From f6e76c5cae137bd9117f5e489657a424eb4fd481 Mon Sep 17 00:00:00 2001 From: Remi Gacogne Date: Fri, 23 Jan 2026 10:20:58 +0100 Subject: [PATCH] dnsdist: Handle the new YAML example configuration file in our packages Signed-off-by: Remi Gacogne --- .../debian/dnsdist/debian-bookworm/dnsdist.examples | 1 + .../debian/dnsdist/debian-bookworm/dnsdist.postinst | 5 +++++ builder-support/debian/dnsdist/debian-bookworm/rules | 4 ++++ .../debian/dnsdist/debian-bullseye/dnsdist.examples | 1 + .../debian/dnsdist/debian-bullseye/dnsdist.postinst | 5 +++++ builder-support/debian/dnsdist/debian-bullseye/rules | 4 ++++ builder-support/specs/dnsdist.spec | 3 +++ 7 files changed, 23 insertions(+) diff --git a/builder-support/debian/dnsdist/debian-bookworm/dnsdist.examples b/builder-support/debian/dnsdist/debian-bookworm/dnsdist.examples index 636562bed4..982bc08de2 100644 --- a/builder-support/debian/dnsdist/debian-bookworm/dnsdist.examples +++ b/builder-support/debian/dnsdist/debian-bookworm/dnsdist.examples @@ -1 +1,2 @@ dnsdist.conf +dnsdist.yml diff --git a/builder-support/debian/dnsdist/debian-bookworm/dnsdist.postinst b/builder-support/debian/dnsdist/debian-bookworm/dnsdist.postinst index 8f7a7ce181..2811365b1c 100644 --- a/builder-support/debian/dnsdist/debian-bookworm/dnsdist.postinst +++ b/builder-support/debian/dnsdist/debian-bookworm/dnsdist.postinst @@ -24,6 +24,11 @@ case "$1" in # Make sure that dnsdist can read it; the default used to be 0600 chmod g+r /etc/dnsdist/dnsdist.conf fi + if [ "`stat -c '%U:%G' /etc/dnsdist/dnsdist.yml`" = "root:root" ]; then + chown root:_dnsdist /etc/dnsdist/dnsdist.yml + # Make sure that dnsdist can read it; the default used to be 0600 + chmod g+r /etc/dnsdist/dnsdist.yml + fi ;; abort-upgrade|abort-remove|abort-deconfigure) diff --git a/builder-support/debian/dnsdist/debian-bookworm/rules b/builder-support/debian/dnsdist/debian-bookworm/rules index fa256fc615..cae7296df1 100755 --- a/builder-support/debian/dnsdist/debian-bookworm/rules +++ b/builder-support/debian/dnsdist/debian-bookworm/rules @@ -87,8 +87,10 @@ endif override_dh_installexamples: cp dnsdist.conf-dist dnsdist.conf + cp dnsdist.yml-dist dnsdist.yml dh_installexamples rm -f dnsdist.conf + rm -f dnsdist.yml override_dh_installinit: # do nothing here. avoids referencing a non-existant init script. @@ -98,6 +100,8 @@ override_dh_fixperms: # these files often contain passwords. 640 as it is chowned to root:_dnsdist touch debian/dnsdist/etc/dnsdist/dnsdist.conf chmod 0640 debian/dnsdist/etc/dnsdist/dnsdist.conf + touch debian/dnsdist/etc/dnsdist/dnsdist.yml + chmod 0640 debian/dnsdist/etc/dnsdist/dnsdist.yml override_dh_builddeb: dh_builddeb -- -Zgzip diff --git a/builder-support/debian/dnsdist/debian-bullseye/dnsdist.examples b/builder-support/debian/dnsdist/debian-bullseye/dnsdist.examples index 636562bed4..982bc08de2 100644 --- a/builder-support/debian/dnsdist/debian-bullseye/dnsdist.examples +++ b/builder-support/debian/dnsdist/debian-bullseye/dnsdist.examples @@ -1 +1,2 @@ dnsdist.conf +dnsdist.yml diff --git a/builder-support/debian/dnsdist/debian-bullseye/dnsdist.postinst b/builder-support/debian/dnsdist/debian-bullseye/dnsdist.postinst index 8f7a7ce181..2811365b1c 100644 --- a/builder-support/debian/dnsdist/debian-bullseye/dnsdist.postinst +++ b/builder-support/debian/dnsdist/debian-bullseye/dnsdist.postinst @@ -24,6 +24,11 @@ case "$1" in # Make sure that dnsdist can read it; the default used to be 0600 chmod g+r /etc/dnsdist/dnsdist.conf fi + if [ "`stat -c '%U:%G' /etc/dnsdist/dnsdist.yml`" = "root:root" ]; then + chown root:_dnsdist /etc/dnsdist/dnsdist.yml + # Make sure that dnsdist can read it; the default used to be 0600 + chmod g+r /etc/dnsdist/dnsdist.yml + fi ;; abort-upgrade|abort-remove|abort-deconfigure) diff --git a/builder-support/debian/dnsdist/debian-bullseye/rules b/builder-support/debian/dnsdist/debian-bullseye/rules index f67c354f4e..fceeb417b1 100755 --- a/builder-support/debian/dnsdist/debian-bullseye/rules +++ b/builder-support/debian/dnsdist/debian-bullseye/rules @@ -81,8 +81,10 @@ endif override_dh_installexamples: cp dnsdist.conf-dist dnsdist.conf + cp dnsdist.yml-dist dnsdist.yml dh_installexamples rm -f dnsdist.conf + rm -f dnsdist.yml override_dh_installinit: # do nothing here. avoids referencing a non-existant init script. @@ -92,6 +94,8 @@ override_dh_fixperms: # these files often contain passwords. 640 as it is chowned to root:_dnsdist touch debian/dnsdist/etc/dnsdist/dnsdist.conf chmod 0640 debian/dnsdist/etc/dnsdist/dnsdist.conf + touch debian/dnsdist/etc/dnsdist/dnsdist.yml + chmod 0640 debian/dnsdist/etc/dnsdist/dnsdist.yml override_dh_builddeb: dh_builddeb -- -Zgzip diff --git a/builder-support/specs/dnsdist.spec b/builder-support/specs/dnsdist.spec index b075e74aed..d0da8e3257 100644 --- a/builder-support/specs/dnsdist.spec +++ b/builder-support/specs/dnsdist.spec @@ -145,6 +145,8 @@ install -d %{buildroot}/%{_sysconfdir}/dnsdist install -Dm644 %{_libdir}/libdnsdist-quiche.so %{buildroot}/%{_libdir}/libdnsdist-quiche.so %{__mv} %{buildroot}%{_sysconfdir}/dnsdist/dnsdist.conf-dist %{buildroot}%{_sysconfdir}/dnsdist/dnsdist.conf chmod 0640 %{buildroot}/%{_sysconfdir}/dnsdist/dnsdist.conf +%{__mv} %{buildroot}%{_sysconfdir}/dnsdist/dnsdist.yml-dist %{buildroot}%{_sysconfdir}/dnsdist/dnsdist.yml +chmod 0640 %{buildroot}/%{_sysconfdir}/dnsdist/dnsdist.yml %{__install } -d %{buildroot}/%{_sharedstatedir}/%{name} @@ -187,5 +189,6 @@ systemctl daemon-reload ||: %{_mandir}/man1/* %dir %{_sysconfdir}/dnsdist %attr(-, root, dnsdist) %config(noreplace) %{_sysconfdir}/%{name}/dnsdist.conf +%attr(-, root, dnsdist) %config(noreplace) %{_sysconfdir}/%{name}/dnsdist.yml %dir %attr(-,dnsdist,dnsdist) %{_sharedstatedir}/%{name} %{_unitdir}/dnsdist* -- 2.47.3