diff options
author | Tom Hendrikx (whyscream) <tom@whyscream.net> | 2008-11-20 21:16:32 +0000 |
---|---|---|
committer | Tom Hendrikx (whyscream) <tom@whyscream.net> | 2008-11-20 21:16:32 +0000 |
commit | c97497d7a06c5d6b5a2f2bf0d19f9460dfaf129f (patch) | |
tree | 42043fd7b055b8c39bc67a85a26df81b8a763a12 /net-dns | |
parent | net-dns/ldns-utils: New ebuild for net-dns/ldns-utils (diff) | |
download | sunrise-reviewed-c97497d7a06c5d6b5a2f2bf0d19f9460dfaf129f.tar.gz sunrise-reviewed-c97497d7a06c5d6b5a2f2bf0d19f9460dfaf129f.tar.bz2 sunrise-reviewed-c97497d7a06c5d6b5a2f2bf0d19f9460dfaf129f.zip |
net-dns/unbound: Version bump, minor changes to initd
svn path=/sunrise/; revision=7384
Diffstat (limited to 'net-dns')
-rw-r--r-- | net-dns/unbound/ChangeLog | 5 | ||||
-rw-r--r-- | net-dns/unbound/Manifest | 10 | ||||
-rw-r--r-- | net-dns/unbound/files/chroot_howto.txt | 17 | ||||
-rw-r--r-- | net-dns/unbound/files/unbound.initd | 4 | ||||
-rw-r--r-- | net-dns/unbound/unbound-1.1.1.ebuild (renamed from net-dns/unbound/unbound-1.0.2.ebuild) | 13 |
5 files changed, 27 insertions, 22 deletions
diff --git a/net-dns/unbound/ChangeLog b/net-dns/unbound/ChangeLog index f45025068..1b43bdcf0 100644 --- a/net-dns/unbound/ChangeLog +++ b/net-dns/unbound/ChangeLog @@ -2,6 +2,11 @@ # Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2 # $Header: $ + 20 Nov 2008; Tom Hendrikx (whyscream) <tom@whyscream.net> + -unbound-1.0.2.ebuild, +unbound-1.1.1.ebuild, files/chroot_howto.txt, + files/unbound.initd: + Version bump, minor changes to initd + 02 Sep 2008; Tom Hendrikx (whyscream) <tom@whyscream.net> +unbound-1.0.2.ebuild, +files/chroot_howto.txt, +files/unbound.confd, +files/unbound.initd, +metadata.xml: diff --git a/net-dns/unbound/Manifest b/net-dns/unbound/Manifest index 5cc53ecae..38e92c5fa 100644 --- a/net-dns/unbound/Manifest +++ b/net-dns/unbound/Manifest @@ -1,7 +1,7 @@ -AUX chroot_howto.txt 1692 RMD160 e4939da926078f3982f6b5391e5c900f7008e93e SHA1 f911f11f214125d994e338573c8710dfe6f43674 SHA256 9824f29c59b869820e4bd28906d01aaba451af05dd83bcb9f961eac63155a491 +AUX chroot_howto.txt 1780 RMD160 39c115816f87cf4ec1a17fbfd313fee771a64226 SHA1 3522189d64e92fb64251587db1559e5d0110e540 SHA256 650b4d838ba09d1c94b34ae712102d3b29b84744c4980c5bafe8eaa552a657a5 AUX unbound.confd 284 RMD160 01960d51a873ed30beac29ce20e3dde43dca20aa SHA1 195c31dd2edf4a887f667520ddf70a1bed8a3d65 SHA256 27d73752ae2a0f6c7ae4a3d894357bba1a2fdaf9f3cd0415be03bed2c0211537 -AUX unbound.initd 1028 RMD160 b7c4ad74dbd3ed255c2b4575ca528199731ff655 SHA1 40c55f0a62ed531a34dfa5b3a28d2fa789a305ce SHA256 f491b07b0adc60a56a907283782ed86d073d397a98f40a5413444522d5eaf215 -DIST unbound-1.0.2.tar.gz 3597275 RMD160 1e942505468f6ae4061b208914e9b7feed6ecff1 SHA1 93faa7b76cf7681b8c7b0c5187aaf84c36b6670b SHA256 e6bbc4bb850c211e97ee7b5bc1827f59eb5222d295b715bda4551775766240ac -EBUILD unbound-1.0.2.ebuild 1695 RMD160 15bc34360da92e9fd331d99d2b573f04703a6a00 SHA1 2159228064f06802e724b714c4250c3f999d3b39 SHA256 4ebb57c6c26ad76015c73a19b1f57e672085e170a25381a8308a10a958c2ba9f -MISC ChangeLog 330 RMD160 3904b8c5c15947922ba54ba008ff25ce29fa63a3 SHA1 61b79fdfa5dd447510899d714a4531f1af0cdcb8 SHA256 7c72c3bc84f339ad55e8a472cc3d1afb57ca07fba9d989afddd1a95293a797d5 +AUX unbound.initd 985 RMD160 1cd1fe6a195def58fda8be0e3067b2751773be21 SHA1 569ad8abab363e10f03cc9e2d4fb11395fc9b18b SHA256 d8752a4f8ba549ef2822368b86c1a0931284b4e057e236d19f88857a2c43be67 +DIST unbound-1.1.1.tar.gz 3754958 RMD160 08299a2f31a2a01c2d5819f63abc231015074af3 SHA1 8c80e892232a05459923826f266afb770d3f7d73 SHA256 ab6c701f44aeef11a1a8370495749b9b630004597af38dc04094ad5687e73981 +EBUILD unbound-1.1.1.ebuild 1705 RMD160 2d4b395635cac14970674eed20899f7fb1f7ba59 SHA1 4faa6cde22e7842be7db02fd367572948ae2a1b8 SHA256 8d738586bccbf0604cab35c0ddd9186e6b89664a1b5707e0a101009d9a354863 +MISC ChangeLog 525 RMD160 f708f52402909002af68a79a0d6561eed7880bb5 SHA1 fac1a5b9053aff9ff637ecb9d1e4d85b27f9616d SHA256 510dfbfe825de2d33dcfaa144ef8f601ae9424baa749a70eceb63c3cb2178c72 MISC metadata.xml 245 RMD160 