Summary: | dns/void-zones-tools: Now kills unbound. Needs to be updated from upstream. | ||||||
---|---|---|---|---|---|---|---|
Product: | Ports & Packages | Reporter: | Robert William Vesterman <bob> | ||||
Component: | Individual Port(s) | Assignee: | Robert Clausecker <fuz> | ||||
Status: | Closed FIXED | ||||||
Severity: | Affects Many People | CC: | fuz, grahamperrin, ramtin007, vidar | ||||
Priority: | --- | Flags: | vidar:
maintainer-feedback+
fuz: merge-quarterly+ |
||||
Version: | Latest | ||||||
Hardware: | Any | ||||||
OS: | Any | ||||||
Attachments: |
|
Description
Robert William Vesterman
2023-09-22 15:08:54 UTC
For the benefit of anyone else who may run into this problem, here's what I've done on my machine as a workaround until the port can be updated: ================================ (1) Deleted /usr/local/etc/void-zones-tools/mdl_void_hosts.txt, which is the problematic file that void-zones-tools retrieves from malwaredomainlist.com. The next time the update script is run, though, it would just recreate the file, so: (2) Copied the update script, /usr/local/bin/void-zones-update.sh, to /usr/local/bin/void-zones-update.bobmodtmp.sh. (3) Modified the new /usr/local/bin/void-zones-update.bobmodtmp.sh as follows, getting rid of references to mdl_void_hosts.txt, so that the update script won't recreate the file: $ diff void-zones-update.sh void-zones-update.bobmodtmp.sh 64d63 < $FETCH -o "$ZONES_DIR/mdl_void_hosts.txt" "http://www.malwaredomainlist.com/hostslist/hosts.txt" 83,86d81 < if [ ! -f "$ZONES_DIR/mdl_void_hosts.txt" ] ; then < echo "# No hosts from mdl." > "$ZONES_DIR/mdl_void_hosts.txt" < fi < 109d103 < "$ZONES_DIR/mdl_void_hosts.txt" \ $ (4) To get unbound to start up, modified /usr/local/etc/unbound.conf by commenting out the line that makes unbound pay attention to the void zones list: # include: /var/unbound/local-void.zones (5) Started up unbound. (6) Ran /usr/local/bin/void-zones-update.bobmodtmp.sh. (7) Backed out the change to /usr/local/etc/unbound.conf, so that it will go back to paying attention to the void zones list: include: /var/unbound/local-void.zones (8) Restarted unbound. (9) Changed my cron job that runs the void zones update script to run my new one instead: #37 07 * * * (/usr/local/bin/void-zones-update.sh; service unbound restart) | mail -s "Void zones update" bob@vesterman.com 37 07 * * * (/usr/local/bin/void-zones-update.bobmodtmp.sh; service unbound restart) | mail -s "Void zones update (with bonus kludginess\!)" bob@vesterman.com ======================= When the port is updated, you can just change your cron job back to use the normal /usr/local/bin/void-zones-update.sh script. At that point you could also delete the modified one (/usr/local/bin/void-zones-update.bobmodtmp.sh), but doing so isn't really necessary. I've requested a newer release tag from upstream, but this is too important to wait -- I'll switch the port to use the latest commit hash and bump PORTREVISION for the time being. I'm running tests, will submit a patch soon. Created attachment 245128 [details]
git format-patch, fix broken void-zones-tools
While waiting for upstream to tag a new version, I changed the port to
track the latest GitHub commit and bumped PORTREVISION in order to
unbreak the port.
