forked from gentoo/gentoo
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
net-dns/pdns: Version bump, security bug #605588
Package-Manager: Portage-2.3.0, Repoman-2.3.1
- Loading branch information
Showing
2 changed files
with
154 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1,2 @@ | ||
DIST pdns-4.0.1.tar.bz2 1304788 SHA256 d191eed4a6664430e85969f49835c59e810ecbb7b3eb506e64c6b2734091edd7 SHA512 77fce9963a05198afeb569f92fbb0f6a1cb3426c28dd77b0921128189c80d9a72ebdbfc249dfc0b5b89cc7a65a83887a0388d6cc3461453b1e3096e563afdd1e WHIRLPOOL 6be1fac5cbb322fa4e4a21dc0d72f1e37ef1338a6035526ec893d2fdaa1d8c38bf0bfb124d2d00405d279cc05847d5dcf52c10938121e7d9167f9f1db2df76e2 | ||
DIST pdns-4.0.2.tar.bz2 1314886 SHA256 d051e53b63f586c924f00ce8a81662f7bd285b461d125d4991538f92cf7e629d SHA512 6720289332ee5186f4c58a00a720f3bb58480c0ae7f09915148ca8b40e2dfdc77e2f14123df903692afa464539eeef6b21e8ea3d284278897751ba807e2cdffe WHIRLPOOL 6b58de4f2fc6fe830255203c281ca518a543b373171f73021cd8efd597c146b438a7ffd6ed018b637816fe07153a51f947818a0fa76dc237ba0f50903d3afbe9 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,153 @@ | ||
# Copyright 1999-2017 Gentoo Foundation | ||
# Distributed under the terms of the GNU General Public License v2 | ||
# $Id$ | ||
|
||
EAPI="6" | ||
|
||
inherit eutils multilib user toolchain-funcs versionator | ||
|
||
DESCRIPTION="The PowerDNS Daemon" | ||
HOMEPAGE="https://www.powerdns.com/" | ||
SRC_URI="https://downloads.powerdns.com/releases/${P/_/-}.tar.bz2" | ||
|
||
LICENSE="GPL-2" | ||
SLOT="0" | ||
KEYWORDS="~amd64 ~x86" | ||
|
||
# other possible flags: | ||
# db2: we lack the dep | ||
# oracle: dito (need Oracle Client Libraries) | ||
# xdb: (almost) dead, surely not supported | ||
|
||
IUSE="botan debug doc geoip ldap lua luajit mydns mysql opendbx postgres protobuf remote sqlite systemd tools tinydns test" | ||
|
||
REQUIRED_USE="mydns? ( mysql ) ?? ( lua luajit )" | ||
|
||
RDEPEND=" | ||
dev-libs/openssl:= | ||
>=dev-libs/boost-1.35:= | ||
botan? ( =dev-libs/botan-1.10* ) | ||
lua? ( dev-lang/lua:= ) | ||
luajit? ( dev-lang/luajit:= ) | ||
mysql? ( virtual/mysql ) | ||
postgres? ( dev-db/postgresql:= ) | ||
ldap? ( >=net-nds/openldap-2.0.27-r4 ) | ||
sqlite? ( dev-db/sqlite:3 ) | ||
opendbx? ( dev-db/opendbx ) | ||
geoip? ( >=dev-cpp/yaml-cpp-0.5.1 dev-libs/geoip ) | ||
tinydns? ( >=dev-db/tinycdb-0.77 ) | ||
protobuf? ( dev-libs/protobuf )" | ||
DEPEND="${RDEPEND} | ||
virtual/pkgconfig | ||
doc? ( app-doc/doxygen )" | ||
|
||
S="${WORKDIR}"/${P/_/-} | ||
|
||
src_configure() { | ||
local dynmodules="pipe bind" # the default backends, always enabled | ||
|
||
#use db2 && dynmodules+=" db2" | ||
use ldap && dynmodules+=" ldap" | ||
use lua && dynmodules+=" lua" | ||
use mydns && dynmodules+=" mydns" | ||
use mysql && dynmodules+=" gmysql" | ||
use opendbx && dynmodules+=" opendbx" | ||
#use oracle && dynmodules+=" goracle oracle" | ||
