From f5a5ca28e9d700f74c026a5d115bce2cac99a9c5 Mon Sep 17 00:00:00 2001 From: Nicolás Reynolds Date: Mon, 10 Jun 2013 21:02:30 -0300 Subject: opendnssec! --- pcr/opendnssec/PKGBUILD | 74 +++++++++++++++++++++++++++++++++++++++++++++++++ pcr/softhsm/PKGBUILD | 46 ++++++++++++++++++++++++++++++ 2 files changed, 120 insertions(+) create mode 100644 pcr/opendnssec/PKGBUILD create mode 100644 pcr/softhsm/PKGBUILD diff --git a/pcr/opendnssec/PKGBUILD b/pcr/opendnssec/PKGBUILD new file mode 100644 index 000000000..1810d94a1 --- /dev/null +++ b/pcr/opendnssec/PKGBUILD @@ -0,0 +1,74 @@ +# Maintainer: Javier Torres + +pkgname=opendnssec +pkgver=1.4.0 +pkgrel=2 +pkgdesc="Turn-key solution for DNSSEC (sqlite3)" +arch=('i686' 'x86_64' 'mips64el') +url="http://www.opendnssec.org/" +license=('BSD') +depends=('libxml2' 'ldns' 'sqlite3' 'softhsm') +backup=("etc/opendnssec/conf.xml" + "etc/opendnssec/kasp.xml" + "etc/opendnssec/zonelist.xml") +install="opendnssec.install" +source=("http://www.opendnssec.org/files/source/${pkgname}-${pkgver}.tar.gz"{,.sig} + "pid-path.patch" + "ods-signer.service" + "ods-enforcer.service") +sha256sums=('36d4926dcdf351a527ad7600b151ab6cc56d0a472a7eb8871eecd70afef9e101' + 'SKIP' + '487a4c05a07feb97c865ddc4c13d00eea6ce8b2b1e5031983c15484f4991ebed' + '1a8cdec0e97a33048956268b766da570f8f7a90d05af59e547219f1381832071' + '75cecbfb0ece13957a68a5bc39c20a1d69b95373e7473545d70621e1732733d8') + +prepare() { + cd "${srcdir}/${pkgname}-${pkgver}" + # /var/lib/run -> /var/run + patch -p0 -i "${srcdir}/pid-path.patch" + + aclocal + autoconf + automake --add-missing +} + +build() { + cd "${srcdir}/${pkgname}-${pkgver}" + + ./configure --prefix=/usr \ + --datarootdir=/usr/share \ + --localstatedir=/var/lib \ + --sysconfdir=/etc \ + --with-pkcs11-softhsm=/usr/lib/libsofthsm.so \ + --sbindir=/usr/bin + + # Create the correct (/var/run/opendnssec) directory + sed -i \ + -e "s/\$(INSTALL) -d \$(DESTDIR)\$(localstatedir)\/run\/opendnssec/#Removed/" \ + -e "s/\$(INSTALL) -d \$(DESTDIR)\$(localstatedir)\/run/\$(INSTALL) -d \$(DESTDIR)\$(OPENDNSSEC_PID_DIR)/" \ + Makefile + + make +} + +package() { + cd "${srcdir}/${pkgname}-${pkgver}" + + install -d "${pkgdir}/var/run/opendnssec" + + make DESTDIR="${pkgdir}" install + + install -d "${pkgdir}/etc/rc.d" + install -Dm0644 "${srcdir}/ods-signer.service" \ + "${pkgdir}/usr/lib/systemd/system/ods-signer.service" + install -Dm0644 "${srcdir}/ods-enforcer.service" \ + "${pkgdir}/usr/lib/systemd/system/ods-enforcer.service" + install -Dm0644 "LICENSE" \ + "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE" + install -Dm0644 "enforcer/utils/migrate_adapters_1.sqlite3" \ + "${pkgdir}/usr/share/opendnssec" + + chown 227:227 "${pkgdir}/etc/opendnssec" -R + chown 227:227 "${pkgdir}/var/lib/opendnssec" -R + chown 227:227 "${pkgdir}/var/run/opendnssec" -R +} diff --git a/pcr/softhsm/PKGBUILD b/pcr/softhsm/PKGBUILD new file mode 100644 index 000000000..f3fbcecaf --- /dev/null +++ b/pcr/softhsm/PKGBUILD @@ -0,0 +1,46 @@ +# Maintainer: Javier Torres + +pkgname=softhsm +pkgver=1.3.4 +pkgrel=1 +pkgdesc="Software PKCS11 store" +arch=('i686' 'x86_64') +url="http://www.opendnssec.org/softhsm/" +license=('custom' 'BSD') +depends=('botan' 'sqlite3') +backup=("etc/softhsm.conf") +source=("http://www.opendnssec.org/files/source/${pkgname}-${pkgver}.tar.gz"{,.sig}) +sha1sums=('f09b6828776bcf9fef1dd46cfa7a495da01c7747' + 'SKIP') +sha256sums=('f10319dfa651023dad3d0845d284ec08ef982c1fc1bdb55cf8a725f762961e97' + 'SKIP') +prepare() { + cd "${srcdir}/${pkgname}-${pkgver}" + + # /usr/lib/softhsm -> /usr/bin (no subdirectory) + sed -i \ + -e "s/full_libdir=\"\$full_libdir\/softhsm\"/#full_libdir=\"\$full_libdir\/softhsm\"/" \ + -e "s/libdir=\$full_libdir/#libdir=\$full_libdir/" \ + configure +} + +build() { + cd "${srcdir}/${pkgname}-${pkgver}" + + ./configure --prefix=/usr \ + --sbindir=/usr/bin \ + --datarootdir=/usr/share \ + --localstatedir=/var/lib \ + --sysconfdir=/etc \ + --with-botan=/usr + make +} + +package() { + cd "${srcdir}/${pkgname}-${pkgver}" + + make DESTDIR="${pkgdir}/" install + + install -Dm0644 "LICENSE" \ + "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE" +} -- cgit v1.2.3 From c6ba94c8ed95924b3f550ac491038fefb0530176 Mon Sep 17 00:00:00 2001 From: Nicolás Reynolds Date: Mon, 10 Jun 2013 21:39:22 -0300 Subject: opendnssec: missing files --- pcr/opendnssec/LICENSE | 56 +++++++++++++++++++++++++++++++++++++ pcr/opendnssec/ods-enforcer.service | 13 +++++++++ pcr/opendnssec/ods-signer.service | 13 +++++++++ pcr/opendnssec/opendnssec.install | 27 ++++++++++++++++++ pcr/opendnssec/pid-path.patch | 24 ++++++++++++++++ 5 files changed, 133 insertions(+) create mode 100644 pcr/opendnssec/LICENSE create mode 100644 pcr/opendnssec/ods-enforcer.service create mode 100644 pcr/opendnssec/ods-signer.service create mode 100644 pcr/opendnssec/opendnssec.install create mode 100644 pcr/opendnssec/pid-path.patch diff --git a/pcr/opendnssec/LICENSE b/pcr/opendnssec/LICENSE new file mode 100644 index 000000000..5700d408a --- /dev/null +++ b/pcr/opendnssec/LICENSE @@ -0,0 +1,56 @@ +/* + * Copyright (c) 2009 Nominet UK. All rights reserved. + * Copyright (c) 2010 .SE (The Internet Infrastructure Foundation). + * Copyright (c) 2009 NLNet Labs. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER + * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN + * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/* + * Copyright (c) 1998 Todd C. Miller + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +/* pkcs11.h + Copyright 2006, 2007 g10 Code GmbH + Copyright 2006 Andreas Jellinghaus + + This file is free software; as a special exception the author gives + unlimited permission to copy and/or distribute it, with or without + modifications, as long as this notice is preserved. + + This file is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY, to the extent permitted by law; without