Package: guix-patches;
Reported by: Tobias Geerinckx-Rice <me <at> tobias.gr>
Date: Fri, 12 Oct 2018 19:00:02 UTC
Severity: normal
Tags: patch
Done: Andreas Enge <andreas <at> enge.fr>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 33026 in the body.
You can then email your comments to 33026 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
View this report as an mbox folder, status mbox, maintainer mbox
guix-patches <at> gnu.org:bug#33026; Package guix-patches.
(Fri, 12 Oct 2018 19:00:02 GMT) Full text and rfc822 format available.Tobias Geerinckx-Rice <me <at> tobias.gr>:guix-patches <at> gnu.org.
(Fri, 12 Oct 2018 19:00:02 GMT) Full text and rfc822 format available.Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
From: Tobias Geerinckx-Rice <me <at> tobias.gr> To: guix-patches <at> gnu.org Subject: [PATCH] gnu: Add pdns. Date: Fri, 12 Oct 2018 20:58:54 +0200
* gnu/packages/dns.scm (pdns): New public variable.
---
The p stands for power.
gnu/packages/dns.scm | 133 +++++++++++++++++++++++++++++++++++++++++++
1 file changed, 133 insertions(+)
diff --git a/gnu/packages/dns.scm b/gnu/packages/dns.scm
index ad1a8638b..b91a7d77c 100644
--- a/gnu/packages/dns.scm
+++ b/gnu/packages/dns.scm
@@ -31,9 +31,11 @@
#:use-module (gnu packages autotools)
#:use-module (gnu packages base)
#:use-module (gnu packages bash)
+ #:use-module (gnu packages boost)
#:use-module (gnu packages databases)
#:use-module (gnu packages compression)
#:use-module (gnu packages crypto)
+ #:use-module (gnu packages curl)
#:use-module (gnu packages datastructures)
#:use-module (gnu packages flex)
#:use-module (gnu packages glib)
@@ -43,6 +45,7 @@
#:use-module (gnu packages libevent)
#:use-module (gnu packages libidn)
#:use-module (gnu packages linux)
+ #:use-module (gnu packages lua)
#:use-module (gnu packages ncurses)
#:use-module (gnu packages nettle)
#:use-module (gnu packages networking)
@@ -360,6 +363,136 @@ run in a @code{chroot} jail, thus making any security flaws in NSD less likely
to result in system-wide compromise.")
(license (list license:bsd-3))))
+(define-public pdns
+ (package
+ (name "pdns")
+ (version "4.1.4")
+ (source
+ (origin
+ (method url-fetch)
+ (uri
+ (string-append "https://downloads.powerdns.com/releases/pdns-"
+ version ".tar.bz2"))
+ (sha256
+ (base32 "1m9yhzrxh315gv855c590b2qc8bx31rrnl72pqxrnlix701qch79"))))
+ (build-system gnu-build-system)
+ ;; There's no make target or other way to cleanly separate the tools from
+ ;; the core. We have to rely on a hard-coded list below, which needs to
+ ;; be kept up to date when changing the package version or configuration.
+ (outputs (list "out" "tools"))
+ (arguments
+ `(#:configure-flags
+ (list "--enable-libsodium" ; ed25519 (DNSSEC algorithm 15)
+ ;; "--enable-libdecaf" ; ed25519 & Ed448 (XXX unpackaged)
+ "--enable-reproducible"
+ "--enable-tools" ; not the default, so we split them off
+ "--enable-unit-tests"
+
+ ;; /sbin/pdns_server retains references to 'optional' dependencies
+ ;; like PostgreSQL, so packaging backends separately saves nothing.
+ (string-append
+ "--with-dynmodules=" ; build dynamic modules...
+ (string-join
+ (list "bind" ; BIND-style zone files
+ "gpgsql" ; generic PostgreSQL
+ "gsqlite3" ; generic Sqlite
+ "lua" ; Lua scripting
+ "pipe" ; simple stdin/stdout pipe
+ "remote") ; generic JSON/RPC connector
+ " "))
+ "--with-modules=" ; ...and no static modules
+
+ "--with-luajit" ; use JIT variant for Lua backend
+ "--with-protobuf" ; log DNS query information
+ "--with-sqlite3"
+
+ (string-append "--docdir=" (assoc-ref %outputs "out") "/share/doc/"
+ ,name "-" ,version)
+ "--sysconfdir=/etc/powerdns"
+ "--with-socketdir=/run")
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'omit-PDNS_CONFIG_ARGS
+ ;; Stop 'pdns_server --version' printing build-time details, like
+ ;; PKG_CONFIG_PATH, which embed references to almost every input.
+ (lambda _
+ (substitute* "configure"
+ (("#define PDNS_CONFIG_ARGS.*") ""))
+ #t))
+ (replace 'install
+ ;; Don't try to install configuration files to /etc.
