Patches for aports can be sent to this list

2 2

[alpine-aports] [PATCH] community/dnscrypt-proxy: Fix launch as service

Taner Tas
Details
Message ID
<20180412113635.27251-1-taner76@gmail.com>
Sender timestamp
1523532995
DKIM signature
missing
Download raw message
Patch: +116 -42
* To able to bind on port 53, capabilities of binary file has to be changed via post-install script
* Clarify license (ISC), thus removed -doc subpackage
* Dynamically fetched server list file moved to /var/cache instead of /etc
* Example configuration files moved to /usr/share instead of /etc
* Configuration file patch added to ensure logs to be stored in /var/log
---
 community/dnscrypt-proxy/APKBUILD             | 64 ++++++--------
 .../dnscrypt-proxy/config-full-paths.patch    | 86 +++++++++++++++++++
 community/dnscrypt-proxy/dnscrypt-proxy.confd |  2 +-
 community/dnscrypt-proxy/dnscrypt-proxy.initd |  4 +-
 .../dnscrypt-proxy.post-install               |  2 +
 5 files changed, 116 insertions(+), 42 deletions(-)
 create mode 100644 community/dnscrypt-proxy/config-full-paths.patch
 create mode 100644 community/dnscrypt-proxy/dnscrypt-proxy.post-install

diff --git a/community/dnscrypt-proxy/APKBUILD b/community/dnscrypt-proxy/APKBUILD
index 7f375af8..bf60f917 100644
--- a/community/dnscrypt-proxy/APKBUILD
+++ b/community/dnscrypt-proxy/APKBUILD
@@ -2,71 +2,57 @@
 # Maintainer: Francesco Colista <fcolista@alpinelinux.org>
 pkgname=dnscrypt-proxy
 pkgver=2.0.9b2
-pkgrel=2
+pkgrel=3
 pkgdesc="A tool for securing communications between a client and a DNS resolver"
 url="https://dnscrypt.info"
 arch="all"
-license="custom"
-makedepends="$depends_dev libsodium-dev ldns-dev go"
-install="$pkgname.pre-install"
-options="!check" #upstream does not provide check/test
+license="ISC"
+depends="libcap"
+makedepends="go"
+install="$pkgname.pre-install $pkgname.post-install"
 pkgusers=dnscrypt
 pkggroups=dnscrypt
-subpackages="$pkgname-doc $pkgname-setup::noarch"
-source="$pkgname-$pkgver.tar.gz::https://github.com/jedisct1/$pkgname/archive/$pkgver.tar.gz
+subpackages="$pkgname-setup::noarch"
+source="${pkgname}-${pkgver}.tar.gz::https://github.com/jedisct1/${pkgname}/archive/${pkgver}.tar.gz
 	$pkgname.initd
 	$pkgname.confd
 	$pkgname.setup
+	config-full-paths.patch
 	"
-builddir="$srcdir"/$pkgname-$pkgver
+options="!check"
 
 prepare() {
-	default_prepare
 	cd "$builddir"
-	export GOPATH=$(pwd)
-	ln -sfv vendor src
+	ln -sf vendor src
+	default_prepare
 }
 
 build() {
-	cd "$builddir"/$pkgname
-	go build -ldflags="-s -w" -v
+	cd "$builddir"/"$pkgname"
+	GOPATH="$builddir" go build -ldflags="-s -w" -v
 }
 
