From ba2605671e08d6d95845cc5d21983cb68d2e3c4a Mon Sep 17 00:00:00 2001 From: Pieter Lexis Date: Thu, 1 Oct 2020 20:36:51 +0200 Subject: [PATCH] Ensure socket-dir matches runtimedir on old systemd This is mostly a hack for systemd version <240 so using virtual hosting on Ubuntu Bionic and EL7 does not lead to surprises. This Commit explicitly adds the `--socket-dir` to the invocation of the unit. Any users who want to use their own runtimedirs should use a drop-in unit overriding ExecStart. I believe this does not validate the principle of least surprise for those using the PowerDNS provided packages and virtual hosting. Fixes #9485 (cherry picked from commit 7bbaae110abb53f43d0bf60c81efe3bb8630a925) --- m4/systemd.m4 | 1 + pdns/Makefile.am | 6 ++++++ pdns/recursordist/Makefile.am | 6 ++++++ 3 files changed, 13 insertions(+) diff --git a/m4/systemd.m4 b/m4/systemd.m4 index 77919fcd23..c7315a5bcf 100644 --- a/m4/systemd.m4 +++ b/m4/systemd.m4 @@ -195,4 +195,5 @@ AC_DEFUN([AX_CHECK_SYSTEMD_FEATURES], [ AM_CONDITIONAL([HAVE_SYSTEMD_RESTRICT_SUIDSGID], [ test x"$systemd_restrict_suidsgid" = "xy" ]) AM_CONDITIONAL([HAVE_SYSTEMD_SYSTEM_CALL_ARCHITECTURES], [ test x"$systemd_system_call_architectures" = "xy" ]) AM_CONDITIONAL([HAVE_SYSTEMD_SYSTEM_CALL_FILTER], [ test x"$systemd_system_call_filter" = "xy" ]) + AM_CONDITIONAL([HAVE_SYSTEMD_WITH_RUNTIME_DIR_ENV], [ test $_systemd_version -ge 240 ]) ]) diff --git a/pdns/Makefile.am b/pdns/Makefile.am index 71a3fe86c9..c3125758da 100644 --- a/pdns/Makefile.am +++ b/pdns/Makefile.am @@ -1583,6 +1583,9 @@ dnsdist: if HAVE_SYSTEMD pdns.service: pdns.service.in $(AM_V_GEN)sed -e 's![@]sbindir[@]!$(sbindir)!' -e 's![@]service_user[@]!$(service_user)!' -e 's![@]service_group[@]!$(service_group)!' < $< > $@ +if !HAVE_SYSTEMD_WITH_RUNTIME_DIR_ENV + $(AM_V_GEN)sed -e 's!/pdns_server!& --socket-dir=%t/pdns!' -i $@ +endif if !HAVE_SYSTEMD_LOCK_PERSONALITY $(AM_V_GEN)perl -ni -e 'print unless /^LockPersonality/' $@ endif @@ -1629,6 +1632,9 @@ pdns@.service: pdns.service -e 's!RuntimeDirectory=.*!&-%i!' \ -e 's!SyslogIdentifier=.*!&-%i!' \ < $< > $@ +if !HAVE_SYSTEMD_WITH_RUNTIME_DIR_ENV + $(AM_V_GEN)sed -e 's!--socket-dir=[^ ]\+!&-%i !' -i $@ +endif systemdsystemunitdir = $(SYSTEMD_DIR) diff --git a/pdns/recursordist/Makefile.am b/pdns/recursordist/Makefile.am index 573047c75e..e7e437c083 100644 --- a/pdns/recursordist/Makefile.am +++ b/pdns/recursordist/Makefile.am @@ -511,6 +511,9 @@ endif if HAVE_SYSTEMD pdns-recursor.service: pdns-recursor.service.in $(AM_V_GEN)sed -e 's![@]sbindir[@]!$(sbindir)!' -e 's![@]service_user[@]!$(service_user)!' -e 's![@]service_group[@]!$(service_group)!' < $< > $@ +if !HAVE_SYSTEMD_WITH_RUNTIME_DIR_ENV + $(AM_V_GEN)sed -e 's!/pdns_recursor!& --socket-dir=%t/pdns-recursor!' -i $@ +endif if !HAVE_SYSTEMD_LOCK_PERSONALITY $(AM_V_GEN)perl -ni -e 'print unless /^LockPersonality/' $@ endif @@ -556,6 +559,9 @@ pdns-recursor@.service: pdns-recursor.service -e 's!Recursor!& %i!' \ -e 's!RuntimeDirectory=.*!&-%i!' \ < $< > $@ +if !HAVE_SYSTEMD_WITH_RUNTIME_DIR_ENV + $(AM_V_GEN)sed -e 's!--socket-dir=[^ ]\+!&-%i !' -i $@ +endif systemdsystemunitdir = $(SYSTEMD_DIR) -- 2.47.2