main/unbound: fix and improve runscript

* Set pidfile location in runscript. It's OpenRC's job to manage pidfile,
  not unbound's business.
* Use standard checkconfig command for checking config, but keep
  configtest for backward compatibility.

4 files changed, 43 insertions, 27 deletions

diff --git a/main/unbound/APKBUILD b/main/unbound/APKBUILD
index 1a749ef6c6..c38cbfb5ba 100644
--- a/main/unbound/APKBUILD
+++ b/main/unbound/APKBUILD
@@ -37,7 +37,7 @@ build() {
 		--localstatedir=/var \
 		--with-username=unbound \
 		--with-run-dir="" \
-		--with-pidfile=/var/run/unbound/unbound.pid \
+		--with-pidfile="" \
 		--with-rootkey-file=/usr/share/dnssec-root/trusted-key.key \
 		--with-libevent \
 		--with-ldns \
@@ -96,9 +96,9 @@ migrate() {
 }
 
 sha512sums="6e3d1a057081252183343d0d1b8ace742ab15e8f5244e61287340f49289d7449bed93fbfdaa3194c0e99ca23948f4b33038f75af5c5b26c938004d06fc3031e0  unbound-1.6.7.tar.gz
-90faa8bf352132b63f6b33cd7d7cac164df331272568e7a442d92e021fcf727334f6e28c11ed211bcd3eb62aa606c110e4931b514fecf388d0fbea3810b7530a  conf.patch
+bd51769e3e2d6035df1abbf220038a56a69795a092b5f31005e1910c6c88e334d7e71fe16d874885ef74c597f3a1d7af50f9ad9736ba7ebb10ae50178828661c  conf.patch
 b16b7b15392c0d560718ee543f1eebc5617085fb30d61cddc20dd948bd8b1634ee5b2de1c9cb172a6c0d1c5bbaf98b6fd39816d39c72a43ff619455449e668ac  update-unbound-root-hints
 b26a13c1c88da9611a65705dc59f7233c5e0f6aced0d7d66c18536a969a2de627ca5d4bb55eedd81f2f040fa11bde48eaaeca2850f376e72e7a531678a259131  migrate-dnscache-to-unbound
 0dca3470ed4ca9b76d6f47f5d20e92924e6648f0870d8594fe6735d8f1cdfeeee7296301066c2a8b2b94f7daed86c15efe00c301ca27e435e5dd2c85508dc9c8  root.hints
-3ca18510ba186a0c7e39eea300b3661f5f64d76a19c9512fa117813ba0ef771316f36ed420ad03ed2350b2bec751444c27aaa172c3e05ff36a06a3a30f7e111d  unbound.initd
-9b9fea2a0f2873b737bde482e28693241a21d7e959e775ffdf8c033a7ca7388812b126b210c6ba21c8c958c14f4f6c515a18ce2971c396a528336a37d7a89e3a  unbound.confd"
+d8392a6d238b46fd207d57eb2d23d0806d070c203ae196a6c2a6a4f7de4c95beecee86640649ff7dcc1cec3d3edcd313e8d91bff4188bdc1133b12fe6eff554e  unbound.initd
+40c660f275a78f93677761f52bdf7ef151941e8469dd17767a947dbe575880e0d113c320d15c7ea7e12ef636d8ec9453eeae804619678293fa35e3d4c7e75a71  unbound.confd"
diff --git a/main/unbound/conf.patch b/main/unbound/conf.patch
index 4d1642f4c9..368de24f7e 100644
--- a/main/unbound/conf.patch
+++ b/main/unbound/conf.patch
@@ -1,8 +1,12 @@
-diff -upr unbound-1.5.7.orig/doc/example.conf.in unbound-1.5.7/doc/example.conf.in
---- unbound-1.5.7.orig/doc/example.conf.in	2015-12-10 08:59:18.000000000 +0100
-+++ unbound-1.5.7/doc/example.conf.in	2015-12-11 23:12:55.910074485 +0100
-@@ -243,7 +243,7 @@ server:
+--- a/doc/example.conf.in
++++ b/doc/example.conf.in
+@@ -308,12 +308,9 @@
+ 	# timetoresolve, fromcache and responsesize.
+ 	# log-replies: no
  
+-	# the pid file. Can be an absolute path outside of chroot/work dir.
+-	# pidfile: "@UNBOUND_PIDFILE@"
+-
  	# file to read root hints from.
  	# get one from https://www.internic.net/domain/named.cache
 -	# root-hints: ""
@@ -10,16 +14,16 @@ diff -upr unbound-1.5.7.orig/doc/example.conf.in unbound-1.5.7/doc/example.conf.
  
