diff options
| author | tcely <tcely@users.noreply.github.com> | 2019-08-03 15:36:24 -0400 |
|---|---|---|
| committer | Leo <thinkabit.ukim@gmail.com> | 2019-08-10 11:09:46 -0300 |
| commit | 97f66ec899bf2ca4ea9ff11808fcde0c1e7296f7 (patch) | |
| tree | 1999d2e32076fcc97f49328ea6a7c5bdd9042a33 /community/pdns | |
| parent | 2a8e2740dfd35a050de8f674bac24046eccf1544 (diff) | |
| download | aports-97f66ec899bf2ca4ea9ff11808fcde0c1e7296f7.tar.bz2 aports-97f66ec899bf2ca4ea9ff11808fcde0c1e7296f7.tar.xz | |
community/pdns: script schema change
Diffstat (limited to 'community/pdns')
| -rw-r--r-- | community/pdns/APKBUILD | 18 | ||||
| -rw-r--r-- | community/pdns/README.alpine | 6 | ||||
| -rw-r--r-- | community/pdns/pdns-backend-pgsql.post-upgrade | 63 |
3 files changed, 75 insertions, 12 deletions
diff --git a/community/pdns/APKBUILD b/community/pdns/APKBUILD index 897d631309..9880ebb9f6 100644 --- a/community/pdns/APKBUILD +++ b/community/pdns/APKBUILD @@ -6,7 +6,7 @@ # Maintainer: Matt Smith <mcs@darkregion.net> pkgname=pdns pkgver=4.1.11 -pkgrel=0 +pkgrel=1 pkgdesc="PowerDNS Authoritative Server" url="https://www.powerdns.com/" arch="all !s390x" @@ -16,7 +16,7 @@ makedepends="$depends_dev libsodium-dev lua-dev mariadb-connector-c-dev openldap-dev postgresql-dev protobuf-dev sqlite-dev unixodbc-dev yaml-cpp-dev" -install="$pkgname.pre-install" +install="$pkgname.pre-install $pkgname-backend-pgsql.post-upgrade" subpackages="$pkgname-doc $pkgname-openrc $pkgname-tools $pkgname-backend-bind:backend_bind $pkgname-backend-geoip:backend_geoip @@ -37,7 +37,6 @@ source="https://downloads.powerdns.com/releases/pdns-$pkgver.tar.bz2 $pkgname.initd $pkgname.conf 4.1.10_to_4.1.11.schema.pgsql.sql.patch - README.alpine " # secfixes: @@ -83,7 +82,7 @@ package() { "$pkgdir/etc/$pkgname/$pkgname.conf" chown pdns:pdns "$pkgdir/etc/$pkgname/$pkgname.conf" - install -Dm644 "$srcdir"/README.alpine "$pkgdir"/usr/share/doc/$pkgname/README.alpine + cp -p "$pkgdir/usr/share/doc/pdns/4.1.10_to_4.1.11.schema.pgsql.sql" "$pkgdir/etc/$pkgname/" } tools() { @@ -137,8 +136,15 @@ backend_remote() { _mv_backend remote; } backend_sqlite3() { _mv_backend gsqlite3 sqlite; } #backend_tinydns() { _mv_backend tinydns; } +# temporary split for 4.1.11 schema fix +backend_pgsql() { + _mv_backend gpgsql postgresql-client + + mkdir -p "$subpkgdir/etc/$pkgname" + mv "$pkgdir/etc/$pkgname/4.1.10_to_4.1.11.schema.pgsql.sql" "$subpkgdir/etc/$pkgname/" +} + sha512sums="18215f523a39d48c8756bc13ecae1bd78967c2d66619d93ddaafb13062690002a9bdfe1d337796820706692c449286c7b9e9b8d45933684d32acbc20e490c0c4 pdns-4.1.11.tar.bz2 3a55547e1b6407e7d2faa6e02982ed903c2364381af1b7eeb626ae3a8b0e32558dd79bf31c982b134414e5636d4868c1f3660ac523f25d2440ed6f7b436843bf pdns.initd 3f809f3257680c3e496fa6a4c86c8a636db5d9d5b92aef96fe54c29b8266ee590deb792d13205cc171e27307fa73295dd3b101b09102fd66a2393a7cdbf9dd27 