diff options
Diffstat (limited to 'net-dns')
| -rw-r--r-- | net-dns/Manifest.gz | bin | 8533 -> 8527 bytes | |||
| -rw-r--r-- | net-dns/nsd/Manifest | 4 | ||||
| -rw-r--r-- | net-dns/nsd/metadata.xml | 2 | ||||
| -rw-r--r-- | net-dns/nsd/nsd-4.5.0.ebuild | 119 | ||||
| -rw-r--r-- | net-dns/unbound/Manifest | 3 | ||||
| -rw-r--r-- | net-dns/unbound/unbound-1.17.0.ebuild | 213 |
6 files changed, 217 insertions, 124 deletions
diff --git a/net-dns/Manifest.gz b/net-dns/Manifest.gz Binary files differindex 399a4372dd07..4c789ed31862 100644 --- a/net-dns/Manifest.gz +++ b/net-dns/Manifest.gz diff --git a/net-dns/nsd/Manifest b/net-dns/nsd/Manifest index 9fd9289d3821..6e81251be256 100644 --- a/net-dns/nsd/Manifest +++ b/net-dns/nsd/Manifest @@ -3,9 +3,7 @@ AUX nsd.initd-r1 1383 BLAKE2B b90de2ebef09a4f9050f6e95f5faf659c62910462aba1179da AUX nsd.munin-conf 23 BLAKE2B 0b08804b2218d77ea925d4c9e26e73649b453b923d6d7b1e1df39ceb58b92a44c48cb21583a480e622f72d07650f410f2e0703f1d16af08152aed16982ab8da2 SHA512 c06d0b035387e7be79cfa8fedf8afb3900772146c6d4090ac39ea2ef165772d875b222ef467bd73422078ef57818bcc931ca67fa290bd99a7a9456efa5448853 AUX nsd.service 272 BLAKE2B 66a7d4132246589f71341afd98361f6b02082be3d4e230c86ae690876a797ea0a4580b29892d91feba2785ea933a053f862e0d00f2c8a8c09ab907386c39a03c SHA512 fbca86887bfc36d61af06992cc98b3f3cb33c39274fbdc1e53d489bdcc767993911fab27a20244c3878b36bacbd1644a552364b2f7bf4d48e6eb247d0eecdf0f AUX nsd_munin_.patch 542 BLAKE2B 13ff49c41683d5bf505e257cd17bf5f3ad06662c00032d79b36be3f96486eb89fdd62a42b5ed4816ad99835366864603568613e27504894340ebb64057e2b2c3 SHA512 6034086d6b6f6980468766c901e92291fea8a32df179561ede2add5918c37bfe3aabf122735d4ae2e28efece394fd3398f9a0cc4d8fdcc1e5da1ca709d2ba6ae -DIST nsd-4.5.0.tar.gz 1259059 BLAKE2B 5c90a17b2c2df3cf06bea2609fb02198b4fdde3e9ed7cc0a07526d43069f735458a0c1775fc7b45ac7bd1fba42ec329fe5b67378d6282bf86f6c520f73b00397 SHA512 0309e1ff083b6f2118ba6fd59425319c21f31558d30e17a40eb8f1e53dee9e3e766d7b53eb50462130ba17b454a3559dc786d344cb779468d255732bbc6bc5da DIST nsd-4.6.1.tar.gz 1281583 BLAKE2B 5eff5560ce16451a57905bb9d979c81918b6b55f72e1f1b89ab8d2e479ac36bf4f95152c77b1f1b3ce0af90bde8f25d2cad7226450c5cbc879f112adea2b3a69 SHA512 cab557a20cf8564cbf6e38405ca28b00baa6e14105527c3b16f49f57fed5e39cdb2bcd62999bad4aff2c69e0967bdba66a1eaa7b73a0d4d99d97535cc5860bfe -EBUILD nsd-4.5.0.ebuild 3173 BLAKE2B cca1e177b819ce44e8c8f8c81ca86b0e8c53540d4db3283eefd4c5a9008620dd9b741441df7a519102318feb8409a4fee5a1c9cec28b1b53e1a71df46d953e4b SHA512 8748426d1a5bc96acc5a98b7e070c4db2c7d12d3162410330ff4434063f8555582f3968bbb8b6b19d9d19bebe2e820400f2699c1a406c83814c56506815cb5b1 EBUILD nsd-4.6.1-r1.ebuild 3209 BLAKE2B 389c985799ffa9042b6068090e361474ea3ed46d1e4011331db85b89260229801e7af8c6c0bbb00a086dec5598cc0b225ddf4546a7da5dc490146d54d7bde2ed SHA512 67cc70e82fa0c2b8bd236867b58eca15951c819c5446bb2d336e73458c193e4eae1f192c620b0eea6b7183fc1da012651abdc64bd363373a8cb12a8863ffb094 