-See /usr/share/doc/quilt/README.source
+Building from source
+--------------------
+Install "git-buildpackage" and run the following steps:
+
+ gbp clone https://salsa.debian.org/dns-team/pdns.git
+ cd pdns
+ gbp buildpackage
+
+We recommend you use sbuild to make sure you build in a clean environment.
+Example call:
+
+ gbp buildpackage --git-builder='sbuild -d unstable -j8'
+
+Changelog
+---------
+This package uses gbp dch for automatically generating debian/changelog entries
+from the corresponding git commits. This makes cherry-picking, merging, and
+rebasing much simpler.
+
+Thus, for any packaging change *do not* modify debian/changelog. Just write a
+meaningful git commit message with proper bug references (ex: "Closes: #12345"
+on the last line). For doing a release, run
+
+ gbp dch --auto --release
+
+then beautify the generated debian/changelog and commit it.
+
+Patch handling
+--------------
+This package uses gbp pq for maintaining patches with a git-like workflow in a
+"patch-queue/<branch>" local branch and then exporting them as quilt series.
+For working on patches you run
+
+ gbp pq import --force
+
+Then you are in the patch-queue branch and can git log, commit, cherry-pick
+upstream commits, rebase, etc. there. After you are done, run
+
+ gbp pq export
+
+which will put you back into master and update debian/patches/ (including
+series). You need to git add etc. new patches, possibly other
+packaging changes, and then git commit as usual.
+
+This package tends to have few patches, so all of them go into the default
+series.
+
+Synchronized packaging with upstream
+------------------------------------
+Upstream ships Debian and Ubuntu packages aligned with Debian's packaging
+at https://repo.powerdns.com/. Packaging sources for those can be found at
+https://github.com/PowerDNS/pdns/tree/master/builder-support/debian .
+
+While there are some minor differences, the general goal is to stay aligned.
+Recently, we have tried to align the used Lua versions too.
+
+--
+(This document is based off Debian's systemd README.source. Thank you!)
-# Bind backend configuration
-
+# See https://doc.powerdns.com/authoritative/backends/bind.html
launch+=bind
#################################
#
# bind-dnssec-db=
+#################################
+# bind-dnssec-db-journal-mode SQLite3 journal mode
+#
+# bind-dnssec-db-journal-mode=WAL
+
#################################
# bind-hybrid Store DNSSEC metadata in other backend
#
#################################
# bind-supermaster-destdir Destination directory for newly added slave zones
#
-# bind-supermaster-destdir=
+# bind-supermaster-destdir=/etc/powerdns
bind-supermaster-destdir=/var/lib/powerdns/zones.slave.d
#################################
-# geoip Configuration
-#
-# See for more information https://doc.powerdns.com/authoritative/backends/geoip.html
+# See https://doc.powerdns.com/authoritative/backends/geoip.html
+launch+=geoip
+
+#################################
+# geoip-database-files File(s) to load geoip data from ([driver:]path[;opt=value]
#
# geoip-database-files=
-# geoip-zones-file=
+
+#################################
+# geoip-dnssec-keydir Directory to hold dnssec keys (also turns DNSSEC on)
+#
# geoip-dnssec-keydir=
+
+#################################
+# geoip-zones-file YAML file to load zone(s) configuration
+#
+# geoip-zones-file=
--- /dev/null
+# See https://doc.powerdns.com/authoritative/backends/generic-mysql.html
+launch+=gmysql
+
+#################################
+# gmysql-dbname Database name to connect to
+#
+# gmysql-dbname=powerdns
+gmysql-dbname=_DBNAME_
+
+#################################
+# gmysql-dnssec Enable DNSSEC processing
+#
+# gmysql-dnssec=no
+gmysql-dnssec=yes
+
+#################################
+# gmysql-group Database backend MySQL 'group' to connect as
+#
+# gmysql-group=client
+
+#################################
+# gmysql-host Database backend host to connect to
+#
+# gmysql-host=
+gmysql-host=_DBSERVER_
+
+#################################
+# gmysql-innodb-read-committed Use InnoDB READ-COMMITTED transaction isolation level
+#
+# gmysql-innodb-read-committed=yes
+
+#################################
+# gmysql-password Database backend password to connect with
+#
+# gmysql-password=
+gmysql-password=_DBPASS_
+
+#################################
+# gmysql-port Database backend port to connect to
+#
+# gmysql-port=3306
+gmysql-port=_DBPORT_
+
+#################################
+# gmysql-socket Database backend socket to connect to
+#
+# gmysql-socket=
+
+#################################
+# gmysql-ssl Send the SSL capability flag to the server
+#
+# gmysql-ssl=no
+
+#################################
+# gmysql-thread-cleanup Explicitly call mysql_thread_end() when threads end
+#
+# gmysql-thread-cleanup=no
+
+#################################
+# gmysql-timeout The timeout in seconds for each attempt to read/write to the server
+#
+# gmysql-timeout=10
+
+#################################
+# gmysql-user Database backend user to connect as
+#
+# gmysql-user=powerdns
+gmysql-user=_DBUSER_
-# godbc Configuration
-#
-# Uncomment to launch the godbc backend
-#launch+=godbc
+# See https://doc.powerdns.com/authoritative/backends/generic-odbc.html
+launch+=godbc
#################################
-# godbc-datasource Datasource (DSN) to use
+# godbc-datasource Datasource (DSN) to use
#
# godbc-datasource=PowerDNS
#################################
-# godbc-username User to connect as
+# godbc-dnssec Enable DNSSEC processing
#
-# godbc-username=powerdns
+# godbc-dnssec=no
#################################
-# godbc-password Password to connect with
+# godbc-password Password to connect with
#
# godbc-password=
+
+#################################
+# godbc-username User to connect as
+#
+# godbc-username=powerdns
--- /dev/null
+# See https://doc.powerdns.com/authoritative/backends/generic-postgresql.html
+launch+=gpgsql
+
+#################################
+# gpgsql-dbname Backend database name to connect to
+#
+# gpgsql-dbname=
+gpgsql-dbname=_DBNAME_
+
+#################################
+# gpgsql-dnssec Enable DNSSEC processing
+#
+# gpgsql-dnssec=no
+gpgsql-dnssec=yes
+
+#################################
+# gpgsql-extra-connection-parameters Extra parameters to add to connection string
+#
+# gpgsql-extra-connection-parameters=
+
+#################################
+# gpgsql-host Database backend host to connect to
+#
+# gpgsql-host=
+gpgsql-host=_DBSERVER_
+
+#################################
+# gpgsql-password Database backend password to connect with
+#
+# gpgsql-password=
+gpgsql-password=_DBPASS_
+
+#################################
+# gpgsql-port Database backend port to connect to
+#
+# gpgsql-port=
+gpgsql-port=_DBPORT_
+
+#################################
+# gpgsql-prepared-statements Use prepared statements instead of parameterized queries
+#
+# gpgsql-prepared-statements=yes
+
+#################################
+# gpgsql-user Database backend user to connect as
+#
+# gpgsql-user=
+gpgsql-user=_DBUSER_
--- /dev/null
+# See https://doc.powerdns.com/authoritative/backends/generic-sqlite3.html
+launch+=gsqlite3
+
+#################################
+# gsqlite3-database Filename of the SQLite3 database
+#
+# gsqlite3-database=powerdns.sqlite
+gsqlite3-database=/var/lib/powerdns/pdns.sqlite3
+
+#################################
+# gsqlite3-dnssec Enable DNSSEC processing
+#
+# gsqlite3-dnssec=no
+gsqlite3-dnssec=on
+
+#################################
+# gsqlite3-pragma-foreign-keys Enable foreign key constraints
+#
+# gsqlite3-pragma-foreign-keys=no
+
+#################################
+# gsqlite3-pragma-journal-mode SQLite3 journal mode
+#
+# gsqlite3-pragma-journal-mode=WAL
--- /dev/null
+# ixfrdist example configuration file.
+# Please see man 5 ixfrdist.yml for details.
+
+# The directory where the domain data is stored. When unset, the current
+# working directory is used. Note that this directory must be writable for the
+# user or group ixfrdist runs as.
+#
+work-dir: '/var/lib/ixfrdist'
+
+# User to drop privileges to once all listen-sockets are bound. May be either
+# a username or numerical ID.
+#
+uid: _ixfrdist
+
+# Group to drop privileges to once all listen-sockets are bound. May be either
+# a username or numerical ID.
+#
+gid: _ixfrdist
+
+# Listen addresses. ixfrdist will listen on both UDP and TCP.
+# When no port is specified, 53 is used. When specifying ports for IPv6, use the
+# "bracket" notation:
+#
+# listen:
+# - '127.0.0.1'
+# - '::1'
+# - '192.0.2.3:5300'
+# - '[2001:DB8:1234::334]:5353'
+#
+# By default, ixfrdist listens on local loopback addresses.
+#
+#listen:
+# - '127.0.0.1'
+# - '::1'
+
+# Netmasks or IP addresses of hosts that are allowed to query ixfrdist. Hosts
+# do not need a netmask:
+#
+# acl:
+# - '127.0.0.0/8'
+# - '::1'
+# - '192.0.2.55'
+# - '2001:DB8:ABCD::/48'
+#
+# By default, only loopback addresses are allowed.
+#
+#acl:
+# - '127.0.0.0/8'
+# - '::1'
+
+# Maximum number of records allowed in a single zone. ixfrdist will abort the
+# zone transfer from the master when more than this number of records have been
+# received. A value of 0 means unlimited
+#
+#axfr-max-records: 0
+
+# Timeout in seconds an AXFR transaction requested by ixfrdist may take.
+# Increase this when the network to the authoritative servers is slow or the
+# domains are very large and you experience timeouts.
+#
+#axfr-timeout: 20
+
+# Time in seconds between retries of the SOA query for a zone we have never
+# transferred.
+#
+#failed-soa-retry: 30
+
+# Whether record compression should be enabled, leading to smaller answers
+# at the cost of an increased CPU and memory usage.
+#
+#compress: false
+
+# Amount of older copies/IXFR diffs to keep for every domain.
+#
+#keep: 20
+
+# Number of threads to spawn for TCP connections (AXFRs) from downstream hosts.
+#
+#tcp-in-threads: 10
+
+# The IP address and port where the webserver should listen. Default disabled.
+#
+#webserver-address: 127.0.0.1:8088
+
+# The IP address(masks) that allowed to access the webserver. When not set,
+# it defaults to 127.0.0.0/8, ::1/128
+#
+#webserver-acl:
+# - 127.0.0.0/8
+# - ::1/128
+
+# The domains to redistribute, the 'master' and 'domains' keys are mandatory.
