[PATCH] gnu: Add pdns.

  • Done
  • quality assurance status badge
Details
5 participants
  • Andreas Enge
  • Leo Famulari
  • Ludovic Courtès
  • Tobias Geerinckx-Rice
  • Tobias Geerinckx-Rice
Owner
unassigned
Submitted by
Tobias Geerinckx-Rice
Severity
normal
T
T
Tobias Geerinckx-Rice wrote on 12 Oct 2018 20:58
(address . guix-patches@gnu.org)
20181012185854.9873-1-me@tobias.gr
* gnu/packages/dns.scm (pdns): New public variable.
---

The p stands for power.

gnu/packages/dns.scm | 133 +++++++++++++++++++++++++++++++++++++++++++
1 file changed, 133 insertions(+)

Toggle diff (163 lines)
diff --git a/gnu/packages/dns.scm b/gnu/packages/dns.scm
index ad1a8638b..b91a7d77c 100644
--- a/gnu/packages/dns.scm
+++ b/gnu/packages/dns.scm
@@ -31,9 +31,11 @@
#:use-module (gnu packages autotools)
#:use-module (gnu packages base)
#:use-module (gnu packages bash)
+ #:use-module (gnu packages boost)
#:use-module (gnu packages databases)
#:use-module (gnu packages compression)
#:use-module (gnu packages crypto)
+ #:use-module (gnu packages curl)
#:use-module (gnu packages datastructures)
#:use-module (gnu packages flex)
#:use-module (gnu packages glib)
@@ -43,6 +45,7 @@
#:use-module (gnu packages libevent)
#:use-module (gnu packages libidn)
#:use-module (gnu packages linux)
+ #:use-module (gnu packages lua)
#:use-module (gnu packages ncurses)
#:use-module (gnu packages nettle)
#:use-module (gnu packages networking)
@@ -360,6 +363,136 @@ run in a @code{chroot} jail, thus making any security flaws in NSD less likely
to result in system-wide compromise.")
(license (list license:bsd-3))))
+(define-public pdns
+ (package
+ (name "pdns")
+ (version "4.1.4")
+ (source
+ (origin
+ (method url-fetch)
+ (uri
+ (string-append "https://downloads.powerdns.com/releases/pdns-"
+ version ".tar.bz2"))
+ (sha256
+ (base32 "1m9yhzrxh315gv855c590b2qc8bx31rrnl72pqxrnlix701qch79"))))
+ (build-system gnu-build-system)
+ ;; There's no make target or other way to cleanly separate the tools from
+ ;; the core. We have to rely on a hard-coded list below, which needs to
+ ;; be kept up to date when changing the package version or configuration.
+ (outputs (list "out" "tools"))
+ (arguments
+ `(#:configure-flags
+ (list "--enable-libsodium" ; ed25519 (DNSSEC algorithm 15)
+ ;; "--enable-libdecaf" ; ed25519 & Ed448 (XXX unpackaged)
+ "--enable-reproducible"
+ "--enable-tools" ; not the default, so we split them off
+ "--enable-unit-tests"
+
+ ;; /sbin/pdns_server retains references to 'optional' dependencies
+ ;; like PostgreSQL, so packaging backends separately saves nothing.
+ (string-append
+ "--with-dynmodules=" ; build dynamic modules...
+ (string-join
+ (list "bind" ; BIND-style zone files
+ "gpgsql" ; generic PostgreSQL
+ "gsqlite3" ; generic Sqlite
+ "lua" ; Lua scripting
+ "pipe" ; simple stdin/stdout pipe
+ "remote") ; generic JSON/RPC connector
+ " "))
+ "--with-modules=" ; ...and no static modules
+
+ "--with-luajit" ; use JIT variant for Lua backend
+ "--with-protobuf" ; log DNS query information
+ "--with-sqlite3"
+
+ (string-append "--docdir=" (assoc-ref %outputs "out") "/share/doc/"
+ ,name "-" ,version)
+ "--sysconfdir=/etc/powerdns"
+ "--with-socketdir=/run")
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'omit-PDNS_CONFIG_ARGS
+ ;; Stop 'pdns_server --version' printing build-time details, like
+ ;; PKG_CONFIG_PATH, which embed references to almost every input.
+ (lambda _
+ (substitute* "configure"
+ (("#define PDNS_CONFIG_ARGS.*") ""))
+ #t))
+ (replace 'install
+ ;; Don't try to install configuration files to /etc.
+ (lambda* (#:key make-flags #:allow-other-keys)
+ (apply invoke "make" "sysconfdir=$(docdir)/examples" "install"
+ make-flags)))
+ (add-after 'install 'move-tools
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (tools (assoc-ref outputs "tools"))
+ (files
+ (list "bin/calidns" "share/man/man1/calidns.1"
+ "bin/dnsbulktest" "share/man/man1/dnsbulktest.1"
+ "bin/dnsgram" "share/man/man1/dnsgram.1"
+ "bin/dnsreplay" "share/man/man1/dnsreplay.1"
+ "bin/dnsscan" "share/man/man1/dnsscan.1"
+ "bin/dnsscope" "share/man/man1/dnsscope.1"
+ "bin/dnstcpbench" "share/man/man1/dnstcpbench.1"
+ "bin/dnswasher" "share/man/man1/dnswasher.1"
+ "bin/dumresp" "share/man/man1/dumresp.1"
+ "bin/ixplore" "share/man/man1/ixplore.1"
+ "bin/nproxy" "share/man/man1/nproxy.1"
+ "bin/nsec3dig" "share/man/man1/nsec3dig.1"
+ "bin/pdns_notify" "share/man/man1/pdns_notify.1"
+ "bin/saxfr" "share/man/man1/saxfr.1"
+ "bin/sdig" "share/man/man1/sdig.1"
+ "bin/stubquery")))
+ (with-directory-excursion out
+ (for-each (lambda (file)
+ (let ((target (string-append tools "/" file)))
+ (mkdir-p (dirname target))
+ (rename-file file target)))
+ files))
+ #t))))))
+ (native-inputs
+ `(("pkg-config" ,pkg-config)
+
+ ;; For tests.
+ ("curl" ,curl)))
+ (inputs
+ `(("boost" ,boost)
+ ("libsodium" ,libsodium)
+ ("luajit" ,luajit)
+ ("openssl" ,openssl)
+ ("postgresql" ,postgresql)
+ ("protobuf" ,protobuf)
+ ("sqlite" ,sqlite)
+ ("zlib" ,zlib)))
+ (home-page "https://www.powerdns.com/")
+ (synopsis "Authoritative DNS name server with dynamic back-ends")
+ (description
+ "This is the PowerDNS Authoritative Server, a versatile name server for the
+Domain Name System (@dfn{DNS}) that supports a wide variety of storage methods.
+
+The core server (@command{pdns_server}) handles all packet processing and DNS
+intelligence, while retrieving and updating the actual DNS records (and any
+additional metadata) through one or more of numerous loadable backends.
+
+Included backends range from simple BIND-style zone files and relational
+databases to (geographical) load-balancing, JSON APIs, and entire scripting
+languages. Records can be transparently signed for use with the @dfn{Domain Name
+System Security Extensions} (DNSSEC). Automated key management is available.
+
+Real-time statistics can be exported to different formats, or through an optional
+built-in Web server and API that allow for basic remote administration.")
+ (license
+ (list license:bsd-3 ; ext/luawrapper/include/LuaContext.*
+ license:expat ; ext/{json11,yahttp}
+ license:lgpl2.1+ ; m4/pdns*
+ ;; modules/oraclebackend/README says MIT, actual headers state GPL2,
+ ;; as do pdns/{ssqlite3,tcpreceiver,test-tsig,zone2ldap}.* and
+ ;; modules/ldapbackend.
+ license:gpl2
+ license:gpl3+)))) ; the rest is GPL[23]+
+
(define-public unbound
(package
(name "unbound")
--
2.18.0
L
L
Ludovic Courtès wrote on 15 Oct 2018 22:08
(name . Tobias Geerinckx-Rice)(address . me@tobias.gr)(address . 33026@debbugs.gnu.org)
8736t7c6rv.fsf@gnu.org
Hi,

