Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openresolv for openSUSE:Factory checked in at 2025-03-31 11:43:35 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/openresolv (Old) and /work/SRC/openSUSE:Factory/.openresolv.new.2696 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openresolv" Mon Mar 31 11:43:35 2025 rev:6 rq:1265519 version:3.14.1 Changes: -------- --- /work/SRC/openSUSE:Factory/openresolv/openresolv.changes 2023-12-06 23:49:26.909933458 +0100 +++ /work/SRC/openSUSE:Factory/.openresolv.new.2696/openresolv.changes 2025-03-31 11:44:54.148447455 +0200 @@ -1,0 +2,10 @@ +Sat Mar 29 09:52:48 UTC 2025 - Andrea Manzini <andrea.manz...@suse.com> + +- update to 3.14.1: + * unbound: Add option for marking domains as private + * Add a new exlcude option to exclude a whole file on match + * Remove reference to README for configure options + +- added openresolv.keyring for signature verification + +------------------------------------------------------------------- Old: ---- openresolv-3.13.2.tar.xz openresolv-3.13.2.tar.xz.asc New: ---- openresolv-3.14.1.tar.xz openresolv-3.14.1.tar.xz.asc openresolv.keyring ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openresolv.spec ++++++ --- /var/tmp/diff_new_pack.IfXXm3/_old 2025-03-31 11:44:54.760472851 +0200 +++ /var/tmp/diff_new_pack.IfXXm3/_new 2025-03-31 11:44:54.764473017 +0200 @@ -1,7 +1,7 @@ # # spec file for package openresolv # -# Copyright (c) 2023 SUSE LLC +# Copyright (c) 2025 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,13 +17,14 @@ Name: openresolv -Version: 3.13.2 +Version: 3.14.1 Release: 0 Summary: DNS management framework License: BSD-2-Clause URL: https://roy.marples.name/projects/openresolv -Source0: https://github.com/NetworkConfiguration/openresolv/releases/download/v3.13.2/openresolv-%{version}.tar.xz -Source1: https://github.com/NetworkConfiguration/openresolv/releases/download/v3.13.2/openresolv-%{version}.tar.xz.asc +Source0: https://github.com/NetworkConfiguration/openresolv/releases/download/v%{version}/openresolv-%{version}.tar.xz +Source1: https://github.com/NetworkConfiguration/openresolv/releases/download/v%{version}/openresolv-%{version}.tar.xz.asc +Source2: openresolv.keyring Requires: bash BuildArch: noarch ++++++ openresolv-3.13.2.tar.xz -> openresolv-3.14.1.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openresolv-3.13.2/Makefile new/openresolv-3.14.1/Makefile --- old/openresolv-3.13.2/Makefile 2023-06-27 16:39:40.000000000 +0200 +++ new/openresolv-3.14.1/Makefile 2025-03-28 20:35:30.000000000 +0100 @@ -45,7 +45,7 @@ DISTINFOMD= ${DISTINFO}.md DISTSIGN= ${DISTFILE}.asc SHA256?= sha256 -PGP?= gpg +PGP?= gpg2 GITREF?= HEAD @@ -104,7 +104,7 @@ ${SHA256} ${DISTFILE} >${DISTINFO} wc -c <${DISTFILE} \ | xargs printf 'Size (${DISTFILE}) = %s\n' >>${DISTINFO} - ${PGP} --armour --detach-sign ${DISTFILE} + ${PGP} --sign --armour --detach ${DISTFILE} chmod 644 ${DISTSIGN} ls -l ${DISTFILE} ${DISTINFO} ${DISTSIGN} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openresolv-3.13.2/configure new/openresolv-3.14.1/configure --- old/openresolv-3.13.2/configure 2023-06-27 16:39:40.000000000 +0200 +++ new/openresolv-3.14.1/configure 2025-03-28 20:35:30.000000000 +0100 @@ -39,7 +39,7 @@ --includedir) eval INCLUDEDIR="$INCLUDEDIR${INCLUDEDIR:+ }$var";; --datadir|--infodir) ;; # ignore autotools --disable-maintainer-mode|--disable-dependency-tracking) ;; - --help) echo "See the README file for available options"; exit 0;; + --help) echo "See the source for available options"; exit 0;; *) echo "$0: WARNING: unknown option $opt" >&2;; esac done diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openresolv-3.13.2/libc.in new/openresolv-3.14.1/libc.in --- old/openresolv-3.13.2/libc.in 2023-06-27 16:39:40.000000000 +0200 +++ new/openresolv-3.14.1/libc.in 2025-03-28 20:35:30.000000000 +0100 @@ -1,5 +1,5 @@ #!/bin/sh -# Copyright (c) 2007-2023 Roy Marples +# Copyright (c) 2007-2025 Roy Marples # All rights reserved # libc subscriber for resolvconf @@ -96,7 +96,7 @@ : ${resolv_conf:=/etc/resolv.conf} : ${resolv_conf_tmp:="$resolv_conf.$$.openresolv"} : ${libc_service:=nscd} -: ${list_resolv:=@SBINDIR@/resolvconf -l} +: ${list_resolv:=@SBINDIR@/resolvconf -L} if [ "${resolv_conf_head-x}" = x ] && [ -f "$SYSCONFDIR"/resolv.conf.head ] then resolv_conf_head="$(cat "${SYSCONFDIR}"/resolv.conf.head)" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openresolv-3.13.2/resolvconf.8.in new/openresolv-3.14.1/resolvconf.8.in --- old/openresolv-3.13.2/resolvconf.8.in 2023-06-27 16:39:40.000000000 +0200 +++ new/openresolv-3.14.1/resolvconf.8.in 2025-03-28 20:35:30.000000000 +0100 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2007-2023 Roy Marples +.\" Copyright (c) 2007-2025 Roy Marples .\" All rights reserved .\" .\" Redistribution and use in source and binary forms, with or without @@ -22,7 +22,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd December 23, 2016 +.Dd March 24, 2025 .Dt RESOLVCONF 8 .Os .Sh NAME @@ -46,7 +46,7 @@ .Fl d Ar interface Ns Op Ar .protocol .Nm .Op Fl x -.Fl il Ar pattern +.Fl iLl Ar pattern .Nm .Fl u .Nm @@ -168,6 +168,17 @@ we have .Pa resolv.conf files for. +.It Fl L Ar pattern +List the +.Pa resolv.conf +files we have, +post-processed by the +.Xr resolvconf.conf 5 +configuration. +If +.Ar pattern +is specified then we list the files for the interfaces and protocols +that match it. .It Fl l Ar pattern List the .Pa resolv.conf diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openresolv-3.13.2/resolvconf.conf.5.in new/openresolv-3.14.1/resolvconf.conf.5.in --- old/openresolv-3.13.2/resolvconf.conf.5.in 2023-06-27 16:39:40.000000000 +0200 +++ new/openresolv-3.14.1/resolvconf.conf.5.in 2025-03-28 20:35:30.000000000 +0100 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2009-2023 Roy Marples +.\" Copyright (c) 2009-2025 Roy Marples .\" All rights reserved .\" .\" Redistribution and use in source and binary forms, with or without @@ -22,7 +22,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd May 23, 2023 +.Dd March 24, 2025 .Dt RESOLVCONF.CONF 5 .Os .Sh NAME @@ -65,6 +65,19 @@ If set, only these interfaces will be processed. .It Sy deny_interfaces If set, these interfaces will not be processed. +.It Sy exclude +Is a space separated list of key/value pairs to match. +If all key/value pairs in one element can be found in the file, +then the whole file will be excluded from processing. +The syntax is this: +.Va $keyword Ns / Ns Va $match Ns Op / Ns Va $keyword Ns / Ns Va $match +.Pp +For example given this configuration: +.Bd -compact -literal -offset indent +exclude="search/foo*/nameserver/1.2.3.4 search/bar.org" +.Ed +Then any resolv.conf with