RPM specfile.

git-svn-id: file:///svn/unbound/trunk@1075 be551aaa-1e26-0410-a405-d3ace91eadb9

contrib/README

@@ -4,3 +4,4 @@ distribution but may be helpful.
 * rc_d_unbound: FreeBSD compatible /etc/rc.d script.
 * parseunbound.pl: perl script to run from cron that parses statistics from
 	the log file and stores them.
+* unbound.spec and unbound.init: RPM specfile and Linux rc.d initfile.

contrib/unbound.init

@@ -0,0 +1,135 @@
+#!/bin/sh
+#
+# unbound	This shell script takes care of starting and stopping
+#		unbound (DNS server).
+#
+# chkconfig:   - 14 86
+# description:	unbound is a Domain Name Server (DNS) \
+#		that is used to resolve host names to IP addresses.
+
+### BEGIN INIT INFO
+# Provides: $named unbound
+# Required-Start: $network $local_fs
+# Required-Stop: $network $local_fs
+# Should-Start: $syslog
+# Should-Stop: $syslog
+# Short-Description: unbound recursive Domain Name Server.
+# Description:  unbound is a Domain Name Server (DNS) 
+#		that is used to resolve host names to IP addresses.
+### END INIT INFO
+
+# Source function library.
+. /etc/rc.d/init.d/functions
+
+exec="/usr/sbin/unbound"
+prog="unbound"
+config="/var/unbound/unbound.conf"
+pidfile="/var/unbound/unbound.pid"
+rootdir="/var/unbound"
+
+[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog
+
+lockfile=/var/lock/subsys/$prog
+
+start() {
+    [ -x $exec ] || exit 5
+    [ -f $config ] || exit 6
+    echo -n $"Starting $prog: "
+
+    # setup root jail
+    if [ -s /etc/localtime ] && /usr/bin/cmp -s /etc/localtime ${rootdir}/etc/localtime; then
+	mkdir -p ${rootdir}/etc
+	cp -fp /etc/localtime ${rootdir}/etc/localtime
+    fi;
+    if [ -s /etc/resolv.conf ] && /usr/bin/cmp -s /etc/resolv.conf ${rootdir}/etc/resolv.conf; then
+	mkdir -p ${rootdir}/etc
+	cp -fp /etc/resolv.conf ${rootdir}/etc/resolv.conf
+    fi;
+    if ! egrep -q '^/[^[:space:]]+[[:space:]]+'${rootdir}'/dev/log' /proc/mounts; then
+	mkdir -p ${rootdir}/dev
+	[ -e ${rootdir}/dev/log ] || touch ${rootdir}/dev/log
+	mount --bind -n /dev/log ${rootdir}/dev/log >/dev/null 2>&1;
+    fi;
+    if ! egrep -q '^/[^[:space:]]+[[:space:]]+'${rootdir}'/dev/random' /proc/mounts; then
+	mkdir -p ${rootdir}/dev
+	[ -e ${rootdir}/dev/random ] || touch ${rootdir}/dev/random
+	mount --bind -n /dev/random ${rootdir}/dev/random >/dev/null 2>&1;
+    fi;
+
+    # if not running, start it up here
+    daemon $exec
+    retval=$?
+    echo
+    [ $retval -eq 0 ] && touch $lockfile
+    return $retval
+}
+
+stop() {
+    echo -n $"Stopping $prog: "
+    # stop it here, often "killproc $prog"
+    killproc -p $pidfile $prog
+    retval=$?
+    echo
+    [ $retval -eq 0 ] && rm -f $lockfile
+    if egrep -q '^/[^[:space:]]+[[:space:]]+'${rootdir}'/dev/log' /proc/mounts; then
+	umount ${rootdir}/dev/log >/dev/null 2>&1
+    fi;
+    if egrep -q '^/[^[:space:]]+[[:space:]]+'${rootdir}'/dev/random' /proc/mounts; then
+	umount ${rootdir}/dev/random >/dev/null 2>&1
+    fi;
+    return $retval
+}
+
+restart() {
+    stop
+    start
+}
+
+reload() {
+    kill -HUP `cat $pidfile`
+}
+
+force_reload() {
+    restart
+}
+
+rh_status() {
+    # run checks to determine if the service is running or use generic status
+    status -p $pidfile $prog
+}
+
+rh_status_q() {
+    rh_status -p $pidfile >/dev/null 2>&1
+}
+
+case "$1" in
+    start)
+        rh_status_q && exit 0
+        $1
+        ;;
+    stop)
+        rh_status_q || exit 0
+        $1
+        ;;
+    restart)
+        $1
+        ;;
+    reload)
+        rh_status_q || exit 7
+        $1
+        ;;
+    force-reload)
+        force_reload
+        ;;
+    status)
+        rh_status
+        ;;
+    condrestart|try-restart)
+        rh_status_q || exit 0
+        restart
+        ;;
+    *)
+        echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
+        exit 2
+esac
+exit $?