Tobias Geerinckx-Rice <me@tobias.gr> skribis:

Toggle quote (5 lines)
> * gnu/packages/dns.scm (pdns): New public variable.
> ---
>
> The p stands for power.

What about “powerdns” then?

Toggle quote (5 lines)
> + ;; There's no make target or other way to cleanly separate the tools from
> + ;; the core. We have to rely on a hard-coded list below, which needs to
> + ;; be kept up to date when changing the package version or configuration.
> + (outputs (list "out" "tools"))

Why not keep all the commands in the same output? Is it to avoiding
cluttering user profiles, or is it a matter of package size?

Toggle quote (4 lines)
> + (description
> + "This is the PowerDNS Authoritative Server, a versatile name server for the
> +Domain Name System (@dfn{DNS}) that supports a wide variety of storage methods.

I think you can avoid @dfn here as well. :-)

Toggle quote (10 lines)
> + (license
> + (list license:bsd-3 ; ext/luawrapper/include/LuaContext.*
> + license:expat ; ext/{json11,yahttp}
> + license:lgpl2.1+ ; m4/pdns*
> + ;; modules/oraclebackend/README says MIT, actual headers state GPL2,
> + ;; as do pdns/{ssqlite3,tcpreceiver,test-tsig,zone2ldap}.* and
> + ;; modules/ldapbackend.
> + license:gpl2
> + license:gpl3+)))) ; the rest is GPL[23]+

A few questions:

• Are things under ext/ simply bundled libraries? If so, do you think
there’s something we could/should do about them?

• I suppose we don’t build and thus don’t care about the license of
modules/oraclebackend, do we? :-)

• The license of m4/* doesn’t matter for the combined work; I’d just
remove it.

• GPLv2-only code cannot be combined with GPLv3+ code. Is it really
what’s happening?

Thank you!

Ludo’.
T
T
Tobias Geerinckx-Rice wrote on 17 Oct 2018 22:01
(name . Ludovic Courtès)(address . ludo@gnu.org)(address . 33026@debbugs.gnu.org)
875zy0bawo.fsf@tobias.gr
Ludo',

Ludovic Courtès wrote:
Toggle quote (2 lines)
> What about “powerdns” then?

This patch originally added 'powerdns' (my preference), then I
changed it :-)
pdns is the far more common name in GNU/Linux land. The BSDs tend
to go with powerdns.

- pdns: Alpine, Debian, Fedora, Gentoo, brew, openSUSE, Slackware
:-), and derivatives
- power: Arch, *BSD, Nix :-), and derivatives

The upstream tarball also uses the pdns- prefix.

So I'm all for using 'power' but expected some astonishment during
the review. POLA and all that.

Toggle quote (4 lines)
> Why not keep all the commands in the same output? Is it to
> avoiding
> cluttering user profiles, or is it a matter of package size?

The former. Building them is not the upstream default, and I
personally don't like them littering my profile (this is entirely
subjective).

On the other hand I don't think users should have to go so far as
to customise the package to get to the tools, so this was the
compromise.

I don't think either is ideal.

Toggle quote (5 lines)
>> +Domain Name System (@dfn{DNS}) that supports a wide variety of
>> storage methods.
>
> I think you can avoid @dfn here as well. :-)

OK. I'll also remove it from my (already reviewed) NSD package for
consistency.

Toggle quote (6 lines)
> A few questions:
>
> • Are things under ext/ simply bundled libraries? If so, do
> you think
> there’s something we could/should do about them?

I'll take a closer look.

Toggle quote (4 lines)
> • I suppose we don’t build and thus don’t care about the
> license of
> modules/oraclebackend, do we? :-)

Hm, is that how this works? Or is Oracle's DB non-free? I know
nothing about Oracle, which might itself be the anwser to that
question.

If it is, shouldn't we remove the whole thing in a snippet unless
the build system really hates that?

Toggle quote (4 lines)
> • The license of m4/* doesn’t matter for the combined work;
> I’d just
> remove it.

OK. I'll never fully grasp these legal combinatorics.

Toggle quote (4 lines)
> • GPLv2-only code cannot be combined with GPLv3+ code. Is it
> really
> what’s happening?

Let's hope and assume not, then. Closer look.

Thanks!

T G-R
L
L
Ludovic Courtès wrote on 19 Oct 2018 10:35
(name . Tobias Geerinckx-Rice)(address . me@tobias.gr)(address . 33026@debbugs.gnu.org)
87d0s6ibaj.fsf@gnu.org
Hello!

Tobias Geerinckx-Rice <me@tobias.gr> skribis:

Toggle quote (14 lines)
> Ludovic Courtès wrote:
>> What about “powerdns” then?
>
> This patch originally added 'powerdns' (my preference), then I changed
> it :-)
> pdns is the far more common name in GNU/Linux land. The BSDs tend to
> go with powerdns.
>
> - pdns: Alpine, Debian, Fedora, Gentoo, brew, openSUSE, Slackware
> :-), and derivatives
> - power: Arch, *BSD, Nix :-), and derivatives
>
> The upstream tarball also uses the pdns- prefix.

Alright, go for “pdns” then! Sorry for asking. ;-)

Toggle quote (10 lines)
>> Why not keep all the commands in the same output? Is it to avoiding
>> cluttering user profiles, or is it a matter of package size?
>
> The former. Building them is not the upstream default, and I
> personally don't like them littering my profile (this is entirely
> subjective).
>
> On the other hand I don't think users should have to go so far as to
> customise the package to get to the tools, so this was the compromise.