+ (lambda* (#:key make-flags #:allow-other-keys)
+ (apply invoke "make" "sysconfdir=$(docdir)/examples" "install"
+ make-flags)))
+ (add-after 'install 'move-tools
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (tools (assoc-ref outputs "tools"))
+ (files
+ (list "bin/calidns" "share/man/man1/calidns.1"
+ "bin/dnsbulktest" "share/man/man1/dnsbulktest.1"
+ "bin/dnsgram" "share/man/man1/dnsgram.1"
+ "bin/dnsreplay" "share/man/man1/dnsreplay.1"
+ "bin/dnsscan" "share/man/man1/dnsscan.1"
+ "bin/dnsscope" "share/man/man1/dnsscope.1"
+ "bin/dnstcpbench" "share/man/man1/dnstcpbench.1"
+ "bin/dnswasher" "share/man/man1/dnswasher.1"
+ "bin/dumresp" "share/man/man1/dumresp.1"
+ "bin/ixplore" "share/man/man1/ixplore.1"
+ "bin/nproxy" "share/man/man1/nproxy.1"
+ "bin/nsec3dig" "share/man/man1/nsec3dig.1"
+ "bin/pdns_notify" "share/man/man1/pdns_notify.1"
+ "bin/saxfr" "share/man/man1/saxfr.1"
+ "bin/sdig" "share/man/man1/sdig.1"
+ "bin/stubquery")))
+ (with-directory-excursion out
+ (for-each (lambda (file)
+ (let ((target (string-append tools "/" file)))
+ (mkdir-p (dirname target))
+ (rename-file file target)))
+ files))
+ #t))))))
+ (native-inputs
+ `(("pkg-config" ,pkg-config)
+
+ ;; For tests.
+ ("curl" ,curl)))
+ (inputs
+ `(("boost" ,boost)
+ ("libsodium" ,libsodium)
+ ("luajit" ,luajit)
+ ("openssl" ,openssl)
+ ("postgresql" ,postgresql)
+ ("protobuf" ,protobuf)
+ ("sqlite" ,sqlite)
+ ("zlib" ,zlib)))
+ (home-page "https://www.powerdns.com/")
+ (synopsis "Authoritative DNS name server with dynamic back-ends")
+ (description
+ "This is the PowerDNS Authoritative Server, a versatile name server for the
+Domain Name System (@dfn{DNS}) that supports a wide variety of storage methods.
+
+The core server (@command{pdns_server}) handles all packet processing and DNS
+intelligence, while retrieving and updating the actual DNS records (and any
+additional metadata) through one or more of numerous loadable backends.
+
+Included backends range from simple BIND-style zone files and relational
+databases to (geographical) load-balancing, JSON APIs, and entire scripting
+languages. Records can be transparently signed for use with the @dfn{Domain Name
+System Security Extensions} (DNSSEC). Automated key management is available.
+
+Real-time statistics can be exported to different formats, or through an optional
+built-in Web server and API that allow for basic remote administration.")
+ (license
+ (list license:bsd-3 ; ext/luawrapper/include/LuaContext.*
+ license:expat ; ext/{json11,yahttp}
+ license:lgpl2.1+ ; m4/pdns*
+ ;; modules/oraclebackend/README says MIT, actual headers state GPL2,
+ ;; as do pdns/{ssqlite3,tcpreceiver,test-tsig,zone2ldap}.* and
+ ;; modules/ldapbackend.
+ license:gpl2
+ license:gpl3+)))) ; the rest is GPL[23]+
+
(define-public unbound
(package
(name "unbound")
--
2.18.0
guix-patches <at> gnu.org:bug#33026; Package guix-patches.
(Mon, 15 Oct 2018 20:09:02 GMT) Full text and rfc822 format available.Message #8 received at 33026 <at> debbugs.gnu.org (full text, mbox):
From: ludo <at> gnu.org (Ludovic Courtès) To: Tobias Geerinckx-Rice <me <at> tobias.gr> Cc: 33026 <at> debbugs.gnu.org Subject: Re: [bug#33026] [PATCH] gnu: Add pdns. Date: Mon, 15 Oct 2018 22:08:20 +0200
Hi,
Tobias Geerinckx-Rice <me <at> tobias.gr> skribis:
> * gnu/packages/dns.scm (pdns): New public variable.
> ---
>
> The p stands for power.
What about “powerdns” then?
> + ;; There's no make target or other way to cleanly separate the tools from
> + ;; the core. We have to rely on a hard-coded list below, which needs to
> + ;; be kept up to date when changing the package version or configuration.
> + (outputs (list "out" "tools"))
Why not keep all the commands in the same output? Is it to avoiding
cluttering user profiles, or is it a matter of package size?
