diff options
author | Matt Smith <mcs@darkregion.net> | 2011-03-29 23:40:36 -0500 |
---|---|---|
committer | Matt Smith <mcs@darkregion.net> | 2011-03-29 23:40:36 -0500 |
commit | 4346c9975804621d2e276ef1a12c0695dce71eb1 (patch) | |
tree | 2a5e5b38423947a52d303068a2344d2bf6c65d09 /main | |
parent | f3e054e83191c6bddd83f639c8826e829b790e91 (diff) | |
download | aports-4346c9975804621d2e276ef1a12c0695dce71eb1.tar.bz2 aports-4346c9975804621d2e276ef1a12c0695dce71eb1.tar.xz |
main/nsd: moved from testing
Diffstat (limited to 'main')
-rw-r--r-- | main/nsd/0010-stop-unlink-pid-error.patch | 26 | ||||
-rw-r--r-- | main/nsd/APKBUILD | 76 | ||||
-rw-r--r-- | main/nsd/nsd.confd | 15 | ||||
-rw-r--r-- | main/nsd/nsd.initd | 420 | ||||
-rw-r--r-- | main/nsd/nsd.post-deinstall | 4 | ||||
-rw-r--r-- | main/nsd/nsd.pre-install | 4 | ||||
-rw-r--r-- | main/nsd/nsdc | 30 |
7 files changed, 575 insertions, 0 deletions
diff --git a/main/nsd/0010-stop-unlink-pid-error.patch b/main/nsd/0010-stop-unlink-pid-error.patch new file mode 100644 index 000000000..24175df33 --- /dev/null +++ b/main/nsd/0010-stop-unlink-pid-error.patch @@ -0,0 +1,26 @@ +This patch prevents nsd from attempting to unlink the pidfile on nsd +shutdown. The reason for this is because we get a permission denied +error in nsd.log when it attempts to do so. + +I think this is needed because of how normal OpenRC init scripts are +designed and handled. + +See the included /etc/init.d/nsd (nsd.initd) for my conversion of the +nsdc script that's normally distributed with nsd. The included nsdc +script is a wrapper for the converted OpenRC init script, designed to +maintain compatibility. + +Matt Smith <msmith@alpinelinux.org> + + +--- a/server.c ++++ b/server.c +@@ -1167,7 +1167,7 @@ + close(fd); + + /* Unlink it if possible... */ +- unlinkpid(nsd->pidfile); ++ //unlinkpid(nsd->pidfile); + + if(reload_listener.fd > 0) { + sig_atomic_t cmd = NSD_QUIT; diff --git a/main/nsd/APKBUILD b/main/nsd/APKBUILD new file mode 100644 index 000000000..758570294 --- /dev/null +++ b/main/nsd/APKBUILD @@ -0,0 +1,76 @@ +# Contributor: Matt Smith <mcs@darkregion.net> +# Maintainer: Matt Smith <mcs@darkregion.net> +pkgname=nsd +pkgver=3.2.7 +pkgrel=1 +pkgdesc="NSD is an authoritative only, high performance, simple and open source name server." +url="http://www.nlnetlabs.nl/projects/nsd/" +arch="all" +license="BSD" +depends= +depends_dev= +makedepends="$depends_dev openssl-dev" +install="$pkgname.pre-install $pkgname.post-deinstall" +subpackages="$pkgname-doc" +pkgusers="nsd" +pkggroups="nsd" +source="http://www.nlnetlabs.nl/downloads/nsd/nsd-3.2.7.tar.gz + 0010-stop-unlink-pid-error.patch + nsdc + nsd.initd + nsd.confd + " + +_builddir="$srcdir/$pkgname-$pkgver" +prepare() { + local i + cd "$_builddir" + for i in $source; do + case $i in + *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;; + esac + done +} + +build() { + cd "$_builddir" + + ./configure \ + --sbindir=/usr/sbin \ + --mandir=/usr/share/man \ + --with-user=nsd \ + || return 1 + make || return 1 +} + +package() { + cd "$_builddir" + make DESTDIR="$pkgdir" install || return 1 + + install -m755 -D "$srcdir"/nsdc \ + "$pkgdir"/usr/sbin/nsdc || return 1 + install -m755 -D "$srcdir"/$pkgname.initd \ + "$pkgdir"/etc/init.d/nsd || return 1 + install -m644 -D "$srcdir"/$pkgname.confd \ + "$pkgdir"/etc/conf.d/nsd || return 1 + + chown nsd "$pkgdir"/var/db/nsd || return 1 +} + +doc() { + arch="noarch" + + mkdir -p "$subpkgdir"/usr/share/doc/$pkgname || return 1 + cp -a "$_builddir"/doc/* \ + "$subpkgdir"/usr/share/doc/$pkgname/ || return 1 + cp -a "$_builddir"/contrib/ \ + "$subpkgdir"/usr/share/doc/$pkgname/ || return 1 + mv "$pkgdir"/usr/share/man \ + "$subpkgdir"/usr/share/man || return 1 +} + +md5sums="b5aca8a207f77db566b08db25bf77d74 nsd-3.2.7.tar.gz +cc592572846b978a6f52130a8e518ab3 0010-stop-unlink-pid-error.patch +3aa94004a39319db89a329e9f24fb9da nsdc +4c0eef07caac9083aeeb9b15602d014d nsd.initd +37bd648259fdd919c79aaa0168b4423c nsd.confd" diff --git a/main/nsd/nsd.confd b/main/nsd/nsd.confd new file mode 100644 index 000000000..e37f716ba --- /dev/null +++ b/main/nsd/nsd.confd @@ -0,0 +1,15 @@ +# +# Specify nsd options here. +# + +# configuration file default +configfile="/etc/nsd/nsd.conf" + +# The directory where NSD binaries reside +sbindir="/usr/sbin" + +# how verbose is zonec run. Specify Nothing (empty string), -v or -vv. +ZONEC_VERBOSE=-v + +# how patch is done. Specify 1 (with use of textfiles, default) or 0 (without) +PATCH_STYLE=1 diff --git a/main/nsd/nsd.initd b/main/nsd/nsd.initd new file mode 100644 index 000000000..f40008049 --- /dev/null +++ b/main/nsd/nsd.initd @@ -0,0 +1,420 @@ +#!/sbin/runscript +# +# nsdc.sh -- a shell script to manage the beast +# +# Copyright (c) 2001-2006, NLnet Labs. All rights reserved. +# +# See LICENSE for the license. +# +# OpenRC conversion by Matt Smith <msmith@alpinelinux.org> +# +# + +name=nsd +daemon=/usr/sbin/${name} +initd=/etc/init.d/${name} + +description="NSD, authoritative only high performance name server." + +extra_commands="stats reload running patch rebuild update notify do_start do_stop" +description_reload="Reloads the nsd database file." +description_running="Prints message and exits nonzero if server is not running." +description_patch="Merge zone transfer changes back to zone files." +description_rebuild="Compile database file from zone files." +description_update="Try to update all slave zones hosted on this server." +description_notify="Send notify messages to all secondary servers." +description_do_start="Internal command; use 'start' instead." +description_do_stop="Internal command; use 'stop' instead." + +depend() { + need net + after firewall +} + +# +# You sure heard this many times before: NO USER SERVICEABLE PARTS BELOW +# + +# see if user selects a different config file, with -c <filename> +if test "x$1" = "x-c"; then + shift + if [ -e $1 ]; then + configfile=$1 + shift + else + echo "`basename $0`: Config file "$1" does not exist." + exit 1 + fi +fi + +# locate nsd-checkconf : in sbindir, PATH, nsdc_dir or . +nsd_checkconf="" +if [ -e ${sbindir}/nsd-checkconf ]; then + nsd_checkconf=${sbindir}/nsd-checkconf +else + if which nsd-checkconf >/dev/null 2>&1 ; then + if which nsd-checkconf 2>&1 | grep "^[Nn]o " >/dev/null; then + nsd_checkconf="" + else + nsd_checkconf=`which nsd-checkconf` + fi + fi + if [ -z "${nsd_checkconf}" -a -e `dirname $0`/nsd-checkconf ]; then + nsd_checkconf=`dirname $0`/nsd-checkconf + fi + if [ -z "${nsd_checkconf}" -a -e ./nsd-checkconf ]; then + nsd_checkconf=./nsd-checkconf + fi + if [ -z "${nsd_checkconf}" ]; then + echo "`basename $0`: Could not find nsd programs" \ + "in $sbindir, in PATH=$PATH, in cwd=`pwd`," \ + "or in dir of nsdc=`dirname $0`" + exit 1 + fi +fi + +# check the config syntax before using it +${nsd_checkconf} ${configfile} +if test $? -ne 0 ; then + ${initd} describe + exit 1 +fi + +# Read some settings from the config file. +dbfile=`${nsd_checkconf} -o database ${configfile}` +pidfile=`${nsd_checkconf} -o pidfile ${configfile}` +difffile=`${nsd_checkconf} -o difffile ${configfile}` +zonesdir=`${nsd_checkconf} -o zonesdir ${configfile}` +lockfile="${dbfile}.lock" # still needed +sbindir=`dirname ${nsd_checkconf}` + +# move to zonesdir (if specified), and make absolute pathnames. +if test -n "${zonesdir}"; then + zonesdir=`dirname ${zonesdir}/.` + if echo "${zonesdir}" | grep "^[^/]" >/dev/null; then + zonesdir=`pwd`/${zonesdir} + fi + if echo "${dbfile}" | grep "^[^/]" >/dev/null; then + dbfile=${zonesdir}/${dbfile} + fi + if echo "${pidfile}" | grep "^[^/]" >/dev/null; then + pidfile=${zonesdir}/${pidfile} + fi + if echo "${lockfile}" | grep "^[^/]" >/dev/null; then + lockfile=${zonesdir}/${lockfile} + fi + if echo "${difffile}" | grep "^[^/]" >/dev/null; then + difffile=${zonesdir}/${difffile} + fi +fi + +# for bash: -C or noclobber. For tcsh: noclobber. For bourne: -C. +noclobber_set="set -C" +# ugly check for tcsh +if echo /bin/sh | grep tcsh >/dev/null; then + noclobber_set="set noclobber" +fi + +# +# useful routines +# +signal() { + if [ -s ${pidfile} ] + then + kill -"$1" `cat ${pidfile}` && return 0 + else + echo "nsd is not running" + fi + return 1 +} + +lock_file() { + (umask 222; ${noclobber_set}; echo "$$" >${lockfile}) +} + +lock() { + lock_file + if [ $? = 1 ] + then + # check if the lockfile has not gone stale + LPID=`cat ${lockfile}` + echo database locked by PID: $LPID + if kill -0 $LPID 2>/dev/null; then + exit 1 + fi + + # locking process does not exist, consider lockfile stale + echo stale lockfile, removing... && rm -f ${lockfile} && lock_file + fi + + if [ $? = 1 ] + then + echo lock failed + exit 1 + fi + return 0 +} + +unlock() { + rm -f ${lockfile} +} + +do_start() { + if test -x ${sbindir}/nsd; then + ${sbindir}/nsd -c ${configfile} + test $? = 0 || (echo "nsd startup failed."; exit 1) + else + echo "${sbindir}/nsd not an executable file, nsd startup failed."; exit 1 + fi +} + +controlled_sleep() { + if [ $1 -ge 25 ]; then + sleep 1 + fi +} + +controlled_stop() { + pid=$1 + try=1 + + while [ $try -ne 0 ]; do + if [ ${try} -gt 50 ]; then + echo "nsdc stop failed" + return 1 + else + if [ $try -eq 1 ]; then + kill -TERM ${pid} + else + kill -TERM ${pid} >/dev/null 2>&1 + fi + + # really stopped? + kill -0 ${pid} >/dev/null 2>&1 + if [ $? -eq 0 ]; then + controlled_sleep ${try} + try=`expr ${try} + 1` + else + try=0 + fi + fi + done + + return 0 +} + +do_controlled_stop() { + if [ -s ${pidfile} ]; then + pid=`cat ${pidfile}` + controlled_stop ${pid} && return 0 + else + echo "nsd is not running, starting anyway" && return 0 + fi + return 1 +} + +do_stop() { + signal "TERM" +} + +do_reload() { + signal "HUP" +} + +# send_updates zone_name {ip_spec key_spec} +send_updates() { + local zonename=$1 + shift 1 + # extract port number (if any) + port=`${nsd_checkconf} -o port ${configfile}` + if test -n "${port}"; then + port="-p ${port}" + fi + update_sent="no" + + while test $# -gt 0; do + ip_spec=$1 + key_spec=$2 + shift 2 + # only localhost is allowed. + # see if zone has 127.0.0.1 or ::1 as allowed. + if test Z${ip_spec} = "Z127.0.0.1" -o Z${ip_spec} = "Z::1"; then + secret="" + if test K${key_spec} != KNOKEY -a K${key_spec} != KBLOCKED; then + secret=`${nsd_checkconf} -s ${key_spec} ${configfile}` + algo=`${nsd_checkconf} -a ${key_spec} ${configfile}` + secret="-y ${key_spec}:${secret}:${algo}" + fi + if test K${key_spec} != KBLOCKED; then + #echo "${sbindir}/nsd-notify -a ${ip_spec} ${port} ${secret} -z ${zonename} ${ip_spec}" + ${sbindir}/nsd-notify -a ${ip_spec} ${port} ${secret} -z ${zonename} ${ip_spec} && update_sent="yes" + fi + fi + done + if test ${update_sent} = no; then + req_xfr=`${nsd_checkconf} -z "${zonename}" -o request-xfr ${configfile}` + if test -n "${req_xfr}"; then + # must be a slave zone (has request-xfr). + echo "`basename $0`: Could not send notify for slave zone ${zonename}: not configured (with allow-notify: 127.0.0.1 or ::1)" + fi + fi +} + +# send_notify zone_name ifc_spec {ip_spec key_spec} +send_notify() { + local zonename=$1 + # set local interface + ifc_spec="" + if test I$2 != INOIFC; then + ifc_spec="-a $2" + fi + shift 2 + + while test $# -gt 0; do + ip_spec=$1 + key_spec=$2 + shift 2 + secret="" + + if test K${key_spec} != KNOKEY -a K${key_spec} != KBLOCKED; then + secret=`${nsd_checkconf} -s ${key_spec} ${configfile}` + algo=`${nsd_checkconf} -a ${key_spec} ${configfile}` + secret="-y ${key_spec}:${secret}:${algo}" + fi + if test K${key_spec} != KBLOCKED; then + port="" + ipaddr=${ip_spec} + if echo ${ip_spec} | grep @ >/dev/null; then + port="-p "`echo ${ip_spec} | sed -e 's/[^@]*@\([0-9]*\)/\1/'` + ipaddr=`echo ${ip_spec} | sed -e 's/\([^@]*\)@[0-9]*/\1/'` + fi + #echo "${sbindir}/nsd-notify ${ifc_spec} ${port} ${secret} -z ${zonename} ${ipaddr}" + ${sbindir}/nsd-notify ${ifc_spec} ${port} ${secret} -z ${zonename} ${ipaddr} + fi + done +} + +# do_patch {with-textfile} +do_patch() { + if test I$1 = I1; then + lock && mv ${difffile} ${difffile}.$$ && \ + ${sbindir}/nsd-patch -c ${configfile} -x ${difffile}.$$ && \ + rm -f ${difffile}.$$ && unlock && do_rebuild + result=$? + else # without textfile + lock && mv ${difffile} ${difffile}.$$ && \ + ${sbindir}/nsd-patch -c ${configfile} -x ${difffile}.$$ -s -o ${dbfile}.$$ \ + && rm -f ${difffile}.$$ && unlock && \ + mv ${dbfile}.$$ ${dbfile} + result=$? + fi + + return ${result} +} + +do_rebuild() { + lock && \ + ${sbindir}/zonec ${ZONEC_VERBOSE} -c ${configfile} -f ${dbfile}.$$ && \ + mv ${dbfile}.$$ ${dbfile} + result=$? + unlock + [ $result != 0 ] && echo "${dbfile} is unmodified" + rm -f ${dbfile}.