Ensure socket-dir matches runtimedir on old systemd

This is mostly a hack for systemd version <240 so using virtual hosting
on Ubuntu Bionic and EL7 does not lead to surprises.

This Commit explicitly adds the `--socket-dir` to the invocation of the
unit. Any users who want to use their own runtimedirs should use a
drop-in unit overriding ExecStart. I believe this does not validate the
principle of least surprise for those using the PowerDNS provided
packages and virtual hosting.

Fixes #9485

(cherry picked from commit 7bbaae110abb53f43d0bf60c81efe3bb8630a925)

diff --git a/m4/systemd.m4 b/m4/systemd.m4
index 77919fcd234a13b6c65fa826e1c66fe266d8156f..c7315a5bcf487b901b6fd1b28fe4ac20f6b84835 100644 (file)
--- a/m4/systemd.m4
+++ b/m4/systemd.m4
@@ -195,4 +195,5 @@ AC_DEFUN([AX_CHECK_SYSTEMD_FEATURES], [
         AM_CONDITIONAL([HAVE_SYSTEMD_RESTRICT_SUIDSGID], [ test x"$systemd_restrict_suidsgid" = "xy" ])
         AM_CONDITIONAL([HAVE_SYSTEMD_SYSTEM_CALL_ARCHITECTURES], [ test x"$systemd_system_call_architectures" = "xy" ])
         AM_CONDITIONAL([HAVE_SYSTEMD_SYSTEM_CALL_FILTER], [ test x"$systemd_system_call_filter" = "xy" ])
+        AM_CONDITIONAL([HAVE_SYSTEMD_WITH_RUNTIME_DIR_ENV], [ test $_systemd_version -ge 240 ])
 ])

diff --git a/pdns/Makefile.am b/pdns/Makefile.am
index 71a3fe86c98b3c6a6bbf16cc9190ad4342d65747..c3125758da5853488a4fca4694694bf1f0fd86c8 100644 (file)
--- a/pdns/Makefile.am
+++ b/pdns/Makefile.am
@@ -1583,6 +1583,9 @@ dnsdist:
 if HAVE_SYSTEMD
 pdns.service: pdns.service.in
        $(AM_V_GEN)sed -e 's![@]sbindir[@]!$(sbindir)!' -e 's![@]service_user[@]!$(service_user)!' -e 's![@]service_group[@]!$(service_group)!' < $< > $@
+if !HAVE_SYSTEMD_WITH_RUNTIME_DIR_ENV
+       $(AM_V_GEN)sed -e 's!/pdns_server!& --socket-dir=%t/pdns!' -i $@
+endif
 if !HAVE_SYSTEMD_LOCK_PERSONALITY
        $(AM_V_GEN)perl -ni -e 'print unless /^LockPersonality/' $@
 endif
@@ -1629,6 +1632,9 @@ pdns@.service: pdns.service
          -e 's!RuntimeDirectory=.*!&-%i!' \
          -e 's!SyslogIdentifier=.*!&-%i!' \
          < $< > $@
+if !HAVE_SYSTEMD_WITH_RUNTIME_DIR_ENV
+       $(AM_V_GEN)sed -e 's!--socket-dir=[^ ]\+!&-%i !' -i $@
+endif
 
 systemdsystemunitdir = $(SYSTEMD_DIR)
 

diff --git a/pdns/recursordist/Makefile.am b/pdns/recursordist/Makefile.am
index 573047c75eec4a66bbcf773835a3b7c42553b4e4..e7e437c08385cbe92b0913919d01179f0156325d 100644 (file)
--- a/pdns/recursordist/Makefile.am
+++ b/pdns/recursordist/Makefile.am
@@ -511,6 +511,9 @@ endif
 if HAVE_SYSTEMD
 pdns-recursor.service: pdns-recursor.service.in
        $(AM_V_GEN)sed -e 's![@]sbindir[@]!$(sbindir)!' -e 's![@]service_user[@]!$(service_user)!' -e 's![@]service_group[@]!$(service_group)!' < $< > $@
+if !HAVE_SYSTEMD_WITH_RUNTIME_DIR_ENV
+       $(AM_V_GEN)sed -e 's!/pdns_recursor!& --socket-dir=%t/pdns-recursor!' -i $@
+endif
 if !HAVE_SYSTEMD_LOCK_PERSONALITY
        $(AM_V_GEN)perl -ni -e 'print unless /^LockPersonality/' $@
 endif
@@ -556,6 +559,9 @@ pdns-recursor@.service: pdns-recursor.service
          -e 's!Recursor!& %i!' \
          -e 's!RuntimeDirectory=.*!&-%i!' \
          < $< > $@
+if !HAVE_SYSTEMD_WITH_RUNTIME_DIR_ENV
+       $(AM_V_GEN)sed -e 's!--socket-dir=[^ ]\+!&-%i !' -i $@
+endif
 
 systemdsystemunitdir = $(SYSTEMD_DIR)