d8ace88cdc93cb9ddd4a28cb445e7b8d61cc5127 SHA1 6fe67339cb588812f2973ef6f5eee3d0c1d79b1c SHA256 136f25009219cb8b085d8885f5d68ccdc2836705577688e7587755e9736aba9d diff --git a/net-dns/unbound/files/chroot_howto.txt b/net-dns/unbound/files/chroot_howto.txt index 5699d00cb..0d51536c8 100644 --- a/net-dns/unbound/files/chroot_howto.txt +++ b/net-dns/unbound/files/chroot_howto.txt @@ -4,9 +4,11 @@ Chroot jail howto for unbound I had no experience whatsoever with chroot jails for daemons, and when making an ebuild for unbound, someone suggested that I should just check it out. -Unfortunately, my ebuild skills are not that great, so making the ebuild handle -the rootjail support transparantly was out of my league. Getting unbound -running within a rootjail was no problem however. Below are my experiences. +After lots of playing around with automating a chroot jail setup from within +the ebuild, everything got way too unstable and far from fool-proof. + +Getting unbound running within a rootjail by hand was no problem however. +Below are my experiences. * Assumptions @@ -19,16 +21,17 @@ running within a rootjail was no problem however. Below are my experiences. 2. Decide where you want your rootjail. I choose /var/lib/unbound throughout this manual. Then create the directory: - # mkdir /var/lib/unbound + # mkdir /var/lib/unbound # chown unbound:unbound /var/lib/unbound # chmod 700 /var/lib/unbound 3. Inside the chroot you'll need access to /dev/random, and possibly /dev/log - (when using syslog, the default). Simplest way is to bind-mount /dev: + (when using syslog, the default). Simplest way is to bind-mount /dev: # mkdir /var/lib/unbound/dev # mount -o bind /dev /var/lib/unbound/dev - Hint: add a line to /etc/fstab to keep this persistent between reboots. + Hint: add a line to /etc/fstab to keep this persistent between reboots, f.i.: + /dev /var/lib/unbound/dev auto defauls,bind 0 0 4. Move the config file into the chroot and change some settings: # mv /etc/unbound/unbound.conf /var/lib/unbound @@ -45,4 +48,4 @@ running within a rootjail was no problem however. Below are my experiences. the config and the pid file. config_file="/var/lib/unbound/unbound.conf" - pid_file="/var/lib/unbound/unbound.conf" + pid_file="/var/lib/unbound/unbound.pid" diff --git a/net-dns/unbound/files/unbound.initd b/net-dns/unbound/files/unbound.initd index 525020c39..70750723c 100644 --- a/net-dns/unbound/files/unbound.initd +++ b/net-dns/unbound/files/unbound.initd @@ -22,8 +22,6 @@ start() { configtest || return 1 ebegin "Starting unbound" - touch "${pid_file}" - chown unbound:unbound "${pid_file}" unbound -c "${config_file}" eend $? } @@ -35,7 +33,7 @@ stop() { } configtest() { - ebegin "Checking config" + ebegin "Checking config (${config_file})" unbound-checkconf "${config_file}" > /dev/null 2>&1 local RESULT=$? if test "$RESULT" != 0; then diff --git a/net-dns/unbound/unbound-1.0.2.ebuild b/net-dns/unbound/unbound-1.1.1.ebuild index a59f72e99..2e08ba48b 100644 --- a/net-dns/unbound/unbound-1.0.2.ebuild +++ b/net-dns/unbound/unbound-1.1.1.ebuild @@ -13,10 +13,9 @@ SLOT="0" KEYWORDS="~amd64 ~x86" IUSE="debug libevent static threads" -RDEPEND="dev-libs/openssl - net-libs/ldns - libevent? ( dev-libs/libevent )" -DEPEND="${RDEPEND}" +DEPEND="dev-libs/openssl + >=net-libs/ldns-1.4.0 + libevent? ( dev-libs/libevent )" pkg_setup() { enewgroup unbound @@ -48,12 +47,12 @@ src_install() { dodoc "${FILESDIR}/chroot_howto.txt" || die "dodoc failed" # adapt config file to disable the chroot - sed -i '/^\t# chroot:/a\\tchroot: ""' "$D/etc/unbound/unbound.conf" || die "sed failed" + sed -i '/^\t# chroot:/a\\tchroot: ""' "${D}/etc/unbound/unbound.conf" || die "sed failed" } pkg_postinst() { elog "The gentoo configuration does not enable a chroot environment," elog "this differs from the default upstream configuration." - elog "To use a chroot enviroment, please read:" - elog "/usr/share/doc/${PF}/chroot_howto.txt.bz2" + elog "To use a chroot enviroment which is recommended, please read" + elog "the chroot_howto.txt in /usr/share/doc/${PF}" } |