pdns.conf -a3caac012fae6d53afa9d08eaf4d2e70b406197e586b6716e0a9177d3833165493a55bf119669fd29c4397a8230a33982e38ef0b5a6883d71ee8869c06f0fe22 4.1.10_to_4.1.11.schema.pgsql.sql.patch -f2781a23e14bea9b4bbb84f3b596663c76359c449ef6fd39c87b5ea1163c47e01c5ba490c804709033598f0542ac558bde477729ad1ab9f17d49606fa61b2049 README.alpine" +a3caac012fae6d53afa9d08eaf4d2e70b406197e586b6716e0a9177d3833165493a55bf119669fd29c4397a8230a33982e38ef0b5a6883d71ee8869c06f0fe22 4.1.10_to_4.1.11.schema.pgsql.sql.patch" diff --git a/community/pdns/README.alpine b/community/pdns/README.alpine deleted file mode 100644 index 625cb68d2b..0000000000 --- a/community/pdns/README.alpine +++ /dev/null @@ -1,6 +0,0 @@ -When upgrading from 4.1.10 and previous: - -This release contains a fix for CVE-2019-10203 -Upgrading is not enough you need to manually apply the schema change - -ALTER TABLE domains ALTER notified_serial TYPE bigint USING CASE WHEN notified_serial >= 0 THEN notified_serial::bigint END; diff --git a/community/pdns/pdns-backend-pgsql.post-upgrade b/community/pdns/pdns-backend-pgsql.post-upgrade new file mode 100644 index 0000000000..bd3dc67bdc --- /dev/null +++ b/community/pdns/pdns-backend-pgsql.post-upgrade @@ -0,0 +1,63 @@ +#!/bin/sh + +schema_file='/etc/pdns/4.1.10_to_4.1.11.schema.pgsql.sql' + +configs() { + find /etc/pdns -name pdns.conf -print -o -name 'pdns-*.conf' -print +} + +search_configs() { + local includedir + + includedir="$(grep '^include-dir=' "$1" | cut -d = -f 2- | tail -n 1)" + grep "^${2}=" "$1" ${includedir:+"$includedir"/*.conf} 2>/dev/null | tail -n 1 +} + +check_launch() { + search_configs "$1" launch | grep -q gpgsql +} + +psqlcmd() { + /usr/bin/psql -1 -w -f "$schema_file" "$@" +} + +pgsqlvars() { + local cfg extra passfile password tmp + cfg="$1" + extra="$(search_configs "$cfg" gpgsql-extra-connection-parameters | cut -d = -f 2-)" + tmp="$(mktemp -d -q)" + passfile="${tmp:-/tmp}/pgsql.passfile" + + PGDATABASE="$(search_configs "$cfg" gpgsql-dbname | cut -d = -f 2-)" + PGHOST="$(search_configs "$cfg" gpgsql-host | cut -d = -f 2-)" + PGPORT="$(search_configs "$cfg" gpgsql-port | cut -d = -f 2-)" + PGUSER="$(search_configs "$cfg" gpgsql-user | cut -d = -f 2-)" + + PGPASSFILE="$passfile" + touch "$passfile" + chmod 0600 "$passfile" + password="$(search_configs "$cfg" gpgsql-password | cut -d = -f 2- | sed -e 's,['\'':],\\&,g')" + printf > "$passfile" -- '*:*:*:*:%s\n' "$password" + unset -v password + + for ev in DATABASE HOST PORT USER PASSFILE; do + eval test -n \"\${PG${ev}}\" || continue + export "PG${ev}" + done + + psqlcmd ${extra:+"$extra"} + + for ev in DATABASE HOST PORT USER PASSFILE; do + unset -v "PG${ev}" + done + rm -f "$passfile" + rmdir "$tmp" 2>/dev/null +} + +for c in $(configs); do + check_launch "$c" || continue + + pgsqlvars "$c" +done; unset -v c + +exit 0 |