 package() {
 	cd "$builddir"/$pkgname
+	mkdir -p "$pkgdir"/etc/$pkgname
 	mkdir -p "$pkgdir"/var/log/$pkgname
-	mkdir -p "$pkgdir"/var/run/$pkgname
-	mkdir -p "$pkgdir"/var/empty
-	mkdir -p $pkgdir/usr/share/licenses/$pkgname
-    install -m755 -D "$srcdir"/$pkgname.initd "$pkgdir"/etc/init.d/$pkgname
+	mkdir -p "$pkgdir"/usr/share/$pkgname
+        install -m755 -D dnscrypt-proxy "$pkgdir"/usr/bin/dnscrypt-proxy
+        install -m644 -D example-dnscrypt-proxy.toml "$pkgdir"/etc/$pkgname/dnscrypt-proxy.toml
+        install -m755 -D "$srcdir"/$pkgname.initd "$pkgdir"/etc/init.d/$pkgname
 	install -m644 -D "$srcdir"/$pkgname.confd "$pkgdir"/etc/conf.d/$pkgname
-	install -m755 -D $pkgname "$pkgdir"/usr/bin/$pkgname
-	install -vDm 644 "example-${pkgname}.toml" \
-		"${pkgdir}/etc/${pkgname}/${pkgname}.toml"
-	install -vDm 644 "example-blacklist.txt" \
-		"${pkgdir}/etc/${pkgname}/example-blacklist.txt"
-	install -vDm 644 "example-cloaking-rules.txt" \
-		"${pkgdir}/etc/${pkgname}/example-cloaking-rules.txt"
-	install -vDm 644 "example-forwarding-rules.txt" \
-		"${pkgdir}/etc/${pkgname}/example-forwarding-rules.txt"
-	install -vDm 644 "example-whitelist.txt" \
-		"${pkgdir}/etc/${pkgname}/example-whitelist.txt"
 	chown dnscrypt "$pkgdir"/var/log/$pkgname
-	chown dnscrypt "$pkgdir"/var/run/$pkgname
-	chown dnscrypt "$pkgdir"/var/empty
-	chown dnscrypt "$pkgdir"/etc/$pkgname
-	install -m 644 ../LICENSE $pkgdir/usr/share/licenses/$pkgname
+	for i in example-*; do install -m644 -D "$i" "$pkgdir"/usr/share/$pkgname/"$i"; done
 }
 
 setup() {
-	pkgdesc="Script for setting up DNSCrypt Proxy"
+	pkgdesc="Script for setting up dnscrypt-proxy"
 	depends="sed wget $pkgname"
-
-	mkdir -p "$subpkgdir"/sbin
-	install -m755 -D "$srcdir"/$pkgname.setup "$subpkgdir"/sbin/setup-dnscrypt
+	install -m755 -D "$srcdir"/$pkgname.setup "$subpkgdir"/usr/sbin/setup-dnscrypt
 }
 
