Hi, On Wed, 8 Oct 2008 12:16:53 +0900 Hideki Yamane <henrich@debian.or.jp> wrote: > > I see no proper fix, except using an /etc/default file, which is ugly. > > Using /etc/default/unbound is reasonable, I think. Some of daemon packages > (e.g. rsync) are not started by default because it is set in its /etc/default > file. For lenny, it should be fixed to work on most of environment that is used, if it is ugly, though. I made a patch for this issue, please consider to apply it for the pacakge. # or anyone will fix it, please :-) -- Regards, Hideki Yamane henrich @ debian.or.jp/iijmio-mail.jp http://wiki.debian.org/HidekiYamane
diff -urN debian.orig/changelog debian/changelog
--- debian.orig/changelog 2008-10-08 11:56:40.000000000 +0900
+++ debian/changelog 2008-11-09 10:52:40.000000000 +0900
@@ -1,3 +1,14 @@
+unbound (1.0.2-1.1) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * debian/{unbound.init,unbound.default}
+ + set not start by default, to avoid that port 53 blocking by other name
+ servers will cause install problems
+ * debian/unbound.prerm
+ + fix lintian "unbound: maintainer-script-hides-init-failure prerm:5" error
+
+ -- Hideki Yamane (Debian-JP) <henrich@debian.or.jp> Sun, 09 Nov 2008 10:52:13 +0900
+
unbound (1.0.2-1) unstable; urgency=low
* New upstream release;
diff -urN debian.orig/unbound.default debian/unbound.default
--- debian.orig/unbound.default 2008-10-08 11:56:40.000000000 +0900
+++ debian/unbound.default 2008-11-09 09:27:50.000000000 +0900
@@ -1,3 +1,11 @@
+# Do you want to start unbound?
+# only allowed values are "true" and "false".
+# if you already use other DNS server, they would listen port 53,
+# so unbound fails to start. Please adjust, then set "true".
+
+UNBOUND_ENABLE=false
+
+
# config file path
#DAEMON_OPTS="-c /etc/unbound/unbound.conf"
diff -urN debian.orig/unbound.init debian/unbound.init
--- debian.orig/unbound.init 2008-10-08 11:56:40.000000000 +0900
+++ debian/unbound.init 2008-11-10 17:42:47.000000000 +0900
@@ -1,6 +1,29 @@
#!/bin/sh
+set -e
+
+### BEGIN INIT INFO
+# Provides: unbound
+# Required-Start: $network $remote_fs $syslog
+# Required-Stop: $network $remote_fs $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: validating, recursive, caching DNS resolver
+# Description: Unbound is a recursive-only caching DNS server which can
+# optionally perform DNSSEC validation of results. It
+# implements only a minimum amount of authoritative service
+# to prevent leakage to the root nameservers: forward lookups
+# for localhost, reverse for 127.0.0.1 and ::1, and NXDOMAIN
+# for zones served by AS112. Stub and forward zones are
+# supported.
+# Unbound implements a number of security features, including
+# chrooting and privilege dropping. The Debian init script
+# will populate a chroot by default.
+#
+### END INIT INFO
+
NAME=unbound
+UNBOUND_ENABLE=false
DESC="recursive DNS server"
DAEMON=/usr/sbin/unbound
CHROOT_DIR=/var/lib/unbound
@@ -10,7 +33,18 @@
. /lib/lsb/init-functions
-test -f /etc/default/$NAME && . /etc/default/$NAME
+if [ -f /etc/default/$NAME ]; then
+ . /etc/default/$NAME
+ case "x$UNBOUND_ENABLE" in
+ xtrue|xfalse) ;;
+ *) log_failure_msg \
+ "Value of UNBOUND_ENABLE in /etc/default/$NAME must be either 'true' or 'false';"
+ log_failure_msg \
+ "not starting unbound daemon."
+ exit 1;
+ ;;
+ esac
+fi
install_chroot() {
if [ "$CHROOT" != "no" ]; then
@@ -40,14 +74,22 @@
case "$1" in
start)
- log_daemon_msg "Starting $DESC" "$NAME"
- if daemon_stopped; then
- install_chroot
- fi
- if start-stop-daemon --start --quiet --oknodo --pidfile $PIDFILE --name $NAME --startas $DAEMON -- $DAEMON_OPTS; then
- log_end_msg 0
+ if "$UNBOUND_ENABLE"; then
+ log_daemon_msg "Starting $DESC" "$NAME"
+ if daemon_stopped; then
+ install_chroot
+ fi
+ if start-stop-daemon --start --quiet --oknodo --pidfile $PIDFILE \
+ --name $NAME --startas $DAEMON -- $DAEMON_OPTS; then
+ log_end_msg 0
+ else
+ log_end_msg 1
+ fi
else
- log_end_msg 1
+ if [ -s "$UNBOUND_CONFIG_FILE" ]; then
+ log_warning_msg \
+ "$NAME daemon is not enabled in /etc/default/$NAME, not starting..."
+ fi
fi
;;
@@ -61,14 +103,19 @@
;;
restart|force-reload)
- log_daemon_msg "Restarting $DESC" "$NAME"
- start-stop-daemon --stop --quiet --pidfile $PIDFILE --name $NAME --retry 5
- uninstall_chroot
- install_chroot
- if start-stop-daemon --start --quiet --oknodo --pidfile $PIDFILE --name $NAME --startas $DAEMON -- $DAEMON_OPTS; then
- log_end_msg 0
- else
- log_end_msg 1
+ set +e
+
+ if $UNBOUND_ENABLE; then
+ log_daemon_msg "Restarting $DESC" "$NAME"
+ start-stop-daemon --stop --quiet --pidfile $PIDFILE --name $NAME --retry 5
+ uninstall_chroot
+ install_chroot
+ if start-stop-daemon --start --quiet --oknodo --pidfile $PIDFILE \
+ --name $NAME --startas $DAEMON -- $DAEMON_OPTS; then
+ log_end_msg 0
+ else
+ log_end_msg 1
+ fi
fi
;;
@@ -79,10 +126,5 @@
;;
esac
-### BEGIN INIT INFO
-# Provides: unbound
-# Required-Start: $network $remote_fs $syslog
-# Required-Stop: $network $remote_fs $syslog
-# Default-Start: 2 3 4 5
-# Default-Stop: 0 1 6
-### END INIT INFO
+exit 0;
+
diff -urN debian.orig/unbound.prerm debian/unbound.prerm
--- debian.orig/unbound.prerm 2008-10-08 11:56:40.000000000 +0900
+++ debian/unbound.prerm 2008-11-09 10:51:51.000000000 +0900
@@ -2,8 +2,8 @@
set -e
if [ -x "/etc/init.d/unbound" ]; then
if [ -x "`which invoke-rc.d 2>/dev/null`" ]; then
- invoke-rc.d unbound stop || exit 0
+ invoke-rc.d unbound stop
else
- /etc/init.d/unbound stop || exit 0
+ /etc/init.d/unbound stop
fi
fi
Attachment:
pgpBytnLZz3Gj.pgp
Description: PGP signature