pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/net Change bind99 and bind910 package to use the stand...
details: https://anonhg.NetBSD.org/pkgsrc/rev/a8ec5553d7eb
branches: trunk
changeset: 358802:a8ec5553d7eb
user: fhajny <fhajny%pkgsrc.org@localhost>
date: Mon Feb 20 15:19:54 2017 +0000
description:
Change bind99 and bind910 package to use the standard PKG_SYSCONFDIR
for config files instead of the hardcoded /etc path. Sync SMF support
across the two packages. Bump PKGREVISION.
diffstat:
net/bind910/Makefile | 5 +-
net/bind910/files/smf/manifest.xml | 2 +-
net/bind910/files/smf/named.sh | 8 +-
net/bind99/Makefile | 5 +-
net/bind99/files/smf/manifest.xml | 28 +--
net/bind99/files/smf/named.sh | 258 ++++++++++++++++++++++++++++--------
6 files changed, 224 insertions(+), 82 deletions(-)
diffs (truncated from 429 to 300 lines):
diff -r ecb6f7c6a14a -r a8ec5553d7eb net/bind910/Makefile
--- a/net/bind910/Makefile Mon Feb 20 15:03:50 2017 +0000
+++ b/net/bind910/Makefile Mon Feb 20 15:19:54 2017 +0000
@@ -1,7 +1,8 @@
-# $NetBSD: Makefile,v 1.29 2017/02/09 00:48:59 taca Exp $
+# $NetBSD: Makefile,v 1.30 2017/02/20 15:19:54 fhajny Exp $
DISTNAME= bind-${BIND_VERSION}
PKGNAME= ${DISTNAME:S/-P/pl/}
+PKGREVISION= 1
CATEGORIES= net
MASTER_SITES= ftp://ftp.isc.org/isc/bind9/${BIND_VERSION}/
@@ -27,7 +28,7 @@
#CONFIG_SHELL= sh -x
CONFIGURE_ARGS+= --with-libtool
-CONFIGURE_ARGS+= --sysconfdir=/etc
+CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR}
CONFIGURE_ARGS+= --localstatedir=${VARBASE}
CONFIGURE_ARGS+= --disable-openssl-version-check
CONFIGURE_ARGS+= --with-openssl=${SSLBASE:Q}
diff -r ecb6f7c6a14a -r a8ec5553d7eb net/bind910/files/smf/manifest.xml
--- a/net/bind910/files/smf/manifest.xml Mon Feb 20 15:03:50 2017 +0000
+++ b/net/bind910/files/smf/manifest.xml Mon Feb 20 15:19:54 2017 +0000
@@ -39,7 +39,7 @@
<service_fmri value='svc:/milestone/network' />
</dependency>
<dependency name='config-files' grouping='require_any' restart_on='refresh' type='path'>
- <service_fmri value='file://localhost/etc/named.conf' />
+ <service_fmri value='file://localhost@PKG_SYSCONFDIR@/named.conf' />
</dependency>
<!--
In order to run multiple named(1M) processes with their own
diff -r ecb6f7c6a14a -r a8ec5553d7eb net/bind910/files/smf/named.sh
--- a/net/bind910/files/smf/named.sh Mon Feb 20 15:03:50 2017 +0000
+++ b/net/bind910/files/smf/named.sh Mon Feb 20 15:19:54 2017 +0000
@@ -56,9 +56,9 @@
get_config ()
{
- configuration_file=/etc/named.conf
- rndc_config_file=/etc/rndc.conf
- rndc_key_file=/etc/rndc.key
+ configuration_file=@PKG_SYSCONFDIR@/named.conf
+ rndc_config_file=@PKG_SYSCONFDIR@/rndc.conf
+ rndc_key_file=@PKG_SYSCONFDIR@/rndc.key
rndc_cmd_opts="-a"
libraries="/usr/pkg/lib/engines/libgost.so"
cmdopts=""
@@ -127,7 +127,7 @@
configuration_dir=$(sed -n -e 's,^[[:space:]]*directory.*"\(.*\)";,\1,p' \
${configuration_file})
- [ "${configuration_dir}" == "" ] && configuration_dir=/etc/namedb
+ [ "${configuration_dir}" == "" ] && configuration_dir=@PKG_SYSCONFDIR@/namedb
configuration_files=$(sed -n -e \
"s,^[[:space:]]*file.*\"\(.*\)\";,${configuration_dir}/\1,p" \
diff -r ecb6f7c6a14a -r a8ec5553d7eb net/bind99/Makefile
--- a/net/bind99/Makefile Mon Feb 20 15:03:50 2017 +0000
+++ b/net/bind99/Makefile Mon Feb 20 15:19:54 2017 +0000
@@ -1,7 +1,8 @@
-# $NetBSD: Makefile,v 1.63 2017/02/09 00:50:15 taca Exp $
+# $NetBSD: Makefile,v 1.64 2017/02/20 15:19:54 fhajny Exp $
DISTNAME= bind-${BIND_VERSION}
PKGNAME= ${DISTNAME:S/-P/pl/}
+PKGREVISION= 1
CATEGORIES= net
MASTER_SITES= ftp://ftp.isc.org/isc/bind9/${BIND_VERSION}/
@@ -27,7 +28,7 @@
#CONFIG_SHELL= sh -x
CONFIGURE_ARGS+= --with-libtool
-CONFIGURE_ARGS+= --sysconfdir=/etc
+CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR}