> + (description
> + "This is the PowerDNS Authoritative Server, a versatile name server for the
> +Domain Name System (@dfn{DNS}) that supports a wide variety of storage methods.
I think you can avoid @dfn here as well. :-)
> + (license
> + (list license:bsd-3 ; ext/luawrapper/include/LuaContext.*
> + license:expat ; ext/{json11,yahttp}
> + license:lgpl2.1+ ; m4/pdns*
> + ;; modules/oraclebackend/README says MIT, actual headers state GPL2,
> + ;; as do pdns/{ssqlite3,tcpreceiver,test-tsig,zone2ldap}.* and
> + ;; modules/ldapbackend.
> + license:gpl2
> + license:gpl3+)))) ; the rest is GPL[23]+
A few questions:
• Are things under ext/ simply bundled libraries? If so, do you think
there’s something we could/should do about them?
• I suppose we don’t build and thus don’t care about the license of
modules/oraclebackend, do we? :-)
• The license of m4/* doesn’t matter for the combined work; I’d just
remove it.
• GPLv2-only code cannot be combined with GPLv3+ code. Is it really
what’s happening?
Thank you!
Ludo’.
guix-patches <at> gnu.org:bug#33026; Package guix-patches.
(Wed, 17 Oct 2018 20:02:01 GMT) Full text and rfc822 format available.Message #11 received at 33026 <at> debbugs.gnu.org (full text, mbox):
From: Tobias Geerinckx-Rice <me <at> tobias.gr> To: Ludovic Courtès <ludo <at> gnu.org> Cc: 33026 <at> debbugs.gnu.org Subject: Re: [bug#33026] [PATCH] gnu: Add pdns. Date: Wed, 17 Oct 2018 22:01:11 +0200
Ludo',
Ludovic Courtès wrote:
> What about “powerdns” then?
This patch originally added 'powerdns' (my preference), then I
changed it :-)
pdns is the far more common name in GNU/Linux land. The BSDs tend
to go with powerdns.
- pdns: Alpine, Debian, Fedora, Gentoo, brew, openSUSE, Slackware
:-), and derivatives
- power: Arch, *BSD, Nix :-), and derivatives
The upstream tarball also uses the pdns- prefix.
So I'm all for using 'power' but expected some astonishment during
the review. POLA and all that.
> Why not keep all the commands in the same output? Is it to
> avoiding
> cluttering user profiles, or is it a matter of package size?
The former. Building them is not the upstream default, and I
personally don't like them littering my profile (this is entirely
subjective).
On the other hand I don't think users should have to go so far as
to customise the package to get to the tools, so this was the
compromise.
I don't think either is ideal.
>> +Domain Name System (@dfn{DNS}) that supports a wide variety of
>> storage methods.
>
> I think you can avoid @dfn here as well. :-)
OK. I'll also remove it from my (already reviewed) NSD package for
consistency.
> A few questions:
>
> • Are things under ext/ simply bundled libraries? If so, do
> you think
> there’s something we could/should do about them?
I'll take a closer look.
> • I suppose we don’t build and thus don’t care about the
> license of
> modules/oraclebackend, do we? :-)
Hm, is that how this works? Or is Oracle's DB non-free? I know
nothing about Oracle, which might itself be the anwser to that
question.
If it is, shouldn't we remove the whole thing in a snippet unless
the build system really hates that?
> • The license of m4/* doesn’t matter for the combined work;
> I’d just
> remove it.
OK. I'll never fully grasp these legal combinatorics.
> • GPLv2-only code cannot be combined with GPLv3+ code. Is it
> really
> what’s happening?
Let's hope and assume not, then. Closer look.
Thanks!
T G-R
guix-patches <at> gnu.org:bug#33026; Package guix-patches.