OK, that makes sense to me. Maybe add a comment to explain this.

Toggle quote (15 lines)
>> A few questions:
>>
>> • Are things under ext/ simply bundled libraries? If so, do you
>> think
>> there’s something we could/should do about them?
>
> I'll take a closer look.
>
>> • I suppose we don’t build and thus don’t care about the license
>> of
>> modules/oraclebackend, do we? :-)
>
> Hm, is that how this works? Or is Oracle's DB non-free? I know nothing
> about Oracle, which might itself be the anwser to that question.

Oracle’s DB is non-free indeed (though Oracle also acquired MySQL, but
this isn’t usually referred to as “Oracle DB”.)

Toggle quote (3 lines)
> If it is, shouldn't we remove the whole thing in a snippet unless the
> build system really hates that?

We could do that indeed! Well the backend itself may be free, but it’s
useless without the non-free piece of software, so it makes sense to
remove it (as long as the build system allows it.)

Toggle quote (12 lines)
>> • The license of m4/* doesn’t matter for the combined work; I’d
>> just
>> remove it.
>
> OK. I'll never fully grasp these legal combinatorics.
>
>> • GPLv2-only code cannot be combined with GPLv3+ code. Is it
>> really
>> what’s happening?
>
> Let's hope and assume not, then. Closer look.

OK, thanks!

Ludo’.
L
L
Leo Famulari wrote on 7 Nov 2018 22:11
(name . Tobias Geerinckx-Rice)(address . me@tobias.gr)(address . 33026@debbugs.gnu.org)
20181107211118.GA31141@jasmine.lan
On Fri, Oct 12, 2018 at 08:58:54PM +0200, Tobias Geerinckx-Rice wrote:
Toggle quote (5 lines)
> +(define-public pdns
> + (package
> + (name "pdns")
> + (version "4.1.4")

Please update to 4.1.5 before pushing, in order to get fixes for these
bugs:

* 2018-03: Crafted zone record can cause a denial of service
(CVE-2018-10851, Authoritative)
* 2018-04: Crafted answer can cause a denial of service
(CVE-2018-10851, Recursor)
* 2018-05: Packet cache pollution via crafted query (CVE-2018-14626,
Authoritative >= 4.1.0)
* 2018-06: Packet cache pollution via crafted query (CVE-2018-14626,
Recursor >= 4.0.0)
* 2018-07: Crafted query for meta-types can cause a denial of service
(CVE-2018-14644, Recursor >= 4.0.0)

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAlvjVPYACgkQJkb6MLrK
fwgzmA//biez4qhAlwko3p607AlNHOjMF26WMMmVweKVBtFsQyv1HKU91ioVcR7Q
ZeLRuIrynd2ybc0p/nUf1IOjxEgd4Av1FBNdK71YOsuU+amF+CEu+G4zCW7by9IX
jEIgENeS5jNVesKKg6Pe1hUQrQbkea4Jm/n2kWuEEPap1hTRrOzwBrEkgGFvdqW+
BhOck5trGOC4BRP3WX5S2P3fRU285Xb9JPqTEGoA/vi8gR8FVhIuXpNn9Esx0OYP
Rux+C5sv8RhgkOwRC6j7ez8S+zQfSoM4o/qZPnfgVBpQ6xhsKLVQCVz/tdd7DxDP
Y7aARNRHrSljxfWnfsLTYmFFFiyTKyadulrGQDD7wGiNfg+vAVpyPYLwhEswc7co
E1l8bFzn4Ac5EYrPJeIPDppcvZeUHm0X+dUq9Qv9sMR2/E0au9bGTpGwGUSsdoOi
6BVZKDJfybiq0IwjBvKRNPbfMHAdssfCpvlEjzkplNCcpv1MZI3tpEv8ScG5L3x0
Iaq3DLVCY3KjqPvAg+bwt+ZxFWTVUVsoZfpLjm94nFW9U5tNHP0lLYB8oPMnJxnQ
8i3N1HH2tC7+R6mUsGckhaEWHypdbue+E33xHZOlSdquZHkyxxnYVETQXU7P3LRm
KXVaoMg13R+mRlAFD+umeIn0Dyv6PhjnrZ5jagNjivzpco4Tkc0=
=L7HL
-----END PGP SIGNATURE-----


A
A
Andreas Enge wrote on 20 Feb 2019 00:07
Progress
20190219230744.GA3513@jurong
Is this patch still of interest, or should we close the bug report?