CONFIGURE_ARGS+= --localstatedir=${VARBASE:Q}
CONFIGURE_ARGS+= --disable-openssl-version-check
CONFIGURE_ARGS+= --with-openssl=${SSLBASE:Q}
diff -r ecb6f7c6a14a -r a8ec5553d7eb net/bind99/files/smf/manifest.xml
--- a/net/bind99/files/smf/manifest.xml Mon Feb 20 15:03:50 2017 +0000
+++ b/net/bind99/files/smf/manifest.xml Mon Feb 20 15:19:54 2017 +0000
@@ -41,7 +41,6 @@
<dependency name='config-files' grouping='require_any' restart_on='refresh' type='path'>
<service_fmri value='file://localhost@PKG_SYSCONFDIR@/named.conf' />
</dependency>
- <exec_method type='method' name='stop' exec=':kill' timeout_seconds='60' />
<!--
In order to run multiple named(1M) processes with their own
configuration file or properties each must have a unique
@@ -50,22 +49,15 @@
<instance name='default' enabled='false'>
<exec_method type='method' name='start' exec='@PREFIX@/@SMF_METHOD_FILE.named@ %m %i' timeout_seconds='60'>
<method_context>
- <!--
- privileges: (see privileges(5) and /etc/security/priv_names)
- file_dac_read, file_dac_search:
- Necessary for reading the configuration file
- even it is restricted by the file permission.
- net_privaddr:
- Bind to a privileged port number.
- sys_resource:
- Permit the setting of resource limits (eg. stack
- size).
- proc_chroot:
- Permit use of chroot(2).
- -->
- <method_credential user='root' group='root' privileges='basic,!proc_session,!proc_info,!file_link_any,net_privaddr,file_dac_read,file_dac_search,sys_resource,proc_chroot' />
+ <method_credential user='root' group='root' />
</method_context>
</exec_method>
+ <exec_method type='method' name='stop' exec='@PREFIX@/@SMF_METHOD_FILE.named@ %m %i %{restarter/contract}' timeout_seconds='60'>
+ <method_context>
+ <method_credential user='root' group='root' />
+ </method_context>
+
+ </exec_method>
<!--
SIGHUP causes named to reread its configuration file, but not any
of the properties below.
@@ -126,6 +118,12 @@
Equivalent command line option '-t <pathname>'.
-->
<propval name='chroot_dir' type='astring' value='' />
+ <!--
+ user: Change the user id after processing command line
+ arguments, but before reading the configuration file.
+ Equivalent command line option '-u <user>'.
+ -->
+ <propval name='user' type='astring' value='named' />
</property_group>
</instance>
<template>
diff -r ecb6f7c6a14a -r a8ec5553d7eb net/bind99/files/smf/named.sh
--- a/net/bind99/files/smf/named.sh Mon Feb 20 15:03:50 2017 +0000
+++ b/net/bind99/files/smf/named.sh Mon Feb 20 15:19:54 2017 +0000
@@ -28,90 +28,232 @@
. /lib/svc/share/smf_include.sh
+mount_chroot ()
+{
+ c=$1
+ shift
+ for f in $*; do
+ if [ -z "${f}" -o ! -f "${f}" -o \
+ -z "${c}" -o ! -d "${c}" ]; then
+ exit ${SMF_EXIT_ERR_CONFIG}
+ fi
+
+ umount ${c}/${f} >/dev/null 2>&1
+ mkdir -p `dirname ${c}/${f}`
+ touch ${c}/${f}
+ mount -Flofs ${f} ${c}/${f}
+ done
+}
+
+umount_chroot ()
+{
+ c=$1
+ shift
+ for f in $*; do
+ umount ${c}/${f} >/dev/null 2>&1
+ done
+}
+
+get_config ()
+{
+ configuration_file=@PKG_SYSCONFDIR@/named.conf
+ rndc_config_file=@PKG_SYSCONFDIR@/rndc.conf
+ rndc_key_file=@PKG_SYSCONFDIR@/rndc.key
+ rndc_cmd_opts="-a"
+ libraries="/usr/pkg/lib/engines/libgost.so"
+ cmdopts=""
+ checkopts=""
+ properties="debug_level ip_interfaces listen_on_port
+ threads chroot_dir configuration_file server user"
+
+ for prop in $properties
+ do
+ value=`/usr/bin/svcprop -p options/${prop} ${SMF_FMRI}`
+ if [ -z "${value}" -o "${value}" = '""' ]; then
+ continue;
+ fi
+
+ case $prop in
+ 'debug_level')
+ if [ ${value} -gt 0 ]; then
+ cmdopts="${cmdopts} -d ${value}"
+ fi
+ ;;
+ 'ip_interfaces')
+ case ${value} in
+ 'IPv4')
+ cmdopts="${cmdopts} -4";;
+ 'IPv6')
+ cmdopts="${cmdopts} -6";;
+ 'all')
+ : # Default is all, therefore ignore.