+# When no port is specified, 53 is used. When specifying ports for IPv6, use the
+# "bracket" notation:
+#
+# domains:
+# - domain: example.com
+# master: 192.0.2.15
+# - domain: rpz.example
+# master: [2001:DB8:a34:543::53]:5353
+#
+domains: []
-# LDAP Configuration
+# See https://doc.powerdns.com/authoritative/backends/ldap.html
+launch+=ldap
+
+#################################
+# ldap-basedn Search root in ldap tree (must be set)
#
-# ldap-host=
-# ldap-method=
# ldap-basedn=
+
+#################################
+# ldap-basedn-axfr-override Override base dn for AXFR subtree search
+#
+# ldap-basedn-axfr-override=no
+
+#################################
+# ldap-binddn User dn for non anonymous binds
+#
# ldap-binddn=
+
+#################################
+# ldap-bindmethod Bind method to use (simple or gssapi)
+#
+# ldap-bindmethod=simple
+
+#################################
+# ldap-disable-ptrrecord Deprecated, use ldap-method=strict instead
+#
+# ldap-disable-ptrrecord=no
+
+#################################
+# ldap-filter-axfr LDAP filter for limiting AXFR results
+#
+# ldap-filter-axfr=(:target:)
+
+#################################
+# ldap-filter-lookup LDAP filter for limiting IP or name lookups
+#
+# ldap-filter-lookup=(:target:)
+
+#################################
+# ldap-host One or more LDAP server with ports or LDAP URIs (separated by spaces)
+#
+# ldap-host=ldap://127.0.0.1:389/
+
+#################################
+# ldap-krb5-ccache The credentials cache used for GSSAPI authentication
+#
+# ldap-krb5-ccache=
+
+#################################
+# ldap-krb5-keytab The keytab to use for GSSAPI authentication
+#
+# ldap-krb5-keytab=
+
+#################################
+# ldap-method How to search entries (simple, strict or tree)
+#
+# ldap-method=simple
+
+#################################
+# ldap-reconnect-attempts Number of attempts to re-establish a lost LDAP connection
+#
+# ldap-reconnect-attempts=5
+
+#################################
+# ldap-secret User password for non anonymous binds
+#
# ldap-secret=
+
+#################################
+# ldap-starttls Use TLS to encrypt connection (unused for LDAP URIs)
+#
+# ldap-starttls=no
+
+#################################
+# ldap-timeout Seconds before connecting to server fails
+#
+# ldap-timeout=5
--- /dev/null
+# See https://docs.powerdns.com/authoritative/backends/lmdb.html
+launch+=lmdb
+
+#################################
+# lmdb-filename Filename for lmdb
+#
+lmdb-filename=/var/lib/powerdns/pdns.lmdb
+
+#################################
+# lmdb-schema-version Maximum allowed schema version to run on this DB. If a lower version is found, auto update is performed
+#
+# lmdb-schema-version=3
+
+#################################
+# lmdb-shards Records database will be split into this number of shards
+#
+# lmdb-shards=64 # default is arch-specific
+
+#################################
+# lmdb-sync-mode Synchronisation mode: nosync, nometasync, mapasync, sync
+#
+# lmdb-sync-mode=mapasync
--- /dev/null
+# See https://docs.powerdns.com/authoritative/backends/lua2.html
+launch+=lua2
+
+#################################
+# lua2-api Lua backend API version
+#
+# lua2-api=2
+
+#################################
+# lua2-filename Filename of the script for lua backend
+#
+# lua2-filename=powerdns-luabackend.lua
+++ /dev/null
-# MySQL Configuration
-#
-# Launch gmysql backend
-launch+=gmysql
-
-# gmysql parameters
-gmysql-host=_DBC_DBSERVER_
-gmysql-port=_DBC_DBPORT_
-gmysql-dbname=_DBC_DBNAME_
-gmysql-user=_DBC_DBUSER_
-gmysql-password=_DBC_DBPASS_
-gmysql-dnssec=yes
-# gmysql-socket=
+++ /dev/null
-# PostgreSQL Configuration
-#
-# Launch gpgsql backend
-launch+=gpgsql
-
-# gpgsql parameters
-gpgsql-host=_DBC_DBSERVER_
-gpgsql-port=_DBC_DBPORT_
-gpgsql-dbname=_DBC_DBNAME_
-gpgsql-user=_DBC_DBUSER_
-gpgsql-password=_DBC_DBPASS_
-gpgsql-dnssec=yes
+++ /dev/null
-# Configuration for gsqlite
-#
-# Launch gsqlite3
-launch+=gsqlite3
-
-# Database location
-gsqlite3-database=/var/lib/powerdns/pdns.sqlite3
-gsqlite3-dnssec=on
+++ /dev/null
-#launch+=lua2
-
-## lua2-api Lua backend API version
-#lua2-api=2
-
-## lua2-filename Filename of the script for lua backend
-#lua2-filename=powerdns-luabackend.lua
-
-## lua2-query-logging Logging of the Lua2 Backend
-#lua2-query-logging=no
-# Configuration for pipe backend
+# See https://doc.powerdns.com/authoritative/backends/pipe.html
+launch+=pipe
+
+#################################
+# pipe-abi-version Version of the pipe backend ABI
+#
+# pipe-abi-version=1
+
+#################################
+# pipe-command Command to execute for piping questions to
#
# pipe-command=
-# pipe-timeout=
+
+#################################
+# pipe-regex Regular expression of queries to pass to coprocess
+#
# pipe-regex=
+#################################
+# pipe-timeout Number of milliseconds to wait for an answer
+#
+# pipe-timeout=2000
-# Config file for the TinyDNS backend
-# Specifies the name of the data file to use.
-# tinydns-dbfile=data.cdb
+# See https://doc.powerdns.com/authoritative/backends/tinydns.html
+launch+=tinydns
-# Adjusts the TAI value if timestamps are used. These seconds will be added to
-# the start point (1970) and will allow you to adjust for leap seconds. The
-# current default is 11. The last update was on june 30th 2012.
-# tinydns-tai-adjust=11
-#
-# Notify all the slave nameservers on startup. This might cause broadcast storms.
-# tinydns-notify-on-startup=no
+#################################
+# tinydns-dbfile Location of the cdb data file
+#
+# tinydns-dbfile=data.cdb
-# The tinydns-data program can create data.cdb files that have bad/corrupt
-# RDATA. PowerDNS will crash when it tries to read that bad/corrupt data. This
-# option (change to yes), allows you to ignore that bad RDATA to make PowerDNS
-# operate when bad data is in your CDB file. Be aware that the records are then
-# ignored, where tinydns would still send out the bogus data. The option is
-# primarily useful in master mode, as that reads all the packets in the zone to
-# find all the SOA records.
+#################################
+# tinydns-ignore-bogus-records The data.cdb file might have some incorrect record data, this causes PowerDNS to fail, where tinydns would send out truncated data. This option makes powerdns ignore that data!
+#
# tinydns-ignore-bogus-records=no
+#################################
+# tinydns-locations Enable or Disable location support in the backend. Changing the value to 'no' will make the backend ignore the locations. This then returns all records!
+#
+# tinydns-locations=yes
-# Enable or Disable location support in the backend. Changing the value to 'no'
-# will make the backend ignore the locations. This then returns all records.
-# When the setting is changed to 'no' an AXFR will also return all the records.
-# With the setting on 'yes' an AXFR will only return records without a location.
-# tinydns-locations=no
+#################################
+# tinydns-notify-on-startup Tell the TinyDNSBackend to notify all the slave nameservers on startup. Default is no.
+#
+# tinydns-notify-on-startup=no
+
+#################################
+# tinydns-tai-adjust This adjusts the TAI value if timestamps are used. These seconds will be added to the start point (1970) and will allow you to adjust for leap seconds. The default is 11.
+#
+# tinydns-tai-adjust=11
Source: pdns
Section: net
-Priority: extra
-Standards-Version: 4.1.1
Maintainer: PowerDNS Autobuilder <powerdns.support@powerdns.com>
-Origin: PowerDNS
-Build-Depends: autoconf,
- automake,
- autotools-dev,
- bison,
+Priority: optional
+Standards-Version: 4.5.1
+Build-Depends: bison,
curl,
- debhelper (>= 10),
+ debhelper-compat (= 10),
default-libmysqlclient-dev,
- dh-autoreconf,
- dh-systemd,
+ dnsutils,
flex,
- libboost-dev,
- libboost-program-options-dev,
- libboost-serialization-dev,
- libboost-test-dev,
+ libboost-all-dev,
libcdb-dev,
libcurl4-openssl-dev,
libgeoip-dev,
libkrb5-dev,
libldap2-dev,
liblmdb-dev,
- libluajit-5.1-dev [!arm64 !s390x],
- liblua5.3-dev [arm64 s390x],
+ libluajit-5.1-dev (>= 2.1.0~beta3+dfsg-5.3) [amd64 arm64] | libluajit-5.1-dev [amd64] | liblua5.3-dev,
libmaxminddb-dev,
- libp11-kit-dev,
libpq-dev,
+ libprotobuf-dev,
libsodium-dev,
libsqlite3-dev,
libssl-dev,
libsystemd-dev [linux-any],
- libtool,
libyaml-cpp-dev (>= 0.5),
pkg-config,
po-debconf,
+ protobuf-compiler,
ragel,
systemd [linux-any],
unixodbc-dev (>= 2.3.1)
Homepage: https://www.powerdns.com/
+Rules-Requires-Root: no
Package: pdns-server
Architecture: any
Architecture: any
Depends: ${misc:Depends},
${shlibs:Depends}
-Replaces: pdns-server (<< 3.4.6-2)
-Breaks: pdns-server (<< 3.4.6-2)
Description: Tools for DNS debugging by PowerDNS
PowerDNS is a versatile nameserver which supports a large number
of different backends ranging from simple zonefiles to relational
Package: pdns-ixfrdist
Architecture: any
-Depends: ${misc:Depends},
+Pre-Depends: ${misc:Pre-Depends}
+Depends: adduser,
+ ${misc:Depends},
${shlibs:Depends}
-Description: Redistribute zones via AXFR and IXFR
- PowerDNS is a versatile nameserver which supports a large number
- of different backends ranging from simple zonefiles to relational
- databases and load balancing/failover algorithms.
- PowerDNS tries to emphasize speed and security.
- .
- This package contains the ixfrdist tool that can redistribute multiple versions
- of zones over AXFR and IXFR. This tool does not require any part of the
- PowerDNS server components to work.
+Description: Redistribute DNS zones over AXFR/IXFR
+ Transfers zones from an authoritative DNS server and serves them
+ over AXFR and IXFR, caching multiple versions as needed on disk.
+ This tool does not require any part of the PowerDNS server
+ components to work.
Package: pdns-backend-bind
Architecture: any
${misc:Depends},
${shlibs:Depends}
Provides: pdns-backend
-Replaces: pdns-server (<< 4.0.0-2~)
-Breaks: pdns-server (<< 4.0.0-2~)
Description: BIND backend for PowerDNS
PowerDNS is a versatile nameserver which supports a large number
of different backends ranging from simple zonefiles to relational
databases and load balancing/failover algorithms.
PowerDNS tries to emphasize speed and security.
.
- This package contains an LDAP backend for the PowerDNS nameserver.
+ This package contains the LDAP backend for the PowerDNS nameserver.
-Package: pdns-backend-geoip
+Package: pdns-backend-lmdb
Architecture: any
Depends: pdns-server (= ${binary:Version}),
${misc:Depends},
${shlibs:Depends}
Provides: pdns-backend
-Description: geoip backend for PowerDNS
+Description: LMDB backend for PowerDNS
PowerDNS is a versatile nameserver which supports a large number
of different backends ranging from simple zonefiles to relational
databases and load balancing/failover algorithms.
PowerDNS tries to emphasize speed and security.
.
- This package contains a geoip-backend for the PowerDNS nameserver. This
- backend balances the load throughout the world so that people access the
- geographically nearest available server based on a zonefile written in
- YAML.
+ This package contains the LMDB backend for the PowerDNS nameserver.
