commit: 62bd8e8690550bcd71c4fdc29150a274312ae299 Author: Nicolas PARLANT <nicolas.parlant <AT> parhuet <DOT> fr> AuthorDate: Wed Feb 26 14:47:05 2025 +0000 Commit: Sam James <sam <AT> gentoo <DOT> org> CommitDate: Mon Mar 10 02:49:49 2025 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=62bd8e86
net-dns/knot-resolver: add to 6.0.11 included patch to revert to absolute path for unix-socket, even if this issue does not affect the package with the config.yaml provided by default. https://gitlab.nic.cz/knot/knot-resolver/-/merge_requests/1664 Signed-off-by: Nicolas PARLANT <nicolas.parlant <AT> parhuet.fr> Signed-off-by: Sam James <sam <AT> gentoo.org> net-dns/knot-resolver/Manifest | 2 + .../knot-resolver-6.0.11-abs_path_socket.patch | 385 +++++++++++++++++++++ net-dns/knot-resolver/knot-resolver-6.0.11.ebuild | 185 ++++++++++ 3 files changed, 572 insertions(+) diff --git a/net-dns/knot-resolver/Manifest b/net-dns/knot-resolver/Manifest index c1b1ecd370d2..ce87c6ff3a79 100644 --- a/net-dns/knot-resolver/Manifest +++ b/net-dns/knot-resolver/Manifest @@ -2,5 +2,7 @@ DIST knot-resolver-5.7.4.tar.xz 1931124 BLAKE2B 670bd0bac1417fde0f7b6a02797e49e2 DIST knot-resolver-5.7.4.tar.xz.asc 833 BLAKE2B 6432bc23ff779998eb351d57db34bcd9e41ea928fa5d83463122012d8adad16edec7afbcbfb0f0b41789c7797c895216b793ced2d6a01d69fdc3b0f2d12879cb SHA512 d34a0e1fd8be372c325199ace5bb6f20b2b395a4fb5a6f6f4c2c89f29741ecfd36234900b0e836c174df831716012589231551b13426a6728e37aba6c74c197f DIST knot-resolver-6.0.10.tar.xz 2138660 BLAKE2B 9a80e76272b4cb7a30b75b832627529dfbdec7114ef25a576c9a590221e21ef17efef23ec328783f2b687e8f2e0d0cee5b54048a37a0d08a35004ba3e510e14c SHA512 63d5c7a45ca52f02616ac6374625ccddd631cd71a5b6ebc99498e0c28f581eefef1dd5bbb0d8676f1ec53c2023f2b28cebc432e981c51b6166b4b3b1d8443704 DIST knot-resolver-6.0.10.tar.xz.asc 833 BLAKE2B 5bd7baba40d6577764b3f0d985a2ee7edaff99ce7fc1cd89f42488504c657f1be2a5bf7267eaed225281be6f8154fb21c92ab7ee1d34b844b3001b7ad391d5b6 SHA512 26b8faffe10529559ec9081a567d6c740a9c61f81edf766ea1c32b01129edf9a4049a2844df0c27cb0fd5008e299d6431b099b0a09ac5624f24155d8b1a3b53f +DIST knot-resolver-6.0.11.tar.xz 2139448 BLAKE2B 0d96790ce3ecb85d9466d90683de77d46f75d360f032ae94d18a7b493eedb58c86f6274a5de2eaed4eca792b3ef6ff673120c3a7526e9167d404b8dd0ccd20f3 SHA512 7a3dd8e925a8ba44c66d00175fd689b4daddacde8ffb96712c3770dbaf1c54a2cb90dda340fe674dc11e1222fdd3e4112aa3df72270f422b4c8d2c60f9af9cea +DIST knot-resolver-6.0.11.tar.xz.asc 833 BLAKE2B 3e959798699c1dc0698cdb6e0c8509ba8a3287eab485511b18e01cc80e906149095ca9a537b3b4c45969c338022b61afd6377f106506b59f969fdf44d5e729be SHA512 cf6b034a9ad0daf118c18179dea1c32c9de604581735d89127c9c0fe80122a6159b49ec6176bee0955114d12f8ad20e29958a841c9b6464551e3def69d2e3932 DIST knot-resolver-6.0.9.tar.xz 2127432 BLAKE2B 185a78737f6830b4ff036a537f2ceb032388e50ef050c239f0ce21d84a1fa2d1632aa95802a73d4ff80bcb18cef23f444a10b594121cd449cee3c12182dcab2e SHA512 98b3074927d9cb484738592a6cad84b818130aafd91473ee6e17458884c3ff5cb528e22d020d8b8b92b429feb2e3432e9cb77574f505bdf2e5f6f286009ecd59 DIST knot-resolver-6.0.9.tar.xz.asc 833 BLAKE2B 10c9c895bd3a728b8a9d3769cb72ccc5dbf5c17164df388d1519c5e4734e21ee568c079191ada6ff76f1a150be911d79c5d1ebb02597c32d1aa5003a5ceaf02d SHA512 