Date: Saturday, April 8, 2023 @ 03:14:22
Author: felixonmars
Revision: 1441579
archrelease: copy trunk to community-staging-x86_64
Added:
unbound/repos/community-staging-x86_64/
unbound/repos/community-staging-x86_64/PKGBUILD
(from rev 1441577, unbound/trunk/PKGBUILD)
unbound/repos/community-staging-x86_64/keys/
unbound/repos/community-staging-x86_64/unbound-1.14.0-trust_anchor_file.patch
(from rev 1441578, unbound/trunk/unbound-1.14.0-trust_anchor_file.patch)
unbound/repos/community-staging-x86_64/unbound-sysusers.conf
(from rev 1441578, unbound/trunk/unbound-sysusers.conf)
unbound/repos/community-staging-x86_64/unbound-tmpfiles.conf
(from rev 1441578, unbound/trunk/unbound-tmpfiles.conf)
unbound/repos/community-staging-x86_64/unbound-trusted-key.hook
(from rev 1441578, unbound/trunk/unbound-trusted-key.hook)
----------------------------------------+
PKGBUILD | 103 +++++++++++++++++++++++++++++++
unbound-1.14.0-trust_anchor_file.patch | 12 +++
unbound-sysusers.conf | 1
unbound-tmpfiles.conf | 1
unbound-trusted-key.hook | 10 +++
5 files changed, 127 insertions(+)
Copied: unbound/repos/community-staging-x86_64/PKGBUILD (from rev 1441577,
unbound/trunk/PKGBUILD)
===================================================================
--- community-staging-x86_64/PKGBUILD (rev 0)
+++ community-staging-x86_64/PKGBUILD 2023-04-08 03:14:22 UTC (rev 1441579)
@@ -0,0 +1,103 @@
+# Maintainer: David Runge <[email protected]>
+# Maintainer: Bruno Pagani <[email protected]>
+# Maintainer: T.J. Townsend <[email protected]>
+# Contributor: Gaetan Bisson <[email protected]>
+# Contributor: Hisato Tatekura <[email protected]>
+# Contributor: Massimiliano Torromeo <massimiliano DOT torromeo AT google mail
service>
+
+pkgname=unbound
+pkgver=1.17.1
+pkgrel=2
+pkgdesc="Validating, recursive, and caching DNS resolver"
+arch=(x86_64)
+url="https://unbound.net/";
+license=(BSD)
+depends=(dnssec-anchors fstrm hiredis ldns libnghttp2 libsodium)
+makedepends=(expat libevent openssl protobuf-c python swig systemd)
+optdepends=(
+ 'expat: for unbound-anchor'
+ 'sh: for unbound-control-setup'
+ 'python: for python-bindings'
+)
+provides=(libunbound.so)
+backup=(etc/$pkgname/$pkgname.conf)
+source=(
+ https://unbound.net/downloads/$pkgname-$pkgver.tar.gz{,.asc}
+ $pkgname-1.14.0-trust_anchor_file.patch
+ $pkgname-sysusers.conf
+ $pkgname-tmpfiles.conf
+ $pkgname-trusted-key.hook
+)
+sha512sums=('10dd4c3aff77f1c0d19eb3c66956ed6ef1aae19e827d0b3259dc75d9de28dedd41862982a299e67ee07e17fb52058b4beee9d4b1d3bb0a3f633b9ba5b864d168'
+ 'SKIP'
+
'9590d3d459d96f99cbc7482fae0f5318dd22a034e45cff18079e4f3c9f9c3c1d7af90cdd5353fb469eac08c535555fd164097b496286b807b2117e8a3a6cd304'
+
'ef71d4e9b0eb0cc602d66bd0573d9424578fe33ef28a852c582d56f0fd34fdd63046c365ef7aed8b84a461b81254240af7ad3fd539da72f9587817d21bd6c585'
+
'6b1849ae9d7cf427f6fa6cd0590e8f8c3f06210d2d6795e543b0f325a9e866db0f5db2275a29fa90f688783c0dd16f19c8a49a9817d5f5444e13f8f2df3ff712'
+
'613826cdf5ab6e77f2805fa2aa65272508dcd11090add1961b3df6dfac3b67db016bc9f45fbcf0ef0de82b2d602c153d5263a488027a6cf13a72680b581b266d')
+b2sums=('c2dec1608e28302da33ee72144bb8eb16cdff2e949e548f9ea5edb10b370e396085de641446b1f94daeb96a48a02f9361ebae69f72f3d449575fe3ce93dcdb5b'
+ 'SKIP'
+
'0978ab5c0474ed29de9c0904a46d114413e094dafeadaac4f10cdbc19e4152fcc064d7cdb8c331da7c2531075aa699326b84e21da1a8218a6f00a10f0e107b3d'
+
'292a3c2e5fde292a03b6c9b2ddabd5089f52e73b50a404c3d9f54c1a43184924b661a21eea61cc521c594c1005a3b40b630fa585a38195c61298f9b24b248b92'
+
'd3951006b43068be904c6b91a9e0563d56228225854e12b40abbdd4ba9b47338e97265837297a6de879acbc8051bb749163f9457683f5e12fc29ac2e7b687fd3'
+
'd28785390eb6c125bd26ca11f097fe8864b080482157deeb7c70e9bee47ff2844abaed574db59a7c152ed3ec0acba05cfee4c3751f7a9f553320b064578f86c7')
+validpgpkeys=(EDFAA3F2CA4E6EB05681AF8E9F6F1C2D7E045F8D) # W.C.A. Wijngaards
<[email protected]>
+
+prepare() {
+ # enable trusted-anchor-file and set it to an unbound specific location
