Hi all, Sorry, I've made it again, it is tested one, works for me. please test it.
-- Regards, Hideki Yamane henrich @ debian.or.jp/iijmio-mail.jp http://wiki.debian.org/HidekiYamane
diff -urN unbound-1.0.2.orig/debian/changelog unbound-1.0.2/debian/changelog --- unbound-1.0.2.orig/debian/changelog 2008-12-16 06:09:32.000000000 +0900 +++ unbound-1.0.2/debian/changelog 2008-12-16 06:09:51.000000000 +0900 @@ -1,3 +1,18 @@ +unbound (1.0.2-1.1) unstable; urgency=low + + * Non-maintainer upload. + * debian/{unbound.init,unbound.default} + + set not start by default, to avoid that port 53 blocking by other name + servers will cause install problems + * debian/unbound.prerm + + fix lintian "unbound: maintainer-script-hides-init-failure prerm:5" error + * debian/control + - add ${misc:Depends} + * debian/watch + - add "debian uupdate" + + -- Hideki Yamane (Debian-JP) <henr...@debian.or.jp> Tue, 16 Dec 2008 05:03:43 +0900 + unbound (1.0.2-1) unstable; urgency=low * New upstream release; diff -urN unbound-1.0.2.orig/debian/control unbound-1.0.2/debian/control --- unbound-1.0.2.orig/debian/control 2008-12-16 06:09:32.000000000 +0900 +++ unbound-1.0.2/debian/control 2008-12-16 06:09:51.000000000 +0900 @@ -10,7 +10,7 @@ Package: unbound Section: net Architecture: any -Depends: ${shlibs:Depends}, adduser +Depends: ${shlibs:Depends}, ${misc:Depends}, adduser Description: validating, recursive, caching DNS resolver Unbound is a recursive-only caching DNS server which can optionally perform DNSSEC validation of results. It implements only a minimum amount @@ -26,7 +26,7 @@ Package: unbound-host Section: net Architecture: any -Depends: ${shlibs:Depends} +Depends: ${shlibs:Depends}, ${misc:Depends} Description: reimplementation of the 'host' command This package provides the 'unbound-host' program that is bundled with the Unbound domain name server. This version differs from the one provided in the @@ -36,7 +36,7 @@ Package: libunbound0 Section: libs Architecture: any -Depends: ${shlibs:Depends} +Depends: ${shlibs:Depends}, ${misc:Depends} Description: library implementing DNS resolution and validation libunbound performs and validates DNS lookups; it can be used to convert hostnames to IP addresses and back, and obtain other information from the @@ -45,7 +45,7 @@ Package: libunbound-dev Section: libdevel Architecture: any -Depends: libunbound0 (= ${binary:Version}) +Depends: libunbound0 (= ${binary:Version}), ${misc:Depends} Description: static library, header files, and docs for libunbound Static library, header files, and documentation for libunbound. . diff -urN unbound-1.0.2.orig/debian/unbound.default unbound-1.0.2/debian/unbound.default --- unbound-1.0.2.orig/debian/unbound.default 2008-12-16 06:09:32.000000000 +0900 +++ unbound-1.0.2/debian/unbound.default 2008-12-16 06:09:51.000000000 +0900 @@ -1,3 +1,11 @@ +# Do you want to start unbound? +# only allowed values are "true" and "false". +# if you already use other DNS server, they would listen port 53, +# so unbound fails to start. Please adjust, then set "true". + +UNBOUND_ENABLE=false + + # config file path #DAEMON_OPTS="-c /etc/unbound/unbound.conf" diff -urN unbound-1.0.2.orig/debian/unbound.init unbound-1.0.2/debian/unbound.init --- unbound-1.0.2.orig/debian/unbound.init 2008-12-16 06:09:32.000000000 +0900 +++ unbound-1.0.2/debian/unbound.init 2008-12-16 06:09:51.000000000 +0900 @@ -1,38 +1,64 @@ #!/bin/sh +set -e + +### BEGIN INIT INFO +# Provides: unbound +# Required-Start: $network $remote_fs $syslog +# Required-Stop: $network $remote_fs $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: validating, recursive, caching DNS resolver +# Description: Unbound is a recursive-only caching DNS server which can +# optionally perform DNSSEC validation of results. It +# implements only a minimum amount of authoritative service +# to prevent leakage to the root nameservers: forward lookups +# for localhost, reverse for 127.0.0.1 and ::1, and NXDOMAIN +# for zones served by AS112. Stub and forward zones are +# supported. +# Unbound implements a number of security features, including +# chrooting and privilege dropping. The Debian init script +# will populate a chroot by default. +# +### END INIT INFO + NAME=unbound +UNBOUND_ENABLE=false DESC="recursive DNS server" -DAEMON=/usr/sbin/unbound -CHROOT_DIR=/var/lib/unbound -PIDFILE=$CHROOT_DIR/unbound.pid +DAEMON=/usr/sbin/$NAME +CHROOT_DIR=/var/lib/$NAME +PIDFILE=$CHROOT_DIR/$NAME.pid +UNBOUND_CONFIG_FILE=/etc/$NAME/$NAME.conf test -x $DAEMON || exit 0 . /lib/lsb/init-functions -test -f /etc/default/$NAME && . /etc/default/$NAME +if [ -f /etc/default/$NAME ]; then + . /etc/default/$NAME + case "x$UNBOUND_ENABLE" in + xtrue|xfalse) ;; + *) log_failure_msg \ + "Value of UNBOUND_ENABLE in /etc/default/$NAME must be either 'true' or 'false';" + log_failure_msg \ + "not starting unbound daemon." + exit 1; + ;; + esac +fi install_chroot() { if [ "$CHROOT" != "no" ]; then - uninstall_chroot - [ -d $CHROOT_DIR/etc ] || mkdir -p $CHROOT_DIR/etc + [ -d $CHROOT_DIR/etc/unbound ] && rm -rf $CHROOT_DIR/etc/unbound + [ -d $CHROOT_DIR/etc ] || mkdir -p $CHROOT_DIR/etc [ -d $CHROOT_DIR/dev ] || mkdir -p $CHROOT_DIR/dev [ -c $CHROOT_DIR/dev/random ] || ( cd $CHROOT_DIR/dev && MAKEDEV random ) [ -c $CHROOT_DIR/dev/urandom ] || ( cd $CHROOT_DIR/dev && MAKEDEV urandom ) - test -f /etc/localtime && cp -fp /etc/localtime $CHROOT_DIR/etc - install_chroot_conf + [ -f /etc/localtime ] && cp -fp /etc/localtime $CHROOT_DIR/etc + [ -d $CHROOT_DIR/etc ] && cp -ar /etc/unbound $CHROOT_DIR/etc fi } -install_chroot_conf() { - test -d $CHROOT_DIR/etc/unbound && rm -rf $CHROOT_DIR/etc/unbound - cp -a /etc/unbound $CHROOT_DIR/etc -} - -uninstall_chroot() { - test -d $CHROOT_DIR/etc/unbound && rm -rf $CHROOT_DIR/etc/unbound -} - daemon_stopped() { start-stop-daemon --start --pidfile $PIDFILE \ --startas $DAEMON --test >/dev/null 2>&1 @@ -40,14 +66,22 @@ case "$1" in start) - log_daemon_msg "Starting $DESC" "$NAME" - if daemon_stopped; then - install_chroot - fi - if start-stop-daemon --start --quiet --oknodo --pidfile $PIDFILE --name $NAME --startas $DAEMON -- $DAEMON_OPTS; then - log_end_msg 0 - else - log_end_msg 1 + if "$UNBOUND_ENABLE"; then + log_daemon_msg "Starting $DESC" "$NAME" + if [ ! -s "$UNBOUND_CONFIG_FILE" ]; then + log_warning_msg \ + "missing or empty config file $UNBOUND_CONFIG_FILE" + log_end_msg 1; exit 1 + fi + if daemon_stopped; then + install_chroot + fi + if start-stop-daemon --start --quiet --oknodo --pidfile $PIDFILE \ + --name $NAME --startas $DAEMON -- $DAEMON_OPTS; then + log_end_msg 0 + else + log_end_msg 1; exit 1 + fi fi ;; @@ -57,18 +91,24 @@ log_end_msg 0 else log_end_msg 1 + exit 1 fi ;; restart|force-reload) - log_daemon_msg "Restarting $DESC" "$NAME" - start-stop-daemon --stop --quiet --pidfile $PIDFILE --name $NAME --retry 5 - uninstall_chroot - install_chroot - if start-stop-daemon --start --quiet --oknodo --pidfile $PIDFILE --name $NAME --startas $DAEMON -- $DAEMON_OPTS; then - log_end_msg 0 - else - log_end_msg 1 + set +e + + if $UNBOUND_ENABLE; then + log_daemon_msg "Restarting $DESC" "$NAME" + start-stop-daemon --stop --quiet --pidfile $PIDFILE --name $NAME --retry 5 + install_chroot + if start-stop-daemon --start --quiet --oknodo --pidfile $PIDFILE \ + --name $NAME --startas $DAEMON -- $DAEMON_OPTS; then + log_end_msg 0 + else + log_end_msg 1 + exit 1 + fi fi ;; @@ -79,10 +119,5 @@ ;; esac -### BEGIN INIT INFO -# Provides: unbound -# Required-Start: $network $remote_fs $syslog -# Required-Stop: $network $remote_fs $syslog -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -### END INIT INFO +exit 0; + diff -urN unbound-1.0.2.orig/debian/unbound.prerm unbound-1.0.2/debian/unbound.prerm --- unbound-1.0.2.orig/debian/unbound.prerm 2008-12-16 06:09:32.000000000 +0900 +++ unbound-1.0.2/debian/unbound.prerm 2008-12-16 06:09:51.000000000 +0900 @@ -2,8 +2,8 @@ set -e if [ -x "/etc/init.d/unbound" ]; then if [ -x "`which invoke-rc.d 2>/dev/null`" ]; then - invoke-rc.d unbound stop || exit 0 + invoke-rc.d unbound stop else - /etc/init.d/unbound stop || exit 0 + /etc/init.d/unbound stop fi fi diff -urN unbound-1.0.2.orig/debian/watch unbound-1.0.2/debian/watch --- unbound-1.0.2.orig/debian/watch 2008-12-16 06:09:32.000000000 +0900 +++ unbound-1.0.2/debian/watch 2008-12-16 06:09:51.000000000 +0900 @@ -1,3 +1,3 @@ version=3 http://www.unbound.net/download.html \ - downloads/unbound-(.+)\.tar\.gz + downloads/unbound-(.+)\.tar\.gz debian uupdate