contrib/unbound.spec

@@ -0,0 +1,98 @@
+Summary: Validating, recursive, and caching DNS resolver
+Name: unbound
+Version: 0.12
+Release: 1%{?dist}
+License: BSD
+Url: http://www.nlnetlabs.nl/unbound/
+Source: http://www.unbound.net/downloads/%{name}-%{version}.tar.gz
+Source1: unbound.init
+Group: System Environment/Daemons
+BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+BuildRequires: flex, openssl-devel
+
+%description
+Unbound is a validating, recursive, and caching DNS resolver.
+
+The C implementation of Unbound is developed and maintained by NLnet
+Labs. It is based on ideas and algorithms taken from a java prototype
+developed by Verisign labs, Nominet, Kirei and ep.net.
+
+Unbound is designed as a set of modular components, so that also
+DNSSEC (secure DNS) validation and stub-resolvers (that do not run
+as a server, but are linked into an application) are easily possible.
+
+The source code is under a BSD License.
+
+%prep
+%setup -q
+
+# configure with /var/unbound/unbound.conf so that all default chroot, 
+# pidfile and config file are in /var/unbound, ready for chroot jail set up.
+#
+# This is a build using libldns builtin version, the resulting binaries
+# do not require libldns and this package does not have version dependencies.
+# Could be smaller using a dependency on libldns (use --with-ldns=).
+%configure --enable-debug --with-conf-file=%{_localstatedir}/%{name}/unbound.conf --disable-static --disable-rpath
+
+%build
+%{__make} %{?_smp_mflags}
+
+%install
+rm -rf %{buildroot}
+%{__make} DESTDIR=%{buildroot} install
+install -d 0700 %{buildroot}%{_localstatedir}/%{name}
+install -d 0755 %{buildroot}%{_initrddir}
+install -m 0755 %{SOURCE1} %{buildroot}%{_initrddir}/unbound
+# add symbolic link from /etc/unbound.conf -> /var/unbound/unbound.conf
+ln -s %{_localstatedir}/unbound/unbound.conf %{buildroot}%{_sysconfdir}/unbound.conf 
+# remove static library from install (fedora packaging guidelines)
+rm -f %{buildroot}%{_libdir}/libunbound.a %{buildroot}%{_libdir}/libunbound.la
+
+%clean
+rm -rf ${RPM_BUILD_ROOT}
+
+%files
+%defattr(-,root,root,-)
+%doc doc/README doc/CREDITS doc/LICENSE doc/FEATURES
+%attr(0755,root,root) %{_initrddir}/%{name}
+%attr(0700,%{name},%{name}) %dir %{_localstatedir}/%{name}
+%attr(0644,%{name},%{name}) %config(noreplace) %{_localstatedir}/%{name}/unbound.conf
+%attr(0644,%{name},%{name}) %config(noreplace) %{_sysconfdir}/unbound.conf
+%{_sbindir}/*
+%{_mandir}/*/*
+%{_includedir}/*
+%{_libdir}/libunbound*
+
+%pre
+getent group unbound >/dev/null || groupadd -r unbound
+getent passwd unbound >/dev/null || \
+useradd -r -g unbound -d /var/unbound -s /sbin/nologin \
+    -c "unbound name daemon" unbound
+exit 0
+
+%post
+# This adds the proper /etc/rc*.d links for the script
+/sbin/chkconfig --add %{name}
+
+%preun
+if [ $1 -eq 0 ]; then
+	/sbin/service %{name} stop >/dev/null 2>&1
+	/sbin/chkconfig --del %{name}
+fi
+
+%postun
+if [ "$1" -ge "1" ]; then
+	/sbin/service %{name} condrestart >/dev/null 2>&1 || :
+else
+	# remove root jail 
+	rm -f /var/unbound/dev/log /var/unbound/dev/random /var/unbound/etc/localtime /var/unbound/etc/resolv.conf >/dev/null 2>&1
+	rmdir /var/unbound >/dev/null 2>&1 || :
+fi
+
+%changelog
+* Thu Apr 25 2008 Wouter Wijngaards <wouter@nlnetlabs.nl> - 0.12
+- Using parts from ports collection entry by Jaap Akkerhuis.
+- Using Fedoraproject wiki guidelines.
+
+* Wed Apr 23 2008 Wouter Wijngaards <wouter@nlnetlabs.nl> - 0.11
+- Initial version.

doc/Changelog

@@ -1,5 +1,8 @@
 25 April 2008: Wouter
 	- DESTDIR is honored by the Makefile for rpms.
+	- contrib files unbound.spec and unbound.init, builds working RPM
+	  on FC7 Linux, a chrooted caching resolver, and libunbound.
+	- iana ports update.
 
 24 April 2008: Wouter
 	- chroot checks improved. working directory relative to chroot.

util/iana_ports.inc

@@ -3598,7 +3598,6 @@
 3991,
 3992,
 3993,
-3994,
 3995,
 3996,
 3997,
@@ -3652,7 +3651,6 @@
 4045,
 4046,
 4047,
-4048,
 4049,
 4050,
 4051,