diff options
author | Sven Wegener <swegener@gentoo.org> | 2015-05-18 18:40:16 +0000 |
---|---|---|
committer | Sven Wegener <swegener@gentoo.org> | 2015-05-18 18:40:16 +0000 |
commit | 9b4223d6d2e891691322a97ab079565e7e770ddc (patch) | |
tree | 30c013e6db838bffb2e30c3ec1ce13c2ef78cb40 /net-dns/pdns/pdns-3.3.2.ebuild | |
parent | Add dependency to boost (diff) | |
download | gentoo-2-9b4223d6d2e891691322a97ab079565e7e770ddc.tar.gz gentoo-2-9b4223d6d2e891691322a97ab079565e7e770ddc.tar.bz2 gentoo-2-9b4223d6d2e891691322a97ab079565e7e770ddc.zip |
Version bump, security bug #547550. Also fixes bug #527014 and #541916.
(Portage version: 2.2.18/cvs/Linux x86_64, signed Manifest commit with key 0x64D4CF24)
Diffstat (limited to 'net-dns/pdns/pdns-3.3.2.ebuild')
-rw-r--r-- | net-dns/pdns/pdns-3.3.2.ebuild | 186 |
1 files changed, 186 insertions, 0 deletions
diff --git a/net-dns/pdns/pdns-3.3.2.ebuild b/net-dns/pdns/pdns-3.3.2.ebuild new file mode 100644 index 000000000000..32e87f46cc99 --- /dev/null +++ b/net-dns/pdns/pdns-3.3.2.ebuild @@ -0,0 +1,186 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-dns/pdns/pdns-3.3.2.ebuild,v 1.1 2015/05/18 18:40:16 swegener Exp $ + +EAPI=5 + +inherit autotools eutils multilib systemd user toolchain-funcs versionator + +DESCRIPTION="The PowerDNS Daemon" +HOMEPAGE="http://www.powerdns.com/" +SRC_URI="http://downloads.powerdns.com/releases/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" + +# other possible flags: +# db2: we lack the dep +# oracle: dito (need Oracle Client Libraries) +# xdb: (almost) dead, surely not supported + +IUSE="botan cryptopp debug doc ldap lua mydns mysql odbc opendbx postgres remote +remote-http sqlite static tools tinydns test" + +REQUIRED_USE="mydns? ( mysql )" + +RDEPEND="!static? ( + net-libs/polarssl + >=dev-libs/boost-1.34:= + botan? ( =dev-libs/botan-1.10* ) + cryptopp? ( dev-libs/crypto++ ) + lua? ( dev-lang/lua:= ) + mysql? ( virtual/mysql ) + postgres? ( dev-db/postgresql:= ) + ldap? ( >=net-nds/openldap-2.0.27-r4 ) + sqlite? ( dev-db/sqlite:3 ) + odbc? ( dev-db/unixODBC ) + opendbx? ( dev-db/opendbx ) + remote-http? ( net-misc/curl ) + tinydns? ( dev-db/cdb ) )" +DEPEND="${RDEPEND} + virtual/pkgconfig + static? ( + >=net-libs/polarssl-1.3.0[static-libs(+)] + >=dev-libs/boost-1.34[static-libs(+)] + botan? ( =dev-libs/botan-1.10*[static-libs(+)] ) + cryptopp? ( dev-libs/crypto++[static-libs(+)] ) + lua? ( dev-lang/lua:=[static-libs(+)] ) + mysql? ( virtual/mysql[static-libs(+)] ) + postgres? ( dev-db/postgresql[static-libs(+)] ) + ldap? ( >=net-nds/openldap-2.0.27-r4[static-libs(+)] ) + sqlite? ( dev-db/sqlite:3[static-libs(+)] ) + odbc? ( dev-db/unixODBC[static-libs(+)] ) + opendbx? ( dev-db/opendbx[static-libs(+)] ) + remote-http? ( net-misc/curl[static-libs(+)] ) + tinydns? ( dev-db/cdb ) ) + doc? ( app-doc/doxygen )" + +src_prepare() { + epatch \ + "${FILESDIR}/${PN}-3.3.1-fix-curl-link.patch" + eautoreconf + + # fix for automake now generating .hh instead of .h, bug #504244 and #504246 + cp -a pdns/backends/bind/{bindparser.h,bindparser.hh} +} + +src_configure() { + local dynmodules="pipe geo" # the default backends, always enabled + local modules="" + + #use db2 && dynmodules+=" db2" + use ldap && dynmodules+=" ldap" + use lua && dynmodules+=" lua" + use mydns && dynmodules+=" mydns" + use mysql && dynmodules+=" gmysql" + use odbc && dynmodules+=" godbc" + use opendbx && dynmodules+=" opendbx" + #use oracle && dynmodules+=" goracle oracle" + use postgres && dynmodules+=" gpgsql" + use remote && dynmodules+=" remote" + use sqlite && dynmodules+=" gsqlite3" + use tinydns && dynmodules+=" tinydns" + #use xdb && dynmodules+=" xdb" + + if use static ; then + modules="${dynmodules}" + dynmodules="" + fi + + use botan && myconf+=" --enable-botan1.10" + use cryptopp && myconf+=" --enable-cryptopp" + use debug && myconf+=" --enable-verbose-logging" + use remote-http && myconf+=" --enable-remotebackend-http" + + econf \ + --with-system-polarssl \ + --disable-static \ + --sysconfdir=/etc/powerdns \ + --libdir=/usr/$(get_libdir)/powerdns \ + --with-modules="${modules}" \ + --with-dynmodules="${dynmodules}" \ + --with-pgsql-includes=/usr/include \ + --with-pgsql-lib=/usr/$(get_libdir) \ + --with-mysql-lib=/usr/$(get_libdir) \ + $(use_enable test unit-tests) \ + $(use_with lua) \ + $(use_enable static static-binaries) \ + $(use_enable tools) \ + ${myconf} +} + +src_compile() { + default + use doc && emake -C codedocs codedocs +} + +src_install () { + default + + mv "${D}"/etc/powerdns/pdns.conf{-dist,} + + fperms 0700 /etc/powerdns + fperms 0600 /etc/powerdns/pdns.conf + + # set defaults: setuid=pdns, setgid=pdns + sed -i \ + -e 's/^# set\([ug]\)id=$/set\1id=pdns/g' \ + "${D}"/etc/powerdns/pdns.conf + + doinitd "${FILESDIR}"/pdns + systemd_newunit contrib/systemd-pdns.service pdns.service + + keepdir /var/empty + + use doc && dohtml -r codedocs/html/. + + # Install development headers + insinto /usr/include/pdns + doins pdns/*.hh + insinto /usr/include/pdns/backends/gsql + doins pdns/backends/gsql/*.hh + + if use ldap ; then + insinto /etc/openldap/schema + doins "${FILESDIR}"/dnsdomain2.schema + fi + + prune_libtool_files --all +} + +pkg_preinst() { + enewgroup pdns + enewuser pdns -1 -1 /var/empty pdns +} + +pkg_postinst() { + elog "PowerDNS provides multiple instances support. You can create more instances" + elog "by symlinking the pdns init script to another name." + elog + elog "The name must be in the format pdns.<suffix> and PowerDNS will use the" + elog "/etc/powerdns/pdns-<suffix>.conf configuration file instead of the default." + + if use ldap ; then + ewarn "The official LDAP backend module is only compile-tested by upstream." + ewarn "Try net-dns/pdns-ldap-backend if you have problems with it." + fi + + local fix_perms=0 + + for rv in ${REPLACING_VERSIONS} ; do + version_compare ${rv} 3.2 + [[ $? -eq 1 ]] && fix_perms=1 + done + + if [[ $fix_perms -eq 1 ]] ; then + ewarn "To fix a security bug (bug #458018) had the following" + ewarn "files/directories the world-readable bit removed (if set):" + ewarn " ${EPREFIX}/etc/pdns" + ewarn " ${EPREFIX}/etc/pdns/pdns.conf" + ewarn "Check if this is correct for your setup" + ewarn "This is a one-time change and will not happen on subsequent updates." + chmod o-rwx "${EPREFIX}"/etc/pdns/{,pdns.conf} + fi + +} |