Hello community, here is the log from the commit of package dnscrypt-proxy for openSUSE:Factory checked in at 2020-07-10 14:12:38 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/dnscrypt-proxy (Old) and /work/SRC/openSUSE:Factory/.dnscrypt-proxy.new.3060 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "dnscrypt-proxy" Fri Jul 10 14:12:38 2020 rev:5 rq:817415 version:2.0.44 Changes: -------- --- /work/SRC/openSUSE:Factory/dnscrypt-proxy/dnscrypt-proxy.changes 2020-01-04 19:21:31.569142153 +0100 +++ /work/SRC/openSUSE:Factory/.dnscrypt-proxy.new.3060/dnscrypt-proxy.changes 2020-07-10 14:12:51.491524879 +0200 @@ -1,0 +2,60 @@ +Fri Jun 12 12:00:00 UTC 2020 - cu...@mail.de - 2.0.44 + +- Update to version 2.0.44 + * Netprobes and listening sockets are now ignored when the + '-list', '-list-all', '-show-certs' or '-check' + command-line switches are used. + * 'tls_client_auth' was renamed to 'doh_client_x509_auth'. + A section with the previous name is temporarily ignored if empty, + but will error out if not. + * Updates to the set of block lists. + +- Breaking change from 2.0.43 Update: + The 'tls_client_auth' section was renamed to 'doh_client_x509_auth'. + If you had a tls_client_auth section in the configuration file, + it needs to be updated/renamed/deleted. + +------------------------------------------------------------------- +Tue Jun 09 16:00:00 UTC 2020 - cu...@mail.de - 2.0.43 + +- Minimum golang version now at 1.14 + +- Update to version 2.0.43 + * When stored into a file, service logs now only contain data + from the most recent launch. This can be changed with the + new 'log_file_latest' option. + * Support for DNS64 translation implemented. + * Connections to DoH servers can be authenticated + using TLS client certificates. + * Multiple stamps are now allowed for a single server + in resolvers and relays lists. + * Updates and additions for the example domain block lists. + * Cached configuration files can now be temporarily used if + they are out of date, but bootstraping is impossible. + * 'generate-domains-blacklists' now tries to deduplicate + entries clobbered by wildcard rules. + * 'generate-domains-blacklists' can now directly + write lists to a file with the `-o` command-line option. + * Cache files are now downloaded as the user the daemon will + be running as. This fixes permission issues at startup time. + * Forwarded queries are now subject to global timeouts, + and can be forced to use TCP. + * The 'ct' parameter has been removed from DoH queries, + as Google doesn't require it any more. + +------------------------------------------------------------------- +Sat May 23 12:00:00 UTC 2020 - cu...@mail.de - 2.0.42 + +- Upgrade to 2.0.42 (boo#1165343) + +- Spec files from home:darix:apps/dnscrypt-proxy and + home:cunix:go/dnscrypt-proxy2 merged into existing spec. + +- v1 of dnscrypt-proxy is not supported anymore and v2 is + a new project. This will require v1 users to migrate their + configuration. + +- dnscrypt-proxy-default-config.patch deleted because patched + file 'dnscrypt-proxy.conf' is not used anymore. + +------------------------------------------------------------------- Old: ---- dnscrypt-proxy-1.9.5.tar.bz2 dnscrypt-proxy-default-config.patch dnscrypt-proxy.tmpfile dnscrypt-proxy@.service New: ---- README.openSUSE dnscrypt-proxy-2.0.44.tar.gz dnscrypt-proxy.service dnscrypt-proxy.socket example-dnscrypt-proxy.toml.sed find_licenses.sh install_licenses.sh ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ dnscrypt-proxy.spec ++++++ --- /var/tmp/diff_new_pack.TzVYlg/_old 2020-07-10 14:12:52.799529174 +0200 +++ /var/tmp/diff_new_pack.TzVYlg/_new 