b46a9346deda328fbe6638657e2d87903052ac36b11ff5d4f68bd145487687c1c2f43a7b62e40585f5853816b7ed66b1af3b98642e882f72e36cf521f5eb1bce diff --git a/net-dns/knot-resolver/files/knot-resolver-6.0.11-abs_path_socket.patch b/net-dns/knot-resolver/files/knot-resolver-6.0.11-abs_path_socket.patch new file mode 100644 index 000000000000..dea7a243bb44 --- /dev/null +++ b/net-dns/knot-resolver/files/knot-resolver-6.0.11-abs_path_socket.patch @@ -0,0 +1,385 @@ +https://gitlab.nic.cz/knot/knot-resolver/-/merge_requests/1664.patch +From a009365df3f0429edfd181d0109372aca1892298 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ale=C5=A1=20Mr=C3=A1zek?= <[email protected]> +Date: Fri, 28 Feb 2025 10:07:08 +0100 +Subject: [PATCH 1/5] Revert "python: constants: added API_SOCKET_NAME" + +This reverts commit cee2250c5a52a4d67ea2a37cc97761ba530f856b. +--- + python/knot_resolver/constants.py | 9 +++------ + python/knot_resolver/constants.py.in | 9 +++------ + 2 files changed, 6 insertions(+), 12 deletions(-) + +diff --git a/python/knot_resolver/constants.py b/python/knot_resolver/constants.py +index 525e8629c..d65c24acb 100644 +--- a/python/knot_resolver/constants.py ++++ b/python/knot_resolver/constants.py +@@ -5,18 +5,15 @@ VERSION = "6.0.11" + USER = "knot-resolver" + GROUP = "knot-resolver" + +-# default files names +-API_SOCK_NAME = "kres-api.sock" +- +-# default dirs paths ++# dirs paths + RUN_DIR = Path("/run/knot-resolver") + ETC_DIR = Path("/etc/knot-resolver") + SBIN_DIR = Path("/usr/sbin") + CACHE_DIR = Path("/var/cache/knot-resolver") + +-# default files paths ++# files paths + CONFIG_FILE = ETC_DIR / "config.yaml" +-API_SOCK_FILE = RUN_DIR / API_SOCK_NAME ++API_SOCK_FILE = RUN_DIR / "kres-api.sock" + + # executables paths + KRESD_EXECUTABLE = SBIN_DIR / "kresd" +diff --git a/python/knot_resolver/constants.py.in b/python/knot_resolver/constants.py.in +index 8c2974a58..35c25ac64 100644 +--- a/python/knot_resolver/constants.py.in ++++ b/python/knot_resolver/constants.py.in +@@ -5,18 +5,15 @@ VERSION = "@version@" + USER = "@user@" + GROUP = "@group@" + +-# default files names +-API_SOCK_NAME = "kres-api.sock" +- +-# default dirs paths ++# dirs paths + RUN_DIR = Path("@run_dir@") + ETC_DIR = Path("@etc_dir@") + SBIN_DIR = Path("@sbin_dir@") + CACHE_DIR = Path("@cache_dir@") + +-# default files paths ++# files paths + CONFIG_FILE = ETC_DIR / "config.yaml" +-API_SOCK_FILE = RUN_DIR / API_SOCK_NAME ++API_SOCK_FILE = RUN_DIR / "kres-api.sock" + + # executables paths + KRESD_EXECUTABLE = SBIN_DIR / "kresd" +-- +GitLab + + +From 2b312097f4ed0c0240b70fb365ac5d1f515812bc Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ale=C5=A1=20Mr=C3=A1zek?= <[email protected]> +Date: Fri, 28 Feb 2025 10:07:35 +0100 +Subject: [PATCH 2/5] Revert "datamodel: management socket default based on + rundir" + +This reverts commit 10fb87547af05cd78e76dfb94951c34f4554d090. +--- + doc/_static/config.schema.json | 4 +-- + python/knot_resolver/client/command.py | 35 +++++-------------- + .../knot_resolver/datamodel/config_schema.py | 17 +++------ + tests/manager/datamodel/test_config_schema.py | 23 ------------ + 4 files changed, 15 insertions(+), 64 deletions(-) + +diff --git a/doc/_static/config.schema.json b/doc/_static/config.schema.json +index a429b15dd..0bedbbc4e 100644 +--- a/doc/_static/config.schema.json ++++ b/doc/_static/config.schema.json +@@ -54,7 +54,7 @@ + "default": 256 + }, + "management": { +- "description": "Configuration of management HTTP API. By default, unix-socket is located in 'rundir'.", ++ "description": "Configuration of management HTTP API.", + "type": "object", + "properties": { + "unix-socket": { +@@ -75,7 +75,7 @@ + } + }, + "default": { +- "unix_socket": "kres-api.sock", ++ "unix_socket": "/run/knot-resolver/kres-api.sock", + "interface": null + } + }, +diff --git a/python/knot_resolver/client/command.py b/python/knot_resolver/client/command.py +index 464eb16e6..3966f8ca9 100644 +--- a/python/knot_resolver/client/command.py ++++ b/python/knot_resolver/client/command.py +@@ -4,7 +4,7 @@ from pathlib import Path + from typing import Dict, List, Optional, Set, Tuple, Type, TypeVar + from urllib.parse import quote + +-from knot_resolver.constants import API_SOCK_FILE, API_SOCK_NAME, CONFIG_FILE, RUN_DIR ++from knot_resolver.constants import API_SOCK_FILE, CONFIG_FILE + from knot_resolver.datamodel.types import IPAddressPort + from knot_resolver.utils.modeling import parsing + from knot_resolver.utils.modeling.exceptions import DataValidationError +@@ -154,38 +154,21 @@ def get_socket_from_config(config: Path, optional_file: bool) -> Optional[Socket + try: + with open(config, "r", encoding="utf8") as f: + data = parsing.try_to_parse(f.read()) +- +- rkey = "rundir" +- rundir = Path(data[rkey]) if rkey in data else RUN_DIR +- + mkey = "management" + if mkey in data: + management = data[mkey] +- +- ikey = "interface" +- if ikey in data[mkey]: +- ip = IPAddressPort(data[mkey][ikey], object_path=f"/{mkey}/{ikey}") ++ if "unix-socket" in management: + return SocketDesc( +- f"http://{ip.addr}:{ip.port}";, +- f'Key "/management/interface" in "{config}" file', ++ f'http+unix://{quote(management["unix-socket"], safe="")}/', ++ f'Key "/management/unix-socket" in "{config}" file', + ) +- +- skey = "unix-socket" +- if skey in management: +- socket = Path(management[skey]) +- if not socket.is_absolute(): +- socket = rundir / socket ++ if "interface" in management: ++ ip = IPAddressPort(management["interface"], object_path=f"/{mkey}/interface") + return SocketDesc( +- f'http+unix://{quote(str(socket), safe="")}/', +- f'Key "/management/unix-socket" in "{config}" file', ++ f"http://{ip.addr}:{ip.port}";, ++ f'Key "/management/interface" in "{config}" file', + ) +- +- socket = rundir / API_SOCK_NAME +- return SocketDesc( +- f'http+unix://{quote(str(socket), safe="")}/', +- f'Key "/rundir" in "{config}" file', +- ) +- ++ return None + except ValueError as e: + raise DataValidationError(*e.args) from e # pylint: disable=no-value-for-parameter + except OSError as e: +diff --git a/python/knot_resolver/datamodel/config_schema.py b/python/knot_resolver/datamodel/config_schema.py +index f8733cb11..410e94d7c 100644 +--- a/python/knot_resolver/datamodel/config_schema.py ++++ b/python/knot_resolver/datamodel/config_schema.py +@@ -1,10 +1,9 @@ + import logging + import os + import socket +-from pathlib import Path + from typing import Any, Dict, List, Literal, Optional, Tuple, Union + +-from knot_resolver.constants import API_SOCK_NAME, RUN_DIR, VERSION ++from knot_resolver.constants import API_SOCK_FILE, RUN_DIR, VERSION + from