Andreas
T
T
Tobias Geerinckx-Rice wrote on 4 Mar 2019 17:19
[PATCH v2 0/2] gnu: Add pdns.
(address . 33026@debbugs.gnu.org)(name . Tobias Geerinckx-Rice)(address . me@tobias.gr)
20190304161955.12712-1-somebody@not-sent-or-endorsed-by.tobias.gr
From: Tobias Geerinckx-Rice <me@tobias.gr>

Ludo',

Thanks for the review and sorry for the late reply. I've think I've addressed all your points below, apart from the last one.

I've also added Ruby and Perl to run the full test suite, and tried to make the ‘move-tools’ phase a bit more straightforward.

Ludovic Courtès wrote:
Toggle quote (7 lines)
> What about “powerdns” then?
>
> Tobias Geerinckx-Rice <me@tobias.gr> skribis:
>> [blah blah blah blah]
>
> Alright, go for “pdns” then! Sorry for asking. ;-)

You'll never make that mistake again.

Toggle quote (4 lines)
> We could do that indeed! Well the backend itself may be free, but
> it's useless without the non-free piece of software, so it makes
> sense to remove it (as long as the build system allows it.)

OK.

Toggle quote (2 lines)
> I think you can avoid @dfn here as well. :-)

OK. Replaced with @acronym if that's all right.

Toggle quote (5 lines)
> A few questions:
>
> • Are things under ext/ simply bundled libraries? If so, do you think
> there’s something we could/should do about them?

There are 3 libraries under ext/:

- json11 (https://github.com/dropbox/json11)is a one-C++-file library
without own build system, intended for bundling;

- luawrapper is just a lone header file (LuaContext.hpp);

- yahttp (https://github.com/cmouse/yahttp)is most like a real package,
and while the README instructs developers to just plonk its headers in
with their own and ship it that way, I was able to package & use it.

Toggle quote (3 lines)
> • I suppose we don’t build and thus don’t care about the license of
> modules/oraclebackend, do we? :-)

Out it goes.

Toggle quote (3 lines)
> • The license of m4/* doesn’t matter for the combined work; I’d just
> remove it.

Done.

Toggle quote (3 lines)
> • GPLv2-only code cannot be combined with GPLv3+ code. Is it really
> what’s happening?

I think so:

$ head pdns/ssqlite3.cc
/* SQLite backend for PowerDNS
* Copyright (C) 2003, Michel Stol <michel@powerdns.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2
* as published by the Free Software Foundation.
*
* Additionally, the license of this program contains a special
* exception which allows to distribute the program in binary form when
* it is linked against OpenSSL.

Is this really a deal-breaker?

We could disable the sqlite and LDAP back ends (hardly ideal) but pdns/tcpreceiver.cc is linked into the core pdns_server…

Uh oh,

T G-R


Tobias Geerinckx-Rice (2):
gnu: Add yahttp.
gnu: Add pdns.

gnu/packages/dns.scm | 176 +++++++++++++++++++++++++++++++++++++++++++
gnu/packages/web.scm | 42 +++++++++++
2 files changed, 218 insertions(+)

--
2.20.1
T
T
Tobias Geerinckx-Rice wrote on 4 Mar 2019 17:19
[PATCH v2 1/2] gnu: Add yahttp.
(address . 33026@debbugs.gnu.org)(name . Tobias Geerinckx-Rice)(address . me@tobias.gr)
20190304161955.12712-2-somebody@not-sent-or-endorsed-by.tobias.gr
From: Tobias Geerinckx-Rice <me@tobias.gr>

* gnu/packages/web.scm (yahttp): New public variable.
---
gnu/packages/web.scm | 42 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 42 insertions(+)

