aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRenato Botelho <garga@FreeBSD.org>2013-04-25 17:40:41 -0300
committerRenato Botelho <garga@FreeBSD.org>2013-04-25 17:40:41 -0300
commitd81512d0f0ba39f6badc70acfe7ff6bc1f9bb46e (patch)
tree56f7c2d70542c4d801bfe17acb131480a55bf86d
parent439da2334eb58df4bbd50093684e711afd76232f (diff)
downloadpfsense-packages-d81512d0f0ba39f6badc70acfe7ff6bc1f9bb46e.tar.gz
pfsense-packages-d81512d0f0ba39f6badc70acfe7ff6bc1f9bb46e.tar.bz2
pfsense-packages-d81512d0f0ba39f6badc70acfe7ff6bc1f9bb46e.zip
Adjust unbound to wirk with PBI
Make necessary changes on unbound to make it work on pfSense 2.1 using PBI, also, bump version to 1.4.19_02 Fixes #2817
-rw-r--r--config/unbound/unbound.inc71
-rw-r--r--config/unbound/unbound_status.php10
-rw-r--r--pkg_config.8.xml2
-rw-r--r--pkg_config.8.xml.amd642
4 files changed, 49 insertions, 36 deletions
diff --git a/config/unbound/unbound.inc b/config/unbound/unbound.inc
index e879248a..68a8a122 100644
--- a/config/unbound/unbound.inc
+++ b/config/unbound/unbound.inc
@@ -23,6 +23,12 @@
POSSIBILITY OF SUCH DAMAGE.
*/
+// Define basedir constant for unbound according to FreeBSD version (PBI support or no PBI)
+if (floatval(php_uname("r")) >= 8.3)
+ define("UNBOUND_BASE", "/usr/pbi/unbound-" . php_uname("m"));
+else
+ define("UNBOUND_BASE", "/usr/local");
+
if(!function_exists("is_service_running"))
require_once("service-utils.inc");
@@ -51,19 +57,19 @@ function unbound_initial_setup() {
// Setup unbound
// Create and chown dirs
- mwexec("/bin/mkdir -p /usr/local/etc/unbound /usr/local/etc/unbound/dev");
- @chown("/usr/local/etc/unbound/.", "unbound");
- @chown("/usr/local/etc/unbound/dev.", "unbound");
+ mwexec("/bin/mkdir -p " . UNBOUND_BASE . "/etc/unbound " . UNBOUND_BASE . "/etc/unbound/dev");
+ @chown(UNBOUND_BASE . "/etc/unbound/.", "unbound");
+ @chown(UNBOUND_BASE . "/etc/unbound/dev.", "unbound");
// Touch needed files
- @touch("/usr/local/etc/unbound/root.hints");
- @touch("/usr/local/etc/unbound/root-trust-anchor");
+ @touch(UNBOUND_BASE . "/etc/unbound/root.hints");
+ @touch(UNBOUND_BASE . "/etc/unbound/root-trust-anchor");
// Ensure files and folders belong to unbound
- @chown("/usr/local/etc/unbound/root-trust-anchor", "unbound");
- @chgrp("/usr/local/etc/unbound/root-trust-anchor", "wheel");
- @chmod("/usr/local/etc/unbound/root-trust-anchor", 0600);
+ @chown(UNBOUND_BASE . "/etc/unbound/root-trust-anchor", "unbound");
+ @chgrp(UNBOUND_BASE . "/etc/unbound/root-trust-anchor", "wheel");
+ @chmod(UNBOUND_BASE . "/etc/unbound/root-trust-anchor", 0600);
// We do not need the sample conf or the default rc.d startup file
- @unlink_if_exists("/usr/local/etc/unbound/unbound.conf.sample");
- @unlink_if_exists("/usr/local/etc/rc.d/unbound");
+ @unlink_if_exists(UNBOUND_BASE . "/etc/unbound/unbound.conf.sample");
+ @unlink_if_exists(UNBOUND_BASE . "/etc/rc.d/unbound");
// Setup rc file for startup and shutdown.
