[gentoo-commits] repo/gentoo:master commit in: net-dns/unbound/ - gentoo-commits

From:	Marc Schiffbauer <mschiff@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: net-dns/unbound/
Date:	Sun, 27 Mar 2022 09:43:49
Message-Id:	`1648374191.085fe70746dd35d48d0926bba87ee1416dd0b033.mschiff@gentoo`

1

commit:     085fe70746dd35d48d0926bba87ee1416dd0b033

2

Author:     Jonathan Davies <jpds <AT> protonmail <DOT> com>

3

AuthorDate: Wed Mar 16 12:24:59 2022 +0000

4

Commit:     Marc Schiffbauer <mschiff <AT> gentoo <DOT> org>

5

CommitDate: Sun Mar 27 09:43:11 2022 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=085fe707

7

8

net-dns/unbound: Version updated to 1.15.0.

9

10

Signed-off-by: Jonathan Davies <jpds <AT> protonmail.com>

11

Closes: https://github.com/gentoo/gentoo/pull/24605

12

Signed-off-by: Marc Schiffbauer <mschiff <AT> gentoo.org>

13

14

 net-dns/unbound/Manifest              |   2 +

15

 net-dns/unbound/unbound-1.15.0.ebuild | 213 ++++++++++++++++++++++++++++++++++

16

 2 files changed, 215 insertions(+)

17

18

diff --git a/net-dns/unbound/Manifest b/net-dns/unbound/Manifest

19

index f217efdf009b..0fb0a6e82745 100644

20

--- a/net-dns/unbound/Manifest

21

+++ b/net-dns/unbound/Manifest

22

@@ -2,3 +2,5 @@ DIST unbound-1.13.1.tar.gz 5976957 BLAKE2B 5fabb9205773a1983842e41cf7a4d6c3878fa

23

 DIST unbound-1.13.2.tar.gz 6127915 BLAKE2B 71806edc86b323ff1f9f2d7bd3f699b15da2cd1cfefe9ca6008d74915dd6c7b45690026fb0244531ae563a3ca1b142f21fc8aed97ba4bb0015d8ab9196ff045a SHA512 1e89441446e7a25c6a49bded645f8b348c1758c3be54e3a986041cb1f00c45d152fd469dc52666fb820574db9d51b16f1627dc8afcb9519508d4833ca358191a

24

 DIST unbound-1.14.0.tar.gz 6152326 BLAKE2B ceccfbcbc16370153005f32d19be44bd41a4ac935cb7b9a90128d604c9874b06cc7de8b92dc34585d7957f0ad90ce2f441c2ed092c9307bcf4335f8d99eb8bd3 SHA512 57f91d898b0a5d42e6a2ff1ccaec474f04dd5ad3c98e7eb7aa8d5eaa23b587f3077cf7eddf4df38f537c6d387028f12c2518ff13b7249aa7a1155cd6532a46b5

25

 DIST unbound-1.14.0.tar.gz.asc 833 BLAKE2B 21df47fba46db82ce8fcbf9f39e8e16f8d5ece493dbdc8fe8cad749e3f8e1af164c4280f9722d9f507199ae59a851925a7856bc9e11926b05f253b4342b06383 SHA512 5f77f33040bd783c8d67a50cb5a97435842203e6c2152f40994fba772777db60f01ab76156aa95a477ee50ae22f4227162cdd1fc0e4ae388c6b47f91ac9a5b95

26

+DIST unbound-1.15.0.tar.gz 6163470 BLAKE2B e67756fb28aac784431484e5f834cbe3864a0ec021a8c9eb3124a6d5732fea99a073815a624210e43e50b3b59ce943c5cc6a4e5e1c743b91f5803e2dcf5c9870 SHA512 c5dab305694c14f64e05080700bb52f6e6bf5b76f15e1fde34e35c932cb3ffed0de2c03b570cf4bfe18165cb10e82e67ee9b12c6583295380f88c2c03800cc1f

27

+DIST unbound-1.15.0.tar.gz.asc 833 BLAKE2B 166cbb1caf14fb4a4375d609c740e7305ed4ee19c1e307caf1e780eb3f53e86db2d34b3f21e1d0c5f1496eac9211ce795c085ab9944f66f9a2f54d08479254db SHA512 123818a855689ee3d402fd8f4b5a4646c08d5602e4544ce872d132c4c0de4a79c9efcc2d49324bf58ab06521f02deef795d89bdf632eee758e6ec36b408ea54a