Toggle diff (69 lines)
diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm
index b0ee78b92b..95099e450e 100644
--- a/gnu/packages/web.scm
+++ b/gnu/packages/web.scm
@@ -66,6 +66,7 @@
#:use-module (gnu packages admin)
#:use-module (gnu packages adns)
#:use-module (gnu packages apr)
+ #:use-module (gnu packages boost)
#:use-module (gnu packages check)
#:use-module (gnu packages documentation)
#:use-module (gnu packages docbook)
@@ -86,6 +87,7 @@
#:use-module (gnu packages gnupg)
#:use-module (gnu packages gnuzilla)
#:use-module (gnu packages gperf)
+ #:use-module (gnu packages graphviz)
#:use-module (gnu packages gtk)
#:use-module (gnu packages guile)
#:use-module (gnu packages guile-xyz)
@@ -4907,6 +4909,46 @@ and xinetd usually launches another daemon to handle the request. It can be
used to start services with both privileged and non-privileged port numbers.")
(license (l:fsf-free "file://COPYRIGHT"))))
+(define-public yahttp
+ (package
+ (name "yahttp")
+ (version "0.2.1")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/cmouse/yahttp.git")
+ (commit (string-append "v" version))))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32 "09pxykgby8hlyvaff106p6m847idg6nkprahx62kr05ks5r6i77v"))))
+ ;; Separate the ~7.5 MiB of HTML documentation from the rest (~700 KiB).
+ ;; Installing the package without it would require patching Makefiles.
+ (outputs (list "out" "doc"))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:configure-flags
+ (list (string-append "--htmldir=" (assoc-ref %outputs "doc")
+ "/share/doc/" ,name "-" ,version))))
+ (native-inputs
+ `(("autoconf" ,autoconf)
+ ("automake" ,automake)
+ ("libtool" ,libtool)
+
+ ;; For creating the documentation.
+ ("doxygen" ,doxygen)
+ ("graphviz" ,graphviz)))
+ (inputs
+ `(("boost" ,boost)))
+ (home-page "https://github.com/cmouse/yahttp")
+ (synopsis "Small-footprint HTTP request/response parser")
+ (description
+ "@acronym{YaHTTP, Yet Another HTTP Library} aims to be purely an HTTP
+request/response parser with no input/output ties. It is intended to be used in
+small-footprint applications and other utilities that want to use HTTP over
+something else than network I/O.")
+ (license l:expat)))
+
(define-public tidy-html
(package
(name "tidy-html")
--
2.20.1
T
T
Tobias Geerinckx-Rice wrote on 4 Mar 2019 17:19
[PATCH v2 2/2] gnu: Add pdns.
(address . 33026@debbugs.gnu.org)(name . Tobias Geerinckx-Rice)(address . me@tobias.gr)
20190304161955.12712-3-somebody@not-sent-or-endorsed-by.tobias.gr
From: Tobias Geerinckx-Rice <me@tobias.gr>

* gnu/packages/dns.scm (pdns): New public variable.
---
gnu/packages/dns.scm | 176 +++++++++++++++++++++++++++++++++++++++++++
1 file changed, 176 insertions(+)