QA:
poudriere testport:
13.2-amd64
13.2-arm64-aarch64
12.4-amd64
12.4-i386
portlint: ok
portclippy: ok
runtime: I installed it on my home dns resolver, works fine
For the record, the upstream issue that Robert created with regard to this problem is here: https://github.com/cyclaero/void-zones-tools/issues/12 (In reply to Vidar Karlsen from comment #3) Thanks! I'll try it out and let you know how it goes for me. It may be a while (like, hours) -- I unrelatedly have to rebuild a whoooooooooole bunch of stuff, some of which is likely to be very slow. (In reply to Robert William Vesterman from comment #5) I ran into the same, that's why it took me so long to test it. :) Let me know how it goes. All that rebuilding completed late last night when I was about to go to sleep, but it looks like the change hadn't made it into the ports system yet? I've just started another mass rebuilding run a moment ago (I use synth), but it still looks like void-zones-tools isn't one of the things that needs updating. Should I just wait until it shows up in freshports? Or am I misunderstanding something, or do I have to do something differently? Thanks. (In reply to Robert William Vesterman from comment #7) A patch has been submitted but has yet to be committed. I'll take care of it in the next few days. @Vidar On commit I'll switch the port to the in-between commit v1.0.2-18-g204634a as per Porter's Handbook. Will MFH this change as a bug fix. A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=27c31c5386f115976bd436e42566539e42be2b21 commit 27c31c5386f115976bd436e42566539e42be2b21 Author: Vidar Karlsen <vidar@karlsen.tech> AuthorDate: 2023-09-22 20:30:36 +0000 Commit: Robert Clausecker <fuz@FreeBSD.org> CommitDate: 2023-09-24 18:57:16 +0000 dns/void-zones-tools: fix unbound-killing bug void-zones-tools downloads a set of pre-defined lists of undesirable domains and creates "voided" dns zones for Unbound, blocking access to these domains via dns. One of the default lists is no longer maintained, and was removed from the upstream code. However, there hasn't been released a new version after the change was made, thus the port has not been updated. This has not been a problem up until now because the update script has been downloading an empty file, essentially a no-op in the zone creation/loading, but at some point today it started serving a domain parking page, and the HTML of that page is being dumped into the dns zone file resulting in parse errors and Unbound cannot start. While waiting for upstream to tag a new version, I changed the port to track the latest GitHub commit. This fixes the issue for now. PR: 274027 Upstream issue: https://github.com/cyclaero/void-zones-tools/issues/12 Reported by: Robert William Vesterman <bob@vesterman.com> MFH: 2023Q3 dns/void-zones-tools/Makefile | 4 +- dns/void-zones-tools/distinfo | 6 +-- dns/void-zones-tools/files/patch-Makefile | 24 ++++------ .../files/patch-void-zones-update.sh (gone) | 54 ---------------------- 4 files changed, 14 insertions(+), 74 deletions(-) A commit in branch 2023Q3 references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=1f69606fc79d78f056f31967a27a6d83e4d842ec commit 1f69606fc79d78f056f31967a27a6d83e4d842ec Author: Vidar Karlsen <vidar@karlsen.tech> AuthorDate: 2023-09-22 20:30:36 +0000 Commit: Robert Clausecker <fuz@FreeBSD.org> CommitDate: 2023-09-24 18:59:42 +0000 dns/void-zones-tools: fix unbound-killing bug void-zones-tools downloads a set of pre-defined lists of undesirable domains and creates "voided" dns zones for Unbound, blocking access to these domains via dns. One of the default lists is no longer maintained, and was removed from the upstream code. However, there hasn't been released a new version after the change was made, thus the port has not been updated. This has not been a problem up until now because the update script has been downloading an empty file, essentially a no-op in the zone creation/loading, but at some point today it started serving a domain parking page, and the HTML of that page is being dumped into the dns zone file resulting in parse errors and Unbound cannot start. While waiting for upstream to tag a new version, I changed the port to track the latest GitHub commit. This fixes the issue for now. PR: 274027 Upstream issue: https://github.com/cyclaero/void-zones-tools/issues/12 Reported by: Robert William Vesterman <bob@vesterman.com> MFH: 2023Q3 (cherry picked from commit 27c31c5386f115976bd436e42566539e42be2b21) dns/void-zones-tools/Makefile | 4 +- dns/void-zones-tools/distinfo | 6 +-- dns/void-zones-tools/files/patch-Makefile | 24 ++++------ .../files/patch-void-zones-update.sh (gone) | 54 ---------------------- 4 files changed, 14 insertions(+), 74 deletions(-) Thank you for your contribution. Thank you for handling this, Robert, I appreciate it. Worked fine! Thank you! |