Change bind99 and bind910 package to use the standard PKG_SYSCONFDIR

for config files instead of the hardcoded /etc path. Sync SMF support across the two packages. Bump PKGREVISION.
jsonn · Feb 20, 2017 · d4cfc34 · d4cfc34
1 parent 9947033
commit d4cfc34
Show file tree

Hide file tree

Showing 6 changed files with 225 additions and 83 deletions.
diff --git a/net/bind910/Makefile b/net/bind910/Makefile
@@ -1,7 +1,8 @@
-# $NetBSD: Makefile,v 1.29 2017/02/09 00:48:59 taca Exp $
+# $NetBSD: Makefile,v 1.30 2017/02/20 15:19:54 fhajny Exp $
 
 DISTNAME=	bind-${BIND_VERSION}
 PKGNAME=	${DISTNAME:S/-P/pl/}
+PKGREVISION=	1
 CATEGORIES=	net
 MASTER_SITES=	ftp://ftp.isc.org/isc/bind9/${BIND_VERSION}/
 
@@ -27,7 +28,7 @@ GNU_CONFIGURE=		yes
 #CONFIG_SHELL=		sh -x
 
 CONFIGURE_ARGS+=	--with-libtool
-CONFIGURE_ARGS+=	--sysconfdir=/etc
+CONFIGURE_ARGS+=	--sysconfdir=${PKG_SYSCONFDIR}
 CONFIGURE_ARGS+=	--localstatedir=${VARBASE}
 CONFIGURE_ARGS+=	--disable-openssl-version-check
 CONFIGURE_ARGS+=	--with-openssl=${SSLBASE:Q}

diff --git a/net/bind910/files/smf/manifest.xml b/net/bind910/files/smf/manifest.xml
@@ -39,7 +39,7 @@ CDDL HEADER END
       <service_fmri value='svc:/milestone/network' />
     </dependency>
     <dependency name='config-files' grouping='require_any' restart_on='refresh' type='path'>
-      <service_fmri value='file://localhost/etc/named.conf' />
+      <service_fmri value='file://localhost@PKG_SYSCONFDIR@/named.conf' />
     </dependency>
     <!--
         In order to run multiple named(1M) processes with their own

diff --git a/net/bind910/files/smf/named.sh b/net/bind910/files/smf/named.sh
@@ -56,9 +56,9 @@ umount_chroot ()
 
 get_config ()
 {   
-    configuration_file=/etc/named.conf
-    rndc_config_file=/etc/rndc.conf
-    rndc_key_file=/etc/rndc.key
+    configuration_file=@PKG_SYSCONFDIR@/named.conf
+    rndc_config_file=@PKG_SYSCONFDIR@/rndc.conf
+    rndc_key_file=@PKG_SYSCONFDIR@/rndc.key
     rndc_cmd_opts="-a"
     libraries="/usr/pkg/lib/engines/libgost.so"
     cmdopts=""
@@ -127,7 +127,7 @@ get_config ()
 
     configuration_dir=$(sed -n -e 's,^[[:space:]]*directory.*"\(.*\)";,\1,p' \
         ${configuration_file})
-    [ "${configuration_dir}" == "" ] && configuration_dir=/etc/namedb
+    [ "${configuration_dir}" == "" ] && configuration_dir=@PKG_SYSCONFDIR@/namedb
 
     configuration_files=$(sed -n -e \
         "s,^[[:space:]]*file.*\"\(.*\)\";,${configuration_dir}/\1,p" \

diff --git a/net/bind99/Makefile b/net/bind99/Makefile
@@ -1,7 +1,8 @@
-# $NetBSD: Makefile,v 1.63 2017/02/09 00:50:15 taca Exp $
+# $NetBSD: Makefile,v 1.64 2017/02/20 15:19:54 fhajny Exp $
 
 DISTNAME=	bind-${BIND_VERSION}
 PKGNAME=	${DISTNAME:S/-P/pl/}
+PKGREVISION=	1
 CATEGORIES=	net
 MASTER_SITES=	ftp://ftp.isc.org/isc/bind9/${BIND_VERSION}/
 
@@ -27,7 +28,7 @@ GNU_CONFIGURE=		yes
 #CONFIG_SHELL=		sh -x
 
 CONFIGURE_ARGS+=	--with-libtool
-CONFIGURE_ARGS+=	--sysconfdir=/etc
+CONFIGURE_ARGS+=	--sysconfdir=${PKG_SYSCONFDIR}
 CONFIGURE_ARGS+=	--localstatedir=${VARBASE:Q}
 CONFIGURE_ARGS+=	--disable-openssl-version-check
 CONFIGURE_ARGS+=	--with-openssl=${SSLBASE:Q}

diff --git a/net/bind99/files/smf/manifest.xml b/net/bind99/files/smf/manifest.xml
@@ -41,7 +41,6 @@ CDDL HEADER END
     <dependency name='config-files' grouping='require_any' restart_on='refresh' type='path'>
       <service_fmri value='file://localhost@PKG_SYSCONFDIR@/named.conf' />
     </dependency>
-    <exec_method type='method' name='stop' exec=':kill' timeout_seconds='60' />
     <!--
         In order to run multiple named(1M) processes with their own
         configuration file or properties each must have a unique
@@ -50,22 +49,15 @@ CDDL HEADER END
     <instance name='default' enabled='false'>
       <exec_method type='method' name='start' exec='@PREFIX@/@SMF_METHOD_FILE.named@ %m %i' timeout_seconds='60'>
         <method_context>
-          <!--
-                privileges: (see privileges(5) and /etc/security/priv_names)
-                file_dac_read, file_dac_search:
-                        Necessary for reading the configuration file
-                        even it is restricted by the file permission.
-                net_privaddr:
-                        Bind to a privileged port number.
-                sys_resource:
-                        Permit the setting of resource limits (eg. stack
-                        size).
-                proc_chroot:
-                        Permit use of chroot(2).
-          -->
-          <method_credential user='root' group='root' privileges='basic,!proc_session,!proc_info,!file_link_any,net_privaddr,file_dac_read,file_dac_search,sys_resource,proc_chroot' />
+          <method_credential user='root' group='root' />
         </method_context>
       </exec_method>
+      <exec_method type='method' name='stop' exec='@PREFIX@/@SMF_METHOD_FILE.named@ %m %i %{restarter/contract}' timeout_seconds='60'>
+        <method_context>
+          <method_credential user='root' group='root' />
+        </method_context>
+
+      </exec_method>
       <!--
               SIGHUP causes named to reread its configuration file, but not any
               of the properties below.
@@ -126,6 +118,12 @@ CDDL HEADER END
                 Equivalent command line option '-t <pathname>'.
         -->
         <propval name='chroot_dir' type='astring' value='' />
+	<!--
+		user: Change the user id after processing command line
+		arguments, but before reading the configuration file.
+		Equivalent command line option '-u <user>'.
+	-->
+        <propval name='user' type='astring' value='named' />
       </property_group>
     </instance>
     <template>