28

29

diff --git a/net-dns/unbound/unbound-1.15.0.ebuild b/net-dns/unbound/unbound-1.15.0.ebuild

30

new file mode 100644

31

index 000000000000..ddfece68d4df

32

--- /dev/null

33

+++ b/net-dns/unbound/unbound-1.15.0.ebuild

34

@@ -0,0 +1,213 @@

35

+# Copyright 1999-2022 Gentoo Authors

36

+# Distributed under the terms of the GNU General Public License v2

37

+

38

+EAPI="8"

39

+PYTHON_COMPAT=( python3_{8,9,10} )

40

+

41

+inherit autotools flag-o-matic multilib-minimal python-single-r1 systemd verify-sig

42

+

43

+MY_P=${PN}-${PV/_/}

44

+DESCRIPTION="A validating, recursive and caching DNS resolver"

45

+HOMEPAGE="https://unbound.net/ https://nlnetlabs.nl/projects/unbound/about/"

46

+SRC_URI="https://nlnetlabs.nl/downloads/unbound/${MY_P}.tar.gz

47

+	verify-sig? ( https://nlnetlabs.nl/downloads/unbound/${MY_P}.tar.gz.asc )"

48

+VERIFY_SIG_OPENPGP_KEY_PATH=${BROOT}/usr/share/openpgp-keys/unbound.net.asc

49

+

50

+LICENSE="BSD GPL-2"

51

+SLOT="0/8" # ABI version of libunbound.so

52

+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~mips ~ppc ~ppc64 ~x86"

53

+IUSE="debug dnscrypt dnstap +ecdsa ecs gost +http2 python redis selinux static-libs systemd test +tfo threads"

54

+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"

55

+RESTRICT="!test? ( test )"

56

+

57

+# Note: expat is needed by executable only but the Makefile is custom

58

+# and doesn't make it possible to easily install the library without

59

+# the executables. MULTILIB_USEDEP may be dropped once build system

60

+# is fixed.

61

+

62

+CDEPEND="acct-group/unbound

63

+	acct-user/unbound

64

+	>=dev-libs/expat-2.1.0-r3[${MULTILIB_USEDEP}]

65

+	>=dev-libs/libevent-2.0.21:0=[${MULTILIB_USEDEP}]

66

+	>=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}]

67

+	dnscrypt? ( dev-libs/libsodium:=[${MULTILIB_USEDEP}] )

68

+	dnstap? (

69

+		dev-libs/fstrm[${MULTILIB_USEDEP}]

70

+		>=dev-libs/protobuf-c-1.0.2-r1:=[${MULTILIB_USEDEP}]

71

+	)

72

+	ecdsa? (

73

+		dev-libs/openssl:0[-bindist(-)]

74

+	)

75

+	http2? ( net-libs/nghttp2:=[${MULTILIB_USEDEP}] )

76

+	python? ( ${PYTHON_DEPS} )

77

+	redis? ( dev-libs/hiredis:= )

78

+	systemd? ( sys-apps/systemd )

79

+"

80

+

81

+BDEPEND="virtual/pkgconfig

82

+	python? ( dev-lang/swig )

83

+	test? (

84

+		|| (

85

+			net-libs/ldns[examples(-)]

86

+			net-dns/ldns-utils[examples(-)]

87

+		)

88

+		dev-util/splint

89

+		app-text/wdiff

90

+	)

91

+	verify-sig? ( sec-keys/openpgp-keys-unbound )

92

+"

93

+

94

+DEPEND="${CDEPEND}"

95

+

96

+RDEPEND="${CDEPEND}

97

+	net-dns/dnssec-root

98

+	selinux? ( sec-policy/selinux-bind )"

99

+

100

+# bug #347415

101

+RDEPEND="${RDEPEND}

102

+	net-dns/dnssec-root"

103

+

104

+PATCHES=(

105

+	"${FILESDIR}"/${PN}-1.5.7-trust-anchor-file.patch

106

+	"${FILESDIR}"/${PN}-1.6.3-pkg-config.patch

107

+	"${FILESDIR}"/${PN}-1.10.1-find-ar.patch

108

+)

