0.ebuild
197	@@ -0,0 +1,161 @@
198	+# Copyright 1999-2018 Gentoo Foundation
199	+# Distributed under the terms of the GNU General Public License v2
200	+
201	+EAPI=5
202	+PYTHON_COMPAT=( python2_7 )
203	+
204	+inherit eutils flag-o-matic multilib-minimal python-single-r1 systemd user
205	+
206	+MY_P=${PN}-${PV/_/}
207	+DESCRIPTION="A validating, recursive and caching DNS resolver"
208	+HOMEPAGE="http://unbound.net/"
209	+SRC_URI="http://unbound.net/downloads/${MY_P}.tar.gz"
210	+
211	+LICENSE="BSD GPL-2"
212	+SLOT="0"
213	+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~mips ~ppc ~ppc64 ~x86"
214	+IUSE="debug dnscrypt dnstap +ecdsa gost libressl python selinux static-libs systemd test threads"
215	+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
216	+
217	+# Note: expat is needed by executable only but the Makefile is custom
218	+# and doesn't make it possible to easily install the library without
219	+# the executables. MULTILIB_USEDEP may be dropped once build system
220	+# is fixed.
221	+
222	+CDEPEND=">=dev-libs/expat-2.1.0-r3[${MULTILIB_USEDEP}]
223	+ >=dev-libs/libevent-2.0.21:0=[${MULTILIB_USEDEP}]
224	+ libressl? ( >=dev-libs/libressl-2.2.4:0[${MULTILIB_USEDEP}] )
225	+ !libressl? ( >=dev-libs/openssl-1.0.1h-r2:0[${MULTILIB_USEDEP}] )
226	+ dnscrypt? ( dev-libs/libsodium[${MULTILIB_USEDEP}] )
227	+ dnstap? (
228	+ dev-libs/fstrm[${MULTILIB_USEDEP}]
229	+ >=dev-libs/protobuf-c-1.0.2-r1[${MULTILIB_USEDEP}]
230	+ )
231	+ ecdsa? (
232	+ !libressl? ( dev-libs/openssl:0[-bindist] )
233	+ )
234	+ python? ( ${PYTHON_DEPS} )"
235	+
236	+DEPEND="${CDEPEND}
237	+ python? ( dev-lang/swig )
238	+ test? (
239	+ net-dns/ldns-utils[examples]
240	+ dev-util/splint
241	+ app-text/wdiff
242	+ )
243	+ systemd? ( sys-apps/systemd )
244	+ virtual/pkgconfig"
245	+
246	+RDEPEND="${CDEPEND}
247	+ selinux? ( sec-policy/selinux-bind )"
248	+
249	+# bug #347415
250	+RDEPEND="${RDEPEND}
251	+ net-dns/dnssec-root"
252	+
253	+S=${WORKDIR}/${MY_P}
254	+
255	+pkg_setup() {
256	+ enewgroup unbound
257	+ enewuser unbound -1 -1 /etc/unbound unbound
258	+ # improve security on existing installs (bug #641042)
259	+ # as well as new installs where unbound homedir has just been created
260	+ if [[ -d "${ROOT}/etc/unbound" ]]; then
261	+ chown --no-dereference --from=unbound root "${ROOT}/etc/unbound"
262	+ fi
263	+
264	+ use python && python-single-r1_pkg_setup
265	+}
266	+
267	+src_prepare() {
268	+ # To avoid below error messages, set 'trust-anchor-file' to same value in
269	+ # 'auto-trust-anchor-file'.
