1 # Copyright 1999-2014 Gentoo Foundation
2 # Distributed under the terms of the GNU General Public License v2
3 # $Header: /var/cvsroot/gentoo-x86/net-dns/djbdns/djbdns-1.05-r29.ebuild,v 1.3 2014/07/17 12:37:40 nimiux Exp $
6 inherit eutils flag-o-matic readme.gentoo toolchain-funcs user
8 DESCRIPTION="Collection of DNS client/server software"
9 HOMEPAGE="http://cr.yp.to/djbdns.html"
12 SRC_URI="http://cr.yp.to/djbdns/${P}.tar.gz
13 http://smarden.org/pape/djb/manpages/${P}-man.tar.gz
14 ipv6? ( http://www.fefe.de/dns/${P}-${IPV6_PATCH}.diff.bz2 )"
17 LICENSE="public-domain"
18 KEYWORDS="~alpha amd64 hppa ~mips ~ppc ~ppc64 ~sparc ~x86"
21 DEPEND="!app-doc/djbdns-man"
25 selinux? ( sec-policy/selinux-djbdns )"
29 "${FILESDIR}/headtail.patch" \
30 "${FILESDIR}/dnsroots.patch" \
31 "${FILESDIR}/dnstracesort.patch" \
32 "${FILESDIR}/string_length_255.patch"
35 epatch "${FILESDIR}/CVE2009-0858_0001-check-response-domain-name-length.patch"
38 elog 'At present dnstrace does NOT support IPv6. It will'\
39 'be compiled without IPv6 support.'
41 # Create a separate copy of the source tree for dnstrace.
42 cp -pR "${S}" "${S}-noipv6" || die
45 epatch "${WORKDIR}/${P}-${IPV6_PATCH}.diff"
47 # Fix CVE2008-4392 (ipv6)
49 "${FILESDIR}/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries-ipv6-${IPV6_PATCH}.patch" \
50 "${FILESDIR}/CVE2008-4392_0002-dnscache-cache-soa-records-ipv6.patch" \
51 "${FILESDIR}/makefile-parallel.patch"
53 cd "${S}-noipv6" || die
56 # Fix CVE2008-4392 (no ipv6)
58 "${FILESDIR}/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries.patch" \
59 "${FILESDIR}/CVE2008-4392_0002-dnscache-cache-soa-records.patch"
61 # Later versions of the ipv6 patch include this, but even if
62 # USE=ipv6, we're in the ${S}-noipv6 directory at this point.
63 epatch "${FILESDIR}/${PV}-errno.patch"
69 echo "$(tc-getCC) ${CFLAGS}" > conf-cc || die
70 echo "$(tc-getCC) ${LDFLAGS}" > conf-ld || die
71 echo "/usr" > conf-home || die
74 # If djbdns is compiled with IPv6 support, it breaks dnstrace.
75 # Therefore we must compile dnstrace separately without IPv6
78 elog 'Compiling dnstrace without ipv6 support'
79 cp conf-cc conf-ld conf-home "${S}-noipv6/" || die
80 cd "${S}-noipv6" || die
90 dobin *-conf dnscache tinydns walldns rbldns pickdns axfrdns \
91 *-get *-data *-edit dnsip dnsipq dnsname dnstxt dnsmx \
92 dnsfilter random-ip dnsqr dnsq dnstrace dnstracesort
95 dobin dnsip6 dnsip6q "${S}-noipv6/dnstrace"
100 cd "${WORKDIR}/${PN}-man" || die
103 readme.gentoo_create_doc
107 # The nofiles group is no longer provided by baselayout.
108 # Share it with qmail if possible.
109 enewgroup nofiles 200
111 enewuser dnscache -1 -1 -1 nofiles
112 enewuser dnslog -1 -1 -1 nofiles
113 enewuser tinydns -1 -1 -1 nofiles
116 DISABLE_AUTOFORMATTING=1
117 FORCE_PRINT_ELOG=1 # remove after this message sees the stable tree
119 The dnscache-setup, tinydns-setup, and djbdns-setup programs have
120 been removed to follow upstream more closely. To configure djbdns,
121 please follow the instructions at,
123 http://cr.yp.to/djbdns.html
125 Of particular interest are,
127 axfrdns : http://cr.yp.to/djbdns/axfrdns-conf.html
128 dnscache: http://cr.yp.to/djbdns/run-cache-x-home.html
129 tinydns : http://cr.yp.to/djbdns/run-server.html
131 Portage has created users for axfrdns, dnscache, and tinydns; the
132 commands to configure these programs are,
134 1. axfrdns-conf tinydns dnslog /var/axfrdns /var/tinydns $ip
135 2. dnscache-conf dnscache dnslog /var/dnscache $ip
136 3. tinydns-conf tinydns dnslog /var/tinydns $ip
138 (replace $ip with the ip address on which the server will run).
140 If you wish to configure rbldns or walldns, you will need to create
141 those users yourself (although you should still use the "dnslog"
144 4. rbldns-conf $username dnslog /var/rbldns $ip $base
145 5. walldns-conf $username dnslog /var/walldns $ip