109

+

110

+S=${WORKDIR}/${MY_P}

111

+

112

+pkg_setup() {

113

+	use python && python-single-r1_pkg_setup

114

+}

115

+

116

+src_prepare() {

117

+	default

118

+

119

+	eautoreconf

120

+

121

+	# required for the python part

122

+	multilib_copy_sources

123

+}

124

+

125

+src_configure() {

126

+	[[ ${CHOST} == *-darwin* ]] || append-ldflags -Wl,-z,noexecstack

127

+	multilib-minimal_src_configure

128

+}

129

+

130

+multilib_src_configure() {

131

+	econf \

132

+		$(use_enable debug) \

133

+		$(use_enable gost) \

134

+		$(use_enable dnscrypt) \

135

+		$(use_enable dnstap) \

136

+		$(use_enable ecdsa) \

137

+		$(use_enable ecs subnet) \

138

+		$(multilib_native_use_enable redis cachedb) \

139

+		$(use_enable static-libs static) \

140

+		$(use_enable systemd) \

141

+		$(multilib_native_use_with python pythonmodule) \

142

+		$(multilib_native_use_with python pyunbound) \

143

+		$(use_with threads pthreads) \

144

+		$(use_with http2 libnghttp2) \

145

+		$(use_enable tfo tfo-client) \

146

+		$(use_enable tfo tfo-server) \

147

+		--disable-flto \

148

+		--disable-rpath \

149

+		--enable-event-api \

150

+		--enable-ipsecmod \

151

+		--with-libevent="${EPREFIX}"/usr \

152

+		$(multilib_native_usex redis --with-libhiredis="${EPREFIX}/usr" --without-libhiredis) \

153

+		--with-pidfile="${EPREFIX}"/run/unbound.pid \

154

+		--with-rootkey-file="${EPREFIX}"/etc/dnssec/root-anchors.txt \

155

+		--with-ssl="${EPREFIX}"/usr \

156

+		--with-libexpat="${EPREFIX}"/usr

157

+

158

+		# http://unbound.nlnetlabs.nl/pipermail/unbound-users/2011-April/001801.html

159

+		# $(use_enable debug lock-checks) \

160

+		# $(use_enable debug alloc-checks) \

161

+		# $(use_enable debug alloc-lite) \

162

+		# $(use_enable debug alloc-nonregional) \

163

+}

164

+

165

+multilib_src_install() {

166

+	emake DESTDIR="${D}" install

167

+	systemd_dounit contrib/unbound.service

168

+	systemd_dounit contrib/unbound.socket

169

+}

170

+

171

+multilib_src_install_all() {

172

+	use python && python_optimize

173

+

174

+	newinitd "${FILESDIR}"/unbound-r1.initd unbound

175

+	newconfd "${FILESDIR}"/unbound-r1.confd unbound

176

+

177

+	systemd_newunit "${FILESDIR}"/unbound_at.service "unbound@.service"

178

+	systemd_dounit "${FILESDIR}"/unbound-anchor.service

179

+

180

+	dodoc doc/{README,CREDITS,TODO,Changelog,FEATURES}

181

+

182

+	# bug #315519

183

+	dodoc contrib/unbound_munin_

184

+

185

+	docinto selinux

186

+	dodoc contrib/selinux/*

187

+

188

+	exeinto /usr/share/${PN}

189

+	doexe contrib/update-anchor.sh

190

+

191

+	# create space for auto-trust-anchor-file...

192

+	keepdir /etc/unbound/var

193

+	fowners root:unbound /etc/unbound/var

194

+	fperms 0770 /etc/unbound/var

195

+	# ... and point example config to it

196

+	sed -i \

197

+		-e '/# auto-trust-anchor-file:/s,/etc/dnssec/root-anchors.txt,/etc/unbound/var/root-anchors.txt,' \

198

+		"${ED}/etc/unbound/unbound.conf" \

199

+		|| die

200

+

201

+	# Used to store cache data

202

+	keepdir /var/lib/${PN}

203

+	fowners root:unbound /var/lib/${PN}

204

+	fperms 0770 /var/lib/${PN}

205

+

206

+	find "${ED}" -name '*.la' -delete || die

207

+	if ! use static-libs ; then

208

+		find "${ED}" -name "*.a" -delete || die

209

+	fi

210

+}

211

+

212

+pkg_postinst() {

213

+	if [[ ! -f "${EROOT}/etc/unbound/unbound_control.key" ]] ; then

214

+		einfo "Trying to create unbound control key ..."