EBUILD nsd-9999.ebuild 3162 BLAKE2B a506ee3a9304ced1bb2dc9d2705b30d0101a76d06780d3007eb404610ce95143ba1964c4516182de2b406ef3515c3cc1dc695ac0e118d52649b85e7f043a21a1 SHA512 0a20625bcd3e1fbf2563f16253d71b728603879a8bdbcea80bdee41bbc74a11ed2c15154b197f2e69b6b255cec452e0f22c082f640db4017c982dafdb5a4a793 -MISC metadata.xml 1077 BLAKE2B 81ba4f798150f077bf01a0c901f6552ce3b56dd54efa5c988206c956c58674d2f4fd9e046e4cddb5ad798aea1c5cb59ad1e6d7b0ea250fe297167fd1dcc5c3a5 SHA512 8c105314e496ec71c847a1768cefa12b2bcdad2f00e38fca0e90a1b2f2a66b26b271a17c883a5d1be9dd66190477c0e0e67b0412699c2ca34a2f6655e3e55b36 +MISC metadata.xml 970 BLAKE2B bdadf7cb1a1a444aff44b9f1ad7ea64a5b01d72888d91662f55cb321a94f8b03ea9f050e78df9cc2a81e2c538a81d463c95f998b8c7f65c192425d3a5917a25e SHA512 bc769f335f452a8f81f83d8333bf3db11620212b156eac80ddd9622312605b80b56d4fa6ebdb609b7c1999cc995672350b0181666c012ee69e21ff5b511af48d diff --git a/net-dns/nsd/metadata.xml b/net-dns/nsd/metadata.xml index f4238fbfaaf3..73010eb2f935 100644 --- a/net-dns/nsd/metadata.xml +++ b/net-dns/nsd/metadata.xml @@ -14,8 +14,6 @@ <flag name="ratelimit">Enables ratelimiting, based on query name, type and source</flag> <flag name="root-server">Configure NSD as a root server</flag> - <flag name="runtime-checks">Enable runtime checks, this could lead - to a reduced service level</flag> <flag name="munin"> Install a plugin for <pkg>net-analyzer/munin</pkg> to graph statistical data from nsd.</flag> diff --git a/net-dns/nsd/nsd-4.5.0.ebuild b/net-dns/nsd/nsd-4.5.0.ebuild deleted file mode 100644 index 4f654418871a..000000000000 --- a/net-dns/nsd/nsd-4.5.0.ebuild +++ /dev/null @@ -1,119 +0,0 @@ -# Copyright 1999-2022 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -inherit autotools systemd - -DESCRIPTION="An authoritative only, high performance, open source name server" -HOMEPAGE="http://www.nlnetlabs.nl/projects/nsd" -LICENSE="BSD" -SLOT="0" -if [[ "${PV}" == *9999 ]] ; then - inherit git-r3 - EGIT_REPO_URI="https://github.com/NLnetLabs/nsd.git" -else - # version voodoo needed only for non-release tarballs: 4.0.0_rc1 => 4.0.0rc1 - MY_PV="${PV/_beta/b}" - MY_PV="${MY_PV/_rc/rc}" - MY_P="${PN}-${MY_PV}" - - [[ "${PV}" == *_beta* ]] || [[ "${PV}" == *_rc* ]] || \ - KEYWORDS="amd64 x86" - SRC_URI="http://www.nlnetlabs.nl/downloads/${PN}/${MY_P}.tar.gz" - S="${WORKDIR}/${MY_P}" -fi -IUSE="bind8-stats dnstap ipv6 libevent minimal-responses mmap munin +nsec3 ratelimit root-server runtime-checks ssl systemd" - -RDEPEND=" - acct-group/nsd - acct-user/nsd - dnstap? ( - dev-libs/fstrm - dev-libs/protobuf-c - ) - libevent? ( dev-libs/libevent ) - munin? ( net-analyzer/munin ) - ssl? ( dev-libs/openssl:0= ) - systemd? ( sys-apps/systemd ) -" -DEPEND="${RDEPEND}" -BDEPEND=" - sys-devel/flex - app-alternatives/yacc - systemd? ( virtual/pkgconfig ) -" - -PATCHES=( - # Fix the paths