network/unbound: Updated for version 1.16.2.
Signed-off-by: Dave Woodfall <dave@slackbuilds.org>
This commit is contained in:
Badchay
Dave Woodfall
parent
e6c36a19c7
commit
e0749d740c
|
|
@ -13,3 +13,11 @@ not conflict with anything else on SlackBuilds:
|
|||
groupadd -g 304 unbound
|
||||
useradd -r -u 304 -g unbound -d /etc/unbound/ -s /sbin/nologin -c \
|
||||
'Unbound DNS resolver' unbound
|
||||
|
||||
Note: As of version 1.16.2, the script was almost entirely rewritten.
|
||||
The idea was not only to modernize the script, but also make the
|
||||
application more compatible with the Slackware architecture and to
|
||||
be as easy to "just install and run the app". Also to note:
|
||||
The control app titled unbound-countrol is enabled by
|
||||
default but can be disabled in unbound.conf. It's secure, binds
|
||||
to localhost and can't be used by non-root users.
|
||||
|
|
|
|||
|
|
@ -24,6 +24,7 @@ preserve_perms() {
|
|||
|
||||
preserve_perms etc/rc.d/rc.unbound.new
|
||||
config etc/unbound/unbound.conf.new
|
||||
config etc/logrotate.d/unbound.new
|
||||
|
||||
# MD5SUM d837bf4c42abb7048c90d720a579f829 is a file hash from the previous initscript.
|
||||
|
||||
|
|
|
|||
|
|
@ -7,7 +7,25 @@ UNBOUND=/usr/sbin/unbound
|
|||
CONFIG=/etc/unbound/unbound.conf
|
||||
PIDFILE=/var/run/unbound/unbound.pid
|
||||
|
||||
# Unbound-control is useful but I'm not going to cram it
|
||||
# down your throat. Set this to "yes" to disable unbound-control
|
||||
# initial setup.
|
||||
DISABLE_UNBOUND_CONTROL="no"
|
||||
|
||||
initchecks() {
|
||||
if [ ! -e $(dirname $PIDFILE) ]; then
|
||||
mkdir -p $(dirname $PIDFILE)
|
||||
chown unbound:unbound $(dirname $PIDFILE)
|
||||
fi
|
||||
if [ ! -e $(dirname $CONFIG)/unbound_server.pem ] && [ "$DISABLE_UNBOUND_CONTROL" == "no" ]; then
|
||||
echo "Unbound-control: unbound_server.pem not found."
|
||||
echo "Running initial setup: /usr/sbin/unbound-control-setup"
|
||||
/usr/sbin/unbound-control-setup || exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
start() {
|
||||
initchecks
|
||||
if [ -r $PIDFILE ]; then
|
||||
echo 'Unbound is already running!'
|
||||
return
|
||||
|
|
@ -27,6 +45,15 @@ stop() {
|
|||
rm -f $PIDFILE
|
||||
}
|
||||
|
||||
reload() {
|
||||
if [ ! -r $PIDFILE ]; then
|
||||
echo 'Unbound is not running.'
|
||||
return
|
||||
fi
|
||||
echo "Sending SIGHUP to Unbound..."
|
||||
kill -HUP `cat $PIDFILE`
|
||||
}
|
||||
|
||||
case "$1" in
|
||||
'start')
|
||||
start
|
||||
|
|
@ -39,8 +66,11 @@ case "$1" in
|
|||
sleep 1
|
||||
start
|
||||
;;
|
||||
'reload')
|
||||
reload
|
||||
;;
|
||||
*)
|
||||
echo "Usage: $0 {start|stop|restart}"
|
||||
echo "Usage: $0 {start|stop|reload|restart}"
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@ cd $(dirname $0) ; CWD=$(pwd)
|
|||
|
||||
PRGNAM=unbound
|
||||
VERSION=${VERSION:-1.16.2}
|
||||
BUILD=${BUILD:-1}
|
||||
BUILD=${BUILD:-2}
|
||||
TAG=${TAG:-_SBo}
|
||||
PKGTYPE=${PKGTYPE:-tgz}
|
||||
|
||||
|
|
@ -118,7 +118,7 @@ CXXFLAGS="$SLKCFLAGS" \
|
|||
make
|
||||
make install DESTDIR=$PKG
|
||||
|
||||
rm -f $PKG/usr/lib${LIBDIRSUFFIX}/libunbound.la
|
||||
rm -f --verbose $PKG/usr/lib${LIBDIRSUFFIX}/libunbound.la
|
||||
|
||||
find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | grep ELF \
|
||||
| cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true
|
||||
|
|
@ -133,8 +133,33 @@ cp -a doc/README* doc/FEATURES doc/CREDITS doc/TODO $PKG/usr/doc/$PRGNAM-$VERSIO
|
|||
head -n 1000 doc/Changelog > $PKG/usr/doc/$PRGNAM-$VERSION/Changelog
|
||||
touch -r doc/Changelog $PKG/usr/doc/$PRGNAM-$VERSION/Changelog
|
||||
|
||||
# Save the upstream unbound.conf and set some reasonable defaults:
|
||||
# 1) Set the default log path to /var/log/unbound/
|
||||
# 2) Enable Unbound control interface. It's used for logrotate script
|
||||
# but also gives you the power to control your process without
|
||||
# restarts/reloads. It binds to localhost and cannot be used by
|
||||
# unprivileged users.
|
||||
# 3) Change timestamps to ASCII format (from Epoch).
|
||||
# 4) Turn off chroot.
|
||||
# 5) Disable systemd socket activation.
|
||||
cp -a $PKG/etc/unbound/unbound.conf $PKG/etc/unbound/unbound.conf.upstream
|
||||
sed -i \
|
||||
-e 's/# control-interface:/control-interface:/g' \
|
||||
-e 's/# control-enable: no/control-enable: yes/g' \
|
||||
-e 's/# log-time-ascii: no/log-time-ascii: yes/g' \
|
||||
-e 's/# use-systemd: no/use-systemd: no/g' \
|
||||
-e 's/# logfile: ""/logfile: "\/var\/log\/unbound\/unbound.log"/g' \
|
||||
-e 's/# chroot: "\/etc\/unbound"/chroot: ""/g' \
|
||||
$PKG/etc/unbound/unbound.conf \
|
||||
|
||||
mkdir -p $PKG/var/run/unbound
|
||||
chown $USER:$GROUP $PKG/var/run/unbound/
|
||||
mkdir -p $PKG/var/log/unbound
|
||||
mkdir -p $PKG/etc/logrotate.d
|
||||
|
||||
chown $UB_USER:$UB_GROUP $PKG/var/run/unbound/
|
||||
chown $UB_USER:$UB_GROUP $PKG/var/log/unbound/
|
||||
|
||||
cp -a $CWD/unbound.logrotate $PKG/etc/logrotate.d/unbound.new
|
||||
mv $PKG/etc/unbound/unbound.conf $PKG/etc/unbound/unbound.conf.new
|
||||
install -m 0644 -D $CWD/rc.unbound $PKG/etc/rc.d/rc.unbound.new
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,11 @@
|
|||
/var/log/unbound/unbound.log {
|
||||
su unbound unbound
|
||||
notifempty
|
||||
missingok
|
||||
rotate 7
|
||||
postrotate
|
||||
# Try using unbound-control to start a new log
|
||||
# On fail, fall back to using a HUP signal
|
||||
/usr/sbin/unbound-control log_reopen || bash /etc/rc.d/rc.unbound reload
|
||||
endscript
|
||||
}
|
||||
Loading…
Reference in New Issue