215

+		if ! unbound-control-setup &>/dev/null ; then

216

+			ewarn "Failed to create unbound control key!"

217

+		fi

218

+	fi

219

+

220

+	if [[ ! -f "${EROOT}/etc/unbound/var/root-anchors.txt" ]] ; then

221

+		einfo ""

222

+		einfo "If you want unbound to automatically update the root-anchor file for DNSSEC validation"

223

+		einfo "set 'auto-trust-anchor-file: ${EROOT}/etc/unbound/var/root-anchors.txt' in ${EROOT}/etc/unbound/unbound.conf"

224

+		einfo "and run"

225

+		einfo ""

226

+		einfo "  su -s /bin/sh -c '${EROOT}/usr/sbin/unbound-anchor -a ${EROOT}/etc/unbound/var/root-anchors.txt' unbound"

227

+		einfo ""

228

+		einfo "as root to create it initially before starting unbound for the first time after enabling this."

229

+		einfo ""

230

+	fi

231

+

232

+	# Our user is not available on prefix

233

+	use prefix && return

234

+

235

+	local _perm_check_testfile=$(mktemp --dry-run "${EPREFIX}"/etc/unbound/var/.pkg_postinst-perm-check.XXXXXXXXX)

236

+	su -s /bin/sh -c "touch ${_perm_check_testfile}" unbound &>/dev/null

237

+	if [ $? -ne 0 ] ; then

238

+		ewarn "WARNING: unbound user cannot write to \"${EPREFIX}/etc/unbound/var\"!"

239

+		ewarn "Run the following commands to restore default permission:"

240

+		ewarn ""

241

+		ewarn "    chown root:unbound ${EPREFIX}/etc/unbound/var"

242

+		ewarn "    chmod 0770 ${EPREFIX}/etc/unbound/var"

243

+	else

244

+		# Cleanup -- no reason to die here!

245

+		rm -f "${_perm_check_testfile}"