knot_resolver.datamodel.cache_schema import CacheSchema + from knot_resolver.datamodel.defer_schema import DeferSchema + from knot_resolver.datamodel.dns64_schema import Dns64Schema +@@ -96,7 +95,7 @@ class KresConfig(ConfigSchema): + rundir: Directory where the resolver can create files and which will be it's cwd. + workers: The number of running kresd (Knot Resolver daemon) workers. If set to 'auto', it is equal to number of CPUs available. + max_workers: The maximum number of workers allowed. Cannot be changed in runtime. +- management: Configuration of management HTTP API. By default, unix-socket is located in 'rundir'. ++ management: Configuration of management HTTP API. + webmgmt: Configuration of legacy web management endpoint. + options: Fine-tuning global parameters of DNS resolver operation. + network: Network connections and protocols configuration. +@@ -119,7 +118,7 @@ class KresConfig(ConfigSchema): + rundir: WritableDir = lazy_default(WritableDir, str(RUN_DIR)) + workers: Union[Literal["auto"], IntPositive] = IntPositive(1) + max_workers: IntPositive = IntPositive(WORKERS_MAX) +- management: ManagementSchema = lazy_default(ManagementSchema, {"unix-socket": str(API_SOCK_NAME)}) ++ management: ManagementSchema = lazy_default(ManagementSchema, {"unix-socket": str(API_SOCK_FILE)}) + webmgmt: Optional[WebmgmtSchema] = None + options: OptionsSchema = OptionsSchema() + network: NetworkSchema = NetworkSchema() +@@ -174,14 +173,6 @@ class KresConfig(ConfigSchema): + ) + return obj.workers + +- def _management(self, obj: Raw) -> Any: +- if obj.management.unix_socket: +- soc = Path(obj.management.unix_socket.serialize()) +- if soc.is_absolute(): +- return obj.management +- return ManagementSchema({"unix-socket": str(obj.rundir.to_path() / soc)}) +- return obj.management +- + def _dnssec(self, obj: Raw) -> Any: + if obj.dnssec is True: + return DnssecSchema() +@@ -268,7 +259,7 @@ def kres_config_json_schema() -> Dict[str, Any]: + """ + + context = get_global_validation_context() +- set_global_validation_context(Context(RUN_DIR, False)) ++ set_global_validation_context(Context(None, False)) + + schema = KresConfig.json_schema( + schema_id=f"https://www.knot-resolver.cz/documentation/v{VERSION}/_static/config.schema.json";, +diff --git a/tests/manager/datamodel/test_config_schema.py b/tests/manager/datamodel/test_config_schema.py +index 437cade8d..9ec2b31b2 100644 +--- a/tests/manager/datamodel/test_config_schema.py ++++ b/tests/manager/datamodel/test_config_schema.py +@@ -1,9 +1,7 @@ + import inspect + import json +-import os + from typing import Any, Dict, Type, cast + +-from knot_resolver.constants import API_SOCK_FILE, API_SOCK_NAME, RUN_DIR + from knot_resolver.datamodel import KresConfig + from knot_resolver.datamodel.lua_schema import LuaSchema + from knot_resolver.utils.modeling import BaseSchema +@@ -51,31 +49,10 @@ def test_config_check_str_type(): + def test_config_defaults(): + config = KresConfig() + +- # Management API default +- assert config.management.unix_socket.to_path() == API_SOCK_FILE +- + # DNS64 default + assert config.dns64 == False + + +-def test_management_unix_socket(): +- cwd = os.getcwd() +- config = KresConfig({"rundir": cwd}) +- assert str(config.management.unix_socket) == f"{cwd}/{API_SOCK_NAME}" +- +- my_soc = "my-new.soc" +- config = KresConfig({"management": {"unix-socket": my_soc}}) +- assert str(config.management.unix_socket) == f"{RUN_DIR}/{my_soc}" +- +- +-def test_management_interface(): +- cwd = os.getcwd() +- config = KresConfig({"rundir": cwd, "management": {"interface": "127.0.0.1@5000"}}) +- +- assert config.management.unix_socket == None +- assert str(config.management.interface) == "127.0.0.1@5000" +- +- + def test_dnssec_false(): + config = KresConfig({"dnssec": False}) + +-- +GitLab + + +From c1f8f7bc043ca31b9aac96c13411769fad17f6b2 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ale=C5=A1=20Mr=C3=A1zek?= <[email protected]> +Date: Fri, 28 Feb 2025 10:14:22 +0100 +Subject: [PATCH 3/5] datamodel: management: warning that the unix-socket is + not located in rundir + +--- + python/knot_resolver/datamodel/config_schema.py | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/python/knot_resolver/datamodel/config_schema.py b/python/knot_resolver/datamodel/config_schema.py +index 410e94d7c..713c4a3e2 100644 +--- a/python/knot_resolver/datamodel/config_schema.py ++++ b/python/knot_resolver/datamodel/config_schema.py +@@ -184,6 +184,14 @@ class KresConfig(ConfigSchema): + return obj.dns64 + + def _validate(self) -> None: ++ # warn about '/management/unix-socket' not located in '/rundir' ++ if self.management.unix_socket and self.management.unix_socket.to_path().parent != self.rundir.to_path(): ++ logger.warning( ++ f"The management API unix-socket '{self.management.unix_socket}'" ++ f" is not located in the resolver's rundir '{self.rundir}'." ++ " This can lead to permissions issues." ++ ) ++ + # enforce max-workers config + workers_max = _workers_max_count() + if int(self.workers) > workers_max: +-- +GitLab + + +From 2c467aceded3cfa6eb077439d63b8637d17155c3 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ale=C5=A1=20Mr=C3=A1zek?= <[email protected]> +Date: Fri, 28 Feb 2025 10:17:17 +0100 +Subject: [PATCH 4/5] client: command: get_socket_from_config improved + +--- + python/knot_resolver/client/command.py | 15 ++++++++++----- + 1 file changed, 10 insertions(+), 5 deletions(-) + +diff --git a/python/knot_resolver/client/command.py b/python/knot_resolver/client/command.py +index 3966f8ca9..7a679885a 100644 +--- a/python/knot_resolver/client/command.py ++++ b/python/knot_resolver/client/command.py +@@ -5,7 +5,7 @@ from typing import Dict, List, Optional, Set, Tuple, Type, TypeVar + from urllib.parse import quote + + from knot_resolver.constants import API_SOCK_FILE, CONFIG_FILE +-from knot_resolver.datamodel.types import IPAddressPort ++from knot_resolver.datamodel.types import IPAddressPort, WritableFilePath + from knot_resolver.utils.modeling import parsing + from knot_resolver.utils.modeling.exceptions import DataValidationError + from knot_resolver.utils.requests import SocketDesc +@@ -154,16 +154,21 @@ def get_socket_from_config(config: Path, optional_file: bool) -> Optional[Socket + try: + with open(config, "r", encoding="utf8") as f: + data = parsing.try_to_parse(f.read()) ++ + mkey = "management" + if mkey in data: + management = data[mkey] +- if "unix-socket" in management: ++ ++ skey = "unix-socket" ++ if skey in management: ++ sock = WritableFilePath(management[skey], object_path=f"/{mkey}/{skey}") + return