Bug#929884: dnsmasq: please provide runscript file

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Bug#929884: dnsmasq: please provide runscript file

Dmitry Bogatov-3
Source: dnsmasq
Version: 2.80-1
Severity: wishlist
Tags: patch
User: [hidden email]
Usertags: runscript

Dear maintainer,

please include native script for runit init system into 'dnsmasq'.
Below is diff aganist latest package release (2.80-1).

Here are some links:

 * http://smarden.org/runit -- more information about 'runit'
 * https://bugs.debian.org/746715 -- technical committe position
   on support of init systems, other then sysvinit.

From 3c516dde2b8dd552b141196ed98379800b3e0611 Mon Sep 17 00:00:00 2001
From: Dmitry Bogatov <[hidden email]>
Date: Sun, 26 May 2019 18:54:36 +0000
Subject: [PATCH] Add integration script for runit init

---
 debian/control                  |  5 ++--
 debian/dnsmasq.runit            |  1 +
 debian/dnsmasq.runscript/finish |  5 ++++
 debian/dnsmasq.runscript/run    | 43 +++++++++++++++++++++++++++++++++
 debian/rules                    |  7 +++++-
 5 files changed, 58 insertions(+), 3 deletions(-)
 create mode 100644 debian/dnsmasq.runit
 create mode 100755 debian/dnsmasq.runscript/finish
 create mode 100755 debian/dnsmasq.runscript/run