in the munin plugin to match our install - "${FILESDIR}"/nsd_munin_.patch -) - -src_prepare() { - default - # Required to get correct pkg-config macros with USE="systemd" - # see bugs #663618 and #758050 - eautoreconf -} - -src_configure() { - local myeconfargs=( - --enable-largefile - --enable-pie - --enable-relro-now - --enable-tcp-fastopen - --with-dbfile="${EPREFIX}"/var/db/nsd/nsd.db - --with-logfile="${EPREFIX}"/var/log/nsd.log - --with-pidfile="${EPREFIX}"/run/nsd/nsd.pid - --with-xfrdfile="${EPREFIX}"/var/db/nsd/xfrd.state - --with-xfrdir="${EPREFIX}"/var/db/nsd - --with-zonelistfile="${EPREFIX}"/var/db/nsd/zone.list - --with-zonesdir="${EPREFIX}"/var/lib/nsd - $(use_enable bind8-stats) - $(use_enable bind8-stats zone-stats) - $(use_enable dnstap) - $(use_enable ipv6) - $(use_enable minimal-responses) - $(use_enable mmap) - $(use_enable nsec3) - $(use_enable ratelimit) - $(use_enable root-server) - $(use_enable runtime-checks checking) - $(use_enable systemd) - $(use_with libevent) - $(use_with ssl) - ) - econf "${myeconfargs[@]}" -} - -src_install() { - emake DESTDIR="${D}" install - - dodoc doc/{ChangeLog,CREDITS,NSD-4-features,NSD-FOR-BIND-USERS,README,RELNOTES,REQUIREMENTS} - - newinitd "${FILESDIR}"/nsd.initd-r1 nsd - - # install munin plugin and config - if use munin ; then - exeinto /usr/libexec/munin/plugins - doexe contrib/nsd_munin_ - insinto /etc/munin/plugin-conf.d - newins "${FILESDIR}"/nsd.munin-conf nsd_munin - fi - - systemd_dounit "${FILESDIR}"/nsd.service - - # remove the /run directory that usually resides on tmpfs and is - # being taken care of by the nsd init script anyway (checkpath) - rm -r "${ED}"/run || die "Failed to remove /run" - - keepdir /var/db/${PN} -} - -pkg_postinst() { - # database directory, writable by nsd for database updates and zone transfers - install -d -m 750 -o nsd -g nsd "${EROOT}"/var/db/nsd - - # zones directory, writable by nsd for zone file updates (nsd-control write) - install -d -m 750 -o nsd -g nsd "${EROOT}"/var/lib/nsd -} diff --git a/net-dns/unbound/Manifest b/net-dns/unbound/Manifest index e8949d9080b3..b87ad8e574db 100644 --- a/net-dns/unbound/Manifest +++ b/net-dns/unbound/Manifest @@ -9,5 +9,8 @@ AUX unbound.socket 101 BLAKE2B 4885d311873d7f3e5daf1c0a63798b13761b7c0bfb1bead0b AUX unbound_at.service 304 BLAKE2B 0762200390475ff6a3ca4dc282b3eca3e55cb339528a73b0c6148f4df336c4c07e8da19320df6bedb49cb6884da565543f78456d38dc3000ca2a1abde84816be SHA512 71bd8c422ffe57e448b66f97775075a407671757266d40294a670b41cd1a59f16b65488d30aa74b79b7536f0c4c50adb56e32377e8029fd6c327b85c022c5fe3 DIST unbound-1.16.3.tar.gz 6204330 BLAKE2B b97deade78ab903363e06ff9d71b9895c754378ec276bb17556de62c48a88af5fbabd26f97fb47313d1e631fe75dee245aa38fbf42a865ac3e764882a1124a51 SHA512 ef5cda926dd1082a750615d8687bccd756869c66e9f24f984fda4c6613f94f3e4884db328b8d7b490777a75d3e616dcb61c5258e7777923c0590e6fabacd207c DIST