Ensure socket-dir matches runtimedir on old systemd

This is mostly a hack for systemd version <240 so using virtual hosting
on Ubuntu Bionic and EL7 does not lead to surprises.

This Commit explicitly adds the `--socket-dir` to the invocation of the
unit. Any users who want to use their own runtimedirs should use a
drop-in unit overriding ExecStart. I believe this does not validate the
principle of least surprise for those using the PowerDNS provided
packages and virtual hosting.

Fixes #9485

diff --git a/m4/systemd.m4 b/m4/systemd.m4
index f0b2a06df425ed116dd66fee05a8ed2ee0da6736..26edf521343939e34d44d14fe839ee7ceaf39f83 100644 (file)
--- a/m4/systemd.m4
+++ b/m4/systemd.m4
@@ -212,4 +212,5 @@ AC_DEFUN([AX_CHECK_SYSTEMD_FEATURES], [
         AM_CONDITIONAL([HAVE_SYSTEMD_RESTRICT_SUIDSGID], [ test x"$systemd_restrict_suidsgid" = "xy" ])
         AM_CONDITIONAL([HAVE_SYSTEMD_SYSTEM_CALL_ARCHITECTURES], [ test x"$systemd_system_call_architectures" = "xy" ])
         AM_CONDITIONAL([HAVE_SYSTEMD_SYSTEM_CALL_FILTER], [ test x"$systemd_system_call_filter" = "xy" ])
+        AM_CONDITIONAL([HAVE_SYSTEMD_WITH_RUNTIME_DIR_ENV], [ test $_systemd_version -ge 240 ])
 ])

diff --git a/pdns/Makefile.am b/pdns/Makefile.am
index b9cb532560878583cfda6ef16e3a123f481bf7c5..e9a3381dfe59fd0bfd26c239e8f5eacb16c14133 100644 (file)
--- a/pdns/Makefile.am
+++ b/pdns/Makefile.am
@@ -1607,6 +1607,9 @@ dnsdist:
 if HAVE_SYSTEMD
 pdns.service: pdns.service.in
        $(AM_V_GEN)sed -e 's![@]sbindir[@]!$(sbindir)!' -e 's![@]service_user[@]!$(service_user)!' -e 's![@]service_group[@]!$(service_group)!' < $< > $@
+if !HAVE_SYSTEMD_WITH_RUNTIME_DIR_ENV
+       $(AM_V_GEN)sed -e 's!/pdns_server!& --socket-dir=%t/pdns!' -i $@
+endif
 if !HAVE_SYSTEMD_LOCK_PERSONALITY
        $(AM_V_GEN)perl -ni -e 'print unless /^LockPersonality/' $@
 endif
@@ -1668,6 +1671,9 @@ pdns@.service: pdns.service
          -e 's!RuntimeDirectory=.*!&-%i!' \
          -e 's!SyslogIdentifier=.*!&-%i!' \
          < $< > $@
+if !HAVE_SYSTEMD_WITH_RUNTIME_DIR_ENV
+       $(AM_V_GEN)sed -e 's!--socket-dir=[^ ]\+!&-%i !' -i $@
+endif
 
 systemdsystemunitdir = $(SYSTEMD_DIR)
 

diff --git a/pdns/recursordist/Makefile.am b/pdns/recursordist/Makefile.am
index 141fcf578083bd391a64c46a130b5f443d1eec58..f4ba683e55ecf7e35fa171b32a3d824087894346 100644 (file)
--- a/pdns/recursordist/Makefile.am
+++ b/pdns/recursordist/Makefile.am
@@ -517,6 +517,9 @@ endif
 if HAVE_SYSTEMD
 pdns-recursor.service: pdns-recursor.service.in
        $(AM_V_GEN)sed -e 's![@]sbindir[@]!$(sbindir)!' -e 's![@]service_user[@]!$(service_user)!' -e 's![@]service_group[@]!$(service_group)!' < $< > $@
+if !HAVE_SYSTEMD_WITH_RUNTIME_DIR_ENV
+       $(AM_V_GEN)sed -e 's!/pdns_recursor!& --socket-dir=%t/pdns-recursor!' -i $@
+endif
 if !HAVE_SYSTEMD_LOCK_PERSONALITY
        $(AM_V_GEN)perl -ni -e 'print unless /^LockPersonality/' $@
 endif
@@ -577,6 +580,9 @@ pdns-recursor@.service: pdns-recursor.service
          -e 's!Recursor!& %i!' \
          -e 's!RuntimeDirectory=.*!&-%i!' \
          < $< > $@
+if !HAVE_SYSTEMD_WITH_RUNTIME_DIR_ENV
+       $(AM_V_GEN)sed -e 's!--socket-dir=[^ ]\+!&-%i !' -i $@
+endif
 
 systemdsystemunitdir = $(SYSTEMD_DIR)