Toggle diff (213 lines)
diff --git a/gnu/packages/dns.scm b/gnu/packages/dns.scm
index 9cc707e5b4..b929f8b426 100644
--- a/gnu/packages/dns.scm
+++ b/gnu/packages/dns.scm
@@ -32,9 +32,11 @@
#:use-module (gnu packages autotools)
#:use-module (gnu packages base)
#:use-module (gnu packages bash)
+ #:use-module (gnu packages boost)
#:use-module (gnu packages databases)
#:use-module (gnu packages compression)
#:use-module (gnu packages crypto)
+ #:use-module (gnu packages curl)
#:use-module (gnu packages datastructures)
#:use-module (gnu packages flex)
#:use-module (gnu packages glib)
@@ -44,6 +46,7 @@
#:use-module (gnu packages libevent)
#:use-module (gnu packages libidn)
#:use-module (gnu packages linux)
+ #:use-module (gnu packages lua)
#:use-module (gnu packages ncurses)
#:use-module (gnu packages nettle)
#:use-module (gnu packages networking)
@@ -51,6 +54,8 @@
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages protobuf)
#:use-module (gnu packages python)
+ #:use-module (gnu packages ruby)
+ #:use-module (gnu packages sqlite)
#:use-module (gnu packages swig)
#:use-module (gnu packages tls)
#:use-module (gnu packages web)
@@ -403,6 +408,177 @@ run in a @code{chroot} jail, thus making any security flaws in NSD less likely
to result in system-wide compromise.")
(license (list license:bsd-3))))
+(define-public pdns
+ (package
+ (name "pdns")
+ (version "4.1.6")
+ (source
+ (origin
+ (method url-fetch)
+ (uri
+ (string-append "https://downloads.powerdns.com/releases/pdns-"
+ version ".tar.bz2"))
+ (sha256
+ (base32 "0ggpcvzj90a31qf71m8788ql0hbxnkb9y6c3wgqr9l0qwv8dsgpm"))
+ (modules '((guix build utils)))
+ (snippet
+ '(begin
+ ;; Delete (free) back ends for a non-free database. This also
+ ;; side-steps some licence confusion where modules/oraclebackend's
+ ;; README says ‘MIT’ but the actual file headers state GPL2 [only].
+ (for-each
+ (lambda (back-end)
+ (with-directory-excursion "modules"
+ (delete-file-recursively back-end))
+ (substitute* "configure"
+ (((format " modules/~a/Makefile" back-end))
+ ""))
+ (substitute* "modules/Makefile.in"
+ (((format ".*~a.*" back-end)) ; delete the whole line
+ "")))
+ (list "goraclebackend"
+ "oraclebackend"))
+ #t))))
+ (build-system gnu-build-system)
+ ;; Keep the extra tools from littering the user's profile unless desired.
+ ;; There's no make target or other way to cleanly separate the tools from
+ ;; the core. We have to rely on a hard-coded list (below), which needs to
+ ;; be double-checked when changing the package version or configuration.
+ (outputs (list "out" "tools"))
+ (arguments
+ `(#:configure-flags
+ (list "--enable-libsodium" ; ed25519 (DNSSEC algorithm 15)
+ ;; "--enable-libdecaf" ; ed25519 & Ed448 (XXX unpackaged)
+ "--enable-reproducible"
+ "--enable-tools"
+ "--enable-unit-tests"
+
+ ;; XXX The 'core' (sbin/pdns_server) retains references to some
+ ;; dependencies (e.g. luajit, sqlite) but not all of them (e.g.
+ ;; postgresql). Moving backend modules to their own output (or
+ ;; package?) might reduce the closure size significantly and/or
+ ;; allow us to build more (all?) of them. Something to consider.
+ (string-append
+ "--with-dynmodules=" ; build dynamic modules...
+ (string-join
+ (list "bind" ; BIND-style zone files
+ "gpgsql" ; generic PostgreSQL
+ "gsqlite3" ; generic Sqlite
+ "lua" ; Lua scripting
+ "pipe" ; simple stdin/stdout pipe
+ "remote") ; generic JSON/RPC connector
+ " "))
+ "--with-modules=" ; ...and no static modules
+
+ "--with-luajit" ; use JIT variant for Lua backend
+ "--with-protobuf" ; for logging DNS query information
+ "--with-sqlite3" ; include the sqlite3 driver