SocketDesc( +- f'http+unix://{quote(management["unix-socket"], safe="")}/', ++ f'http+unix://{quote(str(sock), safe="")}/', + f'Key "/management/unix-socket" in "{config}" file', + ) +- if "interface" in management: +- ip = IPAddressPort(management["interface"], object_path=f"/{mkey}/interface") ++ ikey = "interface" ++ if ikey in data[mkey]: ++ ip = IPAddressPort(management[ikey], object_path=f"/{mkey}/{ikey}") + return SocketDesc( + f"http://{ip.addr}:{ip.port}";, + f'Key "/management/interface" in "{config}" file', +-- +GitLab + + +From f9a75b65cc3664294188de8a5cb93909ea58cadd Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ale=C5=A1=20Mr=C3=A1zek?= <[email protected]> +Date: Fri, 28 Feb 2025 10:18:04 +0100 +Subject: [PATCH 5/5] NEWS: update about revert + +--- + NEWS | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/NEWS b/NEWS +index 70f5db2f0..614177308 100644 +--- a/NEWS ++++ b/NEWS +@@ -1,3 +1,11 @@ ++Knot Resolver 6.0.12 (2025-0m-dd) ++================================= ++ ++Bugfixes ++-------- ++- /management/unix-socket: revert to absolute path (#926, !1664) ++ ++ + Knot Resolver 6.0.11 (2025-02-26) + ================================= + +-- +GitLab + diff --git a/net-dns/knot-resolver/knot-resolver-6.0.11.ebuild b/net-dns/knot-resolver/knot-resolver-6.0.11.ebuild new file mode 100644 index 000000000000..c7cbc691b42a --- /dev/null +++ b/net-dns/knot-resolver/knot-resolver-6.0.11.ebuild @@ -0,0 +1,185 @@ +# Copyright 2024-2025 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +LUA_COMPAT=( luajit ) +DISTUTILS_EXT=1 +DISTUTILS_OPTIONAL=1 +DISTUTILS_SINGLE_IMPL=1 +DISTUTILS_USE_PEP517=poetry +PYTHON_COMPAT=( python3_{10..13} ) + +inherit distutils-r1 lua-single meson optfeature tmpfiles verify-sig + +DESCRIPTION="A scaleable caching DNS resolver" +HOMEPAGE="https://www.knot-resolver.cz https://gitlab.nic.cz/knot/knot-resolver"; + +SRC_URI=" + https://knot-resolver.nic.cz/release/${P}.tar.xz + verify-sig? ( https://knot-resolver.nic.cz/release/${P}.tar.xz.asc ) +" + +LICENSE="Apache-2.0 BSD CC0-1.0 GPL-3+ LGPL-2.1+ MIT" +SLOT="0" +KEYWORDS="~amd64" + +IUSE="caps dnstap jemalloc +manager nghttp2 systemd test xdp" +RESTRICT="!test? ( test )" +REQUIRED_USE=" + ${LUA_REQUIRED_USE} + manager? ( ${PYTHON_REQUIRED_USE} ) +" + +RDEPEND=" + ${LUA_DEPS} + acct-group/knot-resolver + acct-user/knot-resolver + dev-db/lmdb:= + dev-libs/libuv:= + >=net-dns/knot-3.3:=[xdp?] + net-libs/gnutls:= + caps? ( sys-libs/libcap-ng ) + dnstap? ( + dev-libs/fstrm + dev-libs/protobuf-c:= + ) + jemalloc? ( dev-libs/jemalloc:= ) + manager? ( + ${PYTHON_DEPS} + $(python_gen_cond_dep ' + app-admin/supervisor[${PYTHON_USEDEP}] + dev-python/aiohttp[${PYTHON_USEDEP}] + dev-python/jinja2[${PYTHON_USEDEP}] + dev-python/pyyaml[${PYTHON_USEDEP}] + dev-python/typing-extensions[${PYTHON_USEDEP}] + ') + ) + nghttp2? ( net-libs/nghttp2:= ) + systemd? ( sys-apps/systemd:= ) +" +DEPEND=" + ${RDEPEND} + test? ( + dev-util/cmocka + manager? ( + $(python_gen_cond_dep ' + dev-python/pyparsing[${PYTHON_USEDEP}] + dev-python/pytest-asyncio[${PYTHON_USEDEP}] + dev-python/tomli[${PYTHON_USEDEP}] + ') + ) + ) +" +BDEPEND=" + virtual/pkgconfig + manager? ( + ${DISTUTILS_DEPS} + ${PYTHON_DEPS} + ) + verify-sig? ( >=sec-keys/openpgp-keys-knot-resolver-20240304 ) +" + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/${PN}.gpg + +PATCHES=( + "${FILESDIR}"/${PN}-5.5.3-docdir.patch + "${FILESDIR}"/${PN}-5.5.3-nghttp-openssl.patch + "${FILESDIR}"/${PN}-6.0.9-libsystemd.patch + "${FILESDIR}"/${PN}-6.0.9-config-example.patch + "${FILESDIR}"/${PN}-6.0.9-pytest_tomli.patch + # to be removed at next release 6.0.12 + "${FILESDIR}"/${PN}-6.0.11-abs_path_socket.patch +) + +pkg_setup() { + lua-single_pkg_setup + use manager && python-single-r1_pkg_setup +} + +src_prepare() { + default + use manager && distutils-r1_src_prepare +} + +src_configure() { + local emesonargs=( + --localstatedir "${EPREFIX}"/var # double lib + # https://bugs.gentoo.org/870019 + -Dauto_features=disabled + # post-install tests + -Dconfig_tests=disabled + -Ddoc=disabled + -Ddocdir="${EPREFIX}"/usr/share/doc/${PF} + -Dinstall_kresd_conf=enabled + -Dopenssl=disabled + -Dmalloc=$(usex jemalloc jemalloc disabled) + -Dsystemd_files=enabled + $(meson_feature caps capng) + $(meson_feature dnstap) + $(meson_feature nghttp2) + $(meson_feature systemd) + $(meson_feature systemd systemd_legacy_units) + $(meson_feature test unit_tests) + ) + meson_src_configure +} + +src_compile() { + meson_src_compile + use manager && distutils-r1_src_compile +} + +src_test() { + meson_src_test + use manager && distutils-r1_src_test +} + +python_test() { + epytest tests/manager +} + +src_install() { + meson_src_install + if use manager; then + distutils-r1_src_install + newinitd "${FILESDIR}"/knot-resolver.initd knot-resolver + newconfd "${FILESDIR}"/knot-resolver.confd knot-resolver + else + rm "${ED}"/usr/lib/systemd/system/knot-resolver.service || die + fi + fowners -R ${PN}: /etc/${PN} + newinitd "${FILESDIR}"/kresd.initd-r2 kresd + newconfd "${FILESDIR}"/kresd.confd-r1 kresd + newinitd "${FILESDIR}"/kres-cache-gc.initd kres-cache-gc +} + +pkg_postinst() { + tmpfiles_process knot-resolver.conf + if use manager; then + elog "You choose the new way, called the manager, to start Knot Resolver:" + use systemd && elog " systemctl start knot-resolver.service" + use !systemd && elog " /etc/init.d/knot-resolver start" + elog "Configuration file: /etc/knot-resolver/config.yaml" + elog "" + elog "The older way, without the manager, is still available:" + else + elog "You choose the older way, without the manager, to start Knot Resolver:" + fi + use systemd && elog " systemctl start [email protected]" + use !systemd && elog " /etc/init.d/kresd start" + elog "Configuration file: /etc/knot-resolver/kresd.conf" + elog "Optional garbage collector: /etc/init.d/kres-cache-gc" + elog "" + use !manager && elog "The new way is available with the useflag manager." + elog "" + + optfeature_header "This package is recommended with Knot Resolver:" + optfeature "asynchronous execution, especially with policy module" dev-lua/cqueues + elog "" + optfeature_header "Other packages may also be useful:" + use manager && optfeature "Prometheus metrics (need manager)" dev-python/prometheus-client + use manager && optfeature "auto-reload TLS certificate files (need manager)" dev-python/watchdog + optfeature "legacy doh and webmgmt (metrics, tracking)" dev-lua/lua-http + optfeature "server map with geoIP database (webmgmt)" dev-lua/lua-mmdb +}