(Fri, 19 Oct 2018 08:36:02 GMT) Full text and rfc822 format available.Message #14 received at 33026 <at> debbugs.gnu.org (full text, mbox):
From: ludo <at> gnu.org (Ludovic Courtès) To: Tobias Geerinckx-Rice <me <at> tobias.gr> Cc: 33026 <at> debbugs.gnu.org Subject: Re: [bug#33026] [PATCH] gnu: Add pdns. Date: Fri, 19 Oct 2018 10:35:32 +0200
Hello! Tobias Geerinckx-Rice <me <at> tobias.gr> skribis: > Ludovic Courtès wrote: >> What about “powerdns” then? > > This patch originally added 'powerdns' (my preference), then I changed > it :-) > pdns is the far more common name in GNU/Linux land. The BSDs tend to > go with powerdns. > > - pdns: Alpine, Debian, Fedora, Gentoo, brew, openSUSE, Slackware > :-), and derivatives > - power: Arch, *BSD, Nix :-), and derivatives > > The upstream tarball also uses the pdns- prefix. Alright, go for “pdns” then! Sorry for asking. ;-) >> Why not keep all the commands in the same output? Is it to avoiding >> cluttering user profiles, or is it a matter of package size? > > The former. Building them is not the upstream default, and I > personally don't like them littering my profile (this is entirely > subjective). > > On the other hand I don't think users should have to go so far as to > customise the package to get to the tools, so this was the compromise. OK, that makes sense to me. Maybe add a comment to explain this. >> A few questions: >> >> • Are things under ext/ simply bundled libraries? If so, do you >> think >> there’s something we could/should do about them? > > I'll take a closer look. > >> • I suppose we don’t build and thus don’t care about the license >> of >> modules/oraclebackend, do we? :-) > > Hm, is that how this works? Or is Oracle's DB non-free? I know nothing > about Oracle, which might itself be the anwser to that question. Oracle’s DB is non-free indeed (though Oracle also acquired MySQL, but this isn’t usually referred to as “Oracle DB”.) > If it is, shouldn't we remove the whole thing in a snippet unless the > build system really hates that? We could do that indeed! Well the backend itself may be free, but it’s useless without the non-free piece of software, so it makes sense to remove it (as long as the build system allows it.) >> • The license of m4/* doesn’t matter for the combined work; I’d >> just >> remove it. > > OK. I'll never fully grasp these legal combinatorics. > >> • GPLv2-only code cannot be combined with GPLv3+ code. Is it >> really >> what’s happening? > > Let's hope and assume not, then. Closer look. OK, thanks! Ludo’.
guix-patches <at> gnu.org:bug#33026; Package guix-patches.
(Wed, 07 Nov 2018 21:12:01 GMT) Full text and rfc822 format available.Message #17 received at 33026 <at> debbugs.gnu.org (full text, mbox):
From: Leo Famulari <leo <at> famulari.name> To: Tobias Geerinckx-Rice <me <at> tobias.gr> Cc: 33026 <at> debbugs.gnu.org Subject: Re: [bug#33026] [PATCH] gnu: Add pdns. Date: Wed, 7 Nov 2018 16:11:18 -0500
[Message part 1 (text/plain, inline)]
On Fri, Oct 12, 2018 at 08:58:54PM +0200, Tobias Geerinckx-Rice wrote: > +(define-public pdns > + (package > + (name "pdns") > + (version "4.1.4") Please update to 4.1.5 before pushing, in order to get fixes for these bugs: * 2018-03: Crafted zone record can cause a denial of service (CVE-2018-10851, Authoritative) * 2018-04: Crafted answer can cause a denial of service (CVE-2018-10851, Recursor) * 2018-05: Packet cache pollution via crafted query (CVE-2018-14626, Authoritative >= 4.1.0) * 2018-06: Packet cache pollution via crafted query (CVE-2018-14626, Recursor >= 4.0.0) * 2018-07: Crafted query for meta-types can cause a denial of service (CVE-2018-14644, Recursor >= 4.0.0) https://seclists.org/oss-sec/2018/q4/137
[signature.asc (application/pgp-signature, inline)]
guix-patches <at> gnu.org:bug#33026; Package guix-patches.
(Tue, 19 Feb 2019 23:08:02 GMT) Full text and rfc822 format available.Message #20 received at 33026 <at> debbugs.gnu.org (full text, mbox):
From: Andreas Enge <andreas <at> enge.fr> To: 33026 <at> debbugs.gnu.org, 33020 <at> debbugs.gnu.org Subject: Progress Date: Wed, 20 Feb 2019 00:07:44 +0100
Is this patch still of interest, or should we close the bug report? Andreas
guix-patches <at> gnu.org:bug#33026; Package guix-patches.