$$ + return ${result} +} + +start() { + ebegin "Starting ${name}" + if test -s ${pidfile} && kill -"0" `cat ${pidfile}` + then + (echo "process `cat ${pidfile}` exists, please use restart"; exit 1) + else + start-stop-daemon --start --quiet \ + --pidfile ${pidfile} \ + --exec ${initd} -- do_start + fi + eend $? +} + +stop() { + ebegin "Stopping ${name}" + start-stop-daemon --stop --quiet \ + --pidfile ${pidfile} \ + --exec ${initd} -- do_stop + eend $? +} + +stats() { + signal "USR1" +} + +reload() { + do_reload +} + +running() { + signal "0" +} + +patch() { + # patch queue clearen + if test -s ${difffile}; then + #${sbindir}/nsd-patch -c ${configfile} -x ${difffile} -l #debug + #echo ${sbindir}/nsd-patch -c ${configfile} -x ${difffile} + if do_patch ${PATCH_STYLE}; then + do_reload + else + unlock + # try to move back the transfer data + if [ -e ${difffile}.$$ -a ! -e ${difffile} ]; then + mv ${difffile}.$$ ${difffile} + fi + echo "`basename $0`: patch failed." + exit 1 + fi + else + echo "`basename $0`: no patch necessary." + fi +} + +rebuild() { + do_rebuild +} + +update() { + # send notifies to localhost for all zones that allow it + echo "Sending notify to localhost to update secondary zones..." + if [ -s ${pidfile} ]; then + zoneslist=`${nsd_checkconf} -o zones ${configfile}` + for zonename in ${zoneslist}; do + notify_allow=`${nsd_checkconf} -z "${zonename}" -o allow-notify ${configfile}` + if test "" != "${notify_allow}"; then + send_updates ${zonename} ${notify_allow} + fi + done + else + echo "nsd is not running" + fi +} + +notify() { + # send notifies to all slaves + echo "Sending notify to slave servers..." + zoneslist=`${nsd_checkconf} -o zones ${configfile}` + for zonename in ${zoneslist}; do + notify=`${nsd_checkconf} -z "${zonename}" -o notify ${configfile}` + local_ifc=`${nsd_checkconf} -z "${zonename}" -o outgoing-interface ${configfile}` + if test "" = "${local_ifc}"; then + local_ifc="NOIFC" + fi + if test "" != "${notify}"; then + for ifc in ${local_ifc}; do + send_notify ${zonename} ${ifc} ${notify} + done + fi + done +} + +restart() { + do_controlled_stop && do_start +} diff --git a/main/nsd/nsd.post-deinstall b/main/nsd/nsd.post-deinstall new file mode 100644 index 000000000..4d5fc4093 --- /dev/null +++ b/main/nsd/nsd.post-deinstall @@ -0,0 +1,4 @@ +#!/bin/sh + +deluser nsd 2>/dev/null +exit 0 diff --git a/main/nsd/nsd.pre-install b/main/nsd/nsd.pre-install new file mode 100644 index 000000000..daabc70b3 --- /dev/null +++ b/main/nsd/nsd.pre-install @@ -0,0 +1,4 @@ +#!/bin/sh + +adduser -S -H -h /var/db/nsd -s /bin/false nsd 2>/dev/null +exit 0 diff --git a/main/nsd/nsdc b/main/nsd/nsdc new file mode 100644 index 000000000..ff4cb5c6b --- /dev/null +++ b/main/nsd/nsdc @@ -0,0 +1,30 @@ +#!/bin/sh +# +# nsdc replacement script by Matt Smith <msmith@alpinelinux.org> +# + +usage() { + echo "Usage: `basename $0` {start|stop|reload|rebuild|restart|" + echo " running|update|notify|patch}" + echo "commands:" + echo " start Start nsd server." + echo " stop Stop nsd server." + echo " reload Nsd server reloads database file." + echo " rebuild Compile database file from zone files." + echo " restart Stop the nsd server and start it again." + echo " running Prints message and exit nonzero if server not running." + echo " update Try to update all slave zones hosted on this server." + echo " notify Send notify messages to all secondary servers." + echo " patch Merge zone transfer changes back to zone files." +} + +if [ $# -eq 0 ]; then + usage +else + case "$1" in + "-h"|"--help") + usage;; + *) + /etc/init.d/nsd $* + esac +fi |