-Package: pdns-backend-mysql
+Package: pdns-backend-lua2
Architecture: any
Depends: pdns-server (= ${binary:Version}),
${misc:Depends},
${shlibs:Depends}
-Suggests: default-mysql-server
Provides: pdns-backend
-Description: generic MySQL backend for PowerDNS
+Description: Lua2 backend for PowerDNS
PowerDNS is a versatile nameserver which supports a large number
of different backends ranging from simple zonefiles to relational
databases and load balancing/failover algorithms.
PowerDNS tries to emphasize speed and security.
.
- This package contains a generic MySQL backend for the PowerDNS
- nameserver. It has configurable SQL statements.
+ This package contains the Lua2 backend for the PowerDNS nameserver.
-Package: pdns-backend-odbc
+Package: pdns-backend-geoip
Architecture: any
-Depends: pdns-server (>= ${source:Version}),
+Depends: pdns-server (= ${binary:Version}),
${misc:Depends},
${shlibs:Depends}
Provides: pdns-backend
-Description: generic UnixODBC backend for PowerDNS
+Description: GeoIP backend for PowerDNS
PowerDNS is a versatile nameserver which supports a large number
of different backends ranging from simple zonefiles to relational
databases and load balancing/failover algorithms.
PowerDNS tries to emphasize speed and security.
.
- This package contains a generic UnixODBC backend for the PowerDNS
- nameserver. It has configurable SQL statements.
+ This package contains the GeoIP backend for the PowerDNS nameserver. This
+ backend balances the load throughout the world so that people access the
+ geographically nearest available server based on a zonefile written in
+ YAML.
-Package: pdns-backend-pgsql
+Package: pdns-backend-mysql
Architecture: any
Depends: pdns-server (= ${binary:Version}),
${misc:Depends},
${shlibs:Depends}
-Suggests: postgresql
+Suggests: default-mysql-server
Provides: pdns-backend
-Description: generic PostgreSQL backend for PowerDNS
+Description: MySQL backend for PowerDNS
PowerDNS is a versatile nameserver which supports a large number
of different backends ranging from simple zonefiles to relational
databases and load balancing/failover algorithms.
PowerDNS tries to emphasize speed and security.
.
- This package contains a generic PostgreSQL backend for the PowerDNS
+ This package contains the MySQL backend for the PowerDNS
nameserver. It has configurable SQL statements.
-Package: pdns-backend-sqlite3
+Package: pdns-backend-odbc
Architecture: any
-Depends: pdns-server (= ${binary:Version}),
+Depends: pdns-server (>= ${source:Version}),
${misc:Depends},
${shlibs:Depends}
Provides: pdns-backend
-Description: sqlite 3 backend for PowerDNS
+Description: UnixODBC backend for PowerDNS
PowerDNS is a versatile nameserver which supports a large number
of different backends ranging from simple zonefiles to relational
databases and load balancing/failover algorithms.
PowerDNS tries to emphasize speed and security.
.
- This package contains a generic SQLite 3 backend for PowerDNS.
+ This package contains a UnixODBC backend for the PowerDNS
+ nameserver. It has configurable SQL statements.
-Package: pdns-backend-lua2
+Package: pdns-backend-pgsql
Architecture: any
Depends: pdns-server (= ${binary:Version}),
${misc:Depends},
${shlibs:Depends}
+Suggests: postgresql
Provides: pdns-backend
-Description: Lua backend for PowerDNS
+Description: PostgreSQL backend for PowerDNS
PowerDNS is a versatile nameserver which supports a large number
of different backends ranging from simple zonefiles to relational
databases and load balancing/failover algorithms.
PowerDNS tries to emphasize speed and security.
.
- This package contains the Lua2 backend for PowerDNS.
+ This package contains the PostgreSQL backend for the PowerDNS
+ nameserver. It has configurable SQL statements.
-Package: pdns-backend-remote
+Package: pdns-backend-sqlite3
Architecture: any
Depends: pdns-server (= ${binary:Version}),
${misc:Depends},
${shlibs:Depends}
Provides: pdns-backend
-Description: remote backend for PowerDNS
+Description: sqlite 3 backend for PowerDNS
PowerDNS is a versatile nameserver which supports a large number
of different backends ranging from simple zonefiles to relational
databases and load balancing/failover algorithms.
PowerDNS tries to emphasize speed and security.
.
- This package contains the remote backend for PowerDNS. It is suitable
- for serving data acquired from an AF_UNIX, pipe, or HTTP connector.
+ This package contains the SQLite 3 backend for the PowerDNS
+ nameserver.
-Package: pdns-backend-tinydns
+Package: pdns-backend-remote
Architecture: any
Depends: pdns-server (= ${binary:Version}),
${misc:Depends},
${shlibs:Depends}
Provides: pdns-backend
-Description: tinydns compatibility backend for PowerDNS
+Description: remote backend for PowerDNS
PowerDNS is a versatile nameserver which supports a large number
of different backends ranging from simple zonefiles to relational
databases and load balancing/failover algorithms.
PowerDNS tries to emphasize speed and security.
.
- This package contains the tinydns compatibility backend for PowerDNS.
+ This package contains the remote backend for PowerDNS. It is suitable
+ for serving data acquired from an AF_UNIX, pipe, or HTTP connector.
-Package: pdns-backend-lmdb
+Package: pdns-backend-tinydns
Architecture: any
Depends: pdns-server (= ${binary:Version}),
${misc:Depends},
${shlibs:Depends}
Provides: pdns-backend
-Description: LMDB backend for PowerDNS
+Description: tinydns compatibility backend for PowerDNS
PowerDNS is a versatile nameserver which supports a large number
of different backends ranging from simple zonefiles to relational
databases and load balancing/failover algorithms.
PowerDNS tries to emphasize speed and security.
.
- This package contains the LMDB backend for PowerDNS.
+ This package contains the tinydns compatibility backend for the PowerDNS
+ nameserver.
Source: https://www.powerdns.com/downloads.html
Files: *
-Copyright: 2002 - 2021 PowerDNS.COM BV and contributors
+Copyright: 2002 - 2020 PowerDNS.COM BV and contributors
License: GPL-2 with OpenSSL Exception
-Comment: Sometimes, Netherlabs BV is credited, which is a precursor
- to todays PowerDNS.COM BV.
Files: m4/ax_cxx_compile_stdcxx_11.m4
Copyright: 2008 Benjamin Kosnik <bkoz@redhat.com>
Files: m4/boost.m4
Copyright: 2007-2011, 2014 Benoit Sigoure <tsuna@lrde.epita.fr>
-License: GPL-3 or Autoconf
+License: GPL-3-Autoconf
+
+Files: m4/libcurl.m4
+Copyright: 2006 David Shaw <dshaw@jabberwocky.com>
+License: curl
Files: m4/libtool.m4 m4/lt*.m4
Copyright: 1996-2011 Free Software Foundation, Inc.
2016 Pieter Lexis <pieter.lexis@powerdns.com>
License: GPL-2+
+Files: m4/tm-gmtoff.m4
+Copyright: 2002 Jim Seymour
+License: GPL-2+
+
Files: m4/warnings.m4
Copyright: 2008-2015 Free Software Foundation, Inc.
License: free-fsf
Copyright: 2002 - 2004 Wichert Akkermann <wichert@wiggy.net>
2004 - 2013 Matthijs Möhlmann <matthijs@cacholong.nl>
2012 - 2013 Marc Haber <mh+debian-packages@zugschlus.de>
- 2014 - 2015 Chris Hofstaedtler <zeha@debian.org>
+ 2014 - 2015 Christian Hofstaedtler <zeha@debian.org>
License: GPL-2
Files: modules/gsqlite3backend/*
Copyright: 2003-2007 Norbert Sendetzky <norbert@linuxnetworks.de>
License: GPL-2 with OpenSSL Exception
-Files: ext/yahttp/*
-Copyright: 2014 Aki Tuomi
-License: Expat
+Files: ext/incbin/*
+Copyright: 2015-2020 Dale Weiler
+License: Unlicense
+
+Files: ext/ipcrypt/*
+Copyright: 2015-2018, Frank Denis <j@pureftpd.org>
+License: ISC
Files: ext/json11/*
Copyright: 2013 Dropbox, Inc.
License: Expat
+Files: ext/lmdb-safe/*
+Copyright: 2018 bert hubert <bert.hubert@powerdns.com>
+License: Expat
+
Files: ext/luawrapper/*
Copyright: 2013, Pierre KRIEGER
License: BSD-3
+Files: ext/yahttp/*
+Copyright: 2014 Aki Tuomi
+License: Expat
+
Files: pdns/effective_tld_names.dat
-Copyright: 2007–11 Mozilla Foundation
+Copyright: 2007–2020 Mozilla Foundation
License: MPL-2.0
License: MPL-2.0
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
+License: ISC
+ Permission to use, copy, modify, and/or distribute this software for any
+ purpose with or without fee is hereby granted, provided that the above
+ copyright notice and this permission notice appear in all copies.
+ .
+ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
License: GPL-2
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
License version 2 can be found in the file
`/usr/share/common-licenses/GPL-2'.
-License: GPL-3 or Autoconf
+License: GPL-3-Autoconf
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
License version 2.1 can be found in the file
`/usr/share/common-licenses/LGPL-2.1'.
+License: curl
+ All rights reserved.
+ .
+ Permission to use, copy, modify, and distribute this software for any purpose
+ with or without fee is hereby granted, provided that the above copyright
+ notice and this permission notice appear in all copies.
+ .
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. IN
+ NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
+ DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
+ OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE
+ OR OTHER DEALINGS IN THE SOFTWARE.
+ .
+ Except as contained in this notice, the name of a copyright holder shall not
+ be used in advertising or otherwise to promote the sale, use or other dealings
+ in this Software without prior written authorization of the copyright holder.
+
License: free-fsf
This file is free software; the Free Software Foundation gives
unlimited permission to copy and/or distribute it, with or without
permitted in any medium without royalty provided the copyright notice
and this notice are preserved. This file is offered as-is, without any
warranty.
+
+License: Unlicense
+ This is free and unencumbered software released into the public domain.
+ .
+ Anyone is free to copy, modify, publish, use, compile, sell, or
+ distribute this software, either in source code form or as a compiled
+ binary, for any purpose, commercial or non-commercial, and by any
+ means.
+ .
+ In jurisdictions that recognize copyright laws, the author or authors
+ of this software dedicate any and all copyright interest in the
+ software to the public domain. We make this dedication for the benefit
+ of the public at large and to the detriment of our heirs and
+ successors. We intend this dedication to be an overt act of
+ relinquishment in perpetuity of all present and future rights to this
+ software under copyright law.
+ .
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ OTHER DEALINGS IN THE SOFTWARE.
+ .
+ For more information, please refer to <http://unlicense.org/>
+++ /dev/null
-pdns/bind-dnssec.4.2.0_to_4.3.0_schema.sqlite3.sql
-pdns/bind-dnssec.schema.sqlite3.sql
debian/config/bind.conf etc/powerdns/pdns.d/
debian/config/named.conf etc/powerdns/
+pdns/bind-dnssec*sql usr/share/pdns-backend-bind/schema
usr/lib/*/pdns/libbindbackend.so*
#!/bin/sh
set -e
-fix_bind_conf() {
- cp /etc/powerdns/pdns.d/bind.conf /etc/powerdns/pdns.d/bind.conf.dpkg-bak
- echo "Moving /etc/powerdns/pdns.d/${1} to /etc/powerdns/pdns.d/bind.conf"
- mv -f /etc/powerdns/pdns.d/${1} /etc/powerdns/pdns.d/bind.conf
-
- # Update all references from /etc/powerdns/bindbackend.conf to /etc/powerdns/named.conf
- # as we're moving that file.
