From: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Mon, 3 Sep 2012 19:13:04 +0000 (+0200)
Subject: pdns: Rework package / Remove LDAP Support.
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=476b248c9db19de0153b8d9d1b1ed43376de2153;p=ipfire-3.x.git

pdns: Rework package / Remove LDAP Support.

* Remove support for LDAP backend.
* Create pdns user & group.
* Add scriptlet for systemd.
* Add tmpfile for systemd.
* Add a working default configuration file.
* Create inital sqlite3 database on installation.
---

diff --git a/pdns/pdns.conf b/pdns/pdns.conf
new file mode 100644
index 000000000..82b67c1ae
--- /dev/null
+++ b/pdns/pdns.conf
@@ -0,0 +1,39 @@
+###############################################################################
+##                                                                             #
+## IPFire.org - A linux based firewall                                         #
+## Copyright (C) 2012  IPFire Development Team                                 #
+##                                                                             #
+## This program is free software: you can redistribute it and/or modify        #
+## it under the terms of the GNU General Public License as published by        #
+## the Free Software Foundation, either version 3 of the License, or           #
+## (at your option) any later version.                                         #
+##                                                                             #
+## This program is distributed in the hope that it will be useful,             #
+## but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+## GNU General Public License for more details.                                #
+##                                                                             #
+## You should have received a copy of the GNU General Public License           #
+## along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
+##                                                                             #
+################################################################################
+#
+## These file contains the default configuration for the PowerDNS service.
+#
+# An example configuration file with all provided options can be found on 
+# /etc/pdns/pdns.conf-dist.
+#
+daemon=no
+socket-dir=/run/pdns/
+
+# Run powerdns as the following user and group.
+setuid=pdns
+setgid=pdns
+
+# Only use one of them. Enable gsqlite3-dnssec if you are using DNS Sec.
+launch=gsqlite3
+#launch=gsqlite3-dnssec
+gsqlite3-database=/var/lib/pdns/pdns.db
+
+# Enable if you also have installed the pdns-recursor.
+#recursor=127.0.0.1:54
diff --git a/pdns/pdns.nm b/pdns/pdns.nm
index bd5e1e7ca..939e980d3 100644
--- a/pdns/pdns.nm
+++ b/pdns/pdns.nm
@@ -5,7 +5,7 @@
 
 name       = pdns
 version    = 3.1
-release    = 1
+release    = 2
 
 groups     = Networking/DNS
 url        = http://powerdns.com/
@@ -27,26 +27,51 @@ build
 		chrpath
 		gcc-c++
 		lua-devel
-		openldap-devel
+		shadow-utils
 		sqlite-devel
 		zlib-devel
 	end
 
-	CPPFLAGS = -DLDAP_DEPRECATED
-
+	# No paralilelism build.
 	PARALLELISMFLAGS =
 
 	configure_options += \
-		--sysconfdir=/etc/pdns \
+		--sysconfdir=%{sysconfdir}/pdns \
 		--libdir=%{libdir}/powerdns \
 		--with-modules="" \
-		--with-dynmodules="pipe geo ldap gsqlite3" \
+		--with-dynmodules="pipe geo gsqlite3" \
 		--with-lua \
 		--disable-static
 
+	prepare_cmds
+		%{create_user}
+	end
+
 	install_cmds
+		# Create directories for pdns sqlite db.
+		mkdir -p %{BUILDROOT}%{datadir}/pdns/
+		mkdir -p %{BUILDROOT}%{sharedstatedir}/pdns/
+
+		# Install shema for sqlite database.
+		install -m 0644 %{DIR_SOURCE}/pdns.table \
+			%{BUILDROOT}%{datadir}/pdns/pdns.table
+
+		# Install default configuration.
+		install -m 0644 %{DIR_SOURCE}/pdns.conf \
+			%{BUILDROOT}%{sysconfdir}/pdns/pdns.conf
+
+		# Create empty database file.
+		touch %{BUILDROOT}%{sharedstatedir}/pdns/pdns.db
+
+		# Fix permissions and ownership from database.
+		chown -R pdns:pdns %{BUILDROOT}%{sharedstatedir}/pdns
+		chmod 660 %{BUILDROOT}%{sharedstatedir}/pdns/pdns.db
+
+		# Remove unneded binaries.
+		rm -vf %{BUILDROOT}%{bindir}/zone2ldap
+
+		# Remove rpath from binaries and backend libs.
 		chrpath --delete %{BUILDROOT}/usr/bin/pdns_control
-		chrpath --delete %{BUILDROOT}/usr/bin/zone2ldap
 		chrpath --delete %{BUILDROOT}/usr/bin/zone2sql
 		chrpath --delete %{BUILDROOT}/usr/sbin/pdns_server
 		chrpath --delete %{BUILDROOT}%{libdir}/powerdns/*.so
@@ -55,8 +80,55 @@ build
 	end
 end
 