(Mon, 04 Mar 2019 16:21:01 GMT) Full text and rfc822 format available.Message #23 received at 33026 <at> debbugs.gnu.org (full text, mbox):
From: Tobias Geerinckx-Rice <somebody <at> not-sent-or-endorsed-by.tobias.gr> To: 33026 <at> debbugs.gnu.org Cc: Tobias Geerinckx-Rice <me <at> tobias.gr> Subject: [PATCH v2 0/2] gnu: Add pdns. Date: Mon, 4 Mar 2019 17:19:53 +0100
From: Tobias Geerinckx-Rice <me <at> tobias.gr> Ludo', Thanks for the review and sorry for the late reply. I've think I've addressed all your points below, apart from the last one. I've also added Ruby and Perl to run the full test suite, and tried to make the ‘move-tools’ phase a bit more straightforward. Ludovic Courtès wrote: > What about “powerdns” then? > > Tobias Geerinckx-Rice <me <at> tobias.gr> skribis: >> [blah blah blah blah] > > Alright, go for “pdns” then! Sorry for asking. ;-) You'll never make that mistake again. > We could do that indeed! Well the backend itself may be free, but > it's useless without the non-free piece of software, so it makes > sense to remove it (as long as the build system allows it.) OK. > I think you can avoid @dfn here as well. :-) OK. Replaced with @acronym if that's all right. > A few questions: > > • Are things under ext/ simply bundled libraries? If so, do you think > there’s something we could/should do about them? There are 3 libraries under ext/: - json11 (https://github.com/dropbox/json11) is a one-C++-file library without own build system, intended for bundling; - luawrapper is just a lone header file (LuaContext.hpp); - yahttp (https://github.com/cmouse/yahttp) is most like a real package, and while the README instructs developers to just plonk its headers in with their own and ship it that way, I was able to package & use it. > • I suppose we don’t build and thus don’t care about the license of > modules/oraclebackend, do we? :-) Out it goes. > • The license of m4/* doesn’t matter for the combined work; I’d just > remove it. Done. > • GPLv2-only code cannot be combined with GPLv3+ code. Is it really > what’s happening? I think so: $ head pdns/ssqlite3.cc /* SQLite backend for PowerDNS * Copyright (C) 2003, Michel Stol <michel <at> powerdns.com> * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 * as published by the Free Software Foundation. * * Additionally, the license of this program contains a special * exception which allows to distribute the program in binary form when * it is linked against OpenSSL. Is this really a deal-breaker? We could disable the sqlite and LDAP back ends (hardly ideal) but pdns/tcpreceiver.cc is linked into the core pdns_server… Uh oh, T G-R Tobias Geerinckx-Rice (2): gnu: Add yahttp. gnu: Add pdns. gnu/packages/dns.scm | 176 +++++++++++++++++++++++++++++++++++++++++++ gnu/packages/web.scm | 42 +++++++++++ 2 files changed, 218 insertions(+) -- 2.20.1
guix-patches <at> gnu.org:bug#33026; Package guix-patches.
(Mon, 04 Mar 2019 16:21:02 GMT) Full text and rfc822 format available.Message #26 received at 33026 <at> debbugs.gnu.org (full text, mbox):
From: Tobias Geerinckx-Rice <somebody <at> not-sent-or-endorsed-by.tobias.gr> To: 33026 <at> debbugs.gnu.org Cc: Tobias Geerinckx-Rice <me <at> tobias.gr> Subject: [PATCH v2 1/2] gnu: Add yahttp. Date: Mon, 4 Mar 2019 17:19:54 +0100
From: Tobias Geerinckx-Rice <me <at> tobias.gr>
* gnu/packages/web.scm (yahttp): New public variable.
---
gnu/packages/web.scm | 42 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 42 insertions(+)
diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm
index b0ee78b92b..95099e450e 100644
--- a/gnu/packages/web.scm
+++ b/gnu/packages/web.scm
@@ -66,6 +66,7 @@
#:use-module (gnu packages admin)
#:use-module (gnu packages adns)
#:use-module (gnu packages apr)
+ #:use-module (gnu packages boost)
#:use-module (gnu packages check)
#:use-module (gnu packages documentation)
#:use-module (gnu packages docbook)
@@ -86,6 +87,7 @@
#:use-module (gnu packages gnupg)
#:use-module (gnu packages gnuzilla)
#:use-module (gnu packages gperf)
+ #:use-module (gnu packages graphviz)
#:use-module (gnu packages gtk)
#:use-module (gnu packages guile)
#:use-module (gnu packages guile-xyz)
@@ -4907,6 +4909,46 @@ and xinetd usually launches another daemon to handle the request. It can be
used to start services with both privileged and non-privileged port numbers.")
(license (l:fsf-free "file://COPYRIGHT"))))
+(define-public yahttp
+ (package
+ (name "yahttp")
+ (version "0.2.1")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/cmouse/yahttp.git")
+ (commit (string-append "v" version))))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32 "09pxykgby8hlyvaff106p6m847idg6nkprahx62kr05ks5r6i77v"))))
+ ;; Separate the ~7.5 MiB of HTML documentation from the rest (~700 KiB).
+ ;; Installing the package without it would require patching Makefiles.
+ (outputs (list "out" "doc"))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:configure-flags
+ (list (string-append "--htmldir=" (assoc-ref %outputs "doc")
+ "/share/doc/" ,name "-" ,version))))
+ (native-inputs
+ `(("autoconf" ,autoconf)
+ ("automake" ,automake)
+ ("libtool" ,libtool)
+
+ ;; For creating the documentation.