use postgres && dynmodules+=" gpgsql" | ||
use remote && dynmodules+=" remote" | ||
use sqlite && dynmodules+=" gsqlite3" | ||
use tinydns && dynmodules+=" tinydns" | ||
use geoip && dynmodules+=" geoip" | ||
#use xdb && dynmodules+=" xdb" | ||
|
||
econf \ | ||
--disable-static \ | ||
--sysconfdir=/etc/powerdns \ | ||
--libdir=/usr/$(get_libdir)/powerdns \ | ||
--with-modules= \ | ||
--with-dynmodules="${dynmodules}" \ | ||
--with-pgsql-includes=/usr/include \ | ||
--with-pgsql-lib=/usr/$(get_libdir) \ | ||
--with-mysql-lib=/usr/$(get_libdir) \ | ||
$(use_enable botan botan1.10) \ | ||
$(use_enable debug verbose-logging) \ | ||
$(use_enable test unit-tests) \ | ||
$(use_enable tools) \ | ||
$(use_enable systemd) \ | ||
$(use_with lua) \ | ||
$(use_with luajit) \ | ||
$(use_with protobuf) \ | ||
${myconf} | ||
} | ||
|
||
src_compile() { | ||
default | ||
use doc && emake -C codedocs codedocs | ||
} | ||
|
||
src_install() { | ||
default | ||
|
||
mv "${D}"/etc/powerdns/pdns.conf{-dist,} | ||
|
||
fperms 0700 /etc/powerdns | ||
fperms 0600 /etc/powerdns/pdns.conf | ||
|
||
# set defaults: setuid=pdns, setgid=pdns | ||
sed -i \ | ||
-e 's/^# set\([ug]\)id=$/set\1id=pdns/g' \ | ||
"${D}"/etc/powerdns/pdns.conf | ||
|
||
doinitd "${FILESDIR}"/pdns | ||
|
||
keepdir /var/empty | ||
|
||
use doc && dohtml -r codedocs/html/. | ||
|
||
# Install development headers | ||
insinto /usr/include/pdns | ||
doins pdns/*.hh | ||
insinto /usr/include/pdns/backends/gsql | ||
doins pdns/backends/gsql/*.hh | ||
|
||
if use ldap ; then | ||
insinto /etc/openldap/schema | ||
doins "${FILESDIR}"/dnsdomain2.schema | ||
fi | ||
|
||
prune_libtool_files --all | ||
} | ||
|
||
pkg_preinst() { | ||
enewgroup pdns | ||
enewuser pdns -1 -1 /var/empty pdns | ||
} | ||
|
||
pkg_postinst() { | ||
elog "PowerDNS provides multiple instances support. You can create more instances" | ||
elog "by symlinking the pdns init script to another name." | ||
elog | ||
elog "The name must be in the format pdns.<suffix> and PowerDNS will use the" | ||
elog "/etc/powerdns/pdns-<suffix>.conf configuration file instead of the default." | ||
|
||
if use ldap ; then | ||
ewarn "The official LDAP backend module is only compile-tested by upstream." | ||
ewarn "Try net-dns/pdns-ldap-backend if you have problems with it." | ||
fi | ||
|
||
local old | ||
for old in ${REPLACING_VERSIONS}; do | ||
version_compare ${old} 3.2 | ||
[[ $? -eq 1 ]] || continue | ||
|
||
ewarn "To fix a security bug (bug #458018) had the following" | ||
ewarn "files/directories the world-readable bit removed (if set):" | ||
ewarn " ${EPREFIX}/etc/powerdns" | ||
ewarn " ${EPREFIX}/etc/powerdns/pdns.conf" | ||
ewarn "Check if this is correct for your setup" | ||
ewarn "This is a one-time change and will not happen on subsequent updates." | ||
chmod o-rwx "${EPREFIX}"/etc/powerdns/{,pdns.conf} | ||
|
||
break | ||
done | ||
} |