unbound-1.16.3.tar.gz.asc 833 BLAKE2B 2009dac660405b11725c046099cf9bd2f6ccea0bda8936530228b6ab3ceebfadd119b5d91ff1c86845d54444104f578597a574daed80a5e6e677c8f7d68b789b SHA512 b106f080d877e479d944a7ebe24a380f4c40c38308733f43f8a60d4e7aedc6597e6daa4a1428f596e705c9c75e6ee7b4187dbbc5750a9c406f59d76d4f1b4a8d +DIST unbound-1.17.0.tar.gz 6235060 BLAKE2B 611c1b96ff84e6dd8f7a592135cc17f416cd810d0f35d27c8cedd56af069badd8dca112cc5927a1fe50ec3335c377b6bd6fc4e1a6d63a332a90d676e3c23dcef SHA512 f6b9f279330fb19b5feca09524959940aad8c4e064528aa82b369c726d77e9e8e5ca23f366f6e9edcf2c061b96f482ed7a2c26ac70fc15ae5762b3d7e36a5284 +DIST unbound-1.17.0.tar.gz.asc 833 BLAKE2B 8b77a16fa1287af7c12720cce0b45c1ab49f691a0516674d28009d5da8c71d5d56a9518e16fb752c2db58dc835223d55ff863bfc03971aa408eb0f65a65600bf SHA512 e1567f088bdf0a96dbdcf365deccb72f42319b9b29510d5d9aefbe66df054446d3dcdfcc54826046af6e4f751aa518798b968685611b1b7f1860f66a96e32a57 EBUILD unbound-1.16.3.ebuild 6524 BLAKE2B 3b870572ab0f226bb191391c633d5888bf3258c020b23e6f836c84b151689a9fda72ed330dc87d77c48815ea8b83c7208bca071dd48bd1fd170cc6a71fb917d2 SHA512 d520a7308ba1a5b925d39fb34b9f4c1844fb479f8f5d44cd9ca694f93b6f9b07c96e9734fee6d20efb02d6c63f4c3f7732151ddce16b81e572476889b86ede1d +EBUILD unbound-1.17.0.ebuild 6530 BLAKE2B 6e159a8c8525bb593acc185f43a74fe53231fe2002ef66809679b298a0f556e50595b75defb3bdab48d05707dd7c3cc4cccef23a91bfb49c8d44854d8620f81e SHA512 830ceec500b5cc73f448097adda0da392b5e5a905aee6cceb187949c2725a92320607cb50e1b2f36e549fbb76a11f659ec5bb946d46a43a59a1b97b38697a4d5 MISC metadata.xml 1475 BLAKE2B d0e34f4ba056c090af979f2686d5dece53a554c7ea7612fee1991ce6838ce161359bd8405d6358c5e184b6721affeee5d6e1bd93095b92765cd38dba928daa5b SHA512 8fba72eba420d4c06fb3a9119c3f324c5679fe268b65fac23878ef15f3c3d784d372874c7d6428d1c7c2eb3a75380ad2e4d5fc1691e7c2d1b426b8cfa381222b diff --git a/net-dns/unbound/unbound-1.17.0.ebuild b/net-dns/unbound/unbound-1.17.0.ebuild new file mode 100644 index 000000000000..ccc9419c7b78 --- /dev/null +++ b/net-dns/unbound/unbound-1.17.0.ebuild @@ -0,0 +1,213 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI="8" +PYTHON_COMPAT=( python3_{8..11} ) + +inherit autotools flag-o-matic multilib-minimal python-single-r1 systemd verify-sig + +MY_P=${PN}-${PV/_/} +DESCRIPTION="A validating, recursive and caching DNS resolver" +HOMEPAGE="https://unbound.net/ https://nlnetlabs.nl/projects/unbound/about/" +SRC_URI="https://nlnetlabs.nl/downloads/unbound/${MY_P}.tar.gz + verify-sig? ( https://nlnetlabs.nl/downloads/unbound/${MY_P}.tar.gz.asc )" +VERIFY_SIG_OPENPGP_KEY_PATH=${BROOT}/usr/share/openpgp-keys/unbound.net.asc + +LICENSE="BSD GPL-2" +SLOT="0/8" # ABI version of libunbound.so +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~mips ~ppc ~ppc64 ~riscv ~x86" +IUSE="debug dnscrypt dnstap +ecdsa ecs gost +http2 python redis selinux static-libs systemd test +tfo