+ ("doxygen" ,doxygen)
+ ("graphviz" ,graphviz)))
+ (inputs
+ `(("boost" ,boost)))
+ (home-page "https://github.com/cmouse/yahttp")
+ (synopsis "Small-footprint HTTP request/response parser")
+ (description
+ "@acronym{YaHTTP, Yet Another HTTP Library} aims to be purely an HTTP
+request/response parser with no input/output ties. It is intended to be used in
+small-footprint applications and other utilities that want to use HTTP over
+something else than network I/O.")
+ (license l:expat)))
+
(define-public tidy-html
(package
(name "tidy-html")
--
2.20.1
guix-patches <at> gnu.org:bug#33026; Package guix-patches.
(Mon, 04 Mar 2019 16:21:02 GMT) Full text and rfc822 format available.Message #29 received at 33026 <at> debbugs.gnu.org (full text, mbox):
From: Tobias Geerinckx-Rice <somebody <at> not-sent-or-endorsed-by.tobias.gr> To: 33026 <at> debbugs.gnu.org Cc: Tobias Geerinckx-Rice <me <at> tobias.gr> Subject: [PATCH v2 2/2] gnu: Add pdns. Date: Mon, 4 Mar 2019 17:19:55 +0100
From: Tobias Geerinckx-Rice <me <at> tobias.gr>
* gnu/packages/dns.scm (pdns): New public variable.
---
gnu/packages/dns.scm | 176 +++++++++++++++++++++++++++++++++++++++++++
1 file changed, 176 insertions(+)
diff --git a/gnu/packages/dns.scm b/gnu/packages/dns.scm
index 9cc707e5b4..b929f8b426 100644
--- a/gnu/packages/dns.scm
+++ b/gnu/packages/dns.scm
@@ -32,9 +32,11 @@
#:use-module (gnu packages autotools)
#:use-module (gnu packages base)
#:use-module (gnu packages bash)
+ #:use-module (gnu packages boost)
#:use-module (gnu packages databases)
#:use-module (gnu packages compression)
#:use-module (gnu packages crypto)
+ #:use-module (gnu packages curl)
#:use-module (gnu packages datastructures)
#:use-module (gnu packages flex)
#:use-module (gnu packages glib)
@@ -44,6 +46,7 @@
#:use-module (gnu packages libevent)
#:use-module (gnu packages libidn)
#:use-module (gnu packages linux)
+ #:use-module (gnu packages lua)
#:use-module (gnu packages ncurses)
#:use-module (gnu packages nettle)
#:use-module (gnu packages networking)
@@ -51,6 +54,8 @@
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages protobuf)
#:use-module (gnu packages python)
+ #:use-module (gnu packages ruby)
+ #:use-module (gnu packages sqlite)
#:use-module (gnu packages swig)
#:use-module (gnu packages tls)
#:use-module (gnu packages web)
@@ -403,6 +408,177 @@ run in a @code{chroot} jail, thus making any security flaws in NSD less likely
to result in system-wide compromise.")
(license (list license:bsd-3))))
+(define-public pdns
+ (package
+ (name "pdns")
+ (version "4.1.6")
+ (source
+ (origin
+ (method url-fetch)
+ (uri
+ (string-append "https://downloads.powerdns.com/releases/pdns-"
+ version ".tar.bz2"))
+ (sha256
+ (base32 "0ggpcvzj90a31qf71m8788ql0hbxnkb9y6c3wgqr9l0qwv8dsgpm"))
+ (modules '((guix build utils)))
+ (snippet
+ '(begin
+ ;; Delete (free) back ends for a non-free database. This also
+ ;; side-steps some licence confusion where modules/oraclebackend's
+ ;; README says ‘MIT’ but the actual file headers state GPL2 [only].
+ (for-each
+ (lambda (back-end)
+ (with-directory-excursion "modules"
+ (delete-file-recursively back-end))
+ (substitute* "configure"
+ (((format " modules/~a/Makefile" back-end))
+ ""))
+ (substitute* "modules/Makefile.in"
+ (((format ".*~a.*" back-end)) ; delete the whole line
+ "")))
+ (list "goraclebackend"
+ "oraclebackend"))
+ #t))))
+ (build-system gnu-build-system)
+ ;; Keep the extra tools from littering the user's profile unless desired.
+ ;; There's no make target or other way to cleanly separate the tools from
+ ;; the core. We have to rely on a hard-coded list (below), which needs to
+ ;; be double-checked when changing the package version or configuration.
+ (outputs (list "out" "tools"))
+ (arguments
+ `(#:configure-flags
+ (list "--enable-libsodium" ; ed25519 (DNSSEC algorithm 15)
+ ;; "--enable-libdecaf" ; ed25519 & Ed448 (XXX unpackaged)
+ "--enable-reproducible"
+ "--enable-tools"
+ "--enable-unit-tests"
+
+ ;; XXX The 'core' (sbin/pdns_server) retains references to some
+ ;; dependencies (e.g. luajit, sqlite) but not all of them (e.g.
