1 |
commit: 0fa7b1c70c0534fe15c326254b6748ea20b0fe1e |
2 |
Author: Marc Schiffbauer <mschiff <AT> gentoo <DOT> org> |
3 |
AuthorDate: Mon Jun 4 08:17:52 2018 +0000 |
4 |
Commit: Marc Schiffbauer <mschiff <AT> gentoo <DOT> org> |
5 |
CommitDate: Mon Jun 4 08:18:08 2018 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0fa7b1c7 |
7 |
|
8 |
net-dns/unbound: bump version |
9 |
|
10 |
Thanks to nemunaire on github ;) |
11 |
|
12 |
Package-Manager: Portage-2.3.40, Repoman-2.3.9 |
13 |
|
14 |
net-dns/unbound/Manifest | 1 + |
15 |
net-dns/unbound/unbound-1.7.1.ebuild | 156 +++++++++++++++++++++++++++++++++++ |
16 |
2 files changed, 157 insertions(+) |
17 |
|
18 |
diff --git a/net-dns/unbound/Manifest b/net-dns/unbound/Manifest |
19 |
index 72f2ebf241e..a047a933fb3 100644 |
20 |
--- a/net-dns/unbound/Manifest |
21 |
+++ b/net-dns/unbound/Manifest |
22 |
@@ -6,3 +6,4 @@ DIST unbound-1.6.6.tar.gz 5460482 BLAKE2B af0d9ca0e5eeaebc3a2023dc7179a3bc80952d |
23 |
DIST unbound-1.6.7.tar.gz 5466931 BLAKE2B 57a051d5ac6d7fbc3d51613305651987670d0f50fbebf661505b42b6c8980543b34b52a4f9ca9e6ee4dbad59d9acf547b78cf35a691d0c00884da979ae22d8c4 SHA512 6e3d1a057081252183343d0d1b8ace742ab15e8f5244e61287340f49289d7449bed93fbfdaa3194c0e99ca23948f4b33038f75af5c5b26c938004d06fc3031e0 |
24 |
DIST unbound-1.6.8.tar.gz 5467536 BLAKE2B 06caffbd905c339b3d0667382114bb3e5d5da90988402c8f488f789f9bf6ab87377e6a26aa083a7e9ba3d023f37d3eeba1e069adf8a8a266b23fb8361aeb6e26 SHA512 653d88d5dbc8cf25f7261e4a9869b6591843c7ff27b5d63f979a94505daafbbb61e05d46bedd2d01230355d5f08dd9fe14ed04c5c7340f3f27581b61ad6edfa3 |
25 |
DIST unbound-1.7.0.tar.gz 5538228 BLAKE2B a825e2cbef74b3a78f9802056d6f0992f77e0d40d4d28889c98b9ffa224ec3281b6873eab59134dcca8dc56bdd17202b3817dd28ab30d0a0bb72d749426b7675 SHA512 49b07643da2a89d8ceedce1295f550f74a76f4f11c2df54df55e9c42f03bad1b133789c7b36fb3c4f37d6b331ac302ecfd1249e8ebaaa4333beda8fa250b61d9 |
26 |
+DIST unbound-1.7.1.tar.gz 5565938 BLAKE2B 423dde8a13ea3539d86eade96507e6cdb4ac816393e99f58b4e0dc74a79c31bae57c87924ef737a567cc338d02d672f6c059c86d2f28a634f06e5f9a339f4260 SHA512 99a68abf1f60f6ea80cf2973906df44da9c577d8cac969824af1ce9ca385a2e84dd684937480da87cb73c7dc41ad5c00b0013ec74103eadb8fd7dc6f98a89255 |
27 |
|
28 |
diff --git a/net-dns/unbound/unbound-1.7.1.ebuild b/net-dns/unbound/unbound-1.7.1.ebuild |
29 |
new file mode 100644 |
30 |
index 00000000000..9edf230ed88 |
31 |
--- /dev/null |
32 |
+++ b/net-dns/unbound/unbound-1.7.1.ebuild |
33 |
@@ -0,0 +1,156 @@ |
34 |
+# Copyright 1999-2018 Gentoo Foundation |
35 |
+# Distributed under the terms of the GNU General Public License v2 |
36 |
+ |
37 |
+EAPI=5 |
38 |
+PYTHON_COMPAT=( python2_7 ) |
39 |
+ |
40 |
+inherit eutils flag-o-matic multilib-minimal python-single-r1 systemd user |
41 |
+ |
42 |
+MY_P=${PN}-${PV/_/} |
43 |
+DESCRIPTION="A validating, recursive and caching DNS resolver" |
44 |