246

+	fi

247

+}

1	commit: 085fe70746dd35d48d0926bba87ee1416dd0b033
2	Author: Jonathan Davies <jpds <AT> protonmail <DOT> com>
3	AuthorDate: Wed Mar 16 12:24:59 2022 +0000
4	Commit: Marc Schiffbauer <mschiff <AT> gentoo <DOT> org>
5	CommitDate: Sun Mar 27 09:43:11 2022 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=085fe707
7
8	net-dns/unbound: Version updated to 1.15.0.
9
10	Signed-off-by: Jonathan Davies <jpds <AT> protonmail.com>
11	Closes: https://github.com/gentoo/gentoo/pull/24605
12	Signed-off-by: Marc Schiffbauer <mschiff <AT> gentoo.org>
13
14	net-dns/unbound/Manifest \| 2 +
15	net-dns/unbound/unbound-1.15.0.ebuild \| 213 ++++++++++++++++++++++++++++++++++
16	2 files changed, 215 insertions(+)
17
18	diff --git a/net-dns/unbound/Manifest b/net-dns/unbound/Manifest
19	index f217efdf009b..0fb0a6e82745 100644
20	--- a/net-dns/unbound/Manifest
21	+++ b/net-dns/unbound/Manifest
22	@@ -2,3 +2,5 @@ DIST unbound-1.13.1.tar.gz 5976957 BLAKE2B 5fabb9205773a1983842e41cf7a4d6c3878fa
23	DIST unbound-1.13.2.tar.gz 6127915 BLAKE2B 71806edc86b323ff1f9f2d7bd3f699b15da2cd1cfefe9ca6008d74915dd6c7b45690026fb0244531ae563a3ca1b142f21fc8aed97ba4bb0015d8ab9196ff045a SHA512 1e89441446e7a25c6a49bded645f8b348c1758c3be54e3a986041cb1f00c45d152fd469dc52666fb820574db9d51b16f1627dc8afcb9519508d4833ca358191a
24	DIST unbound-1.14.0.tar.gz 6152326 BLAKE2B ceccfbcbc16370153005f32d19be44bd41a4ac935cb7b9a90128d604c9874b06cc7de8b92dc34585d7957f0ad90ce2f441c2ed092c9307bcf4335f8d99eb8bd3 SHA512 57f91d898b0a5d42e6a2ff1ccaec474f04dd5ad3c98e7eb7aa8d5eaa23b587f3077cf7eddf4df38f537c6d387028f12c2518ff13b7249aa7a1155cd6532a46b5
25	DIST unbound-1.14.0.tar.gz.asc 833 BLAKE2B 21df47fba46db82ce8fcbf9f39e8e16f8d5ece493dbdc8fe8cad749e3f8e1af164c4280f9722d9f507199ae59a851925a7856bc9e11926b05f253b4342b06383 SHA512 5f77f33040bd783c8d67a50cb5a97435842203e6c2152f40994fba772777db60f01ab76156aa95a477ee50ae22f4227162cdd1fc0e4ae388c6b47f91ac9a5b95
26	+DIST unbound-1.15.0.tar.gz 6163470 BLAKE2B e67756fb28aac784431484e5f834cbe3864a0ec021a8c9eb3124a6d5732fea99a073815a624210e43e50b3b59ce943c5cc6a4e5e1c743b91f5803e2dcf5c9870 SHA512 c5dab305694c14f64e05080700bb52f6e6bf5b76f15e1fde34e35c932cb3ffed0de2c03b570cf4bfe18165cb10e82e67ee9b12c6583295380f88c2c03800cc1f
27	+DIST unbound-1.15.0.tar.gz.asc 833 BLAKE2B 166cbb1caf14fb4a4375d609c740e7305ed4ee19c1e307caf1e780eb3f53e86db2d34b3f21e1d0c5f1496eac9211ce795c085ab9944f66f9a2f54d08479254db SHA512 123818a855689ee3d402fd8f4b5a4646c08d5602e4544ce872d132c4c0de4a79c9efcc2d49324bf58ab06521f02deef795d89bdf632eee758e6ec36b408ea54a
28
29	diff --git a/net-dns/unbound/unbound-1.15.0.ebuild b/net-dns/unbound/unbound-1.15.0.ebuild
30	new file mode 100644
31	index 000000000000..ddfece68d4df
32	--- /dev/null
33	+++ b/net-dns/unbound/unbound-1.15.0.ebuild
34	@@ -0,0 +1,213 @@
35	+# Copyright 1999-2022 Gentoo Authors
36	+# Distributed under the terms of the GNU General Public License v2
37	+
38	+EAPI="8"
39	+PYTHON_COMPAT=( python3_{8,9,10} )
40	+
41	+inherit autotools flag-o-matic multilib-minimal python-single-r1 systemd verify-sig
42	+
43	+MY_P=${PN}-${PV/_/}
44	+DESCRIPTION="A validating, recursive and caching DNS resolver"
45	+HOMEPAGE="https://unbound.net/ https://nlnetlabs.nl/projects/unbound/about/"
46	+SRC_URI="https://nlnetlabs.nl/downloads/unbound/${MY_P}.tar.gz
47	+ verify-sig? ( https://nlnetlabs.nl/downloads/unbound/${MY_P}.tar.gz.asc )"