2020-07-10 14:12:52.799529174 +0200 @@ -15,143 +15,159 @@ # Please submit bugfixes or comments via https://bugs.opensuse.org/ # +%define _buildshell /bin/bash +%define user_group dnscrypt +%define config_dir %{_sysconfdir}/%{name} +%define home_dir %{_localstatedir}/lib/%{name} +%define log_dir %{_localstatedir}/log/%{name} +%define services %{name}.socket %{name}.service +%define vlic_dir vendored Name: dnscrypt-proxy -Version: 1.9.5 +Version: 2.0.44 Release: 0 Summary: A tool for securing communications between a client and a DNS resolver -License: BSD-3-Clause +License: ISC Group: Productivity/Networking/DNS/Utilities -URL: https://dnscrypt.org/ -Source: https://download.dnscrypt.org/dnscrypt-proxy/%{name}-%{version}.tar.bz2 -Source1: %{name}@.service -Source5: %{name}.tmpfile -Patch0: dnscrypt-proxy-default-config.patch -BuildRequires: libsodium-devel -BuildRequires: libtool +URL: https://dnscrypt.info/ +Source0: https://codeload.github.com/DNSCrypt/%{name}/tar.gz/%{version}#/%{name}-%{version}.tar.gz +Source1: %{name}.service +Source2: %{name}.socket +# File to use with sed to modify default configuration. +Source3: example-dnscrypt-proxy.toml.sed +# Find licenses of vendored packages. +Source4: find_licenses.sh +# Install licenses of vendored packages. +Source5: install_licenses.sh +# Some words +Source6: README.openSUSE +BuildRequires: golang(API) >= 1.14 +BuildRequires: golang-packaging BuildRequires: pkgconfig BuildRequires: shadow BuildRequires: systemd-rpm-macros BuildRequires: pkgconfig(libsystemd) -Requires(pre): coreutils -Requires(pre): diffutils -Requires(pre): fillup -Requires(pre): grep +# for daemon group/user +Requires(pre): shadow %{?systemd_requires} +Recommends: ca-certificates Provides: dnscrypt = %{version}-%{release} Obsoletes: dnscrypt < %{version}-%{release} +BuildRoot: %{_tmppath}/%{name}-%{version}-build %description -dnscrypt-proxy provides local service which can be used directly as your local resolver or as a DNS forwarder, -encrypting and authenticating requests using the DNSCrypt protocol and passing them to an upstream server, -by default Cisco who run this on their resolvers. (It used to be OpenDNS.) - -The DNSCrypt protocol uses elliptic-curve cryptography and is similar to DNSCurve, but focuses on -securing communications between a client and its first-level resolver. - -While not providing end-to-end security, it protects the local network, which is often the weakest point -of the chain, against man-in-the-middle attacks. It also provides some confidentiality to DNS queries. - -%package devel -Summary: Header files for development of DNSCrypt plugins -Group: Development/Languages/C and C++ -Requires: %{name} = %{version} - -%description devel -Header files for development of DNSCrypt plugins. +A flexible DNS proxy, with support for modern encrypted DNS protocols +such as DNSCrypt v2, DNS-over-HTTPS and Anonymized DNSCrypt. %prep -%setup -q -%patch0 -p1 -# Strip __DATE__ -sed -i "s/__DATE__/\"%(date -u -r ChangeLog +%%F)\"/" src/proxy/options.c -# Don't install COPYING with make, we use our %%license marcro if possible -sed -i "/\tCOPYING / d" Makefile.am -sed -i "s/COPYING //" Makefile.in +%setup -q -n %{name}-%{version} + +# Find licenses of vendored packages and prepare for installation +bash %{SOURCE4} %{vlic_dir} + +# duplicate original config file +cp ./%{name}/example-%{name}.toml ./%{name}.toml.default + +# Edit default port and file locations +sed -i -f %{SOURCE3} ./%{name}.toml.default + +# duplicate edited config file +cp ./%{name}.toml.default ./%{name}.toml + +# Delete "example" to prevent fdupes from deleting the backup config file if run for buildroot +sed -i "s/## This is an example configuration file./## This is a configuration file./" ./dnscrypt-proxy.toml + +# python path instead of env +sed -i "1s/#! \/usr\/bin\/env python3/#! \/usr\/bin\/python3/" utils/generate-domains-blacklists/generate-domains-blacklist.py %build -%configure \ -%if 0%{?suse_version} >= 1210 - --with-systemd \ -%endif - --enable-plugins \ - --docdir=%{_docdir}/%{name} -make %{?