diff options
-rw-r--r-- | pcr/opendnssec/LICENSE | 56 | ||||
-rw-r--r-- | pcr/opendnssec/ods-enforcer.service | 13 | ||||
-rw-r--r-- | pcr/opendnssec/ods-signer.service | 13 | ||||
-rw-r--r-- | pcr/opendnssec/opendnssec.install | 27 | ||||
-rw-r--r-- | pcr/opendnssec/pid-path.patch | 24 |
5 files changed, 133 insertions, 0 deletions
diff --git a/pcr/opendnssec/LICENSE b/pcr/opendnssec/LICENSE new file mode 100644 index 000000000..5700d408a --- /dev/null +++ b/pcr/opendnssec/LICENSE @@ -0,0 +1,56 @@ +/* + * Copyright (c) 2009 Nominet UK. All rights reserved. + * Copyright (c) 2010 .SE (The Internet Infrastructure Foundation). + * Copyright (c) 2009 NLNet Labs. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER + * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN + * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/* + * Copyright (c) 1998 Todd C. Miller <Todd.Miller@courtesan.com> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +/* pkcs11.h + Copyright 2006, 2007 g10 Code GmbH + Copyright 2006 Andreas Jellinghaus + + This file is free software; as a special exception the author gives + unlimited permission to copy and/or distribute it, with or without + modifications, as long as this notice is preserved. + + This file is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY, to the extent permitted by law; without even + the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR + PURPOSE. */
\ No newline at end of file diff --git a/pcr/opendnssec/ods-enforcer.service b/pcr/opendnssec/ods-enforcer.service new file mode 100644 index 000000000..f0d0050d0 --- /dev/null +++ b/pcr/opendnssec/ods-enforcer.service @@ -0,0 +1,13 @@ +[Unit] +Description=OpenDNSSEC Enforcer +After=syslog.target network.target + +[Service] +Type=forking +PIDFile=/run/opendnssec/enforcerd.pid +ExecStart=/usr/bin/ods-control enforcer start +ExecStop=/usr/bin/ods-control enforcer stop + +[Install] +WantedBy=multi-user.target + diff --git a/pcr/opendnssec/ods-signer.service b/pcr/opendnssec/ods-signer.service new file mode 100644 index 000000000..26cc03481 --- /dev/null +++ b/pcr/opendnssec/ods-signer.service @@ -0,0 +1,13 @@ +[Unit] +Description=OpenDNSSEC Signer +After=syslog.target nerwork.target + +[Service] +Type=forking +PIDFile=/run/opendnssec/signerd.pid +ExecStart=/usr/bin/ods-control signer start +ExecStop=/usr/bin/ods-control signer stop + +[Install] +WantedBy=multi-user.target + diff --git a/pcr/opendnssec/opendnssec.install b/pcr/opendnssec/opendnssec.install new file mode 100644 index 000000000..0c74659ee --- /dev/null +++ b/pcr/opendnssec/opendnssec.install @@ -0,0 +1,27 @@ +post_install() { + if [ -z "`grep '^opendnssec:' /etc/group`" ]; then + groupadd -g 227 opendnssec + fi + if [ -z "`grep '^opendnssec:' /etc/passwd`" ]; then + useradd -u 227 -d /var/lib/opendnssec -g opendnssec -s /bin/false opendnssec + fi + + echo ">> You need an HSM implementation (try softhsm)" +} + + +post_upgrade() { + post_install $1 + OLD=$(echo $2 | sed "s/\(.*\)\.\(.*\)\.\(.*\)/\1\.\2/g") + NEW=$(echo $1 | sed "s/\(.*\)\.\(.*\)\.\(.*\)/\1\.\2/g") + if [ $OLD != "1.4" -a $NEW == "1.4" ]; then + echo ">> NOTICE: UPGRADE TO 1.4" + echo "This update requires upgrading the database" + echo "Run /usr/share/opendnssec/migrate_adapters_1.sqlite3 on your kasp database" + echo "e.g: sqlite3 kasp.db < /usr/share/opendnssec/migrate_adapters_1.sqlite3" + fi +} + +post_remove() { + userdel opendnssec +} diff --git a/pcr/opendnssec/pid-path.patch b/pcr/opendnssec/pid-path.patch new file mode 100644 index 000000000..88c750cf2 --- /dev/null +++ b/pcr/opendnssec/pid-path.patch @@ -0,0 +1,24 @@ +--- Makefile.am 2012-07-17 08:53:51.000000000 +0200 ++++ Makefile.am 2012-11-20 21:56:11.000000000 +0100 +@@ -30,8 +30,8 @@ + $(INSTALL) -d $(DESTDIR)$(localstatedir)/opendnssec/signconf + $(INSTALL) -d $(DESTDIR)$(localstatedir)/opendnssec/unsigned + $(INSTALL) -d $(DESTDIR)$(localstatedir)/opendnssec/signed +- $(INSTALL) -d $(DESTDIR)$(localstatedir)/run +- $(INSTALL) -d $(DESTDIR)$(localstatedir)/run/opendnssec ++ $(INSTALL) -d $(DESTDIR)/var/run ++ $(INSTALL) -d $(DESTDIR)/var/run/opendnssec + + docs: + (cd libhsm; $(MAKE) doxygen) +--- m4/opendnssec_common.m4 2012-11-01 11:56:59.000000000 +0100 ++++ m4/opendnssec_common.m4 2012-11-20 21:52:56.000000000 +0100 +@@ -19,7 +19,7 @@ + OPENDNSSEC_DATA_DIR=$full_datadir/opendnssec + OPENDNSSEC_SYSCONF_DIR=$full_sysconfdir/opendnssec + OPENDNSSEC_LOCALSTATE_DIR="$full_localstatedir/opendnssec" +-OPENDNSSEC_PID_DIR="$full_localstatedir/run/opendnssec" ++OPENDNSSEC_PID_DIR="/var/run/opendnssec" + + AC_SUBST([OPENDNSSEC_BIN_DIR]) + AC_SUBST([OPENDNSSEC_SBIN_DIR]) |