48	+VERIFY_SIG_OPENPGP_KEY_PATH=${BROOT}/usr/share/openpgp-keys/unbound.net.asc
49	+
50	+LICENSE="BSD GPL-2"
51	+SLOT="0/8" # ABI version of libunbound.so
52	+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~mips ~ppc ~ppc64 ~x86"
53	+IUSE="debug dnscrypt dnstap +ecdsa ecs gost +http2 python redis selinux static-libs systemd test +tfo threads"
54	+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
55	+RESTRICT="!test? ( test )"
56	+
57	+# Note: expat is needed by executable only but the Makefile is custom
58	+# and doesn't make it possible to easily install the library without
59	+# the executables. MULTILIB_USEDEP may be dropped once build system
60	+# is fixed.
61	+
62	+CDEPEND="acct-group/unbound
63	+ acct-user/unbound
64	+ >=dev-libs/expat-2.1.0-r3[${MULTILIB_USEDEP}]
65	+ >=dev-libs/libevent-2.0.21:0=[${MULTILIB_USEDEP}]
66	+ >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}]
67	+ dnscrypt? ( dev-libs/libsodium:=[${MULTILIB_USEDEP}] )
68	+ dnstap? (
69	+ dev-libs/fstrm[${MULTILIB_USEDEP}]
70	+ >=dev-libs/protobuf-c-1.0.2-r1:=[${MULTILIB_USEDEP}]
71	+ )
72	+ ecdsa? (
73	+ dev-libs/openssl:0[-bindist(-)]
74	+ )
75	+ http2? ( net-libs/nghttp2:=[${MULTILIB_USEDEP}] )
76	+ python? ( ${PYTHON_DEPS} )
77	+ redis? ( dev-libs/hiredis:= )
78	+ systemd? ( sys-apps/systemd )
79	+"
80	+
81	+BDEPEND="virtual/pkgconfig
82	+ python? ( dev-lang/swig )
83	+ test? (
84	+ \|\| (
85	+ net-libs/ldns[examples(-)]
86	+ net-dns/ldns-utils[examples(-)]
87	+ )
88	+ dev-util/splint
89	+ app-text/wdiff
90	+ )
91	+ verify-sig? ( sec-keys/openpgp-keys-unbound )
92	+"
93	+
94	+DEPEND="${CDEPEND}"
95	+
96	+RDEPEND="${CDEPEND}
97	+ net-dns/dnssec-root
98	+ selinux? ( sec-policy/selinux-bind )"
99	+
100	+# bug #347415
101	+RDEPEND="${RDEPEND}
102	+ net-dns/dnssec-root"
103	+
104	+PATCHES=(
105	+ "${FILESDIR}"/${PN}-1.5.7-trust-anchor-file.patch
106	+ "${FILESDIR}"/${PN}-1.6.3-pkg-config.patch
107	+ "${FILESDIR}"/${PN}-1.10.1-find-ar.patch
108	+)
109	+
110	+S=${WORKDIR}/${MY_P}
111	+
112	+pkg_setup() {
113	+ use python && python-single-r1_pkg_setup
114	+}
115	+
116	+src_prepare() {
117	+ default
118	+
119	+ eautoreconf
120	+
121	+ # required for the python part
122	+ multilib_copy_sources
123	+}
124	+
125	+src_configure() {
126	+ [[ ${CHOST} == -darwin ]] \|\| append-ldflags -Wl,-z,noexecstack
127	+ multilib-minimal_src_configure
128	+}
129	+
130	+multilib_src_configure() {
131	+ econf \
132	+ $(use_enable debug) \
133	+ $(use_enable gost) \
134	+ $(use_enable dnscrypt) \
135	+ $(use_enable dnstap) \
136	+ $(use_enable ecdsa) \
137	+ $(use_enable ecs subnet) \
138	+ $(multilib_native_use_enable redis cachedb) \
139	+ $(use_enable static-libs static) \
140	+ $(use_enable systemd) \
141	+ $(multilib_native_use_with python pythonmodule) \
142	+ $(multilib_native_use_with python pyunbound) \
143	+ $(use_with threads pthreads) \
144	+ $(use_with http2 libnghttp2) \
145	+ $(use_enable tfo tfo-client) \
146	+ $(use_enable tfo tfo-server) \
147	+ --disable-flto \
148	+ --disable-rpath \
149	+ --enable-event-api \
150	+ --enable-ipsecmod \
151	+ --with-libevent="${EPREFIX}"/usr \
152	+ $(multilib_native_usex redis --with-libhiredis="${EPREFIX}/usr" --without-libhiredis) \
153	+ --with-pidfile="${EPREFIX}"/run/unbound.pid \
154	+ --with-rootkey-file="${EPREFIX}"/etc/dnssec/root-anchors.txt \
155	+ --with-ssl="${EPREFIX}"/usr \