+ ;;
+ *)
+ echo "$I: Unrecognised value in service instance property" >&2
+ echo "$I: options/${prop} : ${value}" >&2
+ ;;
+ esac
+ ;;
+ 'listen_on_port')
+ if [ ${value} -gt 0 ]; then
+ cmdopts="${cmdopts} -p ${value}"
+ fi
+ ;;
+ 'threads')
+ if [ ${value} -gt 0 ]; then
+ cmdopts="${cmdopts} -n ${value}"
+ fi
+ ;;
+ 'chroot_dir')
+ cmdopts="${cmdopts} -t ${value}"
+ checkopts="${checkopts} -t ${value}"
+ chroot_dir=${value};
+ ;;
+ 'configuration_file')
+ cmdopts="${cmdopts} -c ${value}"
+ checkopts="${checkopts} -t ${value}"
+ configuration_file=${value};
+ ;;
+ 'server')
+ set -- `echo ${value} | /usr/bin/sed -e 's/\\\\//g'`
+ server=$@
+ ;;
+ 'user')
+ cmdopts="${cmdopts} -u ${value}"
+ cmduser=${value};
+ ;;
+ esac
+ done
+
+ configuration_dir=$(sed -n -e 's,^[[:space:]]*directory.*"\(.*\)";,\1,p' \
+ ${configuration_file})
+ [ "${configuration_dir}" == "" ] && configuration_dir=@PKG_SYSCONFDIR@/namedb
+
+ configuration_files=$(sed -n -e \
+ "s,^[[:space:]]*file.*\"\(.*\)\";,${configuration_dir}/\1,p" \
+ ${configuration_file} | sort -u)
+ configuration_files="${configuration_files} ${configuration_file}"
+}
+
result=${SMF_EXIT_OK}
# Read command line arguments
method="$1" # %m
instance="$2" # %i
+contract="$3" # %{restarter/contract}
# Set defaults; SMF_FMRI should have been set, but just in case.
if [ -z "$SMF_FMRI" ]; then
SMF_FMRI="svc:/@SMF_PREFIX@/@SMF_NAME@:${instance}"
fi
server="@PREFIX@/sbin/named"
+checkconf="@PREFIX@/sbin/named-checkconf"
I=`/usr/bin/basename $0`
case "$method" in
'start')
- cmdopts=""
- properties="debug_level ip_interfaces listen_on_port
- threads chroot_dir configuration_file server"
+ get_config
+
+ # If chroot option is set, note zones(5) are preferred, then
+ # configuration file lives under chroot directory.
+ if [ "${chroot_dir}" != "" ]; then
+ if [ "${chroot_dir}" = "/" ]; then
+ msg="$I: chroot_dir must not be /"
+ echo ${msg} >&2
+ /usr/bin/logger -p daemon.error ${msg}
+ # dns-server should be placed in maintenance state.
+ exit ${SMF_EXIT_ERR_CONFIG}
+ fi
- for prop in $properties
- do
- value=`/usr/bin/svcprop -p options/${prop} ${SMF_FMRI}`
- if [ -z "${value}" -o "${value}" = '""' ]; then
- continue;
- fi
+ server="env LD_NOLAZYLOAD=1 ${server}"
+ checkconf="env LD_NOLAZYLOAD=1 ${checkconf}"
+
+ mkdir -p ${chroot_dir}
- case $prop in
- 'debug_level')
- if [ ${value} -gt 0 ]; then
- cmdopts="${cmdopts} -d ${value}"
+ if [ "${SMF_ZONENAME}" = "global" ]; then
+ for dev in crypto log null poll random urandom; do
+ rm -f ${chroot_dir}/dev/${dev}
Home |
Main Index |
Thread Index |
Old Index