270	+ # [23109:0] error: Could not open autotrust file for writing,
271	+ # /etc/dnssec/root-anchors.txt: Permission denied
272	+ epatch "${FILESDIR}"/${PN}-1.5.7-trust-anchor-file.patch
273	+
274	+ # required for the python part
275	+ multilib_copy_sources
276	+}
277	+
278	+src_configure() {
279	+ [[ ${CHOST} == -darwin ]] \|\| append-ldflags -Wl,-z,noexecstack
280	+ multilib-minimal_src_configure
281	+}
282	+
283	+multilib_src_configure() {
284	+ # TODO: cachedb
285	+ econf \
286	+ $(use_enable debug) \
287	+ $(use_enable gost) \
288	+ $(use_enable dnscrypt) \
289	+ $(use_enable dnstap) \
290	+ $(use_enable ecdsa) \
291	+ $(use_enable static-libs static) \
292	+ $(use_enable systemd) \
293	+ $(multilib_native_use_with python pythonmodule) \
294	+ $(multilib_native_use_with python pyunbound) \
295	+ $(use_with threads pthreads) \
296	+ --disable-flto \
297	+ --disable-rpath \
298	+ --enable-ipsecmod \
299	+ --enable-subnet \
300	+ --enable-tfo-client \
301	+ --enable-tfo-server \
302	+ --with-libevent="${EPREFIX}"/usr \
303	+ --with-pidfile="${EPREFIX}"/var/run/unbound.pid \
304	+ --with-rootkey-file="${EPREFIX}"/etc/dnssec/root-anchors.txt \
305	+ --with-ssl="${EPREFIX}"/usr \
306	+ --with-libexpat="${EPREFIX}"/usr
307	+
308	+ # http://unbound.nlnetlabs.nl/pipermail/unbound-users/2011-April/001801.html
309	+ # $(use_enable debug lock-checks) \
310	+ # $(use_enable debug alloc-checks) \
311	+ # $(use_enable debug alloc-lite) \
312	+ # $(use_enable debug alloc-nonregional) \
313	+}
314	+
315	+multilib_src_install_all() {
316	+ prune_libtool_files --modules
317	+ use python && python_optimize
318	+
319	+ newinitd "${FILESDIR}"/unbound.initd unbound
320	+ newconfd "${FILESDIR}"/unbound.confd unbound
321	+
322	+ systemd_dounit "${FILESDIR}"/unbound.service
323	+ systemd_dounit "${FILESDIR}"/unbound.socket
324	+ systemd_newunit "${FILESDIR}"/unbound_at.service "unbound@.service"
325	+ systemd_dounit "${FILESDIR}"/unbound-anchor.service
326	+
327	+ dodoc doc/{README,CREDITS,TODO,Changelog,FEATURES}
328	+
329	+ # bug #315519
330	+ dodoc contrib/unbound_munin_
331	+
332	+ docinto selinux
333	+ dodoc contrib/selinux/*
334	+
335	+ exeinto /usr/share/${PN}
336	+ doexe contrib/update-anchor.sh
337	+
338	+ # create space for auto-trust-anchor-file...
339	+ keepdir /etc/unbound/var
340	+ # ... and point example config to it
341	+ sed -i '/# auto-trust-anchor-file:/s,/etc/dnssec/root-anchors.txt,/etc/unbound/var/root-anchors.txt,' "${ED}/etc/unbound/unbound.conf"
342	+}
343	+
344	+pkg_postinst() {
345	+ # make var/ writable by unbound
346	+ if [[ -d "${ROOT}/etc/unbound/var" ]]; then
347	+ chown --no-dereference --from=root unbound: "${ROOT}/etc/unbound/var"
348	+ fi
349	+ einfo ""
350	+ einfo "If you want unbound to automatically update the root-anchor file for DNSSEC validation"
351	+ einfo "set 'auto-trust-anchor-file: /etc/unbound/var/root-anchors.txt' in /etc/unbound/unbound.conf"
352	+ einfo "and run"
353	+ einfo ""
354	+ einfo " su -s /bin/sh -c '/usr/sbin/unbound-anchor -a /etc/unbound/var/root-anchors.txt' unbound"
355	+ einfo ""
356	+ einfo "as root to create it initially before starting unbound for the first time after enabling this."
357	+ einfo ""
358	+}

Gentoo Archives: gentoo-commits