even + the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR + PURPOSE. */ \ No newline at end of file diff --git a/pcr/opendnssec/ods-enforcer.service b/pcr/opendnssec/ods-enforcer.service new file mode 100644 index 000000000..f0d0050d0 --- /dev/null +++ b/pcr/opendnssec/ods-enforcer.service @@ -0,0 +1,13 @@ +[Unit] +Description=OpenDNSSEC Enforcer +After=syslog.target network.target + +[Service] +Type=forking +PIDFile=/run/opendnssec/enforcerd.pid +ExecStart=/usr/bin/ods-control enforcer start +ExecStop=/usr/bin/ods-control enforcer stop + +[Install] +WantedBy=multi-user.target + diff --git a/pcr/opendnssec/ods-signer.service b/pcr/opendnssec/ods-signer.service new file mode 100644 index 000000000..26cc03481 --- /dev/null +++ b/pcr/opendnssec/ods-signer.service @@ -0,0 +1,13 @@ +[Unit] +Description=OpenDNSSEC Signer +After=syslog.target nerwork.target + +[Service] +Type=forking +PIDFile=/run/opendnssec/signerd.pid +ExecStart=/usr/bin/ods-control signer start +ExecStop=/usr/bin/ods-control signer stop + +[Install] +WantedBy=multi-user.target + diff --git a/pcr/opendnssec/opendnssec.install b/pcr/opendnssec/opendnssec.install new file mode 100644 index 000000000..0c74659ee --- /dev/null +++ b/pcr/opendnssec/opendnssec.install @@ -0,0 +1,27 @@ +post_install() { + if [ -z "`grep '^opendnssec:' /etc/group`" ]; then + groupadd -g 227 opendnssec + fi + if [ -z "`grep '^opendnssec:' /etc/passwd`" ]; then + useradd -u 227 -d /var/lib/opendnssec -g opendnssec -s /bin/false opendnssec + fi + + echo ">> You need an HSM implementation (try softhsm)" +} + + +post_upgrade() { + post_install $1 + OLD=$(echo $2 | sed "s/\(.*\)\.\(.*\)\.\(.*\)/\1\.\2/g") + NEW=$(echo $1 | sed "s/\(.*\)\.\(.*\)\.\(.*\)/\1\.\2/g") + if [ $OLD != "1.4" -a $NEW == "1.4" ]; then + echo ">> NOTICE: UPGRADE TO 1.4" + echo "This update requires upgrading the database" + echo "Run /usr/share/opendnssec/migrate_adapters_1.sqlite3 on your kasp database" + echo "e.g: sqlite3 kasp.db < /usr/share/opendnssec/migrate_adapters_1.sqlite3" + fi +} + +post_remove() { + userdel opendnssec +} diff --git a/pcr/opendnssec/pid-path.patch b/pcr/opendnssec/pid-path.patch new file mode 100644 index 000000000..88c750cf2 --- /dev/null +++ b/pcr/opendnssec/pid-path.patch @@ -0,0 +1,24 @@ +--- Makefile.am 2012-07-17 08:53:51.000000000 +0200 ++++ Makefile.am 2012-11-20 21:56:11.000000000 +0100 +@@ -30,8 +30,8 @@ + $(INSTALL) -d $(DESTDIR)$(localstatedir)/opendnssec/signconf + $(INSTALL) -d $(DESTDIR)$(localstatedir)/opendnssec/unsigned + $(INSTALL) -d $(DESTDIR)$(localstatedir)/opendnssec/signed +- $(INSTALL) -d $(DESTDIR)$(localstatedir)/run +- $(INSTALL) -d $(DESTDIR)$(localstatedir)/run/opendnssec ++ $(INSTALL) -d $(DESTDIR)/var/run ++ $(INSTALL) -d $(DESTDIR)/var/run/opendnssec + + docs: + (cd libhsm; $(MAKE) doxygen) +--- m4/opendnssec_common.m4 2012-11-01 11:56:59.000000000 +0100 ++++ m4/opendnssec_common.m4 2012-11-20 21:52:56.000000000 +0100 +@@ -19,7 +19,7 @@ + OPENDNSSEC_DATA_DIR=$full_datadir/opendnssec + OPENDNSSEC_SYSCONF_DIR=$full_sysconfdir/opendnssec + OPENDNSSEC_LOCALSTATE_DIR="$full_localstatedir/opendnssec" +-OPENDNSSEC_PID_DIR="$full_localstatedir/run/opendnssec" ++OPENDNSSEC_PID_DIR="/var/run/opendnssec" + + AC_SUBST([OPENDNSSEC_BIN_DIR]) + AC_SUBST([OPENDNSSEC_SBIN_DIR]) -- cgit v1.2.3 From 9505db13f5db4a7b73d6fe0d6435ed69fb375d80 Mon Sep 17 00:00:00 2001 From: Nicolás Reynolds Date: Tue, 11 Jun 2013 12:26:55 -0300 Subject: opendnssec: secure data dirs --- pcr/opendnssec/PKGBUILD | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/pcr/opendnssec/PKGBUILD b/pcr/opendnssec/PKGBUILD index 1810d94a1..065a1ec68 100644 --- a/pcr/opendnssec/PKGBUILD +++ b/pcr/opendnssec/PKGBUILD @@ -2,7 +2,7 @@ pkgname=opendnssec pkgver=1.4.0 -pkgrel=2 +pkgrel=3 pkgdesc="Turn-key solution for DNSSEC (sqlite3)" arch=('i686' 'x86_64' 'mips64el') url="http://www.opendnssec.org/" @@ -68,7 +68,10 @@ package() { install -Dm0644 "enforcer/utils/migrate_adapters_1.sqlite3" \ "${pkgdir}/usr/share/opendnssec" - chown 227:227 "${pkgdir}/etc/opendnssec" -R - chown 227:227 "${pkgdir}/var/lib/opendnssec" -R - chown 227:227 "${pkgdir}/var/run/opendnssec" -R + chown -R 227:227 "${pkgdir}/etc/opendnssec" \ + "${pkgdir}/var/lib/opendnssec" \ + "${pkgdir}/var/run/opendnssec" + chmod 750 "${pkgdir}/etc/opendnssec" \ + "${pkgdir}/var/lib/opendnssec" \ + "${pkgdir}/var/run/opendnssec" } -- cgit v1.2.3 From 916db147cf27a516cd2d6c43ca05e04dde01ddd4 Mon Sep 17 00:00:00 2001 From: Luke Shumaker Date: Tue, 11 Jun 2013 21:00:33 -0600 Subject: update libre/libretools, add libre/distcc-nozeroconf --- libre/distcc-nozeroconf/PKGBUILD | 59 +++++++++++++++++++++++++++++++++ libre/distcc-nozeroconf/distccd.conf.d | 7 ++++ libre/distcc-nozeroconf/distccd.service | 12 +++++++ libre/libretools/PKGBUILD | 6 ++-- 4 files changed, 81 insertions(+), 3 deletions(-) create mode 100644 libre/distcc-nozeroconf/PKGBUILD create mode 100644 libre/distcc-nozeroconf/distccd.conf.d create mode 100644 libre/distcc-nozeroconf/distccd.service diff --git a/libre/distcc-nozeroconf/PKGBUILD b/libre/distcc-nozeroconf/PKGBUILD new file mode 100644 index 000000000..2537b2f87 --- /dev/null +++ b/libre/distcc-nozeroconf/PKGBUILD @@ -0,0 +1,59 @@ +# $Id: PKGBUILD 90657 2013-05-13 14:21:37Z spupykin $ +# Maintainer: Sergej Pupykin +# Maintainer: Judd Vinet +# Contributor: Giovanni Scafora + +_pkgname=distcc +pkgname=distcc-nozeroconf +pkgver=3.1 +provides=("$_pkgname=$pkgver") +conflicts=("$_pkgname") +pkgrel=11 +pkgdesc="A distributed C, C++, Obj C compiler (without zeroconf support)" +arch=('i686' 'x86_64') +url="http://code.google.com/p/distcc/" +license=('GPL') +depends=('gcc' 'popt') +makedepends=('gtk2' 'pkgconfig' 'python2') +optdepends=('gtk2: for distccmon-gnome' + 'python2') +backup=('etc/conf.d/distccd' + 'etc/distcc/hosts') +source=(http://distcc.googlecode.com/files/${_pkgname}-${pkgver}.tar.bz2 + distccd.conf.d + distccd.service) +md5sums=('a1a9d3853df7133669fffec2a9aab9f3' + '239aae53250e3e35288cba566bc0bbf1' + '09f0688da9c1840e518d2593bd5c3830') + +build() { + cd "${srcdir}/${_pkgname}-${pkgver}" + + [ -f Makefile ] || PYTHON=/usr/bin/python2 ./configure --prefix=/usr \ + --with-gtk \ + --sysconfdir=/etc \ + --mandir=/usr/share/man \ + --without-avahi + + make WERROR_CFLAGS= INCLUDESERVER_PYTHON=/usr/bin/python2 +} + +check() { + cd "${srcdir}/${_pkgname}-${pkgver}" +# make TEST_PYTHON=/usr/bin/python2 check +} + +package() { + cd "${srcdir}/${_pkgname}-${pkgver}" + make DESTDIR="${pkgdir}/" INCLUDESERVER_PYTHON=/usr/bin/python2 install + install -D -m644 ${srcdir}/distccd.conf.d ${pkgdir}/etc/conf.d/distccd + + install -d ${pkgdir}/usr/lib/${_pkgname}/bin + ln -sf /usr/bin/${_pkgname} ${pkgdir}/usr/lib/${_pkgname}/bin/cc + ln -sf /usr/bin/${_pkgname} ${pkgdir}/usr/lib/${_pkgname}/bin/gcc + ln -sf /usr/bin/${_pkgname} ${pkgdir}/usr/lib/${_pkgname}/bin/g++ + ln -sf /usr/bin/${_pkgname} ${pkgdir}/usr/lib/${_pkgname}/bin/c++ + ln -sf /usr/bin/${_pkgname} ${pkgdir}/usr/lib/${_pkgname}/bin/cpp + + install -Dm0644 $srcdir/distccd.service $pkgdir/usr/lib/systemd/system/distccd.service +} diff --git a/libre/distcc-nozeroconf/distccd.conf.d b/libre/distcc-nozeroconf/distccd.conf.d new file mode 100644 index 000000000..2fe7a4cc6 --- /dev/null +++ b/libre/distcc-nozeroconf/distccd.conf.d @@ -0,0 +1,7 @@ +# +# Parameters to be passed to distccd +# +# You must explicitly add IPs (or subnets) that are allowed to connect, +# using the --allow switch. See the distccd manpage for more info. +# +DISTCC_ARGS="--allow 127.0.0.1" diff --git a/libre/distcc-nozeroconf/distccd.service b/libre/distcc-nozeroconf/distccd.service new file mode 100644 index 000000000..0b72fecc3 --- /dev/null +++ b/libre/distcc-nozeroconf/distccd.service @@ -0,0 +1,12 @@ +[Unit] +Description=A distributed C/C++ compiler +Documentation=man:distccd(1) +After=network.target + +[Service] +User=nobody +EnvironmentFile=/etc/conf.d/distccd +ExecStart=/usr/bin/distccd --no-detach --daemon $DISTCC_ARGS + +[Install] +WantedBy=multi-user.target diff --git a/libre/libretools/PKGBUILD b/libre/libretools/PKGBUILD index 29fedec00..49dc7feb2 100644 --- a/libre/libretools/PKGBUILD +++ b/libre/libretools/PKGBUILD @@ -9,8 +9,8 @@ pkgdesc="Programs for Parabola development" url="https://projects.parabolagnulinux.org/packages/libretools.git/" license=('GPL3' 'GPL2') -pkgver=20130608 -_libretools_commit=9fc855b9c4af0e372fa50e1da1ec26d4f2fc5661 +pkgver=20130611 +_libretools_commit=e6944bc03f587ad177c6b825e3f4c116fb9b9b12 _devtools_commit=bf8513ae631484a0c292ad085ea7ede9859f8e0f _packages_url=https://projects.parabolagnulinux.org/packages @@ -64,5 +64,5 @@ package_libretools-mips64el() { make install-libretools-mips64el DESTDIR="$pkgdir" } -md5sums=('5de4fdcc9db5e6f52915b6a721cadb37' +md5sums=('3d5645488481fab48954e194274f70ac' 'b28b1492fda205be7c577fc03cbc3399') -- cgit v1.2.3