Attachment 215593 Details for Bug 247291 – Initial version

[patch] Initial version

patch-unbound.in-chroot (text/plain), 3.28 KB, created by lytboris on 2020-06-15 23:11:44 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: lytboris

Created: 2020-06-15 23:11:44 UTC

Size: 3.28 KB

patch

obsolete

>--- unbound.in	2020-06-16 01:59:48.625940000 +0300
>+++ unbound.in	2020-06-16 02:07:34.203752000 +0300
>@@ -22,7 +22,13 @@
> # You could set alternative config with
> # unbound_config="/path/to/config"
> #
>+# A fib can be set for unbound with
>+# unbound_fib=1
> #
>+# Chroot dir is read from unbound_config by default but can be
>+# overriden with
>+# unbound_chrootdir="/my/own/path"
>+#
> # Multiple profiles are supported with
> #
> # unbound_profiles="name1 name2"
>@@ -34,6 +40,18 @@
> # A fib can be set for each profile as in
> # unbound_name1_fib=1
> #
>+# Specify custom chroot dir for each profile
>+# unbound_name1_chrootdir="/path/to/chroot1"
>+#
>+#
>+# N.B. unbound runs in chrooted enviroment with logs being sent to syslog(2)
>+# Be sure to enable alternative log socket to allow continious log flow.
>+# For syslogd(8) additional sockets can be configured with
>+# altlog_proglist="${altlog_proglist} unbound"
>+# unbound_chrootdir="%%PREFIX%%/etc/unbound"
>+#
>+# Please note that setting unbound_chrootdir is a MUST in this case.
>+#
> 
> . /etc/rc.subr
> 
>@@ -55,9 +73,29 @@
> 	esac
> }
> 
>+unbound_mount_devfs() {
>+	if [ -z "${unbound_chrootdir}" ]; then
>+		return;
>+	fi
>+	echo "Mounting devfs for chroot environment ${unbound_chrootdir}"
>+	umount "${unbound_chrootdir}/dev" 2>/dev/null
>+	mkdir -p ${unbound_chrootdir}/dev
>+	devfs_domount ${unbound_chrootdir}/dev devfsrules_hide_all
>+	devfs_apply_ruleset devfsrules_unhide_basic ${unbound_chrootdir}/dev
>+}
>+
>+unbound_poststop() {
>+	if [ -z "${unbound_chrootdir}" ]; then
>+		return;
>+	fi
>+	umount "${unbound_chrootdir}/dev" 2>/dev/null	
>+}
>+
>+
> start_precmd()
> {
> 	unbound_startfib
>+	unbound_mount_devfs
> 
> 	echo -n "Obtaining a trust anchor.."
> 	if [ "${unbound_anchorflags}T" = "T" ]; then
>@@ -66,7 +104,7 @@
> 		su -m unbound -c "%%PREFIX%%/sbin/unbound-anchor ${unbound_anchorflags}"
> 	fi
> 	echo .
>-	%%PREFIX%%/sbin/unbound-checkconf ${unbound_conf} > /dev/null
>+	%%PREFIX%%/sbin/unbound-checkconf ${unbound_config} > /dev/null
> 	return $?
> }
> 
>@@ -76,7 +114,7 @@
> : ${unbound_config:=%%PREFIX%%/etc/unbound/unbound.conf}
> 
> # Set PID file
>-pidfile=$(%%PREFIX%%/sbin/unbound-checkconf -o pidfile %%PREFIX%%/etc/unbound/unbound.conf)
>+pidfile=$(%%PREFIX%%/sbin/unbound-checkconf -o pidfile ${unbound_config})
> 
> required_files=${unbound_config}
> command="%%PREFIX%%/sbin/${name}"
>@@ -84,8 +122,12 @@
> unbound_anchorflags=${unbound_anchorflags:-""}
> extra_commands="reload"
> start_precmd="start_precmd"
>-reload_precmd="%%PREFIX%%/sbin/unbound-checkconf ${unbound_conf} >/dev/null"
>+reload_precmd="%%PREFIX%%/sbin/unbound-checkconf ${unbound_config} >/dev/null"
>+stop_postcmd=unbound_poststop
> 
>+_cfgchrootdir=$(%%PREFIX%%/sbin/unbound-checkconf -o chroot ${unbound_config})
>+unbound_chrootdir=${unbound_chrootdir:-${_cfgchrootdir}}
>+
> load_rc_config "${name}"
> 
> if [ -n "$2" ]; then
>@@ -101,6 +143,9 @@
> 		# Replace default value with profile-based (defined in the config file)
> 		_cfgpidfile=$(%%PREFIX%%/sbin/unbound-checkconf -o pidfile ${unbound_config})
> 		_defaultpidfile=$(%%PREFIX%%/sbin/unbound-checkconf -o pidfile /dev/null)
>+		_cfgchrootdir=$(%%PREFIX%%/sbin/unbound-checkconf -o chroot ${unbound_config})
>+
>+		eval unbound_chrootdir="\${unbound_${profile}_chrootdir:-${_cfgchrootdir}}"
> 
> 		if [ "x${_cfgpidfile}" = "x" -o "x${_cfgpidfile}" = "x${_defaultpidfile}" ] ; then
> 			pidfile=${_defaultpidfile}

Actions: View | Diff

Attachments on bug 247291: 215593 | 215594 | 215599