+
+ (string-append "--docdir=" (assoc-ref %outputs "out") "/share/doc/"
+ ,name "-" ,version)
+ "--sysconfdir=/etc/powerdns"
+ "--with-socketdir=/run")
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'use-packaged-yahttp
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((yahttp (assoc-ref inputs "yahttp")))
+ (delete-file-recursively "ext/yahttp")
+ (substitute* "configure"
+ (("\\$\\(top_builddir\\)/ext/yahttp/yahttp")
+ (string-append yahttp "/lib"))
+ (("ext/(yahttp/)+Makefile") ""))
+ (substitute* "ext/Makefile.in"
+ (("yahttp ") ""))
+ #t)))
+ (add-after 'unpack 'omit-PDNS_CONFIG_ARGS
+ ;; Avoid ‘pdns_server --version’ printing build-time details, like
+ ;; PKG_CONFIG_PATH, which embed references to almost every input.
+ (lambda _
+ (substitute* "configure"
+ (("#define PDNS_CONFIG_ARGS.*") ""))
+ #t))
+ (replace 'install
+ ;; Don't try to install configuration files to /etc.
+ (lambda* (#:key make-flags #:allow-other-keys)
+ (apply invoke "make" "sysconfdir=$(docdir)/examples" "install"
+ make-flags)))
+ (add-after 'install 'move-tools
+ ;; Move tools (and their documentation) to a separate output.
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (tools (assoc-ref outputs "tools"))
+ (move (lambda (file)
+ (let ((target (string-append tools "/" file)))
+ (mkdir-p (dirname target))
+ (rename-file file target)))))
+ (with-directory-excursion out
+ (for-each (lambda (tool)
+ (move (string-append "bin/" tool))
+ (move (string-append "share/man/man1/"
+ tool ".1")))
+ (list "calidns"
+ "dnsbulktest"
+ "dnsgram"
+ "dnsreplay"
+ "dnsscan"
+ "dnsscope"
+ "dnstcpbench"
+ "dnswasher"
+ "dumresp"
+ "ixplore"
+ "nproxy"
+ "nsec3dig"
+ "pdns_notify"
+ "saxfr"
+ "sdig"))
+
+ ;; This one weird tool doesn't have a man page.
+ (move "bin/stubquery")
+ #t)))))))
+ (native-inputs
+ `(("pkg-config" ,pkg-config)
+
+ ;; For tests.
+ ("curl" ,curl)
+ ("perl" ,perl)
+ ("ruby" ,ruby)))
+ (inputs
+ `(("boost" ,boost)
+ ("libsodium" ,libsodium)
+ ("luajit" ,luajit)
+ ("openssl" ,openssl)
+ ("postgresql" ,postgresql)
+ ("protobuf" ,protobuf)
+ ("sqlite" ,sqlite)
+ ("yahttp" ,yahttp)
+ ("zlib" ,zlib)))
+ (home-page "https://www.powerdns.com/")
+ (synopsis "Authoritative DNS name server with dynamic back-ends")
+ (description
+ "This is the PowerDNS Authoritative Server, a versatile name server for the
+@acronym{DNS, Domain Name System} that supports a wide variety of storage back
+ends.
+
+The core server (@command{pdns_server}) handles all packet processing and DNS
+intelligence, while retrieving and updating the actual DNS records (and any
+additional metadata) through one or more of numerous loadable backends.
+
+Included back ends range from simple BIND-style zone files and relational
+databases to (geographical) load-balancing, JSON APIs, and entire scripting
+languages. Records can be transparently signed for use with @acronym{DNSSEC,
+Domain Name System Security Extensions}. Automated key management is available.
+
+Real-time statistics can be exported to different formats, or through an optional
+built-in Web server and API that allow for basic remote administration.")
+ (license
+ (list license:bsd-3 ; ext/luawrapper/include/LuaContext.*
+ license:expat ; ext/{json11,yahttp}
+ ;; pdns/{ssqlite3,tcpreceiver,test-tsig,zone2ldap}.* and
+ ;; modules/ldapbackend are GPL2-only.
+ license:gpl2
+ license:gpl3+)))) ; the rest is GPL[23]+
+
(define-public unbound
(package
(name "unbound")
--
2.20.1
A
A
Andreas Enge wrote on 7 Mar 2019 14:22
Re: [bug#33020] Progress
20190307132240.GA2183@jurong
Two weeks later without any reaction, closing.