+HOMEPAGE="http://unbound.net/" |
45 |
+SRC_URI="http://unbound.net/downloads/${MY_P}.tar.gz" |
46 |
+ |
47 |
+LICENSE="BSD GPL-2" |
48 |
+SLOT="0" |
49 |
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~mips ~ppc ~ppc64 ~x86" |
50 |
+IUSE="debug dnscrypt dnstap +ecdsa gost libressl python selinux static-libs systemd test threads" |
51 |
+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" |
52 |
+ |
53 |
+# Note: expat is needed by executable only but the Makefile is custom |
54 |
+# and doesn't make it possible to easily install the library without |
55 |
+# the executables. MULTILIB_USEDEP may be dropped once build system |
56 |
+# is fixed. |
57 |
+ |
58 |
+CDEPEND=">=dev-libs/expat-2.1.0-r3[${MULTILIB_USEDEP}] |
59 |
+ >=dev-libs/libevent-2.0.21:0=[${MULTILIB_USEDEP}] |
60 |
+ libressl? ( >=dev-libs/libressl-2.2.4:0[${MULTILIB_USEDEP}] ) |
61 |
+ !libressl? ( >=dev-libs/openssl-1.0.1h-r2:0[${MULTILIB_USEDEP}] ) |
62 |
+ dnscrypt? ( dev-libs/libsodium[${MULTILIB_USEDEP}] ) |
63 |
+ dnstap? ( |
64 |
+ dev-libs/fstrm[${MULTILIB_USEDEP}] |
65 |
+ >=dev-libs/protobuf-c-1.0.2-r1[${MULTILIB_USEDEP}] |
66 |
+ ) |
67 |
+ ecdsa? ( |
68 |
+ !libressl? ( dev-libs/openssl:0[-bindist] ) |
69 |
+ ) |
70 |
+ python? ( ${PYTHON_DEPS} )" |
71 |
+ |
72 |
+DEPEND="${CDEPEND} |
73 |
+ python? ( dev-lang/swig ) |
74 |
+ test? ( |
75 |
+ net-dns/ldns-utils[examples] |
76 |
+ dev-util/splint |
77 |
+ app-text/wdiff |
78 |
+ ) |
79 |
+ systemd? ( sys-apps/systemd ) |
80 |
+ virtual/pkgconfig" |
81 |
+ |
82 |
+RDEPEND="${CDEPEND} |
83 |
+ selinux? ( sec-policy/selinux-bind )" |
84 |
+ |
85 |
+# bug #347415 |
86 |
+RDEPEND="${RDEPEND} |
87 |
+ net-dns/dnssec-root" |
88 |
+ |
89 |
+S=${WORKDIR}/${MY_P} |
90 |
+ |
91 |
+pkg_setup() { |
92 |
+ enewgroup unbound |
93 |
+ enewuser unbound -1 -1 /etc/unbound unbound |
94 |
+ # improve security on existing installs (bug #641042) |
95 |
+ # as well as new installs where unbound homedir has just been created |
96 |
+ if [[ -d "${ROOT}/etc/unbound" ]]; then |
97 |
+ chown --no-dereference --from=unbound root "${ROOT}/etc/unbound" |
98 |
+ fi |
99 |
+ |
100 |
+ use python && python-single-r1_pkg_setup |
101 |
+} |
102 |
+ |
103 |
+src_prepare() { |
104 |
+ # To avoid below error messages, set 'trust-anchor-file' to same value in |
105 |
+ # 'auto-trust-anchor-file'. |
106 |
+ # [23109:0] error: Could not open autotrust file for writing, |
107 |
+ # /etc/dnssec/root-anchors.txt: Permission denied |
108 |
+ epatch "${FILESDIR}"/${PN}-1.5.7-trust-anchor-file.patch |
109 |
+ |
110 |
+ # required for the python part |
111 |
+ multilib_copy_sources |
112 |
+} |
113 |
+ |
114 |
+src_configure() { |
115 |
+ [[ ${CHOST} == *-darwin* ]] || append-ldflags -Wl,-z,noexecstack |
116 |
+ multilib-minimal_src_configure |
117 |
+} |
118 |
+ |
119 |
+multilib_src_configure() { |
120 |
+ econf \ |
121 |
+ $(use_enable debug) \ |