- sed -i 's,/etc/powerdns/bindbackend.conf\(\s*\|$\),/etc/powerdns/named.conf\1,' /etc/powerdns/pdns.d/bind.conf
-}
-
case "$1" in
configure)
chown pdns:pdns /var/lib/powerdns/zones.slave.d || :
touch $SUPERMASTERCONF
chown pdns:pdns $SUPERMASTERCONF
fi
-
- # Older versions had the BIND backend configured in other files.
- # If these files were not removed by the pdns-server package postinst,
- # that means they were changed by user. Move them into the right places
- # so the BIND backend keeps working on an upgrade.
- if [ -z "$2" ]; then
- # This is a new install. It is possible that it is _part_ of an upgrade from
- # an installation that did not have the pdns-backend-bind package but the
- # bind backend in the pdns-server package. Let's do the needful and move
- # files to keep the bind bindbackend functional.
- if [ -e "/etc/powerdns/pdns.d/pdns.simplebind.conf.dpkg-bak" ]; then
- # This file was modified by the user, and moved by the installation of pdns-server
- cp /etc/powerdns/pdns.d/pdns.simplebind.conf.dpkg-bak /etc/powerdns/pdns.d/pdns.simplebind.conf.dpkg-bak2
- fix_bind_conf pdns.simplebind.conf.dpkg-bak
- fi
-
- if [ -e "/etc/powerdns/pdns.d/pdns.simplebind.conf" ]; then
- # The previous package was one from repo.powerdns.com that did not put
- # this file under ufc control
- cp /etc/powerdns/pdns.d/pdns.simplebind.conf /etc/powerdns/pdns.d/pdns.simplebind.conf.dpkg-bak2
- fix_bind_conf pdns.simplebind.conf
- fi
-
- # Now let's move this out of the way
- if [ -e "/etc/powerdns/bindbackend.conf" ]; then
- # This file was modified by the user (if not, it was removed by the installation
- # of pdns-server), so make sure this file is not lost
- cp /etc/powerdns/bindbackend.conf /etc/powerdns/bindbackend.conf.dpkg-bak
- cp /etc/powerdns/named.conf /etc/powerdns/named.conf.dpkg-bak
- echo "Moving /etc/powerdns/bindbackend.conf to /etc/powerdns/named.conf"
- mv -f /etc/powerdns/bindbackend.conf /etc/powerdns/named.conf
- fi
- fi
;;
abort-upgrade|abort-remove|abort-deconfigure)
-modules/ldapbackend/dnsdomain2.schema etc/ldap/schema/
usr/bin/zone2ldap usr/bin/
usr/lib/*/pdns/libldapbackend.so*
+usr/share/doc/pdns/dnsdomain2.schema etc/ldap/schema/
+usr/share/doc/pdns/pdns-domaininfo.schema etc/ldap/schema/
--- /dev/null
+var/lib/powerdns
+debian/config/lmdb.conf etc/powerdns/pdns.d/
usr/lib/*/pdns/liblmdbbackend.so*
#!/bin/sh
set -e
+case "$1" in
+ configure)
+ # default path for database files.
+ chown pdns:pdns /var/lib/powerdns || :
+ ;;
+esac
+
dpkg-trigger pdns-server
#DEBHELPER#
-debian/config/pdns.local.lua2.conf
+debian/config/lua2.conf
#!/bin/sh
-#
-# postinst script for pdns-backend-lua2
-
set -e
-if [ -n "$PDNSDEBUG" ]; then
- echo "now debugging $0 $@"
- set -x
-fi
-
-# Activate trigger
dpkg-trigger pdns-server
-# dh_installdeb will replace this with shell code automatically
-# generated by other debhelper scripts.
-
#DEBHELPER#
exit 0
-
+++ /dev/null
-#!/bin/sh
-#
-# Add call to init script to actually stop pdns.
-
-set -e
-
-if [ -x "/etc/init.d/pdns" ]; then
- invoke-rc.d pdns stop || exit $?
-fi
-
-#DEBHELPER#
-
-exit 0
-
--- /dev/null
+pdns (4.1.3-4) unstable; urgency=medium
+
+ The gmysql, gpgsql, gsqlite3 backend packages no longer provide automatic
+ database configuration using dbconfig-common. You can continue to use
+ previously created databases, but they will not receive any automatic
+ schema updates. For new installations, please see the README.Debian
+ files on how to initialize the schema.
+
+ -- Christian Hofstaedtler <zeha@debian.org> Tue, 31 Jul 2018 11:00:00 +0800
--- /dev/null
+Instructions on setting up MySQL as a backend for PowerDNS
+----------------------------------------------------------
+
+You should create a database yourself and install the schema into
+it. On upgrades you should also upgrade the schema.
+You can find the upstream recommended schema here:
+
+ /usr/share/pdns-backend-mysql/schema
+
+Just create a database (for example, named pdns) and then feed these
+SQL commands to MySQL to get the default schema:
+
+ mysql -u root -p <database> < \
+ /usr/share/pdns-backend-mysql/schema/schema.mysql.sql
+
+Then add your data to the database. An example configuration for
+PowerDNS is provided in /usr/share/doc/pdns-backend-mysql/examples/.
+
+It is probably a good idea to protect your configuration file, as
+it will contain your database password:
+
+ chmod 0640 /etc/powerdns/pdns.d/gmysql.conf
+ chgrp pdns /etc/powerdns/pdns.d/gmysql.conf
+
+Note: in previous versions, the Debian packages used
+dbconfig-common, and you can continue to use dbconfig
+created databases, but you will have to upgrade the schema
+manually.
+++ /dev/null
-modules/gmysqlbackend/3.4.0_to_4.1.0_schema.mysql.sql
-modules/gmysqlbackend/4.1.0_to_4.2.0_schema.mysql.sql
-modules/gmysqlbackend/4.2.0_to_4.3.0_schema.mysql.sql
-modules/gmysqlbackend/dnssec-3.x_to_3.4.0_schema.mysql.sql
-modules/gmysqlbackend/enable-foreign-keys.mysql.sql
-modules/gmysqlbackend/nodnssec-3.x_to_3.4.0_schema.mysql.sql
-modules/gmysqlbackend/schema.mysql.sql
--- /dev/null
+debian/config/gmysql.conf
-debian/config/pdns.local.gmysql.conf usr/share/pdns-backend-mysql
usr/lib/*/pdns/libgmysqlbackend.so*
+usr/share/doc/pdns/*.mysql.sql usr/share/pdns-backend-mysql/schema
--- /dev/null
+usr/share/pdns-backend-mysql/schema/schema.mysql.sql usr/share/doc/pdns-backend-mysql/schema.mysql.sql
--- /dev/null
+# ucf presence is checked.
+pdns-backend-mysql: maintainer-script-needs-depends-on-ucf postinst
set -x
fi
-purge_ucf_registry() {
- pkgname="$1"
- # Remove files previously registered with ucf (but keep the files).
- # Newer versions no longer use ucf to manage conffiles.
- # We stopped depending on ucf, so avoid calling ucf when it is not present.
- if command -v ucfq >/dev/null; then
- for file in $(ucfq --with-colons "$pkgname" | cut --delimiter=: --fields=1); do
- ucf --purge ${file}
- ucfr --purge $pkgname ${file}
- done
- fi
-}
+PKGNAME="pdns-backend-mysql"
-purge_ucf_registry "pdns-backend-mysql"
-# cleanup from versions before 4.0.0~beta1:
-purge_ucf_registry "pdns-backend-gmysql"
+# Remove files previously registered with ucf (but keep the files).
+# 4.1.3-4 and newer no longer install a (ucf) conffile.
+# We stopped depending on ucf, so avoid calling ucf when it is not present.
+if command -v ucfq >/dev/null; then
+ for file in $(ucfq --with-colons "$PKGNAME" | cut --delimiter=: --fields=1); do
+ ucf --purge ${file}
+ ucfr --purge $PKGNAME ${file}
+ done
+fi
dpkg-trigger pdns-server
-modules/godbcbackend/4.0.0_to_4.2.0_schema.mssql.sql
-modules/godbcbackend/4.2.0_to_4.3.0_schema.mssql.sql
modules/godbcbackend/schema.mssql.sql
usr/lib/*/pdns/libgodbcbackend.so*
+usr/share/doc/pdns/*.mssql.sql usr/share/pdns-backend-odbc/schema
--- /dev/null
+pdns (4.1.3-4) unstable; urgency=medium
+
+ The gmysql, gpgsql, gsqlite3 backend packages no longer provide automatic
+ database configuration using dbconfig-common. You can continue to use
+ previously created databases, but they will not receive any automatic
+ schema updates. For new installations, please see the README.Debian
+ files on how to initialize the schema.
+
+ -- Christian Hofstaedtler <zeha@debian.org> Tue, 31 Jul 2018 11:00:00 +0800
--- /dev/null
+Instructions on setting up PostgreSQL as a backend for PowerDNS
+---------------------------------------------------------------
+
+You should create a database yourself and install the schema into
+it. On upgrades you should also upgrade the schema.
+You can find the upstream recommended schema here:
+
+ /usr/share/pdns-backend-pgsql/schema
+
+Just create a database (for example, named pdns) and then feed these
+SQL commands to PostgreSQL to get the default schema:
+
+ psql -h <host> -U <user> <database> -f \
+ /usr/share/pdns-backend-pgsql/schema/schema.pgsql.sql
+
+Then add your data to the database. An example configuration for
+PowerDNS is provided in /usr/share/doc/pdns-backend-pgsql/examples/.
+
+It is probably a good idea to protect your configuration file, as
+it will contain your database password:
+
+ chmod 0640 /etc/powerdns/pdns.d/gpgsql.conf
+ chgrp pdns /etc/powerdns/pdns.d/gpgsql.conf
+
+Note: in previous versions, the Debian packages used
+dbconfig-common, and you can continue to use dbconfig
+created databases, but you will have to upgrade the schema
+manually.
+++ /dev/null
-modules/gpgsqlbackend/3.4.0_to_4.1.0_schema.pgsql.sql
-modules/gpgsqlbackend/4.1.0_to_4.2.0_schema.pgsql.sql
-modules/gpgsqlbackend/4.2.0_to_4.3.0_schema.pgsql.sql
-modules/gpgsqlbackend/dnssec-3.x_to_3.4.0_schema.pgsql.sql
-modules/gpgsqlbackend/nodnssec-3.x_to_3.4.0_schema.pgsql.sql
-modules/gpgsqlbackend/schema.pgsql.sql
--- /dev/null
+debian/config/gpgsql.conf
-debian/config/pdns.local.gpgsql.conf usr/share/pdns-backend-pgsql
usr/lib/*/pdns/libgpgsqlbackend.so*
+usr/share/doc/pdns/*.pgsql.sql usr/share/pdns-backend-pgsql/schema
--- /dev/null
+usr/share/pdns-backend-pgsql/schema/schema.pgsql.sql usr/share/doc/pdns-backend-pgsql/schema.pgsql.sql
--- /dev/null
+# ucf presence is checked.
+pdns-backend-pgsql: maintainer-script-needs-depends-on-ucf postinst
set -x
fi
-purge_ucf_registry() {
- pkgname="$1"
- # Remove files previously registered with ucf (but keep the files).
- # Newer versions no longer use ucf to manage conffiles.