_smp_mflags} +cd dnscrypt-proxy +go build -mod=vendor -buildmode=pie %install -%make_install +# Directories +install -D -d -m 0750 \ + %{buildroot}%{log_dir} \ + %{buildroot}%{home_dir} \ + %{buildroot}%{config_dir} + +install -D -d -m 0755 \ + %{buildroot}%{_datadir}/%{name}/ + +# Binary +install -D -m 0755 %{name}/%{name} %{buildroot}%{_sbindir}/%{name} + +# blacklist generator +cp -a utils/generate-domains-blacklists/ %{buildroot}%{_datadir}/%{name}/ + +# Config file examples +install -D -m 0644 ./%{name}/example-%{name}.toml %{buildroot}/%{_docdir}/%{name}/example-%{name}.toml +install -D -m 0644 ./%{name}.toml.default %{buildroot}/%{_docdir}/%{name}/%{name}.toml.default +install -D -m 0644 ./%{name}/example-blacklist.txt %{buildroot}/%{_docdir}/%{name}/example-blacklist.txt +install -D -m 0644 ./%{name}/example-ip-blacklist.txt %{buildroot}/%{_docdir}/%{name}/example-ip-blacklist.txt +install -D -m 0644 ./%{name}/example-cloaking-rules.txt %{buildroot}/%{_docdir}/%{name}/example-cloaking-rules.txt +install -D -m 0644 ./%{name}/example-forwarding-rules.txt %{buildroot}/%{_docdir}/%{name}/example-forwarding-rules.txt +install -D -m 0644 ./%{name}/example-whitelist.txt %{buildroot}/%{_docdir}/%{name}/example-whitelist.txt + +# Config files +install -D -m 0640 ./%{name}.toml %{buildroot}/%{config_dir}/%{name}.toml +install -D -m 0640 ./%{name}.toml.default %{buildroot}/%{config_dir}/%{name}.toml.default +install -D -m 0640 ./%{name}/example-blacklist.txt %{buildroot}/%{config_dir}/blacklist.txt +install -D -m 0640 ./%{name}/example-ip-blacklist.txt %{buildroot}/%{config_dir}/ip-blacklist.txt +install -D -m 0640 ./%{name}/example-cloaking-rules.txt %{buildroot}/%{config_dir}/cloaking-rules.txt +install -D -m 0640 ./%{name}/example-forwarding-rules.txt %{buildroot}/%{config_dir}/forwarding-rules.txt +install -D -m 0640 ./%{name}/example-whitelist.txt %{buildroot}/%{config_dir}/whitelist.txt + +# Systemd +install -D -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/%{name}.service +install -D -m 0644 %{SOURCE2} %{buildroot}%{_unitdir}/%{name}.socket + +# service link +ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rc%{name} + +# Vendor Licenses +install -d -m 0755 %{buildroot}%{_licensedir}/%{name}/%{vlic_dir} +bash %{SOURCE5} %{vlic_dir} %{buildroot}/%{_licensedir}/%{name}/%{vlic_dir} -install -d -m 755 %{buildroot}%{_unitdir} -install -m 644 %{SOURCE1} %{buildroot}%{_unitdir} -install -d -m 755 %{buildroot}%{_libexecdir}/tmpfiles.d/ -install -m 644 %{SOURCE5} %{buildroot}%{_libexecdir}/tmpfiles.d/%{name}.conf -ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rc%{name} - -find %{buildroot} -type f -name "*.la" -delete -print -mkdir -p %{buildroot}%{_sysconfdir}/%{name}.conf.d -mv %{buildroot}%{_sysconfdir}/%{name}.conf %{buildroot}%{_sysconfdir}/%{name}.conf.d/default.conf +# Some hints. Improvements and feedback welcome! +cp %{SOURCE6} README.openSUSE %pre -if ! %{_bindir}/getent group dnscrypt >/dev/null; then - %{_sbindir}/groupadd -r dnscrypt -fi -if ! %{_bindir}/getent passwd dnscrypt >/dev/null; then - %{_sbindir}/useradd -c "DNSCrypt daemon" -d %{_localstatedir}/lib/empty -g dnscrypt \ - -r -s /bin/false dnscrypt -fi -%if 0%{?suse_version} >= 1210 -%service_add_pre %{name}@.service -%endif +# group and user +getent group %{user_group} >/dev/null || %{_sbindir}/groupadd -r %{user_group} +getent passwd %{user_group} >/dev/null || %{_sbindir}/useradd -r -g %{user_group} \ + -d %{home_dir} -s /bin/false -c "DNScrypt Proxy" %{user_group} + +%service_add_pre %{services} %post -%service_add_post %{name}@.service -%tmpfiles_create %{_tmpfilesdir}/%{name}.conf -if [ $1 == 2 ] && [ -r %{_sysconfdir}/sysconfig/%{name} ] ; then - rm -f %{_sysconfdir}/sysconfig/%{name} -fi -if [ $1 == 2 ] && [ -r %{_sysconfdir}/sysconfig/dnscrypt ] ; then - rm -f %{_sysconfdir}/sysconfig/dnscrypt -fi +%service_add_post %{services} %preun -%if 0%{?suse_version} >= 1210 -%service_del_preun %{name}@.service -%endif +%service_del_preun %{services} %postun -%if 0%{?suse_version} >= 1210 -%service_del_postun %{name}@.service -%endif +%service_del_postun %{services} %files -%doc AUTHORS ChangeLog README.markdown NEWS DNSCRYPT-V2-PROTOCOL.txt -%doc THANKS README-PLUGINS.markdown dnscrypt-proxy.conf -%if 0%{?leap_version} >= 420200 || 0%{?suse_version} > 1320 -%license COPYING -%else -%doc COPYING -%endif -%dir %{_sysconfdir}/%{name}.conf.d -%config %{_sysconfdir}/%{name}.conf.d/default.conf -%{_bindir}/hostip +%config(noreplace) %attr(-,root,%{user_group}) %{config_dir}/%{name}.toml +%config(noreplace) %attr(-,root,%{user_group}) %{config_dir}/blacklist.txt +%config(noreplace) %attr(-,root,%{user_group}) %{config_dir}/ip-blacklist.txt +%config(noreplace) %attr(-,root,%{user_group}) %{config_dir}/cloaking-rules.txt +%config(noreplace) %attr(-,root,%{user_group}) %{config_dir}/forwarding-rules.txt +%config(noreplace) %attr(-,root,%{user_group}) %{config_dir}/whitelist.txt +%config %attr(-,root,%{user_group}) %{config_dir}/%{name}.toml.default %{_sbindir}/%{name} %{_sbindir}/rc%{name} -%{_unitdir}/%{name}@.service -%{_mandir}/man8/hostip.8%{ext_man} -%{_mandir}/man8/%{name}.8%{ext_man} -%dir %{_datadir}/%{name} -%{_datadir}/%{name}/dnscrypt-resolvers.csv -%{_datadir}/%{name}/minisign.pub -%dir %{_libdir}/%{name} -%{_libdir}/%{name}/libdcplugin_example.so -%{_libdir}/%{name}/libdcplugin_example_logging.so -%{_libdir}/%{name}/libdcplugin_example_cache.so -%{_libexecdir}/tmpfiles.d/%{name}.conf -%ghost %dir %{_localstatedir}/log/%{name} -%ghost %dir /run/%{name} - -%files devel -%dir %{_includedir}/dnscrypt/ -%{_includedir}/dnscrypt/* +%{_unitdir}/%{name}.service +%{_unitdir}/%{name}.socket +%{_datadir}/%{name}/ +%dir %attr(0750,root,%{user_group}) %{config_dir} +%dir %attr(0750,%{user_group},%{user_group}) %{home_dir} +%dir %attr(0750,%{user_group},%{user_group}) %{log_dir} +%{_docdir}/%{name}/ +%doc ChangeLog README.md README.openSUSE +%license LICENSE +%{_licensedir}/%{name}/%{vlic_dir}/ %changelog ++++++ README.openSUSE ++++++ Some tips: 1. Configure /etc/dnscrypt-proxy/dnscrypt-proxy.toml for your use case first! 2. Override "ListenStream" and "ListenDatagram" for dnscrypt-proxy.socket according to your setup, especially if dnscrypt-proxy should not be used as your primary name resolver. In this case you might want to forward queries from a tool like "dnsmasq" to dnscrypt-proxy. Then the later should probably not listen on the default adress/port. 3. If running via systemd, start as root once with $ systemctl start dnscrypt-proxy.socket For always activating, do $ systemctl enable dnscrypt-proxy.socket 4. Alternatively dnscrypt-proxy.service can be used the same way. This will require you to set or uncomment "listen_addresses" in /etc/dnscrypt-proxy/dnscrypt-proxy.toml In this case the socket configuration described in (2.) has to be done in this file directly. ++++++ dnscrypt-proxy@.service -> dnscrypt-proxy.service ++++++ --- /work/SRC/openSUSE:Factory/dnscrypt-proxy/dnscrypt-proxy@.service 2017-09-11 16:17:39.891896003 +0200 +++ /work/SRC/openSUSE:Factory/.dnscrypt-proxy.new.3060/dnscrypt-proxy.service 2020-07-10 14:12:51.567525128 +0200 @@ -1,29 +1,30 @@ -# This file is part of dnscrypt-proxy -# Author: Marguerite Su <i...