+create_user
+	getent group pdns >/dev/null || groupadd -r pdns
+	getent passwd pdns >/dev/null || \
+	useradd -r -g pdns -d %{sharedstatedir}/pdns -s /sbin/nologin \
+		-c "PowerDNS user" pdns
+end
+
 packages
 	package %{name}
+		prerequires
+			coreutils
+			shadow-utils
+			sqlite
+		end
+ 
+		configfiles
+			/etc/pdns/pdns.conf
+		end
+
+		script prein
+			%{create_user}
+		end
+
+		script postin
+			systemctl daemon-reload >/dev/null 2>&1 || :
+
+			# Check if DB allready exists. Create pdns sqlite database if not.
+			if [ ! -s "%{sharedstatedir}/pdns/pdns.db" ]; then
+				sqlite3 %{sharedstatedir}/pdns/pdns.db < %{datadir}/pdns/pdns.table
+			fi
+		end
+
+		script preun
+			systemctl --no-reload disable pdns.service >/dev/null 2>&1 || :
+			systemctl stop pdns.service >/dev/null 2>&1 || :
+
+			# Backup existing database.
+			mv %{sharedstatedir}/pdns/pdns.db{,.bak}
+		end
+
+		script postun
+			systemctl daemon-reload >/dev/null 2>&1 || :
+		end
+
+		script postup
+			systemctl daemon-reload >/dev/null 2>&1 || :
+			systemctl try-restart pdns.service >/dev/null 2>&1 || :
+		end
+	end
 
 	package %{name}-debuginfo
 		template DEBUGINFO
diff --git a/pdns/pdns.table b/pdns/pdns.table
new file mode 100644
index 000000000..62fcefaa5
--- /dev/null
+++ b/pdns/pdns.table
@@ -0,0 +1,63 @@
+create table domains (
+  id                INTEGER PRIMARY KEY,
+  name              VARCHAR(255) NOT NULL COLLATE NOCASE,
+  master            VARCHAR(128) DEFAULT NULL,
+  last_check        INTEGER DEFAULT NULL,
+  type              VARCHAR(6) NOT NULL,
+  notified_serial   INTEGER DEFAULT NULL, 
+  account           VARCHAR(40) DEFAULT NULL
+);
+
+CREATE UNIQUE INDEX name_index ON domains(name);
+
+CREATE TABLE records (
+  id              INTEGER PRIMARY KEY,
+  domain_id       INTEGER DEFAULT NULL,
+  name            VARCHAR(255) DEFAULT NULL, 
+  type            VARCHAR(10) DEFAULT NULL,
+  content         VARCHAR(65535) DEFAULT NULL,
+  ttl             INTEGER DEFAULT NULL,
+  prio            INTEGER DEFAULT NULL,
+  change_date     INTEGER DEFAULT NULL,
+  ordername       VARCHAR(255),
+  auth            BOOL
+);
+              
+CREATE INDEX rec_name_index ON records(name);
+CREATE INDEX nametype_index ON records(name,type);
+CREATE INDEX domain_id ON records(domain_id);
+CREATE INDEX orderindex ON records(ordername);
+
+create table supermasters (
+  ip          VARCHAR(25) NOT NULL, 
+  nameserver  VARCHAR(255) NOT NULL COLLATE NOCASE, 
+  account     VARCHAR(40) DEFAULT NULL
+);
+
+create table domainmetadata (
+ id		 INTEGER PRIMARY KEY,
+ domain_id       INT NOT NULL,
+ kind		 VARCHAR(16) COLLATE NOCASE,
+ content	TEXT
+);
+
+create index domainmetaidindex on domainmetadata(domain_id);
+
+create table cryptokeys (
+ id		INTEGER PRIMARY KEY,
+ domain_id      INT NOT NULL,
+ flags		INT NOT NULL,
+ active		BOOL,
+ content	TEXT
+);		 
+
+create index domainidindex on cryptokeys(domain_id);           
+
+create table tsigkeys (
+ id		INTEGER PRIMARY KEY,
+ name		VARCHAR(255) COLLATE NOCASE,
+ algorithm	VARCHAR(50) COLLATE NOCASE,
+ secret		VARCHAR(255)
+);
+
+create unique index namealgoindex on tsigkeys(name, algorithm);
diff --git a/pdns/pdns.tmpfiles b/pdns/pdns.tmpfiles
new file mode 100644
index 000000000..b7e1b2066
--- /dev/null
+++ b/pdns/pdns.tmpfiles
@@ -0,0 +1 @@
+d /run/pdns 0755 pdns pdns -