- # We stopped depending on ucf, so avoid calling ucf when it is not present.
- if command -v ucfq >/dev/null; then
- for file in $(ucfq --with-colons "$pkgname" | cut --delimiter=: --fields=1); do
- ucf --purge ${file}
- ucfr --purge $pkgname ${file}
- done
- fi
-}
+PKGNAME="pdns-backend-pgsql"
-purge_ucf_registry "pdns-backend-pgsql"
+# Remove files previously registered with ucf (but keep the files).
+# 4.1.3-4 and newer no longer install a (ucf) conffile.
+# We stopped depending on ucf, so avoid calling ucf when it is not present.
+if command -v ucfq >/dev/null; then
+ for file in $(ucfq --with-colons "$PKGNAME" | cut --delimiter=: --fields=1); do
+ ucf --purge ${file}
+ ucfr --purge $PKGNAME ${file}
+ done
+fi
dpkg-trigger pdns-server
--- /dev/null
+pdns (4.1.3-4) unstable; urgency=medium
+
+ The gmysql, gpgsql, gsqlite3 backend packages no longer provide automatic
+ database configuration using dbconfig-common. You can continue to use
+ previously created databases, but they will not receive any automatic
+ schema updates. For new installations, please see the README.Debian
+ files on how to initialize the schema.
+
+ -- Christian Hofstaedtler <zeha@debian.org> Tue, 31 Jul 2018 11:00:00 +0800
--- /dev/null
+Instructions on setting up SQLite3 as a backend for PowerDNS
+------------------------------------------------------------
+
+You should create a database yourself and install the schema into
+it. On upgrades you should also upgrade the schema.
+You can find the upstream recommended schema here:
+
+ /usr/share/pdns-backend-sqlite3/schema
+
+Just create a database, for example in
+/var/lib/powerdns/pdns.sqlite3 and feed these SQL commands to
+get the default schema:
+
+ sqlite3 /var/lib/powerdns/pdns.sqlite3 < \
+ /usr/share/pdns-backend-sqlite3/schema/schema.sqlite3.sql
+
+Then add your data to the database. An example configuration for
+PowerDNS is provided in /usr/share/doc/pdns-backend-sqlite3/examples/.
+
+Note: in previous versions, the Debian packages used
+dbconfig-common, and you can continue to use dbconfig
+created databases, but you will have to upgrade the schema
+manually.
--- /dev/null
+var/lib/powerdns
+++ /dev/null
-modules/gsqlite3backend/3.4.0_to_4.0.0_schema.sqlite3.sql
-modules/gsqlite3backend/4.0.0_to_4.2.0_schema.sqlite3.sql
-modules/gsqlite3backend/4.2.0_to_4.3.0_schema.sqlite3.sql
-modules/gsqlite3backend/4.3.0_to_4.3.1_schema.sqlite3.sql
-modules/gsqlite3backend/dnssec-3.x_to_3.4.0_schema.sqlite3.sql
-modules/gsqlite3backend/nodnssec-3.x_to_3.4.0_schema.sqlite3.sql
-modules/gsqlite3backend/schema.sqlite3.sql
--- /dev/null
+debian/config/gsqlite3.conf
-debian/config/pdns.local.gsqlite3.conf usr/share/pdns-backend-sqlite3
usr/lib/*/pdns/libgsqlite3backend.so*
+usr/share/doc/pdns/*.sqlite3.sql usr/share/pdns-backend-sqlite3/schema
--- /dev/null
+usr/share/pdns-backend-sqlite3/schema/schema.sqlite3.sql usr/share/doc/pdns-backend-sqlite3/schema.sqlite3.sql
--- /dev/null
+# ucf presence is checked.
+pdns-backend-sqlite3: maintainer-script-needs-depends-on-ucf postinst
-#! /bin/sh
-#
-# postinst script for pdns-backend-sqlite3
-
+#!/bin/sh
set -e
if [ -n "$PDNSDEBUG" ]; then
set -x
fi
-purge_ucf_registry() {
- pkgname="$1"
- # Remove files previously registered with ucf (but keep the files).
- # Newer versions no longer use ucf to manage conffiles.
- # We stopped depending on ucf, so avoid calling ucf when it is not present.
- if command -v ucfq >/dev/null; then
- for file in $(ucfq --with-colons "$pkgname" | cut --delimiter=: --fields=1); do
- ucf --purge ${file}
- ucfr --purge $pkgname ${file}
- done
- fi
-}
+PKGNAME="pdns-backend-sqlite3"
+
+# Remove files previously registered with ucf (but keep the files).
+# 4.1.3-4 and newer no longer install a (ucf) conffile.
+# We stopped depending on ucf, so avoid calling ucf when it is not present.
+if command -v ucfq >/dev/null; then
+ for file in $(ucfq --with-colons "$PKGNAME" | cut --delimiter=: --fields=1); do
+ ucf --purge ${file}
+ ucfr --purge $PKGNAME ${file}
+ done
+fi
-purge_ucf_registry "pdns-backend-sqlite3"
+case "$1" in
+ configure)
+ # default path for database files.
+ chown pdns:pdns /var/lib/powerdns || :
+ ;;
+esac
dpkg-trigger pdns-server
--- /dev/null
+var/lib/ixfrdist
+debian/config/ixfrdist.yml etc/powerdns
+lib/systemd/system/ixfrdist*.service
usr/bin/ixfrdist
-etc/powerdns/ixfrdist.example.yml
-lib/systemd/system/ixfrdist.service
-lib/systemd/system/ixfrdist@.service
debian/tmp/usr/share/man/man1/ixfrdist.1
debian/tmp/usr/share/man/man5/ixfrdist.yml.5
-
--- /dev/null
+#! /bin/sh
+
+set -e
+
+# summary of how this script can be called:
+# * <postinst> `configure' <most-recently-configured-version>
+# * <old-postinst> `abort-upgrade' <new version>
+# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
+# <new-version>
+# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
+# <failed-install-package> <version> `removing'
+# <conflicting-package> <version>
+# for details, see http://www.debian.org/doc/debian-policy/ or
+# the debian-policy package
+
+case "$1" in
+ configure)
+
+ adduser --force-badname --system --home /nonexistent --group \
+ --no-create-home --quiet _ixfrdist || true
+ if ! dpkg-statoverride --list /var/lib/ixfrdist > /dev/null
+ then
+ dpkg-statoverride --update --add _ixfrdist _ixfrdist 0755 /var/lib/ixfrdist
+ fi
+ ;;
+
+ abort-upgrade|abort-remove|abort-deconfigure)
+ ;;
+
+ *)
+ echo "postinst called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0
--- /dev/null
+#! /bin/sh
+
+set -e
+
+if [ "$1" = "purge" ]; then
+ if dpkg-statoverride --list /var/lib/ixfrdist > /dev/null 2>&1
+ then
+ dpkg-statoverride --remove /var/lib/ixfrdist
+ fi
+fi
+
+#DEBHELPER#
+
+exit 0
--- /dev/null
+pdns (4.3.0-1) unstable; urgency=medium
+
+ Superslave operation is no longer enabled by default, use the superslave
+ configuration option to enable.
+
+ Bind and SQL backends have a mandatory schema upgrade, please use
+ the included SQL files.
+
+ The old init scripts were deprecated and removed, please use the
+ systemd units instead. They support multiple instances, but you have
+ to set this up again (look for pdns@.service).
+
+ Please also see the upstream upgrading guide at
+ https://doc.powerdns.com/authoritative/upgrading.html
+
+ -- Chris Hofstaedtler <zeha@debian.org> Tue, 07 Apr 2020 15:26:55 +0000
+
+pdns (4.0.0-2) unstable; urgency=medium
+
+ The "bind" backend is no longer included in the pdns-server package, instead
+ it is provided in pdns-backend-bind. Users having APT install Recommends
+ (the default), will continue to get it installed. If you are upgrading from
+ a previous version and have disabled bindbackend previously, you need to do
+ so again, either by uninstalling pdns-backend-bind or by deleting
+ /etc/powerdns/pdns.d/bind.conf.
+
+ -- Chris Hofstaedtler <zeha@debian.org> Wed, 13 Jul 2016 15:42:16 +0200
+
+pdns (4.0.0~alpha1-1) unstable; urgency=medium
+
+ The "pdnssec" utility has been renamed to "pdnsutil".
+ The default listening addresses now include all IPv6 addresses.
+ The default DNSSEC parameters have changed to a single ECDSA 256
+ key.
+ The "lmdb" backend has been removed.
+ Many options are no longer experimental.
+
+ Debian specific: the allow-recursion and listen-address parameters
+ are no longer set using debconf.
+
+ -- Chris Hofstaedtler <zeha@debian.org> Fri, 25 Dec 2015 17:05:29 +0000
+
+pdns (3.4.6-2) unstable; urgency=medium
+
+ The "geo" backend has been replaced by the much newer "geoip"
+ backend. The geoip backend actually has documentation and upstream
+ has a higher confidence of keeping it working in newer versions.
+
+ -- Chris Hofstaedtler <zeha@debian.org> Thu, 10 Sep 2015 21:51:38 +0000
etc/powerdns/pdns.d
-var/lib/powerdns
+lib/systemd/system/pdns*
usr/bin/pdns_control
usr/bin/pdnsutil
usr/bin/zone2json
usr/bin/zone2sql
usr/lib/*/pdns/librandombackend.so*
usr/sbin/pdns_server
-lib/systemd/system/pdns*
# Often this file will contain passwords.
-pdns-server: non-standard-file-perm etc/powerdns/pdns.conf 0600 != 0644
-# We load lsb-functions conditionally.
-pdns-server: init.d-script-needs-depends-on-lsb-base
+pdns-server: non-standard-file-perm etc/powerdns/pdns.conf 0640 != 0644
+++ /dev/null
-# Variables for the PowerDNS sysv init script.
-# Note: ignored under systemd.
-
-# Arguments to the started daemon
-DAEMON_ARGS=""
+++ /dev/null
-#!/bin/sh
-### BEGIN INIT INFO
-# Provides: pdns
-# Required-Start: $network $remote_fs $syslog
-# Required-Stop: $network $remote_fs $syslog
-# Default-Start: 2 3 4 5
-# Default-Stop: 0 1 6
-# Should-Start: slapd
-# Should-Stop: slapd
-# Short-Description: PowerDNS Authoritative Name Server
-# Description: PDNS is a versatile high performance authoritative nameser
-### END INIT INFO
-
-PATH=/bin:/sbin:/usr/bin:/usr/sbin
-BINARYPATH=/usr/bin
-SBINARYPATH=/usr/sbin
-
-ODESC="PowerDNS Authoritative Name Server"
-DESC="$ODESC"
-NAME=pdns
-DAEMON=/usr/sbin/pdns_server
-DAEMON_ARGS=""
-CONTROL=/usr/bin/pdns_control
-SOCKETDIR=/var/run/pdns
-PIDFILE=$SOCKETDIR/$NAME.pid
-SCRIPTNAME=/etc/init.d/$NAME
-
-[ -x "$DAEMON" ] || exit 0
-
-[ -r /etc/default/pdns ] && . /etc/default/pdns
-
-# Handle instance scripts
-suffix=$(basename $0 | cut -d- -f2- -s)
-
-if [ -n "$suffix" ]; then
- SUFFIX="--config-name=$suffix"
- DAEMON_ARGS="$DAEMON_ARGS $SUFFIX"
- NAME="$NAME-$suffix"
- DESC="$DESC (config name $suffix)"
- PIDFILE="/var/run/pdns/$NAME-$suffix.pid"
-fi
-
-# Load lsb stuff for systemd redirection (if available).
