diff options
| author |   Thomas Deutschmann <whissi@gentoo.org> | 2018-09-15 00:00:12 +0200 |
|---|---|---|
| committer | Thomas Deutschmann <whissi@gentoo.org> | 2018-09-15 00:03:47 +0200 |
| commit | 76a0fe9aa1906a7bbe192efb56ef8335d21b9a3c (patch) | |
| tree | 69adc3b7d21f84e9c17edd92d69d61a7c3aa6282 /net-dns/unbound/files | |
| parent | net-dns/unbound: move EDNS client subnet support behind USE flag due to priva... (diff) | |
| download | gentoo-76a0fe9aa1906a7bbe192efb56ef8335d21b9a3c.tar.gz gentoo-76a0fe9aa1906a7bbe192efb56ef8335d21b9a3c.tar.bz2 gentoo-76a0fe9aa1906a7bbe192efb56ef8335d21b9a3c.zip | |
net-dns/unbound: runscript rewritten
- "need net" changed to "use net". If you need to bind service to a specific
interface or address add 'rc_need="<interface>"' in /etc/conf.d/<unbound>.
- Use "/run" instead of "/var/run".
- Verify daemon is really up and running.
- It is now possible to pass any by start-stop-daemon supported arguments
to start-stop-daemon.
- It is now possible to preserve unbound's cache. [Bug 632644]
Closes: https://bugs.gentoo.org/632644
Package-Manager: Portage-2.3.49, Repoman-2.3.10
Diffstat (limited to 'net-dns/unbound/files')
| -rw-r--r-- | net-dns/unbound/files/unbound-r1.confd | 36 | ||||
| -rw-r--r-- | net-dns/unbound/files/unbound-r1.initd | 137 |
2 files changed, 173 insertions, 0 deletions
diff --git a/net-dns/unbound/files/unbound-r1.confd b/net-dns/unbound/files/unbound-r1.confd new file mode 100644 index 000000000000..c86c65c64962 --- /dev/null +++ b/net-dns/unbound/files/unbound-r1.confd @@ -0,0 +1,36 @@ +# /etc/conf.d/unbound + +# Configuration file +#UNBOUND_CONFFILE="/etc/unbound/unbound.conf" + +# PID file +# This is a fallback value which should NOT be changed. If you ever need +# to change PID file, please change value in configuration file instead! +#UNBOUND_PIDFILE="/run/unbound.pid" + +# You can use this configuration option to pass additional options to the +# start-stop-daemon, see start-stop-daemon(8) for more details. +# Per default we wait 1000ms after we have started the service to ensure +# that the daemon is really up and running. +#UNBOUND_SSDARGS="--wait 1000" + +# The termination timeout (start-stop-daemon parameter "retry") ensures +# that the service will be terminated within a given time (25 + 5 seconds +# per default) when you are stopping the service. +#UNBOUND_TERMTIMEOUT="TERM/25/KILL/5" + +# Options to unbound +# See unbound(8) for more details +# Notes: +# * Do not specify another CONFIGFILE but use the variable above to change the location +#UNBOUND_OPTS="" + +# If you want to preserve unbound's cache, set the following variable to +# a non-zero value. In this case unbound's cache will be dumped to disk +# before shutdown and loaded right after start. +# To be able to dump and load cache you have to set up keys (use `unbound-control-setup`) +# and need to set 'control-enable: yes' in your configuration! +# WARNING: If you don't know what you are doing you should NOT use this +# feature. Loading the cache with old or wrong data can result in +# old or wrong data being returned to clients. +#UNBOUND_PRESERVE_CACHE="" diff --git a/net-dns/unbound/files/unbound-r1.initd b/net-dns/unbound/files/unbound-r1.initd new file mode 100644 index 000000000000..54886d1f47ad --- /dev/null +++ b/net-dns/unbound/files/unbound-r1.initd @@ -0,0 +1,137 @@ +#!