diff --git a/debian/control b/debian/control
index 9d4d7e8..40ad6c6 100644
--- a/debian/control
+++ b/debian/control
@@ -4,7 +4,7 @@ Priority: optional
 Build-depends: gettext, libnetfilter-conntrack-dev [linux-any],
                libidn11-dev, libdbus-1-dev (>=0.61), libgmp-dev,
                nettle-dev (>=2.4-3), libbsd-dev [!linux-any],
-       liblua5.2-dev
+       liblua5.2-dev, dh-runit, debhelper-compat (= 10)
 Maintainer: Simon Kelley <[hidden email]>
 Homepage: http://www.thekelleys.org.uk/dnsmasq/doc.html
 Standards-Version: 3.9.8
@@ -12,8 +12,9 @@ Standards-Version: 3.9.8
 Package: dnsmasq
 Architecture: all
 Depends: netbase, dnsmasq-base,
-         init-system-helpers (>= 1.18~), lsb-base (>= 3.0-6)
+         init-system-helpers (>= 1.18~), lsb-base (>= 3.0-6), ${misc:Depends}
 Suggests: resolvconf
+Breaks: ${runit:Breaks}
 Conflicts: resolvconf (<<1.15)
 Description: Small caching DNS proxy and DHCP/TFTP server
  Dnsmasq is a lightweight, easy to configure, DNS forwarder and DHCP
diff --git a/debian/dnsmasq.runit b/debian/dnsmasq.runit
new file mode 100644
index 0000000..6a457f7
--- /dev/null
+++ b/debian/dnsmasq.runit
@@ -0,0 +1 @@
+debian/dnsmasq.runscript name=dnsmasq,logscript,since=2.80-1+runit
diff --git a/debian/dnsmasq.runscript/finish b/debian/dnsmasq.runscript/finish
new file mode 100755
index 0000000..cf35240
--- /dev/null
+++ b/debian/dnsmasq.runscript/finish
@@ -0,0 +1,5 @@
+#!/bin/sh -eu
+if [ -x /sbin/resolvconf ] ; then
+ /sbin/resolvconf -d lo.dnsmasq
+fi
+
diff --git a/debian/dnsmasq.runscript/run b/debian/dnsmasq.runscript/run
new file mode 100755
index 0000000..1a43393
--- /dev/null
+++ b/debian/dnsmasq.runscript/run
@@ -0,0 +1,43 @@
+#!/lib/runit/invoke-run
+
+readonly name=dnsmasq
+readonly daemon=/usr/sbin/dnsmasq
+readonly marker=/usr/share/dnsmasq/installed-marker
+
+test -e "${marker}" || exec sv down "${name}"
+test -x "${daemon}" || exec sv down "${name}"
+
+if [ ! "${RESOLV_CONF:-}" ] &&
+   [ "${IGNORE_RESOLVCONF:-}" != "yes" ] &&
+   [ -x /sbin/resolvconf ]
+then
+ RESOLV_CONF=/run/dnsmasq/resolv.conf
+fi
+
+# This tells dnsmasq to ignore DNS requests that don't come from a local network.
+# It's automatically ignored if  --interface --except-interface, --listen-address
+# or --auth-server exist in the configuration, so for most installations, it will
+# have no effect, but for otherwise-unconfigured installations, it stops dnsmasq
+# from being vulnerable to DNS-reflection attacks.
+
+DNSMASQ_OPTS="${DNSMASQ_OPTS:-} --local-service"
+
+# If the dns-root-data package is installed, then the trust anchors will be
+# available in $ROOT_DS, in BIND zone-file format. Reformat as dnsmasq
+# --trust-anchor options.
+
+ROOT_DS="/usr/share/dns/root.ds"
+
+if [ -f $ROOT_DS ]; then
+    DNSMASQ_OPTS="$DNSMASQ_OPTS `env LC_ALL=C sed -rne "s/^([.a-zA-Z0-9]+)([[:space:]]+[0-9]+)*([[:space:]]+IN)*[[:space:]]+DS[[:space:]]+/--trust-anchor=\1,/;s/[[:space:]]+/,/gp" $ROOT_DS | tr '\n' ' '`"
+fi
+
+mkdir -p /run/dnsmasq
+chown dnsmasq:nogroup /run/dnsmasq
+[ -x /sbin/restorecon ] && /sbin/restorecon /run/dnsmasq
+exec "${daemon}" \
+ --keep-in-foreground \
+ --log-facility=/dev/stdout \
+ ${RESOLV_CONF:+ -r $RESOLV_CONF} \
+ ${DNSMASQ_OPTS} \
+ -u dnsmasq
diff --git a/debian/rules b/debian/rules
index b4ec4e9..f8d84fd 100755
--- a/debian/rules
+++ b/debian/rules
@@ -159,6 +159,9 @@ clean:
 binary-indep: checkroot
  $(checkdir)
  rm -rf debian/trees/daemon
+ mkdir -p debian/trees
+ dh_runit -pdnsmasq
+ mv debian/dnsmasq/ debian/trees/daemon
  install -m 755 \
         -d debian/trees/daemon/DEBIAN \
  -d debian/trees/daemon/usr/share/doc \
@@ -173,6 +176,8 @@ binary-indep: checkroot
                 -d debian/trees/daemon/etc/insserv.conf.d
  install -m 644 debian/conffiles debian/trees/daemon/DEBIAN
  install -m 755 debian/postinst debian/postrm debian/prerm debian/trees/daemon/DEBIAN
+ cat debian/dnsmasq.postinst.debhelper >> debian/trees/daemon/DEBIAN/postinst
+ cat debian/dnsmasq.postrm.debhelper   >> debian/trees/daemon/DEBIAN/postrm
  install -m 755 debian/init debian/trees/daemon/etc/init.d/dnsmasq
  install -m 755 debian/resolvconf debian/trees/daemon/etc/resolvconf/update.d/dnsmasq
  install -m 755 debian/resolvconf-package debian/trees/daemon/usr/lib/resolvconf/dpkg-event.d/dnsmasq
@@ -185,7 +190,7 @@ binary-indep: checkroot
  install -m 644 debian/insserv debian/trees/daemon/etc/insserv.conf.d/dnsmasq
  ln -s $(package) debian/trees/daemon/usr/share/doc/dnsmasq
  cd debian/trees/daemon && find . -type f ! -regex '.*DEBIAN/.*' -printf '%P\0' | LC_ALL=C sort -z | xargs -r0 md5sum > DEBIAN/md5sums
- dpkg-gencontrol $(PACKAGE_VERSION) -T -pdnsmasq -Pdebian/trees/daemon
+ dpkg-gencontrol $(PACKAGE_VERSION) -Tdebian/dnsmasq.substvars -pdnsmasq -Pdebian/trees/daemon
  find debian/trees/daemon -depth -newermt '$(BUILD_DATE)' -print0 | xargs -0r touch --no-dereference --date='$(BUILD_DATE)'
  chown -R root.root debian/trees/daemon
  chmod -R g-ws debian/trees/daemon