-if [ -e /lib/lsb/init-functions ]; then
- . /lib/lsb/init-functions
-fi
-
-# function to invoke properly parametrized pdns_control
-doPC()
-{
- $CONTROL $SUFFIX $1 $2 2> /dev/null
- return $?
-}
-
-isrunning()
-{
- doPC ping > /dev/null
- return $?
-}
-
-#
-# Function that starts the daemon/service
-#
-do_start()
-{
- # Return
- # 0 if daemon has been started
- # 1 if daemon was already running
- # 2 if daemon could not be started
- if isrunning; then
- return 1
- fi
- mkdir -p $SOCKETDIR
- start-stop-daemon --start --quiet \
- --pidfile $PIDFILE --exec $DAEMON -- \
- $DAEMON_ARGS --daemon --guardian=yes \
- || return 2
-}
-
-#
-# Function that stops the daemon/service
-#
-do_stop()
-{
- # Return
- # 0 if daemon has been stopped
- # 1 if daemon was already stopped
- # 2 if daemon could not be stopped
- # other if a failure occurred
- doPC quit >/dev/null
- RETVAL="2"
- for sec in $(seq 1 5); do
- if ! isrunning; then
- RETVAL="0"
- break
- fi
- sleep 1
- done
- [ "$RETVAL" = 2 ] && return 2
- rm -f $PIDFILE
-}
-
-case "$1" in
- start)
- echo -n "Starting $DESC: $NAME ..."
- do_start
- case "$?" in
- 0|1)
- echo done
- exit 0
- ;;
- 2)
- echo failed
- exit 1
- ;;
- esac
- ;;
- stop)
- echo -n "Stopping $DESC: $NAME ..."
- do_stop
- case "$?" in
- 0|1)
- echo done
- exit 0
- ;;
- 2)
- echo failed
- exit 1
- ;;
- esac
- ;;
- status)
- if isrunning; then
- echo "$NAME is running: $(doPC status)"
- exit 0
- else
- echo "$NAME is not running"
- exit 3
- fi
- ;;
- force-stop)
- echo -n "Killing $ODESC (all instances): $NAME ..."
- kill -9 $(pidof pdns_server)
- case "$?" in
- 0)
- echo done
- exit 0
- ;;
- 1)
- echo failed
- exit 1
- ;;
- esac
- ;;
- restart)
- echo -n "Restarting $DESC: $NAME ..."
- do_stop
- case "$?" in
- 0|1)
- do_start
- case "$?" in
- 0)
- echo done
- exit 0
- ;;
- 1)
- echo failed # Old process is still running
- exit 1
- ;;
- *)
- echo failed # Failed to start
- exit 1
- ;;
- esac
- ;;
- *)
- # Failed to stop
- echo failed
- exit 1
- ;;
- esac
- ;;
- reload|force-reload)
- echo -n "Reloading $DESC: $NAME ..."
- if isrunning; then
- doPC cycle >/dev/null
- case "$?" in
- 0)
- echo done
- exit 0
- ;;
- 1)
- echo failed
- exit 1
- ;;
- esac
- else
- echo done
- exit 7
- fi
- ;;
- monitor)
- if isrunning; then
- echo "already running"
- exit 1
- else
- $DAEMON $DAEMON_ARGS --daemon=no --guardian=no --control-console --loglevel=9
- exit 0
- fi
- ;;
- dump)
- if isrunning; then
- doPC list
- exit 0
- else
- echo "not running"
- exit 7
- fi
- ;;
- show)
- if isrunning; then
- if [ $# -lt 2 ]; then
- echo "Insufficient parameters"
- exit 2
- fi
- echo -n "$2="
- doPC show $2
- exit 0
- else
- echo "not running"
- exit 7
- fi
- ;;
- mrtg)
- if isrunning; then
- if [ $# -lt 2 ]; then
- echo "Insufficient parameters"
- exit 2
- fi
- doPC show $2
- if [ "$3x" != "x" ]; then
- doPC show $3
- else
- echo 0
- fi
- doPC uptime
- echo "$DESC"
- exit 0
- else
- echo "not running"
- exit 7
- fi
- ;;
- cricket)
- if isrunning; then
- if [ $# -lt 2 ]; then
- echo "Insufficient parameters"
- exit 1
- fi
- doPC show $2
- exit 0
- else
- echo "not running"
- exit 7
- fi
- ;;
- *)
- echo "Usage: $SCRIPTNAME {start|stop|status|force-stop|restart|reload|monitor|dump|show|mrtg|cricket}"
- ;;
-esac
-
-exit 0
set -x
fi
-# Startup errors should never cause dpkg to fail.
-initscript_error() {
- return 0
-}
-
case "$1" in
configure)
- if [ -z "`getent group pdns`" ]; then
- addgroup --quiet --system pdns
- fi
- if [ -z "`getent passwd pdns`" ]; then
- echo -n "Creating user and group pdns..."
- adduser --quiet --system --home /var/spool/powerdns --shell /bin/false --ingroup pdns --disabled-password --disabled-login --gecos "PowerDNS" pdns
- echo "done"
- fi
- if [ "`stat -c '%U:%G' /etc/powerdns/pdns.conf`" = "root:root" ]; then
- chown root:pdns /etc/powerdns/pdns.conf
- # Make sure that pdns can read it; the default used to be 0600
- chmod g+r /etc/powerdns/pdns.conf
- fi
- chown pdns:pdns /var/lib/powerdns || :
+ addgroup --quiet --system pdns
+ adduser --quiet --system --home /var/spool/powerdns --shell /bin/false --ingroup pdns --disabled-password --disabled-login --gecos "PowerDNS" pdns
+ chown root:pdns /etc/powerdns/pdns.conf || true
+ chmod 0640 /etc/powerdns/pdns.conf || true
;;
triggered)
#!/bin/sh
set -e
-ucf_delete_unchanged() {
- # pdns-server no longer Depends: ucf, so only do this if ucf is installed.
- if which ucf >/dev/null; then
- if ucfq --with-colons "$1" | grep -q ':pdns-server:Yes:No'; then
- # file exists, not changed; delete it
- echo "Removing unchanged configuration file $1"
- rm -f "$1"
- fi
- ucf --purge "$1"
- ucfr --purge pdns-server "$1"
- else
- echo "E: ucf not installed, can not remove unchanged configuration file $1."
- fi
-}
-
-purge_ucf_registry() {
- pkgname="$1"
- # Remove files previously registered with ucf (but keep the files).
- # Newer versions no longer use ucf to manage conffiles.
- # We stopped depending on ucf, so avoid calling ucf when it is not present.
- if command -v ucfq >/dev/null; then
- for file in $(ucfq --with-colons "$pkgname" | cut --delimiter=: --fields=1); do
- ucf --purge ${file}
- ucfr --purge $pkgname ${file}
- done
+delete_unchanged() {
+ if [ -e "$1" ] && echo "$2 $1" | md5sum --check --status; then
+ echo "Removing unchanged configuration file $1"
+ rm -f "$1"
fi
}
case "$1" in
install|upgrade)
- # for upgrades from before 4.0.0-2, drop empty file created by previous postinst.
- if [ -e /etc/powerdns/bindbackend.conf ] && echo "d41d8cd98f00b204e9800998ecf8427e /etc/powerdns/bindbackend.conf" | md5sum --check --status; then
- rm -f /etc/powerdns/bindbackend.conf
- fi
-
- # 4.0.0-2 moved pdns-server' configuration files back under dpkg conffile control (from ucf),
- # and bindbackend was split into its own package.
- # the upgrade code in 4.0.0-2 did not delete unchanged files.
- if [ ! -z "$2" ] && dpkg --compare-versions "$2" le "4.0.0-3~"; then
- # we want to preserve the following if they were changed.
- ucf_delete_unchanged "/etc/default/pdns"
- ucf_delete_unchanged "/etc/powerdns/pdns.conf"
- ucf_delete_unchanged "/etc/powerdns/pdns.d/pdns.local.conf"
- # pdns.simplebind.conf is no longer useful with just pdns-server,
- # pdns-backend-bind will install bind.conf instead.
- ucf_delete_unchanged "/etc/powerdns/pdns.d/pdns.simplebind.conf"
- backup_conffile "/etc/powerdns/pdns.d/pdns.simplebind.conf"
- fi
-
- # Remove files no longer in the package (and unused)
- rm -f /etc/resolvconf/update.d/pdns
- rm -f /etc/insserv.d/pdns-server
-
- purge_ucf_registry "pdns-server"
+ # clean up files we no longer ship
+ delete_unchanged "/etc/resolvconf/update.d/pdns" aeacd4ba822e5ad334c1794e8239d9c1
+ backup_conffile "/etc/resolvconf/update.d/pdns"
+ delete_unchanged "/etc/insserv.d/pdns-server" af60f140f00b9520efbcd3a18052905d
+ backup_conffile "/etc/insserv.d/pdns-server"
+ delete_unchanged "/etc/default/pdns" ddd96d47c8c1d5898f45e81fae15e7ac
+ delete_unchanged "/etc/default/pdns" 99d5d626abd59cc568dadec22403f638
+ backup_conffile "/etc/default/pdns"
+ delete_unchanged "/etc/init.d/pdns" 06f3b374bccaf3b71638e759f8053bda
+ delete_unchanged "/etc/init.d/pdns" 470533b8de800da2f356c04a58f4aa6b
+ backup_conffile "/etc/init.d/pdns"
;;
esac
usr/bin/calidns
usr/bin/dnsbulktest
usr/bin/dnsgram
+usr/bin/dnspcap2calidns
usr/bin/dnspcap2protobuf
usr/bin/dnsreplay
usr/bin/dnsscan
usr/bin/pdns_notify
usr/bin/saxfr
usr/bin/sdig
+usr/bin/stubquery
debian/tmp/usr/share/man/man1/calidns.1
debian/tmp/usr/share/man/man1/dnsbulktest.1
debian/tmp/usr/share/man/man1/dnsgram.1
+debian/tmp/usr/share/man/man1/dnspcap2calidns.1
debian/tmp/usr/share/man/man1/dnspcap2protobuf.1
debian/tmp/usr/share/man/man1/dnsreplay.1
debian/tmp/usr/share/man/man1/dnsscan.1
#!/usr/bin/make -f
-include /usr/share/dpkg/architecture.mk
-include /usr/share/dpkg/pkg-info.mk
-
-# (Re-)Enable warnings
-CXXFLAGS += -Wall
# Turn on all hardening flags, as we're a networked daemon.
export DEB_BUILD_MAINT_OPTIONS = hardening=+all
+# see EXAMPLES in dpkg-buildflags(1) and read /usr/share/dpkg/*
+DPKG_EXPORT_BUILDFLAGS = 1
+include /usr/share/dpkg/default.mk
-# Backends
-backends := bind ldap pipe gmysql godbc gpgsql gsqlite3 geoip lmdb lua2 remote random tinydns
+# Vendor and version
+CXXFLAGS += -DPACKAGEVERSION='"$(DEB_VERSION).$(DEB_VENDOR)"'
-# Only enable systemd integration on Linux operating systems
-ifeq ($(DEB_HOST_ARCH_OS),linux)
-CONFIGURE_ARGS += --enable-systemd --with-systemd=/lib/systemd/system
-DH_ARGS += --with systemd
-else
-CONFIGURE_ARGS += --disable-systemd
-endif
+# Avoid test failure in docker.