156	+ --with-libexpat="${EPREFIX}"/usr
157	+
158	+ # http://unbound.nlnetlabs.nl/pipermail/unbound-users/2011-April/001801.html
159	+ # $(use_enable debug lock-checks) \
160	+ # $(use_enable debug alloc-checks) \
161	+ # $(use_enable debug alloc-lite) \
162	+ # $(use_enable debug alloc-nonregional) \
163	+}
164	+
165	+multilib_src_install() {
166	+ emake DESTDIR="${D}" install
167	+ systemd_dounit contrib/unbound.service
168	+ systemd_dounit contrib/unbound.socket
169	+}
170	+
171	+multilib_src_install_all() {
172	+ use python && python_optimize
173	+
174	+ newinitd "${FILESDIR}"/unbound-r1.initd unbound
175	+ newconfd "${FILESDIR}"/unbound-r1.confd unbound
176	+
177	+ systemd_newunit "${FILESDIR}"/unbound_at.service "unbound@.service"
178	+ systemd_dounit "${FILESDIR}"/unbound-anchor.service
179	+
180	+ dodoc doc/{README,CREDITS,TODO,Changelog,FEATURES}
181	+
182	+ # bug #315519
183	+ dodoc contrib/unbound_munin_
184	+
185	+ docinto selinux
186	+ dodoc contrib/selinux/*
187	+
188	+ exeinto /usr/share/${PN}
189	+ doexe contrib/update-anchor.sh
190	+
191	+ # create space for auto-trust-anchor-file...
192	+ keepdir /etc/unbound/var
193	+ fowners root:unbound /etc/unbound/var
194	+ fperms 0770 /etc/unbound/var
195	+ # ... and point example config to it
196	+ sed -i \
197	+ -e '/# auto-trust-anchor-file:/s,/etc/dnssec/root-anchors.txt,/etc/unbound/var/root-anchors.txt,' \
198	+ "${ED}/etc/unbound/unbound.conf" \
199	+ \|\| die
200	+
201	+ # Used to store cache data
202	+ keepdir /var/lib/${PN}
203	+ fowners root:unbound /var/lib/${PN}
204	+ fperms 0770 /var/lib/${PN}
205	+
206	+ find "${ED}" -name '*.la' -delete \|\| die
207	+ if ! use static-libs ; then
208	+ find "${ED}" -name "*.a" -delete \|\| die
209	+ fi
210	+}
211	+
212	+pkg_postinst() {
213	+ if [[ ! -f "${EROOT}/etc/unbound/unbound_control.key" ]] ; then
214	+ einfo "Trying to create unbound control key ..."
215	+ if ! unbound-control-setup &>/dev/null ; then
216	+ ewarn "Failed to create unbound control key!"
217	+ fi
218	+ fi
219	+
220	+ if [[ ! -f "${EROOT}/etc/unbound/var/root-anchors.txt" ]] ; then
221	+ einfo ""
222	+ einfo "If you want unbound to automatically update the root-anchor file for DNSSEC validation"
223	+ einfo "set 'auto-trust-anchor-file: ${EROOT}/etc/unbound/var/root-anchors.txt' in ${EROOT}/etc/unbound/unbound.conf"
224	+ einfo "and run"
225	+ einfo ""
226	+ einfo " su -s /bin/sh -c '${EROOT}/usr/sbin/unbound-anchor -a ${EROOT}/etc/unbound/var/root-anchors.txt' unbound"
227	+ einfo ""
228	+ einfo "as root to create it initially before starting unbound for the first time after enabling this."
229	+ einfo ""
230	+ fi
231	+
232	+ # Our user is not available on prefix
233	+ use prefix && return
234	+
235	+ local _perm_check_testfile=$(mktemp --dry-run "${EPREFIX}"/etc/unbound/var/.pkg_postinst-perm-check.XXXXXXXXX)
236	+ su -s /bin/sh -c "touch ${_perm_check_testfile}" unbound &>/dev/null
237	+ if [ $? -ne 0 ] ; then
238	+ ewarn "WARNING: unbound user cannot write to \"${EPREFIX}/etc/unbound/var\"!"
239	+ ewarn "Run the following commands to restore default permission:"
240	+ ewarn ""
241	+ ewarn " chown root:unbound ${EPREFIX}/etc/unbound/var"
242	+ ewarn " chmod 0770 ${EPREFIX}/etc/unbound/var"
243	+ else
244	+ # Cleanup -- no reason to die here!
245	+ rm -f "${_perm_check_testfile}"
246	+ fi
247	+}

Gentoo Archives: gentoo-commits