From: Wouter Wijngaards Date: Fri, 25 Apr 2008 15:23:45 +0000 (+0000) Subject: RPM specfile. X-Git-Tag: release-1.0.0~9 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=17631b6fd864b717ddc466dcb96463a776ca0443;p=thirdparty%2Funbound.git RPM specfile. git-svn-id: file:///svn/unbound/trunk@1075 be551aaa-1e26-0410-a405-d3ace91eadb9 --- diff --git a/contrib/README b/contrib/README index 8c7490355..6fad11986 100644 --- a/contrib/README +++ b/contrib/README @@ -4,3 +4,4 @@ distribution but may be helpful. * rc_d_unbound: FreeBSD compatible /etc/rc.d script. * parseunbound.pl: perl script to run from cron that parses statistics from the log file and stores them. +* unbound.spec and unbound.init: RPM specfile and Linux rc.d initfile. diff --git a/contrib/unbound.init b/contrib/unbound.init new file mode 100644 index 000000000..606299607 --- /dev/null +++ b/contrib/unbound.init @@ -0,0 +1,135 @@ +#!/bin/sh +# +# unbound This shell script takes care of starting and stopping +# unbound (DNS server). +# +# chkconfig: - 14 86 +# description: unbound is a Domain Name Server (DNS) \ +# that is used to resolve host names to IP addresses. + +### BEGIN INIT INFO +# Provides: $named unbound +# Required-Start: $network $local_fs +# Required-Stop: $network $local_fs +# Should-Start: $syslog +# Should-Stop: $syslog +# Short-Description: unbound recursive Domain Name Server. +# Description: unbound is a Domain Name Server (DNS) +# that is used to resolve host names to IP addresses. +### END INIT INFO + +# Source function library. +. /etc/rc.d/init.d/functions + +exec="/usr/sbin/unbound" +prog="unbound" +config="/var/unbound/unbound.conf" +pidfile="/var/unbound/unbound.pid" +rootdir="/var/unbound" + +[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog + +lockfile=/var/lock/subsys/$prog + +start() { + [ -x $exec ] || exit 5 + [ -f $config ] || exit 6 + echo -n $"Starting $prog: " + + # setup root jail + if [ -s /etc/localtime ] && /usr/bin/cmp -s /etc/localtime ${rootdir}/etc/localtime; then + mkdir -p ${rootdir}/etc + cp -fp /etc/localtime ${rootdir}/etc/localtime + fi; + if [ -s /etc/resolv.conf ] && /usr/bin/cmp -s /etc/resolv.conf ${rootdir}/etc/resolv.conf; then + mkdir -p ${rootdir}/etc + cp -fp /etc/resolv.conf ${rootdir}/etc/resolv.conf + fi; + if ! egrep -q '^/[^[:space:]]+[[:space:]]+'${rootdir}'/dev/log' /proc/mounts; then + mkdir -p ${rootdir}/dev + [ -e ${rootdir}/dev/log ] || touch ${rootdir}/dev/log + mount --bind -n /dev/log ${rootdir}/dev/log >/dev/null 2>&1; + fi; + if ! egrep -q '^/[^[:space:]]+[[:space:]]+'${rootdir}'/dev/random' /proc/mounts; then + mkdir -p ${rootdir}/dev + [ -e ${rootdir}/dev/random ] || touch ${rootdir}/dev/random + mount --bind -n /dev/random ${rootdir}/dev/random >/dev/null 2>&1; + fi; + + # if not running, start it up here + daemon $exec + retval=$? + echo + [ $retval -eq 0 ] && touch $lockfile + return $retval +} + +stop() { + echo -n $"Stopping $prog: " + # stop it here, often "killproc $prog" + killproc -p $pidfile $prog + retval=$? + echo + [ $retval -eq 0 ] && rm -f $lockfile + if egrep -q '^/[^[:space:]]+[[:space:]]+'${rootdir}'/dev/log' /proc/mounts; then + umount ${rootdir}/dev/log >/dev/null 2>&1 + fi; + if egrep -q '^/[^[:space:]]+[[:space:]]+'${rootdir}'/dev/random' /proc/mounts; then + umount ${rootdir}/dev/random >/dev/null 2>&1 + fi; + return $retval +} + +restart() { + stop + start +} + +reload() { + kill -HUP `cat $pidfile` +} + +force_reload() { + restart +} + +rh_status() { + # run checks to determine if the service is running or use generic status + status -p $pidfile $prog +} + +rh_status_q() { + rh_status -p $pidfile >/dev/null 2>&1 +} + +case "$1" in + start) + rh_status_q && exit 0 + $1 + ;; + stop) + rh_status_q || exit 0 + $1 + ;; + restart) + $1 + ;; + reload) + rh_status_q || exit 7 + $1 + ;; + force-reload) + force_reload + ;; + status) + rh_status + ;; + condrestart|try-restart) + rh_status_q || exit 0 + restart + ;; + *) + echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}" + exit 2 +esac +exit $? diff --git a/contrib/unbound.spec b/contrib/unbound.spec new file mode 100644 index 000000000..c2fbf62f9 --- /dev/null +++ b/contrib/unbound.spec @@ -0,0 +1,98 @@ +Summary: Validating, recursive, and caching DNS resolver +Name: unbound +Version: 0.12 +Release: 1%{?dist} +License: BSD +Url: http://www.nlnetlabs.nl/unbound/ +Source: http://www.unbound.net/downloads/%{name}-%{version}.tar.gz +Source1: unbound.init +Group: System Environment/Daemons +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) +BuildRequires: flex, openssl-devel + +%description +Unbound is a validating, recursive, and caching DNS resolver. + +The C implementation of Unbound is developed and maintained by NLnet +Labs. It is based on ideas and algorithms taken from a java prototype +developed by Verisign labs, Nominet, Kirei and ep.net. + +Unbound is designed as a set of modular components, so that also +DNSSEC (secure DNS) validation and stub-resolvers (that do not run +as a server, but are linked into an application) are easily possible. + +The source code is under a BSD License. + +%prep +%setup -q + +# configure with /var/unbound/unbound.conf so that all default chroot, +# pidfile and config file are in /var/unbound, ready for chroot jail set up. +# +# This is a build using libldns builtin version, the resulting binaries +# do not require libldns and this package does not have version dependencies. +# Could be smaller using a dependency on libldns (use --with-ldns=). +%configure --enable-debug --with-conf-file=%{_localstatedir}/%{name}/unbound.conf --disable-static --disable-rpath + +%build +%{__make} %{?_smp_mflags} + +%install +rm -rf %{buildroot} +%{__make} DESTDIR=%{buildroot} install +install -d 0700 %{buildroot}%{_localstatedir}/%{name} +install -d 0755 %{buildroot}%{_initrddir} +install -m 0755 %{SOURCE1} %{buildroot}%{_initrddir}/unbound +# add symbolic link from /etc/unbound.conf -> /var/unbound/unbound.conf +ln -s %{_localstatedir}/unbound/unbound.conf %{buildroot}%{_sysconfdir}/unbound.conf +# remove static library from install (fedora packaging guidelines) +rm -f %{buildroot}%{_libdir}/libunbound.a %{buildroot}%{_libdir}/libunbound.la + +%clean +rm -rf ${RPM_BUILD_ROOT} + +%files +%defattr(-,root,root,-) +%doc doc/README doc/CREDITS doc/LICENSE doc/FEATURES +%attr(0755,root,root) %{_initrddir}/%{name} +%attr(0700,%{name},%{name}) %dir %{_localstatedir}/%{name} +%attr(0644,%{name},%{name}) %config(noreplace) %{_localstatedir}/%{name}/unbound.conf +%attr(0644,%{name},%{name}) %config(noreplace) %{_sysconfdir}/unbound.conf +%{_sbindir}/* +%{_mandir}/*/* +%{_includedir}/* +%{_libdir}/libunbound* + +%pre +getent group unbound >/dev/null || groupadd -r unbound +getent passwd unbound >/dev/null || \ +useradd -r -g unbound -d /var/unbound -s /sbin/nologin \ + -c "unbound name daemon" unbound +exit 0 + +%post +# This adds the proper /etc/rc*.d links for the script +/sbin/chkconfig --add %{name} + +%preun +if [ $1 -eq 0 ]; then + /sbin/service %{name} stop >/dev/null 2>&1 + /sbin/chkconfig --del %{name} +fi + +%postun +if [ "$1" -ge "1" ]; then + /sbin/service %{name} condrestart >/dev/null 2>&1 || : +else + # remove root jail + rm -f /var/unbound/dev/log /var/unbound/dev/random /var/unbound/etc/localtime /var/unbound/etc/resolv.conf >/dev/null 2>&1 + rmdir /var/unbound >/dev/null 2>&1 || : +fi + +%changelog +* Thu Apr 25 2008 Wouter Wijngaards - 0.12 +- Using parts from ports collection entry by Jaap Akkerhuis. +- Using Fedoraproject wiki guidelines. + +* Wed Apr 23 2008 Wouter Wijngaards - 0.11 +- Initial version. diff --git a/doc/Changelog b/doc/Changelog index b4afd601f..13bf211a4 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -1,5 +1,8 @@ 25 April 2008: Wouter - DESTDIR is honored by the Makefile for rpms. + - contrib files unbound.spec and unbound.init, builds working RPM + on FC7 Linux, a chrooted caching resolver, and libunbound. + - iana ports update. 24 April 2008: Wouter - chroot checks improved. working directory relative to chroot. diff --git a/util/iana_ports.inc b/util/iana_ports.inc index 681dabcd1..051fac3cc 100644 --- a/util/iana_ports.inc +++ b/util/iana_ports.inc @@ -3598,7 +3598,6 @@ 3991, 3992, 3993, -3994, 3995, 3996, 3997, @@ -3652,7 +3651,6 @@ 4045, 4046, 4047, -4048, 4049, 4050, 4051,