+export PDNS_TEST_NO_IPV6=1
+
+# Backends
+backends := bind ldap lmdb lua2 pipe gmysql godbc gpgsql gsqlite3 geoip remote random tinydns
-# Only disable luajit on arm64
-ifneq ($(DEB_HOST_ARCH),arm64)
-CONFIGURE_ARGS += --with-lua=luajit
-else
-CONFIGURE_ARGS += --with-lua=lua5.3
-endif
-# Use new build system
%:
- dh $@ \
- --with autoreconf \
- $(DH_ARGS)
+ dh $@
+
+override_dh_auto_clean:
+ dh_auto_clean
+ rm -f dnslabeltext.cc
override_dh_auto_configure:
- test -f pdns/dnslabeltext.cc && mv pdns/dnslabeltext.cc debian/dnslabeltext.cc.moved || true
dh_auto_configure -- \
--sysconfdir=/etc/powerdns \
+ --enable-systemd --with-systemd=/lib/systemd/system \
--with-dynmodules="$(backends)" \
--with-modules="" \
+ --enable-ixfrdist \
--enable-tools \
- --with-libsodium \
- --with-lua=luajit \
+ --with-protobuf \
--enable-unit-tests \
- --enable-experimental-pkcs11 \
--enable-lua-records \
- --enable-ixfrdist \
+ --enable-reproducible \
+ --disable-silent-rules \
$(CONFIGURE_ARGS)
-override_dh_strip:
- dh_strip --ddeb-migration='pdns-server-dbg (<< 4.0.0-0)'
+override_dh_auto_install:
+ dh_auto_install
+ find debian/tmp/usr/lib -name '*.la' -delete
+ rm debian/tmp/etc/powerdns/ixfrdist.example.yml debian/tmp/etc/powerdns/pdns.conf-dist
-override_dh_systemd_enable:
- dh_systemd_enable --name=pdns
-
-# init script needs to be named pdns, not pdns-server. if no pdns-backend
-# is installed, start will fail, so pass --no-start. backends will trigger
-# a restart.
-override_dh_installinit:
- dh_installinit --error-handler=initscript_error --no-start --restart-after-upgrade --name=pdns
+override_dh_installsystemd:
+ dh_installsystemd --no-start -ppdns-server --name=pdns
+ dh_installsystemd --no-start -ppdns-ixfrdist --name=ixfrdist
override_dh_install:
dh_install
- ./pdns/pdns_server --config=default | sed \
+ ./pdns/pdns_server --no-config --config=default | sed \
-e 's!# module-dir=.*!!' \
-e 's!# include-dir=.*!&\ninclude-dir=/etc/powerdns/pdns.d!' \
-e 's!# launch=.*!&\nlaunch=!' \
- -e 's!# setgid=.*!setgid=pdns!' \
- -e 's!# setuid=.*!setuid=pdns!' \
+ -e 's!# security-poll-suffix=.*!&\nsecurity-poll-suffix=!' \
> debian/pdns-server/etc/powerdns/pdns.conf
-ifeq ($(DEB_HOST_ARCH_BITS),32)
- echo RestrictAddressFamilies is broken on 32bit, removing it from service file
- perl -ni -e 'print unless /RestrictAddressFamilies/' debian/pdns-server/lib/systemd/system/*.service
-endif
-# Verbose tests (shows used compiler/linker and their flags)
override_dh_auto_test:
ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS)))
+ ./debian/tests-source/run
echo Skipping make test, as dependencies are missing.
make check || (cat pdns/test-suite.log; false)
endif
override_dh_fixperms:
dh_fixperms
- # these files often contain passwords. 640 as it is chowned to root:pdns
+ # these files often contain passwords.
chmod 0640 debian/pdns-server/etc/powerdns/pdns.conf
-
-# restore moved files
-override_dh_clean:
- test -f debian/dnslabeltext.cc.moved && mv debian/dnslabeltext.cc.moved pdns/dnslabeltext.cc || true
- dh_clean
--- /dev/null
+#!/bin/bash
+LOGFILE=$(mktemp)
+cleanup() {
+ rm -f "$LOGFILE"
+}
+trap cleanup EXIT
+
+(../../pdns/pdns_server --config-dir=. --socket-dir=. \
+ --write-pid=yes \
+ --local-address=127.0.0.1 --local-port=5301 \
+ 2>&1 | tee "$LOGFILE") &
+
+echo "Waiting for pdns_server to start..."
+while grep "About to" "$LOGFILE"; do
+ sleep 2
+done
--- /dev/null
+#!/bin/bash
+
+# tests that are to be run from a built source tree.
+
+exec 2>&1
+set -e
+
+cd debian/tests-source
+chmod a+rx launch-pdns
+
+for testscript in smoke-bind smoke-lmdb; do
+ chmod a+rx "$testscript"
+ echo
+ echo "tests-source: running $testscript"
+ echo
+ ./$testscript
+ echo
+done
+
--- /dev/null
+#!/bin/bash
+exec 2>&1
+set -ex
+
+CONFDIR="$PWD"
+
+cat <<EOF >"$CONFDIR/named.conf"
+zone "bind.example.org" { type master; file "$CONFDIR/bind.example.org.zone"; };
+EOF
+
+cat <<EOF >"$CONFDIR/bind.example.org.zone"
+bind.example.org. 172800 IN SOA ns1.example.org. dns.example.org. 1 10800 3600 604800 3600
+bind.example.org. 172800 IN NS ns1.example.org.
+smoke.bind.example.org. 172800 IN A 127.0.0.123
+EOF
+
+TMPFILE=$(mktemp)
+cleanup() {
+ rm -f "$TMPFILE"
+ rm -f named.conf bind.example.org.zone
+ kill $(cat pdns.pid) || true
+ rm -f pdns.conf pdns.pid pdns.controlsocket
+}
+trap cleanup EXIT
+
+cat <<EOF >pdns.conf
+module-dir=../../modules/bindbackend/.libs/
+launch=bind
+bind-config=./named.conf
+EOF
+
+./launch-pdns
+
+dig -p 5301 @127.0.0.1 smoke.bind.example.org 2>&1 | tee "$TMPFILE"
+
+if grep -c '127\.0\.0\.123' "$TMPFILE"; then
+ echo success
+else
+ echo smoke could not be resolved
+ exit 1
+fi
+
--- /dev/null
+#!/bin/bash
+exec 2>&1
+set -ex
+
+CONFDIR="$PWD"
+
+TMPFILE=$(mktemp)
+cleanup() {
+ rm -f "$TMPFILE"
+ rm -f pdns.lmdb pdns.lmdb-lock
+ kill $(cat pdns.pid) || true
+ rm -f pdns.conf pdns.pid pdns.controlsocket
+}
+trap cleanup EXIT
+
+cat <<EOF >pdns.conf
+module-dir=../../modules/lmdbbackend/.libs/
+launch=lmdb
+lmdb-filename=./pdns.lmdb
+EOF
+
+../../pdns/pdnsutil --config-dir=. create-zone smoke.lmdb.example.org
+
+./launch-pdns
+
+dig -p 5301 @127.0.0.1 smoke.lmdb.example.org SOA 2>&1 | tee "$TMPFILE"
+
+if grep -c 'a.misconfigured' "$TMPFILE"; then
+ echo success
+else
+ echo smoke could not be resolved
+ exit 1
+fi
+
Tests: smoke-bind
-Depends: pdns-server, pdns-backend-bind, dnsutils
+Depends: dnsutils,
+ pdns-backend-bind,
+ pdns-server
Restrictions: needs-root
Tests: smoke-mysql
-Depends: default-mysql-server, pdns-server, pdns-backend-mysql, dnsutils
+Depends: dnsutils,
+ mariadb-server,
+ pdns-backend-mysql,
+ pdns-server
+Restrictions: needs-root, isolation-container
+
+Tests: smoke-mysql-sp
+Depends: dnsutils,
+ mariadb-server,
+ pdns-backend-mysql,
+ pdns-server
Restrictions: needs-root, isolation-container
Tests: smoke-pgsql
-Depends: postgresql, pdns-server, pdns-backend-pgsql, dnsutils
+Depends: dnsutils,
+ pdns-backend-pgsql,
+ pdns-server,
+ postgresql
Restrictions: needs-root, isolation-container
Tests: supported-algos
exec 2>&1
set -ex
+ZONE=bind.example.org
+
cat <<EOF >/etc/powerdns/named.conf
-zone "example.org" { type master; file "/etc/powerdns/example.org.zone"; };
+zone "$ZONE" { type master; file "/etc/powerdns/$ZONE.zone"; };
EOF
-cat <<EOF >/etc/powerdns/example.org.zone
-example.org. 172800 IN SOA ns1.example.org. dns.example.org. 1 10800 3600 604800 3600
-example.org. 172800 IN NS ns1.example.org.
-smoke.example.org. 172800 IN A 127.0.0.123
+cat <<EOF >/etc/powerdns/$ZONE.zone
+$ZONE. 172800 IN SOA ns1.example.org. dns.example.org. 1 10800 3600 604800 3600
+$ZONE. 172800 IN NS ns1.example.org.
+smoke.$ZONE. 172800 IN A 127.0.0.222
EOF
service pdns restart
+journalctl _SYSTEMD_UNIT=pdns.service -n 10 --no-pager || true
TMPFILE=$(mktemp)
cleanup() {
rm -f "$TMPFILE"
+ journalctl _SYSTEMD_UNIT=pdns.service -n 100 --no-pager || true
service pdns stop
}
trap cleanup EXIT
-dig @127.0.0.1 smoke.example.org 2>&1 | tee "$TMPFILE"
+dig @127.0.0.1 smoke.$ZONE 2>&1 | tee "$TMPFILE"
-if grep -c '127\.0\.0\.123' "$TMPFILE"; then
+if grep -c '127\.0\.0\.222' "$TMPFILE"; then
echo success
else
- echo smoke could not be resolved
+ echo smoke.$ZONE could not be resolved
exit 1
fi
exec 2>&1
set -ex
-echo /etc/powerdns/pdns.d/pdns.local.gmysql.conf follows:
-echo XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-cat /etc/powerdns/pdns.d/pdns.local.gmysql.conf
-echo XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-
-# gmysql-dbname=pdnsbackendmysql
-DBNAME=$(grep gmysql-dbname /etc/powerdns/pdns.d/pdns.local.gmysql.conf | awk -F= '{print $2}')
-
-cat <<EOF >/etc/powerdns/example.org
-example.org. 172800 IN SOA ns1.example.org. dns.example.org. 1 10800 3600 604800 3600
-example.org. 172800 IN NS ns1.example.org.
-smoke.example.org. 172800 IN A 127.0.0.124
+service mysql stop || true
+trap 'kill -TERM $DB_SERVER_PID' EXIT TERM INT
+/usr/bin/mysqld_safe &
+DB_SERVER_PID=$!
+
+while ! mysqladmin ping ; do
+ sleep 0.5
+done
+
+DBNAME=pdns
+DBUSER=pdns
+ZONE=mysql.example.org
+
+cat <<EOF | mysql --user=root mysql
+DROP DATABASE IF EXISTS $DBNAME;
+CREATE DATABASE $DBNAME;
+CREATE USER '$DBUSER'@'127.0.0.1' IDENTIFIED BY 'password';
+GRANT ALL PRIVILEGES ON $DBNAME.* TO '$DBUSER'@'127.0.0.1';
+EOF
+mysql -uroot $DBNAME < /usr/share/pdns-backend-mysql/schema/schema.mysql.sql
+
+# cleanup possible leftovers from other tests
+find /etc/powerdns/pdns.d/ -type f -delete
+
+# This is what the pdns-backend-mysql.README.Debian advises users to do.