122 |
+ $(use_enable gost) \ |
123 |
+ $(use_enable dnscrypt) \ |
124 |
+ $(use_enable dnstap) \ |
125 |
+ $(use_enable ecdsa) \ |
126 |
+ $(use_enable static-libs static) \ |
127 |
+ $(use_enable systemd) \ |
128 |
+ $(multilib_native_use_with python pythonmodule) \ |
129 |
+ $(multilib_native_use_with python pyunbound) \ |
130 |
+ $(use_with threads pthreads) \ |
131 |
+ --disable-flto \ |
132 |
+ --disable-rpath \ |
133 |
+ --with-libevent="${EPREFIX}"/usr \ |
134 |
+ --with-pidfile="${EPREFIX}"/var/run/unbound.pid \ |
135 |
+ --with-rootkey-file="${EPREFIX}"/etc/dnssec/root-anchors.txt \ |
136 |
+ --with-ssl="${EPREFIX}"/usr \ |
137 |
+ --with-libexpat="${EPREFIX}"/usr |
138 |
+ |
139 |
+ # http://unbound.nlnetlabs.nl/pipermail/unbound-users/2011-April/001801.html |
140 |
+ # $(use_enable debug lock-checks) \ |
141 |
+ # $(use_enable debug alloc-checks) \ |
142 |
+ # $(use_enable debug alloc-lite) \ |
143 |
+ # $(use_enable debug alloc-nonregional) \ |
144 |
+} |
145 |
+ |
146 |
+multilib_src_install_all() { |
147 |
+ prune_libtool_files --modules |
148 |
+ use python && python_optimize |
149 |
+ |
150 |
+ newinitd "${FILESDIR}"/unbound.initd unbound |
151 |
+ newconfd "${FILESDIR}"/unbound.confd unbound |
152 |
+ |
153 |
+ systemd_dounit "${FILESDIR}"/unbound.service |
154 |
+ systemd_dounit "${FILESDIR}"/unbound.socket |
155 |
+ systemd_newunit "${FILESDIR}"/unbound_at.service "unbound@.service" |
156 |
+ systemd_dounit "${FILESDIR}"/unbound-anchor.service |
157 |
+ |
158 |
+ dodoc doc/{README,CREDITS,TODO,Changelog,FEATURES} |
159 |
+ |
160 |
+ # bug #315519 |
161 |
+ dodoc contrib/unbound_munin_ |
162 |
+ |
163 |
+ docinto selinux |
164 |
+ dodoc contrib/selinux/* |
165 |
+ |
166 |
+ exeinto /usr/share/${PN} |
167 |
+ doexe contrib/update-anchor.sh |
168 |
+ |
169 |
+ # create space for auto-trust-anchor-file... |
170 |
+ keepdir /etc/unbound/var |
171 |
+ # ... and point example config to it |
172 |
+ sed -i '/# auto-trust-anchor-file:/s,/etc/dnssec/root-anchors.txt,/etc/unbound/var/root-anchors.txt,' "${ED}/etc/unbound/unbound.conf" |
173 |
+} |
174 |
+ |
175 |
+pkg_postinst() { |
176 |
+ # make var/ writable by unbound |
177 |
+ if [[ -d "${ROOT}/etc/unbound/var" ]]; then |
178 |
+ chown --no-dereference --from=root unbound: "${ROOT}/etc/unbound/var" |
179 |
+ fi |
180 |
+ einfo "" |
181 |
+ einfo "If you want unbound to automatically update the root-anchor file for DNSSEC validation" |
182 |
+ einfo "set 'auto-trust-anchor-file: /etc/unbound/var/root-anchors.txt' in /etc/unbound/unbound.conf" |
183 |
+ einfo "and run" |
184 |
+ einfo "" |
185 |
+ einfo " su -s /bin/sh -c '/usr/sbin/unbound-anchor -a /etc/unbound/var/root-anchors.txt' unbound" |
186 |
+ einfo "" |
187 |
+ einfo "as root to create it initially before starting unbound for the first time after enabling this." |
188 |
+ einfo "" |
189 |
+} |