+ ;; postgresql). Moving backend modules to their own output (or
+ ;; package?) might reduce the closure size significantly and/or
+ ;; allow us to build more (all?) of them. Something to consider.
+ (string-append
+ "--with-dynmodules=" ; build dynamic modules...
+ (string-join
+ (list "bind" ; BIND-style zone files
+ "gpgsql" ; generic PostgreSQL
+ "gsqlite3" ; generic Sqlite
+ "lua" ; Lua scripting
+ "pipe" ; simple stdin/stdout pipe
+ "remote") ; generic JSON/RPC connector
+ " "))
+ "--with-modules=" ; ...and no static modules
+
+ "--with-luajit" ; use JIT variant for Lua backend
+ "--with-protobuf" ; for logging DNS query information
+ "--with-sqlite3" ; include the sqlite3 driver
+
+ (string-append "--docdir=" (assoc-ref %outputs "out") "/share/doc/"
+ ,name "-" ,version)
+ "--sysconfdir=/etc/powerdns"
+ "--with-socketdir=/run")
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'use-packaged-yahttp
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((yahttp (assoc-ref inputs "yahttp")))
+ (delete-file-recursively "ext/yahttp")
+ (substitute* "configure"
+ (("\\$\\(top_builddir\\)/ext/yahttp/yahttp")
+ (string-append yahttp "/lib"))
+ (("ext/(yahttp/)+Makefile") ""))
+ (substitute* "ext/Makefile.in"
+ (("yahttp ") ""))
+ #t)))
+ (add-after 'unpack 'omit-PDNS_CONFIG_ARGS
+ ;; Avoid ‘pdns_server --version’ printing build-time details, like
+ ;; PKG_CONFIG_PATH, which embed references to almost every input.
+ (lambda _
+ (substitute* "configure"
+ (("#define PDNS_CONFIG_ARGS.*") ""))
+ #t))
+ (replace 'install
+ ;; Don't try to install configuration files to /etc.
+ (lambda* (#:key make-flags #:allow-other-keys)
+ (apply invoke "make" "sysconfdir=$(docdir)/examples" "install"
+ make-flags)))
+ (add-after 'install 'move-tools
+ ;; Move tools (and their documentation) to a separate output.
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (tools (assoc-ref outputs "tools"))
+ (move (lambda (file)
+ (let ((target (string-append tools "/" file)))
+ (mkdir-p (dirname target))
+ (rename-file file target)))))
+ (with-directory-excursion out
+ (for-each (lambda (tool)
+ (move (string-append "bin/" tool))
+ (move (string-append "share/man/man1/"
+ tool ".1")))
+ (list "calidns"
+ "dnsbulktest"
+ "dnsgram"
+ "dnsreplay"
+ "dnsscan"
+ "dnsscope"
+ "dnstcpbench"
+ "dnswasher"
+ "dumresp"
+ "ixplore"
+ "nproxy"
+ "nsec3dig"
+ "pdns_notify"
+ "saxfr"
+ "sdig"))
+
+ ;; This one weird tool doesn't have a man page.
+ (move "bin/stubquery")
+ #t)))))))
+ (native-inputs
+ `(("pkg-config" ,pkg-config)
+
+ ;; For tests.
+ ("curl" ,curl)
+ ("perl" ,perl)
+ ("ruby" ,ruby)))
+ (inputs
+ `(("boost" ,boost)
+ ("libsodium" ,libsodium)
+ ("luajit" ,luajit)
+ ("openssl" ,openssl)
+ ("postgresql" ,postgresql)
+ ("protobuf" ,protobuf)
+ ("sqlite" ,sqlite)
+ ("yahttp" ,yahttp)
+ ("zlib" ,zlib)))
+ (home-page "https://www.powerdns.com/")
+ (synopsis "Authoritative DNS name server with dynamic back-ends")
+ (description
+ "This is the PowerDNS Authoritative Server, a versatile name server for the
+@acronym{DNS, Domain Name System} that supports a wide variety of storage back
+ends.
+
+The core server (@command{pdns_server}) handles all packet processing and DNS
+intelligence, while retrieving and updating the actual DNS records (and any
+additional metadata) through one or more of numerous loadable backends.
+
+Included back ends range from simple BIND-style zone files and relational
+databases to (geographical) load-balancing, JSON APIs, and entire scripting
+languages. Records can be transparently signed for use with @acronym{DNSSEC,
+Domain Name System Security Extensions}. Automated key management is available.
+
+Real-time statistics can be exported to different formats, or through an optional
+built-in Web server and API that allow for basic remote administration.")
