summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--pcr/opendnssec/LICENSE56
-rw-r--r--pcr/opendnssec/ods-enforcer.service13
-rw-r--r--pcr/opendnssec/ods-signer.service13
-rw-r--r--pcr/opendnssec/opendnssec.install27
-rw-r--r--pcr/opendnssec/pid-path.patch24
5 files changed, 133 insertions, 0 deletions
diff --git a/pcr/opendnssec/LICENSE b/pcr/opendnssec/LICENSE
new file mode 100644
index 000000000..5700d408a
--- /dev/null
+++ b/pcr/opendnssec/LICENSE
@@ -0,0 +1,56 @@
+/*
+ * Copyright (c) 2009 Nominet UK. All rights reserved.
+ * Copyright (c) 2010 .SE (The Internet Infrastructure Foundation).
+ * Copyright (c) 2009 NLNet Labs.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
+ * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
+ * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Copyright (c) 1998 Todd C. Miller <Todd.Miller@courtesan.com>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/* pkcs11.h
+ Copyright 2006, 2007 g10 Code GmbH
+ Copyright 2006 Andreas Jellinghaus
+
+ This file is free software; as a special exception the author gives
+ unlimited permission to copy and/or distribute it, with or without
+ modifications, as long as this notice is preserved.
+
+ This file is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY, to the extent permitted by law; without even
+ the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+ PURPOSE. */ \ No newline at end of file
diff --git a/pcr/opendnssec/ods-enforcer.service b/pcr/opendnssec/ods-enforcer.service
new file mode 100644
index 000000000..f0d0050d0
--- /dev/null
+++ b/pcr/opendnssec/ods-enforcer.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=OpenDNSSEC Enforcer
+After=syslog.target network.target
+
+[Service]
+Type=forking
+PIDFile=/run/opendnssec/enforcerd.pid
+ExecStart=/usr/bin/ods-control enforcer start
+ExecStop=/usr/bin/ods-control enforcer stop
+
+[Install]
+WantedBy=multi-user.target
+
diff --git a/pcr/opendnssec/ods-signer.service b/pcr/opendnssec/ods-signer.service
new file mode 100644
index 000000000..26cc03481
--- /dev/null
+++ b/pcr/opendnssec/ods-signer.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=OpenDNSSEC Signer
+After=syslog.target nerwork.target
+
+[Service]
+Type=forking
+PIDFile=/run/opendnssec/signerd.pid
+ExecStart=/usr/bin/ods-control signer start
+ExecStop=/usr/bin/ods-control signer stop
+
+[Install]
+WantedBy=multi-user.target
+
diff --git a/pcr/opendnssec/opendnssec.install b/pcr/opendnssec/opendnssec.install
new file mode 100644
index 000000000..0c74659ee
--- /dev/null
+++ b/pcr/opendnssec/opendnssec.install
@@ -0,0 +1,27 @@
+post_install() {
+ if [ -z "`grep '^opendnssec:' /etc/group`" ]; then
+ groupadd -g 227 opendnssec
+ fi
+ if [ -z "`grep '^opendnssec:' /etc/passwd`" ]; then
+ useradd -u 227 -d /var/lib/opendnssec -g opendnssec -s /bin/false opendnssec
+ fi
+
+ echo ">> You need an HSM implementation (try softhsm)"
+}
+
+
+post_upgrade() {
+ post_install $1
+ OLD=$(echo $2 | sed "s/\(.*\)\.\(.*\)\.\(.*\)/\1\.\2/g")
+ NEW=$(echo $1 | sed "s/\(.*\)\.\(.*\)\.\(.*\)/\1\.\2/g")
+ if [ $OLD != "1.4" -a $NEW == "1.4" ]; then
+ echo ">> NOTICE: UPGRADE TO 1.4"
+ echo "This update requires upgrading the database"
+ echo "Run /usr/share/opendnssec/migrate_adapters_1.sqlite3 on your kasp database"
+ echo "e.g: sqlite3 kasp.db < /usr/share/opendnssec/migrate_adapters_1.sqlite3"
+ fi
+}
+
+post_remove() {
+ userdel opendnssec
+}
diff --git a/pcr/opendnssec/pid-path.patch b/pcr/opendnssec/pid-path.patch
new file mode 100644
index 000000000..88c750cf2
--- /dev/null
+++ b/pcr/opendnssec/pid-path.patch
@@ -0,0 +1,24 @@
+--- Makefile.am 2012-07-17 08:53:51.000000000 +0200
++++ Makefile.am 2012-11-20 21:56:11.000000000 +0100
+@@ -30,8 +30,8 @@
+ $(INSTALL) -d $(DESTDIR)$(localstatedir)/opendnssec/signconf
+ $(INSTALL) -d $(DESTDIR)$(localstatedir)/opendnssec/unsigned
+ $(INSTALL) -d $(DESTDIR)$(localstatedir)/opendnssec/signed
+- $(INSTALL) -d $(DESTDIR)$(localstatedir)/run
+- $(INSTALL) -d $(DESTDIR)$(localstatedir)/run/opendnssec
++ $(INSTALL) -d $(DESTDIR)/var/run
++ $(INSTALL) -d $(DESTDIR)/var/run/opendnssec
+
+ docs:
+ (cd libhsm; $(MAKE) doxygen)
+--- m4/opendnssec_common.m4 2012-11-01 11:56:59.000000000 +0100
++++ m4/opendnssec_common.m4 2012-11-20 21:52:56.000000000 +0100
+@@ -19,7 +19,7 @@
+ OPENDNSSEC_DATA_DIR=$full_datadir/opendnssec
+ OPENDNSSEC_SYSCONF_DIR=$full_sysconfdir/opendnssec
+ OPENDNSSEC_LOCALSTATE_DIR="$full_localstatedir/opendnssec"
+-OPENDNSSEC_PID_DIR="$full_localstatedir/run/opendnssec"
++OPENDNSSEC_PID_DIR="/var/run/opendnssec"
+
+ AC_SUBST([OPENDNSSEC_BIN_DIR])
+ AC_SUBST([OPENDNSSEC_SBIN_DIR])