@marguerite.su> with some AUR references. -# Version: 1.9.4 -# Description: dnscrypt is a tool that encrypts your DNS queries in order to -# protect against man-in-the-middle attacks and DNS hijacking -# (commonly seen in China). It uses CiscoDNS resolvers by default. -# It is BSD-licensed. -# In openSUSE it's licensed under SUSE-Permissive (non-free ware). -# For details, refer to its documentation. [Unit] -Description=Secure connection between your computer and a DNS resolver -Documentation=man:dnscrypt-proxy(8) -# NTP always has local servers, and there's nothing to encrypt for time. -# and ntp.service isn't native systemd service, if we start before it, -# it will take a long time to sync. just save 20000+ms on boot. -After=network.target ntp.service +Description=DNSCrypt-proxy client +Documentation=https://github.com/DNSCrypt/dnscrypt-proxy/wiki/systemd +# with openSUSE changes +Requires=dnscrypt-proxy.socket +After=network.target Before=nss-lookup.target +Wants=nss-lookup.target [Service] -Type=forking NonBlocking=true -PIDFile=/var/run/dnscrypt-proxy/dnscrypt-proxy@%i.pid -ExecStart=/usr/sbin/dnscrypt-proxy /etc/dnscrypt-proxy.conf.d/%I.conf -# Automatically Restart -Restart=on-abort + +ExecStart=/usr/sbin/dnscrypt-proxy --config /etc/dnscrypt-proxy/dnscrypt-proxy.toml + +Group=dnscrypt +User=dnscrypt +WorkingDirectory=~ +RuntimeDirectory=dnscrypt-proxy + +# Missing in Leap 15.0 +#CacheDirectory=dnscrypt-proxy +#LogsDirectory=dnscrypt-proxy + +ProtectHome=yes +ProtectControlGroups=yes +ProtectKernelModules=yes [Install] +Also=dnscrypt-proxy.socket WantedBy=multi-user.target -DefaultInstance=default ++++++ dnscrypt-proxy.socket ++++++ [Unit] Description=DNSCrypt-proxy socket Documentation=https://github.com/DNSCrypt/dnscrypt-proxy/wiki/systemd # with openSUSE changes Before=nss-lookup.target Wants=nss-lookup.target [Socket] # Choose this for dnscrypt-proxy as primary resolver ListenStream=127.0.0.1:53 ListenDatagram=127.0.0.1:53 # Otherwise forward from your primary local name resolver to somewhere else: #ListenStream=127.0.0.1:5353 #ListenDatagram=127.0.0.1:5353 # Probably not useful and can be overridden # if only listening for udp (ListenDatagram) NoDelay=true DeferAcceptSec=1 [Install] WantedBy=sockets.target ++++++ example-dnscrypt-proxy.toml.sed ++++++ # the socket unit should listen s/listen_addresses = \['127.0.0.1:53']/#listen_addresses = ['127.0.0.1:53']\nlisten_addresses = []/ # absolute paths by default s/# log_file = 'dnscrypt-proxy.log'/# log_file = '\/var\/log\/dnscrypt-proxy\/dnscrypt-proxy.log'/ s/# forwarding_rules = 'forwarding-rules.txt'/# forwarding_rules = '\/etc\/dnscrypt-proxy\/forwarding-rules.txt'/ s/# cloaking_rules = 'cloaking-rules.txt'/# cloaking_rules = '\/etc\/dnscrypt-proxy\/cloaking-rules.txt'/ s/# cert_file = "localhost.pem"/# cert_file = '\/etc\/dnscrypt-proxy\/localhost.pem'/ s/# cert_key_file = "localhost.pem"/# cert_key_file = '\/etc\/dnscrypt-proxy\/localhost.pem'/ s/ # file = 'query.log'/ # file = '\/var\/log\/dnscrypt-proxy\/query.log'/ s/ # file = 'nx.log'/ # file = '\/var\/log\/dnscrypt-proxy\/nx.log'/ s/ # blacklist_file = 'blacklist.txt'/ # blacklist_file = '\/etc\/dnscrypt-proxy\/blacklist.txt'/ s/ # log_file = 'blocked.log'/ # log_file = '\/var\/log\/dnscrypt-proxy\/blocked.log'/ s/ # blacklist_file = 