  	# enable to not answer id.server and hostname.bind queries.
  	# hide-identity: no
-@@ -367,7 +367,7 @@ server:
+@@ -450,7 +447,7 @@
  	# you start unbound (i.e. in the system boot scripts).  And enable:
  	# Please note usage of unbound-anchor root anchor is at your own risk
  	# and under the terms of our LICENSE (see that file in the source).
 -	# auto-trust-anchor-file: "@UNBOUND_ROOTKEY_FILE@"
 +	# auto-trust-anchor-file: ""
  
- 	# File with DLV trusted keys. Same format as trust-anchor-file.
- 	# There can be only one DLV configured, it is trusted from root down.
-@@ -378,7 +378,7 @@ server:
+ 	# trust anchor signaling sends a RFC8145 key tag query after priming.
+ 	# trust-anchor-signaling: yes
+@@ -464,7 +461,7 @@
  	# with several entries, one file per entry.
  	# Zone file format, with DS and DNSKEY entries.
  	# Note this gets out of date, use auto-trust-anchor-file please.
diff --git a/main/unbound/unbound.confd b/main/unbound/unbound.confd
index 883e10ca33..c42106dba8 100644
--- a/main/unbound/unbound.confd
+++ b/main/unbound/unbound.confd
@@ -1,2 +1,8 @@
-# enable debugging (verbose -vv)
-#command_args="-v"
+# Configuration for /etc/init.d/unbound
+
+# Path of the configuration file.
+#cfgfile="/etc/unbound/$RC_SVCNAME.conf"
+
+# Additional arguments for the unbound command.
+# Add "-v" to enable verbose logging (more times to increase verbosity).
+#command_args=""
diff --git a/main/unbound/unbound.initd b/main/unbound/unbound.initd
index 43cf31a6f1..b58a3e6051 100644
--- a/main/unbound/unbound.initd
+++ b/main/unbound/unbound.initd
@@ -1,19 +1,22 @@
 #!/sbin/openrc-run
 
-name="unbound daemon"
-extra_commands="configtest"
+extra_commands="checkconfig configtest"
 extra_started_commands="reload"
+
+name="unbound daemon"
 description="unbound is a Domain Name Server (DNS) that is used to resolve host names to IP address."
-description_configtest="Run syntax tests for configuration files only."
+description_checkconfig="Run syntax tests for configuration files only."
 description_reload="Kills all children and reloads the configuration."
 
 # Upper case variables are here only for backward compatibility.
 : ${cfgfile:=${UNBOUND_CONFFILE:-/etc/unbound/$RC_SVCNAME.conf}}
 
-command=/usr/sbin/unbound
+command="/usr/sbin/unbound"
 command_args="-d $command_args"
 command_background=yes
-checkconf=/usr/sbin/unbound-checkconf
+pidfile="/run/$RC_SVCNAME.pid"
+
+required_files="$cfgfile"
 
 depend() {
 	need net
@@ -22,21 +25,24 @@ depend() {
 	after auth-dns
 }
 
+checkconfig() {
+	ebegin "Checking $cfgfile"
+	/usr/sbin/unbound-checkconf -f "$cfgfile" >/dev/null
+	eend $?
+}
+
 configtest() {
-	einfo "Checking: $cfgfile" # don't show errors twice
-	pidfile=$($checkconf -o pidfile "$cfgfile" 2>/dev/null)
-	$checkconf -f $cfgfile 1>/dev/null
-	return $?
+	ewarn "This command is deprecated, use checkconfig instead"
+	checkconfig
 }
 
 start_pre() {
-	configtest || return $?
-	checkpath --directory ${pidfile%/*}
-	einfo "Using pidfile: $pidfile"
+	checkconfig
 }
 
 reload() {
-	configtest || return $?
+	start_pre || return $?
+
 	ebegin "Reloading $name"
 	start-stop-daemon --signal HUP --pidfile "$pidfile"
 	eend $?