Andreas
Closed
A
A
Andreas Enge wrote on 7 Mar 2019 15:02
Re: bug#33026: [bug#33020] Progress
(name . Tobias Geerinckx-Rice)(address . somebody@not-sent-or-endorsed-by.tobias.gr)(address . 33026@debbugs.gnu.org)
20190307140222.GA2745@jurong
On Thu, Mar 07, 2019 at 02:38:28PM +0100, Tobias Geerinckx-Rice wrote:
Toggle quote (2 lines)
> Do you think this is reasonable?

I do - in the spirit of dropping packages that do not build after about
two weeks, as discussed around FOSDEM. I think there is no point in keeping
orphaned patches around for packages that apparently nobody cares about
any more.

Toggle quote (2 lines)
> I'm reopening this and welcome any feedback that will help get this merged.

That is fine as well, if you care about the package, that contradicts
my motivation above!

Toggle quote (2 lines)
> If no-one answers in the next 2 weeks, fine.

Well, then you replace 2 weeks by twice 2 weeks, which is also fine,
but not fundamentally different from the approach that apparently
you find unreasonable.

Andreas
A
A
Andreas Enge wrote on 7 Mar 2019 15:08
(name . Tobias Geerinckx-Rice)(address . somebody@not-sent-or-endorsed-by.tobias.gr)(address . 33026@debbugs.gnu.org)
20190307140823.GB2745@jurong
On Thu, Mar 07, 2019 at 02:38:28PM +0100, Tobias Geerinckx-Rice wrote:
Toggle quote (2 lines)
> Do you think this is reasonable?

Sorry, actually I did not see your reply from March 4 - the closing message
was sent to two entangled bug reports (this one and 33020), and the other
one did not receive any reply. Apologies for closing this one, and feel free
to reopen 33020 as well if you would still like to push nullmailer.

Andreas
T
T
Tobias Geerinckx-Rice wrote on 7 Mar 2019 15:58
Re: [bug#33026] [bug#33020] Progress
(name . Andreas Enge)(address . andreas@enge.fr)
87sgvy7mv2.fsf@nckx
Andreas,

Andreas Enge wrote:
Toggle quote (10 lines)
> On Thu, Mar 07, 2019 at 02:38:28PM +0100, Tobias Geerinckx-Rice
> wrote:
>> Do you think this is reasonable?
>
> Sorry, actually I did not see your reply from March 4 - the
> closing message
> was sent to two entangled bug reports (this one and 33020), and
> the other
> one did not receive any reply.

Oh, OK. I hadn't yet received any notification for done-33020
when I replied to done-33026, and you did also ping 33026 exactly
two weeks ago, so it seemed plausibly… intentional? Apologies for
acting slighted.

Toggle quote (4 lines)
> Apologies for closing this one, and feel free
> to reopen 33020 as well if you would still like to push
> nullmailer.

-done! With an upgrade to 2.2 to boot.

Kind regards,

T G-R
?
Your comment

This issue is archived.

To comment on this conversation send an email to 33026@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 33026
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch