aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorStuart Cardall <developer@it-offshore.co.uk>2016-09-03 18:45:38 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2016-09-05 10:50:46 +0000
commit3c3956a49518a177c28f2ba8e1f0f67bcfba38b5 (patch)
treed5a2014022da50cd98ff3845d88868d536d3f2bc
parent3f5d9f5b72009b2fb8121347e01f81d7453ed017 (diff)
downloadaports-3c3956a49518a177c28f2ba8e1f0f67bcfba38b5.tar.bz2
aports-3c3956a49518a177c28f2ba8e1f0f67bcfba38b5.tar.xz
main/unbound: improve update-unbound-root-hints
nf_conntrack_ftp is needed for passive ftp to work through iptables with a default deny policy.
-rw-r--r--main/unbound/APKBUILD16
-rw-r--r--main/unbound/update-unbound-root-hints4
2 files changed, 12 insertions, 8 deletions
diff --git a/main/unbound/APKBUILD b/main/unbound/APKBUILD
index e6d46b1eb7..e2b5d22ffb 100644
--- a/main/unbound/APKBUILD
+++ b/main/unbound/APKBUILD
@@ -3,7 +3,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=unbound
pkgver=1.5.9
-pkgrel=0
+pkgrel=1
pkgdesc="Unbound is a validating, recursive, and caching DNS resolver"
pkgusers="unbound"
pkggroups="unbound"
@@ -21,10 +21,10 @@ source="http://unbound.net/downloads/unbound-$pkgver.tar.gz
migrate-dnscache-to-unbound
root.hints
unbound.initd"
+builddir="$srcdir"/$pkgname-$pkgver
-_builddir="$srcdir"/$pkgname-$pkgver
build() {
- cd "$_builddir"
+ cd "$builddir"
./configure \
--build=$CBUILD \
--host=$CHOST \
@@ -54,7 +54,7 @@ build() {
}
package() {
- cd "$_builddir"
+ cd "$builddir"
make DESTDIR="$pkgdir" install || return 1
install -D contrib/update-anchor.sh \
"$pkgdir"/usr/share/$pkgname/update-anchor.sh \
@@ -70,7 +70,7 @@ package() {
mkdir -p "$pkgdir"/usr/share/doc/$pkgname/
for name in CREDITS Changelog FEATURES README TODO; do
- install -m644 "$_builddir"/doc/$name \
+ install -m644 "$builddir"/doc/$name \
"$pkgdir"/usr/share/doc/$pkgname/$name || return 1
done
}
@@ -97,19 +97,19 @@ migrate() {
md5sums="0cefa62c1690b4db18583db84bff00e3 unbound-1.5.9.tar.gz
0b8eea5cab939465cfde0ed0ebeed9a9 conf.patch
-c1c71cd0e7f9630536a2abf2513c675d update-unbound-root-hints
+af62d1646f55dffadfb7fb530f73f261 update-unbound-root-hints
5340681e5ec1a1fd47a0de27f5c03c21 migrate-dnscache-to-unbound
ebffd03c9bbc05dd4d23502c34a527eb root.hints
b98eded68339fc605ec7e6cbb50e5aa3 unbound.initd"
sha256sums="01328cfac99ab5b8c47115151896a244979e442e284eb962c0ea84b7782b6990 unbound-1.5.9.tar.gz
7399f4efd0ad3866065ef7003d4be891c80a00584f67dc10da9773bed194c63f conf.patch
-0db3ca197b62901fab984cb2559925adbf3307ccd1dca3e1dd69cd1642ff0a36 update-unbound-root-hints
+e8b9db1f72351f246504067400a4b5723910191acd7f8f4971d7590fb3a183c3 update-unbound-root-hints
582851b4017044d8642c42c5df09b27494c963e1eebb8be3373b2dbd168d0ac0 migrate-dnscache-to-unbound
92670981d00ba52a7119552ebe39b4788f3f92e23ba078e44596cc8b78d7cdc9 root.hints
d9997000449179dc16f5084bf061453faf09094f843acb1d163757f8000c0cd7 unbound.initd"
sha512sums="a0f43a22d2c357b78482e5049fd77b100966964d861536169bd79379c02b96651e52c47f3f5001ac8e1ca474d41f784395adb44b61157487723f9f15287c97f4 unbound-1.5.9.tar.gz
90faa8bf352132b63f6b33cd7d7cac164df331272568e7a442d92e021fcf727334f6e28c11ed211bcd3eb62aa606c110e4931b514fecf388d0fbea3810b7530a conf.patch
-0f80b507a8f71b0c00729501d861657ce91a57024cd1963c150d0630c71eccceba370d6e732ff39bb807713672550d87a8c8ecdb9fce6b8b4386c12689603700 update-unbound-root-hints
+56768138200dc62901142956953f0b46e8951c7ed97a3678ec604bb424bef07e35a3a0cc937d1880188ac76151e5a020ce4b802126c516b192843ed9b39d15c8 update-unbound-root-hints
b26a13c1c88da9611a65705dc59f7233c5e0f6aced0d7d66c18536a969a2de627ca5d4bb55eedd81f2f040fa11bde48eaaeca2850f376e72e7a531678a259131 migrate-dnscache-to-unbound
419ccee43a2e925808cbfa4d37ab6d747a01455242b038571113aa04b5881d06b49d8ea3e637066da340bb1cdf458a7ac759bd513fa30841ed437ed91f123ca4 root.hints
540e7a11fa5421e2d103c42d69faf1ba005adcadfac2f65091795a2f00e5b5acd1436b4d2adfe2bb0fdfcbfb44d0967d6bce87620c618549fcd7e32019040f29 unbound.initd"
diff --git a/main/unbound/update-unbound-root-hints b/main/unbound/update-unbound-root-hints
index ee127ded37..69c5e537da 100644
--- a/main/unbound/update-unbound-root-hints
+++ b/main/unbound/update-unbound-root-hints
@@ -1,5 +1,9 @@
#!/bin/sh
+# to allow passive ftp through a default deny iptables firewall:
+# modprobe nf_conntrack_ftp
+# echo nf_conntrack_ftp >> /etc/modules
+
check_format() {
# check that we have some ipv4 addresses and some '.' hints
egrep -q '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]' "$1" \