/sbin/openrc-run +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +UNBOUND_BINARY=${UNBOUND_BINARY:-"/usr/sbin/unbound"} +UNBOUND_CACHEFILE=${UNBOUND_CACHEFILE:-"/var/lib/unbound/${SVCNAME}.cache"} +UNBOUND_CHECKCONF=${UNBOUND_CHECKCONF:-"/usr/sbin/unbound-checkconf"} +UNBOUND_CONFFILE=${UNBOUND_CONFFILE:-"/etc/unbound/${SVCNAME}.conf"} +UNBOUND_CONTROL=${UNBOUND_CONTROL:-"/usr/sbin/unbound-control"} +UNBOUND_PIDFILE=${UNBOUND_PIDFILE:-"/run/unbound.pid"} +UNBOUND_SSDARGS=${UNBOUND_SSDARGS:-"--wait 1000"} +UNBOUND_TERMTIMEOUT=${UNBOUND_TERMTIMEOUT:-"TERM/25/KILL/5"} +UNBOUND_OPTS=${UNBOUND_OPTS:-""} +UNBOUND_LOAD_CACHE_TIMEOUT=${UNBOUND_LOAD_CACHE_TIMEOUT:-"30"} + +getconfig() { + local key="$1" + local value_default="$2" + local value= + + if service_started ; then + value="$(service_get_value "${key}")" + fi + + if [ -z "${value}" ] && [ -n "${UNBOUND_CONFFILE}" ] && [ -r "${UNBOUND_CONFFILE}" ] ; then + value=$("${UNBOUND_CHECKCONF}" -o ${key} "${UNBOUND_CONFFILE}") + fi + + if [ -z "${value}" ] ; then + # Value not explicitly set in the configfile or configfile does not exist + # or is not readable + echo "${value_default}" + else + echo "${value}" + fi + + return 0 +} + +command=${UNBOUND_BINARY} +command_args="${UNBOUND_OPTS} -c \"${UNBOUND_CONFFILE}\"" +start_stop_daemon_args="${UNBOUND_SSDARGS}" +pidfile="$(getconfig pidfile /run/unbound.pid)" +retry="${UNBOUND_TERMTIMEOUT}" + +required_files="${UNBOUND_CONFFILE}" + +name="unbound daemon" +extra_commands="configtest" +extra_started_commands="reload save_cache" +description="unbound is a Domain Name Server (DNS) that is used to resolve host names to IP address." +description_configtest="Run syntax tests for configuration files only." +description_reload="Kills all children and reloads the configuration." +description_save_cache="Saves the current cache to disk." + +depend() { + use net logger + provide dns + after auth-dns +} + +configtest() { + local _config_status= + + ebegin "Checking ${SVCNAME} configuration" + "${UNBOUND_CHECKCONF}" "${UNBOUND_CONFFILE}" 1>/dev/null 2>&1 + _config_status=$? + + if [ ${_config_status} -ne 0 ] ; then + # Run command again but this time we will show the output + # Ugly, but ... + "${UNBOUND_CHECKCONF}" "${UNBOUND_CONFFILE}" + else + if [ -n "${UNBOUND_PRESERVE_CACHE}" ] ; then + local _is_control_enabled=$(getconfig control-enable no) + if [ "${_is_control_enabled}" != "yes" ] ; then + eerror "Cannot preserve cache: control-enable is 'no' in the config file!" + _config_status=2 + fi + fi + fi + + eend ${_config_status} "failed, please correct errors above" +} + +save_cache() { + if [ "${RC_CMD}" != "restart" ] ; then + UNBOUND_PRESERVE_CACHE=1 configtest || return 1 + fi + + ebegin "Saving cache to '${UNBOUND_CACHEFILE}'" + ${UNBOUND_CONTROL} -c "${UNBOUND_CONFFILE}" dump_cache > "${UNBOUND_CACHEFILE}" + eend $? +} + +start_pre() { + if [ "${RC_CMD}" != "restart" ] ; then + configtest || return 1 + fi +} + +start_post() { + if [ -n "${UNBOUND_PRESERVE_CACHE}" ] ; then + if [ -s "${UNBOUND_CACHEFILE}" ] ; then + ebegin "Loading cache from '${UNBOUND_CACHEFILE}'" + # Loading cache can fail which would block this runscript. + # Using `timeout` from coreutils will be our safeguard ... + timeout -k 5 ${UNBOUND_LOAD_CACHE_TIMEOUT} ${UNBOUND_CONTROL} -q -c "${UNBOUND_CONFFILE}" load_cache < "${UNBOUND_CACHEFILE}" + eend $? + else + ewarn "Loading cache from '${UNBOUND_CACHEFILE}' skipped: File does not exists or is empty!" + fi + fi + + # It is not a fatal error if preserved cache could not be loaded + return 0 +} + +stop_pre() { + if [ "${RC_CMD}" = "restart" ] ; then + configtest || return 1 + fi + + if [ -n "${UNBOUND_PRESERVE_CACHE}" ] ; then + save_cache + fi + + # It is not a fatal error if cache cannot be preserved + return 0 +} + +reload() { + configtest || return 1 + ebegin "Reloading ${SVCNAME}" + start-stop-daemon --signal HUP --pidfile "${pidfile}" + eend $? +} |