both a search option starting with foo with a nameserver of 1.2.3.4 +OR a search option of bar.org would be excluded. .It Sy interface_order These interfaces will always be processed first. If unset, defaults to the following:- @@ -328,6 +341,8 @@ This file tells unbound about specific and global name servers. .It Sy unbound_insecure When set to YES, unbound marks the domains as insecure, thus ignoring DNSSEC. +.It Sy unbound_private +When set to YES, unbound marks the domains as private, allowing it and its subdomains to contain private addresses. .It Sy unbound_forward_zone_options Options appended to each forward zone. Each option should be separated by an embedded new line. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openresolv-3.13.2/resolvconf.in new/openresolv-3.14.1/resolvconf.in --- old/openresolv-3.13.2/resolvconf.in 2023-06-27 16:39:40.000000000 +0200 +++ new/openresolv-3.14.1/resolvconf.in 2025-03-28 20:35:30.000000000 +0100 @@ -1,5 +1,5 @@ #!/bin/sh -# Copyright (c) 2007-2023 Roy Marples +# Copyright (c) 2007-2025 Roy Marples # All rights reserved # Redistribution and use in source and binary forms, with or without @@ -25,7 +25,7 @@ # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. RESOLVCONF="$0" -OPENRESOLV_VERSION="3.13.2" +OPENRESOLV_VERSION="3.14.1" SYSCONFDIR=@SYSCONFDIR@ LIBEXECDIR=@LIBEXECDIR@ VARDIR=@VARDIR@ @@ -34,7 +34,7 @@ if [ "$1" = "--version" ]; then echo "openresolv $OPENRESOLV_VERSION" - echo "Copyright (c) 2007-2020 Roy Marples" + echo "Copyright (c) 2007-2025 Roy Marples" exit 0 fi @@ -48,6 +48,27 @@ interface_order="lo lo[0-9]*" name_server_blacklist="0.0.0.0" +# Poor mans cat +# /usr might not be available +cat() +{ + OIFS="$IFS" + IFS='' + if [ -n "$1" ]; then + while read -r line; do + printf "%s\n" "$line" + done < "$1" + else + while read -r line; do + printf "%s\n" "$line" + done + fi + retval=$? + IFS="$OIFS" + return $retval +} + + # Support original resolvconf configuration layout # as well as the openresolv config file if [ -f "$SYSCONFDIR"/resolvconf.conf ]; then @@ -98,6 +119,7 @@ pattern -l [\$PATTERN] Show DNS information, optionally from interfaces that match the specified pattern + -L [\$PATTERN] Same as -l, but adjusted by our config -u Run updates from our current DNS information --version Echo the ${RESOLVCONF##*/} version @@ -329,7 +351,7 @@ fi' elif [ -x /usr/bin/s6-rc ] && [ -x /usr/bin/s6-svc ]; then RESTARTCMD=' - if s6-rc -a list | grep -qFx $1-srv + if s6-rc -a list 2>/dev/null | grep -qFx $1-srv then s6-svc -r /run/service/$1-srv fi' @@ -434,12 +456,68 @@ return 1 } +match() +{ + match="$1" + file="$2" + retval=1 + count=0 + + while read -r keyword value; do + new_match= + for om in $match; do + m="$om" + keep= + while [ -n "$m" ]; do + k="${m%%/*}" + r="${m#*/}" + f="${r%%/*}" + r="${r#*/}" + # If the length of m is the same as k/f then + # we know that we are done + if [ ${#m} = $((${#k} + 1 + ${#f})) ]; then + r= + fi + m="$r" + matched=false + case "$keyword" in + $k) + case "$value" in + $f) + matched=true + ;; + esac + ;; + esac + if ! $matched; then + keep="$keep${keep:+/}$k/$f" + fi + done + if [ -n "$om" ] && [ -z "$keep" ]; then + retval=0 + break 2 + fi + new_match="${new_match}${new_match:+ }${keep}" + done + match="${new_match}" + done < "$file" + return $retval +} + list_resolv() { [ -d "$IFACEDIR" ] || return 