diff options
author | Renato Botelho <garga@FreeBSD.org> | 2013-04-25 17:40:41 -0300 |
---|---|---|
committer | Renato Botelho <garga@FreeBSD.org> | 2013-04-25 17:40:41 -0300 |
commit | d81512d0f0ba39f6badc70acfe7ff6bc1f9bb46e (patch) | |
tree | 56f7c2d70542c4d801bfe17acb131480a55bf86d | |
parent | 439da2334eb58df4bbd50093684e711afd76232f (diff) | |
download | pfsense-packages-d81512d0f0ba39f6badc70acfe7ff6bc1f9bb46e.tar.gz pfsense-packages-d81512d0f0ba39f6badc70acfe7ff6bc1f9bb46e.tar.bz2 pfsense-packages-d81512d0f0ba39f6badc70acfe7ff6bc1f9bb46e.zip |
Adjust unbound to wirk with PBI
Make necessary changes on unbound to make it work on pfSense 2.1 using
PBI, also, bump version to 1.4.19_02
Fixes #2817
-rw-r--r-- | config/unbound/unbound.inc | 71 | ||||
-rw-r--r-- | config/unbound/unbound_status.php | 10 | ||||
-rw-r--r-- | pkg_config.8.xml | 2 | ||||
-rw-r--r-- | pkg_config.8.xml.amd64 | 2 |
4 files changed, 49 insertions, 36 deletions
diff --git a/config/unbound/unbound.inc b/config/unbound/unbound.inc index e879248a..68a8a122 100644 --- a/config/unbound/unbound.inc +++ b/config/unbound/unbound.inc @@ -23,6 +23,12 @@ POSSIBILITY OF SUCH DAMAGE. */ +// Define basedir constant for unbound according to FreeBSD version (PBI support or no PBI) +if (floatval(php_uname("r")) >= 8.3) + define("UNBOUND_BASE", "/usr/pbi/unbound-" . php_uname("m")); +else + define("UNBOUND_BASE", "/usr/local"); + if(!function_exists("is_service_running")) require_once("service-utils.inc"); @@ -51,19 +57,19 @@ function unbound_initial_setup() { // Setup unbound // Create and chown dirs - mwexec("/bin/mkdir -p /usr/local/etc/unbound /usr/local/etc/unbound/dev"); - @chown("/usr/local/etc/unbound/.", "unbound"); - @chown("/usr/local/etc/unbound/dev.", "unbound"); + mwexec("/bin/mkdir -p " . UNBOUND_BASE . "/etc/unbound " . UNBOUND_BASE . "/etc/unbound/dev"); + @chown(UNBOUND_BASE . "/etc/unbound/.", "unbound"); + @chown(UNBOUND_BASE . "/etc/unbound/dev.", "unbound"); // Touch needed files - @touch("/usr/local/etc/unbound/root.hints"); - @touch("/usr/local/etc/unbound/root-trust-anchor"); + @touch(UNBOUND_BASE . "/etc/unbound/root.hints"); + @touch(UNBOUND_BASE . "/etc/unbound/root-trust-anchor"); // Ensure files and folders belong to unbound - @chown("/usr/local/etc/unbound/root-trust-anchor", "unbound"); - @chgrp("/usr/local/etc/unbound/root-trust-anchor", "wheel"); - @chmod("/usr/local/etc/unbound/root-trust-anchor", 0600); + @chown(UNBOUND_BASE . "/etc/unbound/root-trust-anchor", "unbound"); + @chgrp(UNBOUND_BASE . "/etc/unbound/root-trust-anchor", "wheel"); + @chmod(UNBOUND_BASE . "/etc/unbound/root-trust-anchor", 0600); // We do not need the sample conf or the default rc.d startup file - @unlink_if_exists("/usr/local/etc/unbound/unbound.conf.sample"); - @unlink_if_exists("/usr/local/etc/rc.d/unbound"); + @unlink_if_exists(UNBOUND_BASE . "/etc/unbound/unbound.conf.sample"); + @unlink_if_exists(UNBOUND_BASE . "/etc/rc.d/unbound"); // Setup rc file for startup and shutdown. unbound_rc_setup(); @@ -82,7 +88,7 @@ function unbound_initial_setup() { unbound_resync_config(); unbound_keys_setup(); - exec("/usr/sbin/chown -R unbound:wheel /usr/local/etc/unbound/*"); + exec("/usr/sbin/chown -R unbound:wheel " . UNBOUND_BASE . "/etc/unbound/*"); // Write out the XML config write_config(); @@ -97,14 +103,14 @@ function unbound_anchor_setup() { . IN DS 19036 8 2 49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5 