unbound_rc_setup();
@@ -82,7 +88,7 @@ function unbound_initial_setup() {
unbound_resync_config();
unbound_keys_setup();
- exec("/usr/sbin/chown -R unbound:wheel /usr/local/etc/unbound/*");
+ exec("/usr/sbin/chown -R unbound:wheel " . UNBOUND_BASE . "/etc/unbound/*");
// Write out the XML config
write_config();
@@ -97,14 +103,14 @@ function unbound_anchor_setup() {
. IN DS 19036 8 2 49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5
EOD;
- file_put_contents("/usr/local/etc/unbound/root-trust-anchor", $conf);
+ file_put_contents(UNBOUND_BASE . "/etc/unbound/root-trust-anchor", $conf);
}
function unbound_keys_setup() {
// Generate SSL Keys for controlling the unbound server
- mwexec("/usr/local/sbin/unbound-control-setup");
+ mwexec(UNBOUND_BASE . "/sbin/unbound-control-setup");
}
@@ -234,7 +240,7 @@ function unbound_control($action) {
break;
case "anchor_update":
//Update the Root Trust Anchor
- mwexec("/usr/local/sbin/unbound-anchor -a /usr/local/etc/unbound/root-trust-anchor", true);
+ mwexec(UNBOUND_BASE . "/sbin/unbound-anchor -a " . UNBOUND_BASE . "/etc/unbound/root-trust-anchor", true);
break;
default:
break;
@@ -391,6 +397,8 @@ function unbound_acls_config() {
function unbound_resync_config() {
global $config, $g, $input_errors;
+ $unbound_base = UNBOUND_BASE;
+
if (!is_array($config['installedpackages']['unbound']['config']))
$config['installedpackages']['unbound']['config'] = array();
@@ -423,7 +431,7 @@ function unbound_resync_config() {
if($unbound_config['dnssec_status'] == "on") {
$module_config = "validator iterator";
- $anchor_file = "auto-trust-anchor-file: /usr/local/etc/unbound/root-trust-anchor";
+ $anchor_file = "auto-trust-anchor-file: " . UNBOUND_BASE . "/etc/unbound/root-trust-anchor";
} else
$module_config = "iterator";
@@ -490,7 +498,6 @@ EOF;
$unwanted_reply_threshold = (!empty($unbound_config['unwanted_reply_threshold'])) ? $unbound_config['unwanted_reply_threshold'] : "0";
-
$unbound_conf = <<<EOD
#########################
# Unbound configuration #
@@ -502,7 +509,7 @@ EOF;
server:
chroot: ""
username: "unbound"
-directory: "/usr/local/etc/unbound"
+directory: "{$unbound_base}/etc/unbound"
pidfile: "{$g['varrun_path']}/unbound.pid"
root-hints: "root.hints"
harden-referral-path: no
@@ -564,14 +571,14 @@ access-control: ::1 allow
EOD;
-# Handle custom options
-if(!empty($unbound_config['custom_options'])) {
- $custom_options = explode(";", ($unbound_config['custom_options']));
- $unbound_conf .= "# Unbound Custom options\n";
- foreach ($custom_options as $ent) {
- $unbound_conf .= $ent."\n";
+ # Handle custom options
+ if(!empty($unbound_config['custom_options'])) {
+ $custom_options = explode(";", ($unbound_config['custom_options']));
+ $unbound_conf .= "# Unbound Custom options\n";
+ foreach ($custom_options as $ent) {
+ $unbound_conf .= $ent."\n";
+ }
}
-}
$unbound_conf .= <<<EOD
@@ -582,21 +589,21 @@ remote-control:
control-enable: yes
control-interface: 127.0.0.1
control-port: 953
-server-key-file: "/usr/local/etc/unbound/unbound_server.key"
-server-cert-file: "/usr/local/etc/unbound/unbound_server.pem"
-control-key-file: "/usr/local/etc/unbound/unbound_control.key"
-control-cert-file: "/usr/local/etc/unbound/unbound_control.pem"
+server-key-file: "{$unbound_base}/etc/unbound/unbound_server.key"
+server-cert-file: "{$unbound_base}/etc/unbound/unbound_server.pem"
+control-key-file: "{$unbound_base}/etc/unbound/unbound_control.key"
+control-cert-file: "{$unbound_base}/etc/unbound/unbound_control.pem"
EOD;
- file_put_contents("/usr/local/etc/unbound/unbound.conf", $unbound_conf);
+ file_put_contents("{$unbound_base}/etc/unbound/unbound.conf", $unbound_conf);