'ip-blacklist.txt'/# blacklist_file = '\/etc\/dnscrypt-proxy\/ip-blacklist.txt'/ s/ # log_file = 'ip-blocked.log'/ # log_file = '\/var\/log\/dnscrypt-proxy\/ip-blocked.log'/ s/ # whitelist_file = 'whitelist.txt'/# blacklist_file = '\/etc\/dnscrypt-proxy\/whitelist.txt'/ s/ # log_file = 'whitelisted.log'/ # log_file = '\/var\/log\/dnscrypt-proxy\/whitelisted.log'/ s/ cache_file = 'public-resolvers.md'/ cache_file = '\/var\/lib\/dnscrypt-proxy\/public-resolvers.md'/ s/ cache_file = 'relays.md'/ cache_file = '\/var\/lib\/dnscrypt-proxy\/relays.md'/ s/ # cache_file = "quad9-resolvers.md"/ # cache_file = '\/var\/lib\/dnscrypt-proxy\/quad9-resolvers.md'/ s/ # cache_file = 'parental-control.md'/ # cache_file = '\/var\/lib\/dnscrypt-proxy\/parental-control.md'/ ++++++ find_licenses.sh ++++++ #!/bin/bash # written by cunix in 2019 # # Tries to find and prepare licenses from vendored packages for # installation as file or link to existing file. # # $1 should be a destination directory for vendored licenses vendor_licenses_dir=$1 username=$(whoami) workingdir=$(pwd) licenses_file=/tmp/license_files.txt goahead=0 hash_list=() filename_list=() if [[ -z "$vendor_licenses_dir" ]] then echo missing directory as parameter exit 1 else if [[ "$vendor_licenses_dir" = "/" ]] || [[ "$vendor_licenses_dir" = "/home" ]] \ || [[ "$vendor_licenses_dir" = "/home/" ]] || [[ "$vendor_licenses_dir" = "/home/$username" ]] \ || [[ "$vendor_licenses_dir" = "/home/$username/" ]] || [[ "$vendor_licenses_dir" = "$HOME" ]] then echo Do not use "$vendor_licenses_dir" as destination directory. echo It will delete all your files. exit 1 else mkdir -pv $vendor_licenses_dir if [[ -d "$vendor_licenses_dir" ]] then echo Searching for licenses ... rm $licenses_file find ./*/ -iname "license*" -fprint $licenses_file find ./*/ -iname "copying*" >> $licenses_file goahead=1 else echo "$vendor_licenses_dir" is not a directory. exit 1 fi fi fi if [[ -f "$licenses_file" ]] then if [[ $goahead -eq 1 ]] then echo Removing $vendor_licenses_dir rm -r "$vendor_licenses_dir" mkdir -pv $vendor_licenses_dir echo Processing licenses . . . while read line do filenamepre=${line////__} filename=${filenamepre//.__/} hash_output=$(sha256sum $line) hash=${hash_output:0:66} hash_list_len=${#hash_list[@]} if [[ $hash_list_len -eq 0 ]] then cat $line > $vendor_licenses_dir/$filename hash_list[0]=$hash filename_list[0]=$filename else counter=0 match=0 for item in ${hash_list[@]} do if test $item = $hash then match=1 break fi counter=$(($counter+1)) done if [[ $match -eq 0 ]] then hash_list[$counter]=$hash filename_list[$counter]=$filename cat $line > $vendor_licenses_dir/$filename else cd $vendor_licenses_dir ln -s ${filename_list[$counter]} $filename cd $workingdir fi fi done < $licenses_file else echo Does not package licenses. exit 1 fi else echo No licenses found to package. fi ++++++ install_licenses.sh ++++++ #!/bin/bash # written by cunix in 2019 # # Installs or links previously found licenses. # # $1 should be the soure directory, prepared with script "find_licenses.sh" # $2 should be the (already created) destination directory vendor_licenses_dir=$1 install_licenses_dir=$2 licenses_files=/tmp/real_license_files.txt licenses_links=/tmp/link_license_files.txt rm $licenses_files rm $licenses_links find -P $vendor_licenses_dir -type f -fprintf $licenses_files "%f\n" find -P $vendor_licenses_dir -type l -fprintf $licenses_links "%f %l\n" while read line do install -D -m 0644 $vendor_licenses_dir/$line $install_licenses_dir/$line done < $licenses_files cd $install_licenses_dir while read line do combo=($line) ln -s ${combo[1]} ${combo[0]} done < $licenses_links