EOD; - file_put_contents("/usr/local/etc/unbound/root-trust-anchor", $conf); + file_put_contents(UNBOUND_BASE . "/etc/unbound/root-trust-anchor", $conf); } function unbound_keys_setup() { // Generate SSL Keys for controlling the unbound server - mwexec("/usr/local/sbin/unbound-control-setup"); + mwexec(UNBOUND_BASE . "/sbin/unbound-control-setup"); } @@ -234,7 +240,7 @@ function unbound_control($action) { break; case "anchor_update": //Update the Root Trust Anchor - mwexec("/usr/local/sbin/unbound-anchor -a /usr/local/etc/unbound/root-trust-anchor", true); + mwexec(UNBOUND_BASE . "/sbin/unbound-anchor -a " . UNBOUND_BASE . "/etc/unbound/root-trust-anchor", true); break; default: break; @@ -391,6 +397,8 @@ function unbound_acls_config() { function unbound_resync_config() { global $config, $g, $input_errors; + $unbound_base = UNBOUND_BASE; + if (!is_array($config['installedpackages']['unbound']['config'])) $config['installedpackages']['unbound']['config'] = array(); @@ -423,7 +431,7 @@ function unbound_resync_config() { if($unbound_config['dnssec_status'] == "on") { $module_config = "validator iterator"; - $anchor_file = "auto-trust-anchor-file: /usr/local/etc/unbound/root-trust-anchor"; + $anchor_file = "auto-trust-anchor-file: " . UNBOUND_BASE . "/etc/unbound/root-trust-anchor"; } else $module_config = "iterator"; @@ -490,7 +498,6 @@ EOF; $unwanted_reply_threshold = (!empty($unbound_config['unwanted_reply_threshold'])) ? $unbound_config['unwanted_reply_threshold'] : "0"; - $unbound_conf = <<<EOD ######################### # Unbound configuration # @@ -502,7 +509,7 @@ EOF; server: chroot: "" username: "unbound" -directory: "/usr/local/etc/unbound" +directory: "{$unbound_base}/etc/unbound" pidfile: "{$g['varrun_path']}/unbound.pid" root-hints: "root.hints" harden-referral-path: no @@ -564,14 +571,14 @@ access-control: ::1 allow EOD; -# Handle custom options -if(!empty($unbound_config['custom_options'])) { - $custom_options = explode(";", ($unbound_config['custom_options'])); - $unbound_conf .= "# Unbound Custom options\n"; - foreach ($custom_options as $ent) { - $unbound_conf .= $ent."\n"; + # Handle custom options + if(!empty($unbound_config['custom_options'])) { + $custom_options = explode(";", ($unbound_config['custom_options'])); + $unbound_conf .= "# Unbound Custom options\n"; + foreach ($custom_options as $ent) { + $unbound_conf .= $ent."\n"; + } } -} $unbound_conf .= <<<EOD @@ -582,21 +589,21 @@ remote-control: control-enable: yes control-interface: 127.0.0.1 control-port: 953 -server-key-file: "/usr/local/etc/unbound/unbound_server.key" -server-cert-file: "/usr/local/etc/unbound/unbound_server.pem" -control-key-file: "/usr/local/etc/unbound/unbound_control.key" -control-cert-file: "/usr/local/etc/unbound/unbound_control.pem" +server-key-file: "{$unbound_base}/etc/unbound/unbound_server.key" +server-cert-file: "{$unbound_base}/etc/unbound/unbound_server.pem" +control-key-file: "{$unbound_base}/etc/unbound/unbound_control.key" +control-cert-file: "{$unbound_base}/etc/unbound/unbound_control.pem" EOD; - file_put_contents("/usr/local/etc/unbound/unbound.conf", $unbound_conf); + file_put_contents("{$unbound_base}/etc/unbound/unbound.conf", $unbound_conf); } function unbound_ctl_exec($cmd) { - mwexec("/usr/local/sbin/unbound-control $cmd"); + mwexec(UNBOUND_BASE . "/sbin/unbound-control $cmd"); } @@ -671,7 +678,7 @@ function unbound_optimization() { function