}
function unbound_ctl_exec($cmd) {
- mwexec("/usr/local/sbin/unbound-control $cmd");
+ mwexec(UNBOUND_BASE . "/sbin/unbound-control $cmd");
}
@@ -671,7 +678,7 @@ function unbound_optimization() {
function fetch_root_hints() {
- $destination_file = "/usr/local/etc/unbound/root.hints";
+ $destination_file = UNBOUND_BASE . "/etc/unbound/root.hints";
if (filesize($destination_file) == 0 ) {
conf_mount_rw();
$fout = fopen($destination_file, "w");
@@ -769,7 +776,7 @@ function unbound_uninstall() {
unbound_control("termstop");
// Remove pkg config directory and startup file
- mwexec("rm -rf /usr/local/etc/unbound");
+ mwexec("rm -rf " . UNBOUND_BASE . "/etc/unbound");
@unlink("/usr/local/etc/rc.d/unbound.sh");
@unlink("{$g['varlog_path']}/unbound.log");
@unlink("/var/tmp/unbound_cache");
diff --git a/config/unbound/unbound_status.php b/config/unbound/unbound_status.php
index 0a1eae13..d7371f29 100644
--- a/config/unbound/unbound_status.php
+++ b/config/unbound/unbound_status.php
@@ -31,6 +31,12 @@
require("guiconfig.inc");
+// Define basedir constant for unbound according to FreeBSD version (PBI support or no PBI)
+if (floatval(php_uname("r")) >= 8.3)
+ define("UNBOUND_BASE", "/usr/pbi/unbound-" . php_uname("m"));
+else
+ define("UNBOUND_BASE", "/usr/local");
+
if(!is_process_running("unbound")) {
Header("Location: /pkg_edit.php?xml=unbound.xml&id=0");
exit;
@@ -138,7 +144,7 @@ function execCmds() {
<tr>
<td class="tabcont" width="100%">
<?php
- $entries = trim(exec("/usr/local/sbin/unbound-control dump_cache | wc -l"));
+ $entries = trim(exec(UNBOUND_BASE . "/sbin/unbound-control dump_cache | wc -l"));
defCmdT("Unbound status", "unbound-control status", "6");
defCmdT("Unbound stats", "unbound-control stats_noreset");
defCmdT("Unbound stubs", "unbound-control list_stubs", "8");
@@ -146,7 +152,7 @@ function execCmds() {
defCmdT("Unbound local zones", "unbound-control list_local_zones");
defCmdT("Unbound local data", "unbound-control list_local_data");
defCmdT("Unbound cache ($entries entries)", "unbound-control dump_cache", "60");
- defCmdT("Unbound configuration", "/bin/cat /usr/local/etc/unbound/unbound.conf", "60");
+ defCmdT("Unbound configuration", "/bin/cat " . UNBOUND_BASE . "/etc/unbound/unbound.conf", "60");
listCmds();
execCmds();
?>
diff --git a/pkg_config.8.xml b/pkg_config.8.xml
index ff455b5b..e2384156 100644
--- a/pkg_config.8.xml
+++ b/pkg_config.8.xml
@@ -1533,7 +1533,7 @@
<descr>Unbound is a validating, recursive, and caching DNS resolver. This package is a drop in replacement for Services: DNS Forwarder and also supports DNSSEC extensions. Once installed please configure the Unbound service by visiting Services: Unbound DNS.</descr>
<website>http://www.unbound.net/</website>
<category>Services</category>
- <version>1.4.19_01</version>
+ <version>1.4.19_02</version>
<status>Alpha</status>
<maintainer>warren@decoy.co.za</maintainer>
<required_version>2.0</required_version>
diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64
index 066cc24c..500baf2a 100644
--- a/pkg_config.8.xml.amd64
+++ b/pkg_config.8.xml.amd64
@@ -1520,7 +1520,7 @@
<descr>Unbound is a validating, recursive, and caching DNS resolver. This package is a drop in replacement for Services: DNS Forwarder and also supports DNSSEC extensions. Once installed please configure the Unbound service by visiting Services: Unbound DNS.</descr>
<website>http://www.unbound.net/</website>
<category>Services</category>
- <version>1.4.19_01</version>
+ <version>1.4.19_02</version>
<status>Alpha</status>
<maintainer>warren@decoy.co.za</maintainer>
<required_version>2.0</required_version>