+cat /usr/share/doc/pdns-backend-mysql/examples/gmysql.conf | \
+sed -e '
+ s/_DBSERVER_/127.0.0.1/;
+ s/_DBPORT_/3306/;
+ s/_DBNAME_/'$DBNAME'/;
+ s/_DBUSER_/'$DBUSER'/;
+ s/_DBPASS_/password/;
+' > /etc/powerdns/pdns.d/gmysql.conf
+chmod 0640 /etc/powerdns/pdns.d/gmysql.conf
+chgrp pdns /etc/powerdns/pdns.d/gmysql.conf
+
+#####################################################################
+cat /etc/powerdns/pdns.d/gmysql.conf
+
+cat <<EOF >/etc/powerdns/$ZONE
+$ZONE. 172800 IN SOA ns1.example.org. dns.example.org. 1 10800 3600 604800 3600
+$ZONE. 172800 IN NS ns1.example.org.
+smoke.$ZONE. 172800 IN A 127.0.0.222
EOF
-zone2sql --gmysql --zone-name=example.org --zone=/etc/powerdns/example.org | \
+zone2sql --gmysql --zone-name=$ZONE --zone=/etc/powerdns/$ZONE | \
mysql -uroot $DBNAME
service pdns restart
+journalctl _SYSTEMD_UNIT=pdns.service -n 10 --no-pager || true
TMPFILE=$(mktemp)
cleanup() {
rm -f "$TMPFILE"
+ journalctl _SYSTEMD_UNIT=pdns.service -n 100 --no-pager || true
service pdns stop
}
trap cleanup EXIT
-dig @127.0.0.1 smoke.example.org 2>&1 | tee "$TMPFILE"
+dig @127.0.0.1 smoke.$ZONE 2>&1 | tee "$TMPFILE"
-if grep -c '127\.0\.0\.124' "$TMPFILE"; then
+if grep -c '127\.0\.0\.222' "$TMPFILE"; then
echo success
else
- echo smoke.example.org could not be resolved
+ echo smoke.$ZONE could not be resolved
exit 1
fi
--- /dev/null
+#!/bin/bash
+exec 2>&1
+set -ex
+
+service mysql stop || true
+trap 'kill -TERM $DB_SERVER_PID' EXIT TERM INT
+/usr/bin/mysqld_safe &
+DB_SERVER_PID=$!
+
+while ! mysqladmin ping ; do
+ sleep 0.5
+done
+
+DBNAME=pdnssp
+DBUSER=pdnssp
+ZONE=mysql-sp.example.org
+
+cat <<EOF | mysql --user=root mysql
+DROP DATABASE IF EXISTS $DBNAME;
+CREATE DATABASE $DBNAME;
+CREATE USER '$DBUSER'@'127.0.0.1' IDENTIFIED BY 'password';
+GRANT ALL PRIVILEGES ON $DBNAME.* TO '$DBUSER'@'127.0.0.1';
+EOF
+mysql -uroot $DBNAME < /usr/share/pdns-backend-mysql/schema/schema.mysql.sql
+
+# cleanup possible leftovers from other tests
+find /etc/powerdns/pdns.d/ -type f -delete
+
+# This is what the pdns-backend-mysql.README.Debian advises users to do.
+cat /usr/share/doc/pdns-backend-mysql/examples/gmysql.conf | \
+sed -e '
+ s/_DBSERVER_/127.0.0.1/;
+ s/_DBPORT_/3306/;
+ s/_DBNAME_/'$DBNAME'/;
+ s/_DBUSER_/'$DBUSER'/;
+ s/_DBPASS_/password/;
+' > /etc/powerdns/pdns.d/gmysql.conf
+chmod 0640 /etc/powerdns/pdns.d/gmysql.conf
+chgrp pdns /etc/powerdns/pdns.d/gmysql.conf
+
+cat <<EOF | mysql -uroot $DBNAME
+DELIMITER //
+CREATE PROCEDURE basic_query(incoming_type varchar(10), incoming_name varchar(255))
+BEGIN
+SELECT content,ttl,prio,type,domain_id,disabled,name,auth FROM records WHERE disabled=0 and type=incoming_type and name=incoming_name;
+END//
+EOF
+cat <<EOF >>/etc/powerdns/pdns.d/gmysql.conf
+gmysql-basic-query=CALL basic_query(?, ?)
+EOF
+
+#####################################################################
+cat /etc/powerdns/pdns.d/gmysql.conf
+
+cat <<EOF >/etc/powerdns/$ZONE
+$ZONE. 172800 IN SOA ns1.example.org. dns.example.org. 1 10800 3600 604800 3600
+$ZONE. 172800 IN NS ns1.example.org.
+smoke.$ZONE. 172800 IN A 127.0.0.222
+EOF
+
+zone2sql --gmysql --zone-name=$ZONE --zone=/etc/powerdns/$ZONE | \
+ mysql -uroot $DBNAME
+
+service pdns restart
+journalctl _SYSTEMD_UNIT=pdns.service -n 10 --no-pager || true
+
+TMPFILE=$(mktemp)
+cleanup() {
+ rm -f "$TMPFILE"
+ journalctl _SYSTEMD_UNIT=pdns.service -n 100 --no-pager || true
+ service pdns stop
+}
+trap cleanup EXIT
+
+dig @127.0.0.1 smoke.$ZONE 2>&1 | tee "$TMPFILE"
+
+if grep -c '127\.0\.0\.222' "$TMPFILE"; then
+ echo success
+else
+ echo smoke.$ZONE could not be resolved
+ exit 1
+fi
+
exec 2>&1
set -ex
-echo /etc/powerdns/pdns.d/pdns.local.gpgsql.conf follows:
-echo XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-cat /etc/powerdns/pdns.d/pdns.local.gpgsql.conf
-echo XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-
-# gpgsql-dbname=pdnsbackendpgsql
-DBNAME=$(grep gpgsql-dbname /etc/powerdns/pdns.d/pdns.local.gpgsql.conf | awk -F= '{print $2}')
-DBHOST=$(grep gpgsql-host /etc/powerdns/pdns.d/pdns.local.gpgsql.conf | awk -F= '{print $2}')
-DBUSER=$(grep gpgsql-user /etc/powerdns/pdns.d/pdns.local.gpgsql.conf | awk -F= '{print $2}')
-DBPASS=$(grep gpgsql-password /etc/powerdns/pdns.d/pdns.local.gpgsql.conf | awk -F= '{print $2}')
-
-cat <<EOF >/etc/powerdns/example.org
-example.org. 172800 IN SOA ns1.example.org. dns.example.org. 1 10800 3600 604800 3600
-example.org. 172800 IN NS ns1.example.org.
-smoke.example.org. 172800 IN A 127.0.0.125
+PGVERSION=$(basename $(find /etc/postgresql -maxdepth 1 -mindepth 1 -type d -print))
+# try manually controlling postgres daemon, as in the testbed we probably do
+# not have a working init/service manager.
+service postgresql stop || true
+trap "pg_ctlcluster --skip-systemctl-redirect $PGVERSION main stop" EXIT TERM INT
+pg_ctlcluster --skip-systemctl-redirect $PGVERSION main stop || true
+pg_ctlcluster --skip-systemctl-redirect $PGVERSION main start
+
+DBNAME=pdns
+DBHOST=localhost
+DBUSER=pdns
+DBPASS=password
+ZONE=pgsql.example.org
+
+runuser -u postgres -- psql postgres -c "CREATE ROLE $DBUSER WITH LOGIN PASSWORD '$DBPASS';"
+runuser -u postgres -- createdb --echo -O $DBUSER $DBNAME
+
+runuser -u pdns -- psql $DBNAME < /usr/share/pdns-backend-pgsql/schema/schema.pgsql.sql
+
+# cleanup possible leftovers from other tests
+find /etc/powerdns/pdns.d/ -type f -delete
+
+# This is what the pdns-backend-pgsql.README.Debian advises users to do.
+cat /usr/share/doc/pdns-backend-pgsql/examples/gpgsql.conf | \
+sed -e '
+ s/_DBSERVER_/127.0.0.1/;
+ s/_DBPORT_/5432/;
+ s/_DBNAME_/'$DBNAME'/;
+ s/_DBUSER_/'$DBUSER'/;
+ s/_DBPASS_/'$DBPASS'/;
+' > /etc/powerdns/pdns.d/gpgsql.conf
+chmod 0640 /etc/powerdns/pdns.d/gpgsql.conf
+chgrp pdns /etc/powerdns/pdns.d/gpgsql.conf
+
+#####################################################################
+cat /etc/powerdns/pdns.d/gpgsql.conf
+
+cat <<EOF >/etc/powerdns/$ZONE
+$ZONE. 172800 IN SOA ns1.example.org. dns.example.org. 1 10800 3600 604800 3600
+$ZONE. 172800 IN NS ns1.example.org.
+smoke.$ZONE. 172800 IN A 127.0.0.222
EOF
-zone2sql --gpgsql --zone-name=example.org --zone=/etc/powerdns/example.org | \
+zone2sql --gpgsql --zone-name=$ZONE --zone=/etc/powerdns/$ZONE | \
PGPASSWORD="$DBPASS" psql -h "$DBHOST" -U "$DBUSER" "$DBNAME"
service pdns restart
+journalctl _SYSTEMD_UNIT=pdns.service -n 10 --no-pager || true
TMPFILE=$(mktemp)
cleanup() {
rm -f "$TMPFILE"
+ journalctl _SYSTEMD_UNIT=pdns.service -n 100 --no-pager || true
service pdns stop
}
trap cleanup EXIT
-dig @127.0.0.1 smoke.example.org 2>&1 | tee "$TMPFILE"
+dig @127.0.0.1 smoke.$ZONE 2>&1 | tee "$TMPFILE"
-if grep -c '127\.0\.0\.125' "$TMPFILE"; then
+if grep -c '127\.0\.0\.222' "$TMPFILE"; then
echo success
else
- echo smoke.example.org could not be resolved
+ echo smoke.$ZONE could not be resolved
exit 1
fi
pdnsutil list-algorithms 2>/dev/null | tee "$TMPFILE"
-for algo in RSASHA1 RSASHA1-NSEC3-SHA1 RSASHA256 RSASHA512 ECC-GOST ECDSAP256SHA256 ECDSAP384SHA384 ED25519; do
+for algo in RSASHA1 RSASHA1-NSEC3-SHA1 RSASHA256 RSASHA512 ECDSAP256SHA256 ECDSAP384SHA384 ED25519; do
if ! grep -E -c " $algo\$" "$TMPFILE"; then
echo Algorithm $algo is not supported
exit 1
--- /dev/null
+Name: pdns
+Repository: https://github.com/PowerDNS/pdns.git
+Repository-Browse: https://github.com/powerdns/pdns
+Homepage: https://www.powerdns.com/
+Bug-Database: https://github.com/powerdns/pdns/issues
+Contact: https://mailman.powerdns.com/mailman/listinfo/pdns-users
+Security-Contact: https://doc.powerdns.com/authoritative/security.html
projects / thirdparty / pdns.git / commitdiff