+ (license
+ (list license:bsd-3 ; ext/luawrapper/include/LuaContext.*
+ license:expat ; ext/{json11,yahttp}
+ ;; pdns/{ssqlite3,tcpreceiver,test-tsig,zone2ldap}.* and
+ ;; modules/ldapbackend are GPL2-only.
+ license:gpl2
+ license:gpl3+)))) ; the rest is GPL[23]+
+
(define-public unbound
(package
(name "unbound")
--
2.20.1
Andreas Enge <andreas <at> enge.fr>:Tobias Geerinckx-Rice <me <at> tobias.gr>:Message #34 received at 33026-done <at> debbugs.gnu.org (full text, mbox):
From: Andreas Enge <andreas <at> enge.fr> To: 33026-done <at> debbugs.gnu.org, 33020-done <at> debbugs.gnu.org Subject: Re: [bug#33020] Progress Date: Thu, 7 Mar 2019 14:22:40 +0100
Two weeks later without any reaction, closing. Andreas
guix-patches <at> gnu.org:bug#33026; Package guix-patches.
(Thu, 07 Mar 2019 14:03:02 GMT) Full text and rfc822 format available.Message #37 received at 33026 <at> debbugs.gnu.org (full text, mbox):
From: Andreas Enge <andreas <at> enge.fr> To: Tobias Geerinckx-Rice <somebody <at> not-sent-or-endorsed-by.tobias.gr> Cc: 33026 <at> debbugs.gnu.org Subject: Re: bug#33026: [bug#33020] Progress Date: Thu, 7 Mar 2019 15:02:22 +0100
On Thu, Mar 07, 2019 at 02:38:28PM +0100, Tobias Geerinckx-Rice wrote: > Do you think this is reasonable? I do - in the spirit of dropping packages that do not build after about two weeks, as discussed around FOSDEM. I think there is no point in keeping orphaned patches around for packages that apparently nobody cares about any more. > I'm reopening this and welcome any feedback that will help get this merged. That is fine as well, if you care about the package, that contradicts my motivation above! > If no-one answers in the next 2 weeks, fine. Well, then you replace 2 weeks by twice 2 weeks, which is also fine, but not fundamentally different from the approach that apparently you find unreasonable. Andreas
guix-patches <at> gnu.org:bug#33026; Package guix-patches.
(Thu, 07 Mar 2019 14:09:01 GMT) Full text and rfc822 format available.Message #40 received at 33026 <at> debbugs.gnu.org (full text, mbox):
From: Andreas Enge <andreas <at> enge.fr> To: Tobias Geerinckx-Rice <somebody <at> not-sent-or-endorsed-by.tobias.gr> Cc: 33026 <at> debbugs.gnu.org Subject: Re: bug#33026: [bug#33020] Progress Date: Thu, 7 Mar 2019 15:08:23 +0100
On Thu, Mar 07, 2019 at 02:38:28PM +0100, Tobias Geerinckx-Rice wrote: > Do you think this is reasonable? Sorry, actually I did not see your reply from March 4 - the closing message was sent to two entangled bug reports (this one and 33020), and the other one did not receive any reply. Apologies for closing this one, and feel free to reopen 33020 as well if you would still like to push nullmailer. Andreas
guix-patches <at> gnu.org:bug#33026; Package guix-patches.
(Thu, 07 Mar 2019 14:59:02 GMT) Full text and rfc822 format available.Message #43 received at 33026 <at> debbugs.gnu.org (full text, mbox):
From: Tobias Geerinckx-Rice <me <at> tobias.gr> To: Andreas Enge <andreas <at> enge.fr> Cc: Tobias Geerinckx-Rice <somebody <at> not-sent-or-endorsed-by.tobias.gr>, 33026 <at> debbugs.gnu.org, 33020-done <at> debbugs.gnu.org Subject: Re: [bug#33026] [bug#33020] Progress Date: Thu, 07 Mar 2019 15:58:09 +0100
Andreas, Andreas Enge wrote: > On Thu, Mar 07, 2019 at 02:38:28PM +0100, Tobias Geerinckx-Rice > wrote: >> Do you think this is reasonable? > > Sorry, actually I did not see your reply from March 4 - the > closing message > was sent to two entangled bug reports (this one and 33020), and > the other > one did not receive any reply. Oh, OK. I hadn't yet received any notification for done-33020 when I replied to done-33026, and you did also ping 33026 exactly two weeks ago, so it seemed plausibly… intentional? Apologies for acting slighted. > Apologies for closing this one, and feel free > to reopen 33020 as well if you would still like to push > nullmailer. -done! With an upgrade to 2.2 to boot. Kind regards, T G-R
Debbugs Internal Request <help-debbugs <at> gnu.org>
to internal_control <at> debbugs.gnu.org.
(Fri, 05 Apr 2019 11:24:04 GMT) Full text and rfc822 format available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.