fetch_root_hints() { - $destination_file = "/usr/local/etc/unbound/root.hints"; + $destination_file = UNBOUND_BASE . "/etc/unbound/root.hints"; if (filesize($destination_file) == 0 ) { conf_mount_rw(); $fout = fopen($destination_file, "w"); @@ -769,7 +776,7 @@ function unbound_uninstall() { unbound_control("termstop"); // Remove pkg config directory and startup file - mwexec("rm -rf /usr/local/etc/unbound"); + mwexec("rm -rf " . UNBOUND_BASE . "/etc/unbound"); @unlink("/usr/local/etc/rc.d/unbound.sh"); @unlink("{$g['varlog_path']}/unbound.log"); @unlink("/var/tmp/unbound_cache"); diff --git a/config/unbound/unbound_status.php b/config/unbound/unbound_status.php index 0a1eae13..d7371f29 100644 --- a/config/unbound/unbound_status.php +++ b/config/unbound/unbound_status.php @@ -31,6 +31,12 @@ require("guiconfig.inc"); +// Define basedir constant for unbound according to FreeBSD version (PBI support or no PBI) +if (floatval(php_uname("r")) >= 8.3) + define("UNBOUND_BASE", "/usr/pbi/unbound-" . php_uname("m")); +else + define("UNBOUND_BASE", "/usr/local"); + if(!is_process_running("unbound")) { Header("Location: /pkg_edit.php?xml=unbound.xml&id=0"); exit; @@ -138,7 +144,7 @@ function execCmds() { <tr> <td class="tabcont" width="100%"> <?php - $entries = trim(exec("/usr/local/sbin/unbound-control dump_cache | wc -l")); + $entries = trim(exec(UNBOUND_BASE . "/sbin/unbound-control dump_cache | wc -l")); defCmdT("Unbound status", "unbound-control status", "6"); defCmdT("Unbound stats", "unbound-control stats_noreset"); defCmdT("Unbound stubs", "unbound-control list_stubs", "8"); @@ -146,7 +152,7 @@ function execCmds() { defCmdT("Unbound local zones", "unbound-control list_local_zones"); defCmdT("Unbound local data", "unbound-control list_local_data"); defCmdT("Unbound cache ($entries entries)", "unbound-control dump_cache", "60"); - defCmdT("Unbound configuration", "/bin/cat /usr/local/etc/unbound/unbound.conf", "60"); + defCmdT("Unbound configuration", "/bin/cat " . UNBOUND_BASE . "/etc/unbound/unbound.conf", "60"); listCmds(); execCmds(); ?> diff --git a/pkg_config.8.xml b/pkg_config.8.xml index ff455b5b..e2384156 100644 --- a/pkg_config.8.xml +++ b/pkg_config.8.xml @@ -1533,7 +1533,7 @@ <descr>Unbound is a validating, recursive, and caching DNS resolver. This package is a drop in replacement for Services: DNS Forwarder and also supports DNSSEC extensions. Once installed please configure the Unbound service by visiting Services: Unbound DNS.</descr> <website>http://www.unbound.net/</website> <category>Services</category> - <version>1.4.19_01</version> + <version>1.4.19_02</version> <status>Alpha</status> <maintainer>warren@decoy.co.za</maintainer> <required_version>2.0</required_version> diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64 index 066cc24c..500baf2a 100644 --- a/pkg_config.8.xml.amd64 +++ b/pkg_config.8.xml.amd64 @@ -1520,7 +1520,7 @@ <descr>Unbound is a validating, recursive, and caching DNS resolver. This package is a drop in replacement for Services: DNS Forwarder and also supports DNSSEC extensions. Once installed please configure the Unbound service by visiting Services: Unbound DNS.</descr> <website>http://www.unbound.net/</website> <category>Services</category> - <version>1.4.19_01</version> + <version>1.4.19_02</version> <status>Alpha</status> <maintainer>warren@decoy.co.za</maintainer> <required_version>2.0</required_version> |