-# Copyright 1999-2011 Gentoo Foundation
+# Copyright 1999-2012 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-dns/djbdns/djbdns-1.05-r24.ebuild,v 1.3 2011/04/04 18:58:49 c1pher Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-dns/djbdns/djbdns-1.05-r26.ebuild,v 1.5 2012/07/25 01:53:14 jer Exp $
EAPI="2"
-inherit eutils flag-o-matic toolchain-funcs
+inherit eutils flag-o-matic toolchain-funcs user
DESCRIPTION="Excellent high-performance DNS services"
HOMEPAGE="http://cr.yp.to/djbdns.html"
SLOT="0"
LICENSE="public-domain"
-KEYWORDS="~alpha ~amd64 ~hppa ~mips ~ppc ~ppc64 ~sparc ~x86"
+KEYWORDS="~alpha ~amd64 hppa ~mips ppc ppc64 ~sparc x86"
IUSE="doc ipv6 selinux static"
DEPEND=""
epatch \
"${FILESDIR}/headtail.patch" \
- "${FILESDIR}/dnsroots-r25.patch" \
+ "${FILESDIR}/dnsroots.patch" \
"${FILESDIR}/dnstracesort.patch" \
"${FILESDIR}/string_length_255.patch"
# Fix CVE2009-0858
epatch "${FILESDIR}/CVE2009-0858_0001-check-response-domain-name-length.patch"
- # Fix CVE2008-4392
- epatch \
- "${FILESDIR}/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries.patch" \
- "${FILESDIR}/CVE2008-4392_0002-dnscache-cache-soa-records.patch"
-
if use ipv6; then
elog "At present dnstrace does NOT support IPv6. It will"\
"be compiled without IPv6 support."
# Careful -- >=test21 of the IPv6 patch includes the errno patch
epatch "${DISTDIR}/${P}-${IPV6_PATCH}.diff.bz2"
- # Parts of the ipv6 patch fail due to the CVE2008-4392 fix above.
- # The following two patches fix those hunks.
+ # Fix CVE2008-4392
epatch \
- "${FILESDIR}/query.h-mjo.patch" \
- "${FILESDIR}/query.c-mjo.patch"
+ "${FILESDIR}/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries-ipv6.patch" \
+ "${FILESDIR}/CVE2008-4392_0002-dnscache-cache-soa-records-ipv6.patch" \
+ "${FILESDIR}/makefile-parallel.patch"
cd "${S}-noipv6"
fi
+ # Fix CVE2008-4392
+ epatch \
+ "${FILESDIR}/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries.patch" \
+ "${FILESDIR}/CVE2008-4392_0002-dnscache-cache-soa-records.patch"
+
epatch "${FILESDIR}/${PV}-errno.patch"
if [[ -n "${DJBDNS_PATCH_DIR}" && -d "${DJBDNS_PATCH_DIR}" ]]
fi
dodoc CHANGES FILES README SYSDEPS TARGETS TODO VERSION || die
-
- dobin "${FILESDIR}/dnscache-setup" || die
- dobin "${FILESDIR}/tinydns-setup" || die
- newbin "${FILESDIR}/djbdns-setup-r17" djbdns-setup || die
}
pkg_preinst() {
- # The nofiles group is provided by baselayout
+ # The nofiles group is no longer provided by baselayout.
+ # Share it with qmail if possible.
+ enewgroup nofiles 200
+
enewuser dnscache -1 -1 -1 nofiles
enewuser dnslog -1 -1 -1 nofiles
enewuser tinydns -1 -1 -1 nofiles
}
pkg_postinst() {
- elog "Use dnscache-setup & tinydns-setup or djbdns-setup to configure djbdns."
+ elog ''
+ elog 'The dnscache-setup, tinydns-setup, and djbdns-setup programs have'
+ elog 'been removed to follow upstream more closely. To configure djbdns,'
+ elog 'please follow the instructions at,'
+ elog ''
+ elog ' http://cr.yp.to/djbdns.html'
+ elog ''
+ elog 'Of particular interest are,'
+ elog ''
+ elog ' axfrdns : http://cr.yp.to/djbdns/axfrdns-conf.html'
+ elog ' dnscache: http://cr.yp.to/djbdns/run-cache-x-home.html'
+ elog ' tinydns : http://cr.yp.to/djbdns/run-server.html'
+ elog ''
+ elog 'Portage has created users for axfrdns, dnscache, and tinydns; the'
+ elog 'commands to configure these programs are,'
+ elog ''
+ elog ' 1. axfrdns-conf tinydns dnslog /var/axfrdns /var/tinydns $ip'
+ elog ' 2. dnscache-conf dnscache dnslog /var/dnscache $ip'
+ elog ' 3. tinydns-conf tinydns dnslog /var/tinydns $ip'
+ elog ''
+ elog '(replace $ip with the ip address on which the server will run).'
+ elog ''
+ elog 'If you wish to configure rbldns or walldns, you will need to create'
+ elog 'those users yourself (although you should still use the "dnslog"'
+ elog 'user for the logs):'
+ elog ''
+ elog ' 4. rbldns-conf $username dnslog /var/rbldns $ip $base'
+ elog ' 5. walldns-conf $username dnslog /var/walldns $ip'
+ elog ''
}