threads" +REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" +RESTRICT="!test? ( test )" + +# Note: expat is needed by executable only but the Makefile is custom +# and doesn't make it possible to easily install the library without +# the executables. MULTILIB_USEDEP may be dropped once build system +# is fixed. + +CDEPEND="acct-group/unbound + acct-user/unbound + >=dev-libs/expat-2.1.0-r3[${MULTILIB_USEDEP}] + >=dev-libs/libevent-2.0.21:0=[${MULTILIB_USEDEP}] + >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}] + dnscrypt? ( dev-libs/libsodium:=[${MULTILIB_USEDEP}] ) + dnstap? ( + dev-libs/fstrm[${MULTILIB_USEDEP}] + >=dev-libs/protobuf-c-1.0.2-r1:=[${MULTILIB_USEDEP}] + ) + ecdsa? ( + dev-libs/openssl:0[-bindist(-)] + ) + http2? ( net-libs/nghttp2:=[${MULTILIB_USEDEP}] ) + python? ( ${PYTHON_DEPS} ) + redis? ( dev-libs/hiredis:= ) + systemd? ( sys-apps/systemd ) +" + +BDEPEND="virtual/pkgconfig + python? ( dev-lang/swig ) + test? ( + || ( + net-libs/ldns[examples(-)] + net-dns/ldns-utils[examples(-)] + ) + dev-util/splint + app-text/wdiff + ) + verify-sig? ( sec-keys/openpgp-keys-unbound ) +" + +DEPEND="${CDEPEND}" + +RDEPEND="${CDEPEND} + net-dns/dnssec-root + selinux? ( sec-policy/selinux-bind )" + +# bug #347415 +RDEPEND="${RDEPEND} + net-dns/dnssec-root" + +PATCHES=( + "${FILESDIR}"/${PN}-1.5.7-trust-anchor-file.patch + "${FILESDIR}"/${PN}-1.6.3-pkg-config.patch + "${FILESDIR}"/${PN}-1.10.1-find-ar.patch +) + +S=${WORKDIR}/${MY_P} + +pkg_setup() { + use python && python-single-r1_pkg_setup +} + +src_prepare() { + default + + eautoreconf + + # required for the python part + multilib_copy_sources +} + +src_configure() { + [[ ${CHOST} == *-darwin* ]] || append-ldflags -Wl,-z,noexecstack + multilib-minimal_src_configure +} + +multilib_src_configure() { + econf \ + $(multilib_native_use_enable debug) \ + $(multilib_native_use_enable gost) \ + $(multilib_native_use_enable dnscrypt) \ + $(multilib_native_use_enable dnstap) \ + $(multilib_native_use_enable ecdsa) \ + $(multilib_native_use_enable ecs subnet) \ + $(multilib_native_use_enable redis cachedb) \ + $(multilib_native_use_enable static-libs static) \ + $(multilib_native_use_enable systemd) \ + $(multilib_native_use_with python pythonmodule) \ + $(multilib_native_use_with python pyunbound) \ + $(multilib_native_use_with threads pthreads) \ + $(multilib_native_use_with http2 libnghttp2) \ + $(multilib_native_use_enable tfo tfo-client) \ + $(multilib_native_use_enable tfo tfo-server) \ + --disable-flto \ + --disable-rpath \ + --enable-event-api \ + --enable-ipsecmod \ + --with-libevent="${ESYSROOT}"/usr \ + $(multilib_native_usex redis --with-libhiredis="${ESYSROOT}/usr" --without-libhiredis) \ + --with-pidfile="${EPREFIX}"/run/unbound.pid \ + --with-rootkey-file="${EPREFIX}"/etc/dnssec/root-anchors.txt \ + --with-ssl="${ESYSROOT}"/usr \ + --with-libexpat="${ESYSROOT}"/usr + + # http://unbound.nlnetlabs.nl/pipermail/unbound-users/2011-April/001801.html + # $(use_enable debug lock-checks) \ + # $(use_enable debug alloc-checks) \ + # $(use_enable debug alloc-lite) \ + # $(use_enable debug alloc-nonregional) \ +} + +multilib_src_install() { + emake DESTDIR="${D}" install + systemd_dounit contrib/unbound.service + systemd_dounit contrib/unbound.socket +} + +multilib_src_install_all() { + use python && python_optimize + + newinitd "${FILESDIR}"/unbound-r1.initd unbound + newconfd "${FILESDIR}"/unbound-r1.confd unbound + + systemd_newunit "${FILESDIR}"/unbound_at.service "unbound@.service" + systemd_dounit "${FILESDIR}"/unbound-anchor.service + + dodoc doc/{README,CREDITS,TODO,Changelog,FEATURES} + + # bug #315519 + dodoc contrib/unbound_munin_ + + docinto selinux + dodoc contrib/selinux/* + + exeinto /usr/share/${PN} + doexe contrib/update-anchor.sh + + # create space for auto-trust-anchor-file... + keepdir /etc/unbound/var + fowners root:unbound /etc/unbound/var + fperms 0770 /etc/unbound/var + # ... and point example config to it + sed -i \ + -e '/# auto-trust-anchor-file:/s,/etc/dnssec/root-anchors.txt,/etc/unbound/var/root-anchors.txt,' \ + "${ED}/etc/unbound/unbound.conf" \ + || die + + # Used to store cache data + keepdir /var/lib/${PN} + fowners root:unbound /var/lib/${PN} + fperms 0770 /var/lib/${PN} + + find "${ED}" -name '*.la' -delete || die + if ! use static-libs ; then + find "${ED}" -name "*.a" -delete || die + fi +} + +pkg_postinst() { + if [[ ! -f "${EROOT}/etc/unbound/unbound_control.key" ]] ; then + einfo "Trying to create unbound control key ..." + if ! unbound-control-setup &>/dev/null ; then + ewarn "Failed to create unbound control key!" + fi + fi + + if [[ ! -f "${EROOT}/etc/unbound/var/root-anchors.txt" ]] ; then + einfo "" + einfo "If you want unbound to automatically update the root-anchor file for DNSSEC validation" + einfo "set 'auto-trust-anchor-file: ${EROOT}/etc/unbound/var/root-anchors.txt' in ${EROOT}/etc/unbound/unbound.conf" + einfo "and run" + einfo "" + einfo " su -s /bin/sh -c '${EROOT}/usr/sbin/unbound-anchor -a ${EROOT}/etc/unbound/var/root-anchors.txt' unbound" + einfo "" + einfo "as root to create it initially before starting unbound for the first time after enabling this." + einfo "" + fi + + # Our user is not available on prefix + use prefix && return + + local _perm_check_testfile=$(mktemp --dry-run "${EPREFIX}"/etc/unbound/var/.pkg_postinst-perm-check.XXXXXXXXX) + su -s /bin/sh -c "touch ${_perm_check_testfile}" unbound &>/dev/null + if [ $? -ne 0 ] ; then + ewarn "WARNING: unbound user cannot write to \"${EPREFIX}/etc/unbound/var\"!" + ewarn "Run the following commands to restore default permission:" + ewarn "" + ewarn " chown root:unbound ${EPREFIX}/etc/unbound/var" + ewarn " chmod 0770 ${EPREFIX}/etc/unbound/var" + else + # Cleanup -- no reason to die here! + rm -f "${_perm_check_testfile}" + fi +} |