+ patch -p1 -d $pkgname-$pkgver -i ../$pkgname-1.14.0-trust_anchor_file.patch
+ cd $pkgname-$pkgver
+ autoreconf -fiv
+}
+
+build() {
+ local configure_options=(
+ --prefix=/usr
+ --sysconfdir=/etc
+ --localstatedir=/var
+ --sbindir=/usr/bin
+ --disable-rpath
+ --enable-dnscrypt
+ --enable-dnstap
+ --enable-pie
+ --enable-relro-now
+ --enable-subnet
+ --enable-systemd
+ --enable-tfo-client
+ --enable-tfo-server
+ --enable-cachedb
+ --with-libhiredis
+ --with-conf-file=/etc/unbound/unbound.conf
+ --with-pidfile=/run/unbound.pid
+ --with-rootkey-file=/etc/trusted-key.key
+ --with-libevent
+ --with-libnghttp2
+ --with-pyunbound
+ )
+
+ cd $pkgname-$pkgver
+ ./configure "${configure_options[@]}"
+ # prevent excessive overlinking due to libtool
+ sed -i -e 's/ -shared / -Wl,-O1,--as-needed\0/g' libtool
+ make
+}
+
+check() {
+ make -k check -C $pkgname-$pkgver
+}
+
+package() {
+ depends+=(
+ libevent libevent-2.1.so
+ openssl libcrypto.so libssl.so
+ protobuf-c libprotobuf-c.so
+ systemd-libs libsystemd.so
+ )
+
+ make DESTDIR="$pkgdir" install -C $pkgname-$pkgver
+ install -vDm 644 $pkgname-$pkgver/contrib/$pkgname.service -t
"$pkgdir/usr/lib/systemd/system/"
+ install -vDm 644 $pkgname-$pkgver/LICENSE -t
"$pkgdir/usr/share/licenses/$pkgname/"
+ install -vDm 644 $pkgname-sysusers.conf
"$pkgdir/usr/lib/sysusers.d/$pkgname.conf"
+ install -vDm 644 $pkgname-tmpfiles.conf
"$pkgdir/usr/lib/tmpfiles.d/$pkgname.conf"
+ # libalpm hook to copy the dnssec-anchors provided key to /etc/unbound
+ install -vDm 644 unbound-trusted-key.hook -t
"$pkgdir/usr/share/libalpm/hooks/"
+}
Copied:
unbound/repos/community-staging-x86_64/unbound-1.14.0-trust_anchor_file.patch
(from rev 1441578, unbound/trunk/unbound-1.14.0-trust_anchor_file.patch)
===================================================================
--- community-staging-x86_64/unbound-1.14.0-trust_anchor_file.patch
(rev 0)
+++ community-staging-x86_64/unbound-1.14.0-trust_anchor_file.patch
2023-04-08 03:14:22 UTC (rev 1441579)
@@ -0,0 +1,12 @@
+diff -ruN a/doc/example.conf.in b/doc/example.conf.in
+--- a/doc/example.conf.in 2021-12-09 08:55:44.000000000 +0100
++++ b/doc/example.conf.in 2021-12-11 23:42:13.542310886 +0100
+@@ -533,7 +533,7 @@
+ # with several entries, one file per entry.
+ # Zone file format, with DS and DNSKEY entries.
+ # Note this gets out of date, use auto-trust-anchor-file please.
+- # trust-anchor-file: ""
++ trust-anchor-file: "/etc/unbound/trusted-key.key"
+
+ # Trusted key for validation. DS or DNSKEY. specify the RR on a
+ # single line, surrounded by "". TTL is ignored. class is IN default.
Copied: unbound/repos/community-staging-x86_64/unbound-sysusers.conf (from rev
1441578, unbound/trunk/unbound-sysusers.conf)
===================================================================
--- community-staging-x86_64/unbound-sysusers.conf
(rev 0)
+++ community-staging-x86_64/unbound-sysusers.conf 2023-04-08 03:14:22 UTC
(rev 1441579)
@@ -0,0 +1 @@
+u unbound - "unbound" /etc/unbound
Copied: unbound/repos/community-staging-x86_64/unbound-tmpfiles.conf (from rev
1441578, unbound/trunk/unbound-tmpfiles.conf)
===================================================================
--- community-staging-x86_64/unbound-tmpfiles.conf
(rev 0)
+++ community-staging-x86_64/unbound-tmpfiles.conf 2023-04-08 03:14:22 UTC
(rev 1441579)
@@ -0,0 +1 @@
+C /etc/unbound/trusted-key.key - - - - /etc/trusted-key.key
Copied: unbound/repos/community-staging-x86_64/unbound-trusted-key.hook (from
rev 1441578, unbound/trunk/unbound-trusted-key.hook)
===================================================================
--- community-staging-x86_64/unbound-trusted-key.hook
(rev 0)
+++ community-staging-x86_64/unbound-trusted-key.hook 2023-04-08 03:14:22 UTC
(rev 1441579)
@@ -0,0 +1,10 @@
+[Trigger]
+Type = Path
+Target = etc/trusted-key.key
+Operation = Install
+Operation = Upgrade
+
+[Action]
+Description = Updating trusted-key.key for unbound...
+When = PostTransaction
+Exec = /bin/cp -f /etc/trusted-key.key /etc/unbound/
