File: package-helper

package info (click to toggle)
unbound 1.6.0-2~bpo8+1
  • links: PTS, VCS
  • area: main
  • in suites: jessie-backports
  • size: 20,444 kB
  • sloc: ansic: 79,862; sh: 5,040; yacc: 1,900; makefile: 1,315; python: 1,302; perl: 141
file content (107 lines) | stat: -rwxr-xr-x 3,351 bytes parent folder | download | duplicates (3)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
#!/bin/sh -e

UNBOUND_CONF="/etc/unbound/unbound.conf"
UNBOUND_BASE_DIR="$(dirname $UNBOUND_CONF)"
CHROOT_DIR="$(unbound-checkconf -o chroot)"

DNS_ROOT_KEY_FILE="/usr/share/dns/root.key"
ROOT_TRUST_ANCHOR_FILE="/var/lib/unbound/root.key"

# Override these variables by editing or creating /etc/default/unbound.
RESOLVCONF="true"
ROOT_TRUST_ANCHOR_UPDATE="true"

if [ -f /etc/default/unbound ]; then
    . /etc/default/unbound

    case "x$RESOLVCONF" in xfalse|x0|xno)
        RESOLVCONF="false"
        ;;
    esac

    case "x$ROOT_TRUST_ANCHOR_UPDATE" in xfalse|x0|xno)
        ROOT_TRUST_ANCHOR_UPDATE="false"
        ;;
    esac
fi

do_resolvconf_start() {
    if $RESOLVCONF; then
        if [ -x /sbin/resolvconf ]; then
            unbound-checkconf $CHROOT_DIR/$UNBOUND_CONF -o interface | (
                default=yes
                while read interface; do
                    default=no
                    if [ "x$interface" = x0.0.0.0 -o "x$interface" = x127.0.0.1 ]; then
                        echo "nameserver 127.0.0.1"
                    elif [ "x$interface" = x::0 -o "x$interface" = x::1 ]; then
                        echo "nameserver ::1"
                    fi
                done
                if [ $default = yes ]; then
                    # unbound defaults to listening on localhost
                    echo "nameserver 127.0.0.1"
                fi
            ) | /sbin/resolvconf -a lo.unbound
        fi
    fi
}

do_resolvconf_stop() {
    if $RESOLVCONF; then
        if [ -x /sbin/resolvconf ]; then
            /sbin/resolvconf -d lo.unbound
        fi
    fi
}

do_chroot_setup() {
    if [ -d "$CHROOT_DIR" -a "$CHROOT_DIR" != "$UNBOUND_BASE_DIR" ]; then
        rm -rf $CHROOT_DIR/$UNBOUND_BASE_DIR && mkdir -p $CHROOT_DIR/$UNBOUND_BASE_DIR
        cd /
        tar -cf - $(echo $UNBOUND_BASE_DIR | sed 's/^\///') | (cd $CHROOT_DIR && tar -xf -)
    fi
}

do_root_trust_anchor_update() {
    if $ROOT_TRUST_ANCHOR_UPDATE; then
        if [ -n "$ROOT_TRUST_ANCHOR_FILE" ]; then
            if [ -r "$DNS_ROOT_KEY_FILE" ]; then
                if [ ! -e "$ROOT_TRUST_ANCHOR_FILE" -o "$DNS_ROOT_KEY_FILE" -nt "$ROOT_TRUST_ANCHOR_FILE" ]; then
                    if [ ! -e "$ROOT_TRUST_ANCHOR_FILE" ]; then
                        echo "$ROOT_TRUST_ANCHOR_FILE does not exist, copying from $DNS_ROOT_KEY_FILE"
                    elif [ "$DNS_ROOT_KEY_FILE" -nt "$ROOT_TRUST_ANCHOR_FILE" ]; then
                        echo "Overwriting older file $ROOT_TRUST_ANCHOR_FILE with newer file $DNS_ROOT_KEY_FILE"
                    fi
                    install -m 0644 -o unbound -g unbound "$DNS_ROOT_KEY_FILE" "$ROOT_TRUST_ANCHOR_FILE"
                fi
            fi
            env -i LANG="$LANG" PATH="$PATH" start-stop-daemon \
                --chuid unbound:unbound --start \
                --exec /usr/sbin/unbound-anchor -- -a "$ROOT_TRUST_ANCHOR_FILE" -v || true
        fi
    fi
}

case "$1" in
    resolvconf_start)
        do_resolvconf_start
        ;;

    resolvconf_stop)
        do_resolvconf_stop
        ;;

    chroot_setup)
        do_chroot_setup
        ;;

    root_trust_anchor_update)
        do_root_trust_anchor_update
        ;;

    *)
        echo "Usage: $0 {resolvconf_start|resolvconf_stop|chroot_setup|root_trust_anchor_update}" >&2
        exit 1
        ;;
esac