0 - cmd="$1" - shift + list_cmd= + OPTIND=1 + while getopts iLl OPT; do + case "$OPT" in + '?') exit 1;; + *) list_cmd="$OPT";; + esac + done + shift $(($OPTIND - 1)) + pattern_specified="$1" excl=false @@ -540,7 +618,7 @@ continue fi - if ! $ALLIFACES; then + if [ "$list_cmd" = L ]; then if [ -n "$allow_interfaces" ]; then x=false for j in $allow_interfaces; do @@ -555,16 +633,20 @@ continue 2 fi done + + if [ -n "$exclude" ] && match "$exclude" "$i"; then + continue + fi fi - if [ "$cmd" = i ] || [ "$cmd" = "-i" ]; then + if [ "$list_cmd" = i ]; then printf %s "$i " else echo_resolv "$i" && echo fi [ $? = 0 ] && [ "$retval" = 1 ] && retval=0 done - [ "$cmd" = i ] || [ "$cmd" = "-i" ] && echo + [ "$list_cmd" = i ] && echo return $retval } @@ -674,7 +756,7 @@ if [ -z "$VFLAG" ]; then IF_EXCLUSIVE=1 list_resolv -i "$@" >/dev/null || IF_EXCLUSIVE=0 - eval "$(list_resolv -l "$@" | replace | parse_resolv)" + eval "$(list_resolv -L "$@" | replace | parse_resolv)" fi if [ -n "${name_servers_append}${search_domains_append}" ]; then eval "$(echo_append | parse_resolv)" @@ -724,7 +806,7 @@ force=false VFLAG= -while getopts a:C:c:Dd:fhIilm:pRruvVx OPT; do +while getopts a:C:c:Dd:fhIiLlm:pRruvVx OPT; do case "$OPT" in f) force=true;; h) usage;; @@ -762,11 +844,14 @@ # -l lists our resolv files, optionally for a specific interface if [ "$cmd" = l ] || [ "$cmd" = i ]; then - ALLIFACES=true - list_resolv "$cmd" "$args" + list_resolv "-$cmd" "$args" exit $? fi -ALLIFACES=false +# -L is the same as -l, but post-processed from our config +if [ "$cmd" = L ]; then + list_resolv "-$cmd" "$args" | replace + exit $?2 +fi # Restart a service or echo the command to restart a service if [ "$cmd" = r ] || [ "$cmd" = R ]; then @@ -1077,7 +1162,7 @@ eval "$(make_vars)" export RESOLVCONF DOMAINS SEARCH NAMESERVERS LOCALNAMESERVERS -: ${list_resolv:=list_resolv -l} +: ${list_resolv:=list_resolv -L} retval=0 # Run scripts in the same directory resolvconf is run from diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openresolv-3.13.2/unbound.in new/openresolv-3.14.1/unbound.in --- old/openresolv-3.13.2/unbound.in 2023-06-27 16:39:40.000000000 +0200 +++ new/openresolv-3.14.1/unbound.in 2025-03-28 20:35:30.000000000 +0100 @@ -27,6 +27,7 @@ # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. unbound_insecure= +unbound_private= [ -f "@SYSCONFDIR@"/resolvconf.conf ] || exit 0 . "@SYSCONFDIR@/resolvconf.conf" || exit 1 @@ -42,12 +43,25 @@ for d in $DOMAINS; do dn="${d%%:*}" ns="${d#*:}" + create_unbound_insecure=false + create_unbound_private=false case "$unbound_insecure" in [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) - newconf="$newconf${NL}server:$NL" - newconf="$newconf domain-insecure: \"$dn\"$NL" - ;; + create_unbound_insecure=true ;; + esac + case "$unbound_private" in + [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) + create_unbound_private=true ;; esac + if $create_unbound_insecure || $create_unbound_private; then + newconf="$newconf${NL}server:$NL" + if $create_unbound_insecure; then + newconf="$newconf domain-insecure: \"$dn\"$NL" + fi + if $create_unbound_private; then + newconf="$newconf private-domain: \"$dn\"$NL" + fi + fi newconf="$newconf${NL}forward-zone:$NL name: \"$dn\"$NL" if [ -n "$unbound_forward_zone_options" ]; then newconf="$newconf $unbound_forward_zone_options${NL}"