 sha512sums="d64cc8e0b61e1e548b63531dc4c733af1605ccda89a9f905227e97cb966a3488104ac9af229521909ca88bde283dce224e712326b4d1717af70be2d04821c6c2  dnscrypt-proxy-2.0.9b2.tar.gz
-c38095ee38054fb0d3b51c002b5038cb073b8b9ec0ababf975e70d27e4c1bd90c0c3f846863e052f30ff2ac6d4ce84c5d4192ebae0eebfa013eb08edf840f8bf  dnscrypt-proxy.initd
-44a2d792aa80a048ea6bdb4a79c1e436bcad3610a28a963ebed5c0e77a8b2a733c45311a66268fc4026d1c4c9b1f222813aeeea9c619832bbcb7c227542b65a8  dnscrypt-proxy.confd
-66dd43d84117a0151ae41f34d82b716760382a5a491424bf6418228ffd21f0dfbc88e34cc5074e11f97f006335d97b85367bb9ab1d96747a48e893c022ad52d0  dnscrypt-proxy.setup"
+b4913fada4172a12521d1beb731cc63e12fd45380a3973bedcefff394b244401c15ec74108b5e18c0aa34f0803b4e5abe90d33c1342b32bb9137aa598a7daf4a  dnscrypt-proxy.initd
+c001ae39da1b2db71764cab568f9ed18e4de0cea3d1a4e7bd6dd01a5668b81a888ea9eef99de6beac08857ad7f8eb1a32d730e946ac3563e4dcfa27147e35052  dnscrypt-proxy.confd
+66dd43d84117a0151ae41f34d82b716760382a5a491424bf6418228ffd21f0dfbc88e34cc5074e11f97f006335d97b85367bb9ab1d96747a48e893c022ad52d0  dnscrypt-proxy.setup
+898d71dfba3d2af78ee5b26455073cc6d6ecd4ae2bb08b6f04537e9f30989da5053f364dc504a5c2f78e3da3b27b6f92ef301ed860abd4aa23b062043d317b64  config-full-paths.patch"
diff --git a/community/dnscrypt-proxy/config-full-paths.patch b/community/dnscrypt-proxy/config-full-paths.patch
new file mode 100644
index 00000000..5e22153f
--- /dev/null
+++ b/community/dnscrypt-proxy/config-full-paths.patch
@@ -0,0 +1,86 @@
+--- a/dnscrypt-proxy/example-dnscrypt-proxy.toml
+@@ -96,7 +96,7 @@
+ 
+ ## log file for the application
+ 
+-# log_file = 'dnscrypt-proxy.log'
++ log_file = '/var/log/dnscrypt-proxy/dnscrypt-proxy.log'
+ 
+ 
+ ## Use the system logger (syslog on Unix, Event Log on Windows)
+@@ -255,7 +255,7 @@
+ 
+   ## Path to the query log file (absolute, or relative to the same directory as the executable file)
+ 
+-  # file = 'query.log'
++  # file = '/var/log/dnscrypt-proxy/query.log'
+ 
+ 
+   ## Query log format (currently supported: tsv and ltsv)
+@@ -281,7 +281,7 @@
+ 
+   ## Path to the query log file (absolute, or relative to the same directory as the executable file)
+ 
+-  # file = 'nx.log'
++  # file = '/var/log/dnscrypt-proxy/nx.log'
+ 
+ 
+   ## Query log format (currently supported: tsv and ltsv)
+@@ -311,12 +311,12 @@
+ 
+   ## Path to the file of blocking rules (absolute, or relative to the same directory as the executable file)
+ 
+-  # blacklist_file = 'blacklist.txt'
++  # blacklist_file = '/etc/dnscrypt-proxy/blacklist.txt'
+ 
+ 
+   ## Optional path to a file logging blocked queries
+ 
+-  # log_file = 'blocked.log'
++  # log_file = '/var/log/dnscrypt-proxy/blocked.log'
+ 
+ 
+   ## Optional log format: tsv or ltsv (default: tsv)
+@@ -344,7 +344,7 @@
+ 
+   ## Optional path to a file logging blocked queries
+ 
+-  # log_file = 'ip-blocked.log'
++  # log_file = '/var/log/dnscrypt-proxy/ip-blocked.log'
+ 
+ 
+   ## Optional log format: tsv or ltsv (default: tsv)
+@@ -367,12 +367,12 @@
+ 
+   ## Path to the file of whitelisting rules (absolute, or relative to the same directory as the executable file)
+ 
+-  # whitelist_file = 'whitelist.txt'
++  # whitelist_file = '/etc/dnscrypt-proxy/whitelist.txt'
+ 
+ 
+   ## Optional path to a file logging whitelisted queries
+ 
+-  # log_file = 'whitelisted.log'
++  # log_file = '/var/log/dnscrypt-proxy/whitelisted.log'
+ 
+ 
+   ## Optional log format: tsv or ltsv (default: tsv)
+@@ -442,7 +442,7 @@
+ 
+   [sources.'public-resolvers']
+   urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/public-resolvers.md', 'https://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md']
+-  cache_file = 'public-resolvers.md'
++  cache_file = '/var/cache/dnscrypt-proxy/public-resolvers.md'
+   minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
+   refresh_delay = 72
+   prefix = ''
+@@ -452,7 +452,7 @@
+ 
+   #  [sources.'parental-control']
+   #  urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/parental-control.md', 'https://download.dnscrypt.info/resolvers-list/v2/parental-control.md']
+-  #  cache_file = 'parental-control.md'
++  #  cache_file = '/var/cache/dnscrypt-proxy/parental-control.md'
+   #  minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
+ 
+ 
diff --git a/community/dnscrypt-proxy/dnscrypt-proxy.confd b/community/dnscrypt-proxy/dnscrypt-proxy.confd
index 070ba95d..a1dc6a69 100644
--- a/community/dnscrypt-proxy/dnscrypt-proxy.confd
+++ b/community/dnscrypt-proxy/dnscrypt-proxy.confd
@@ -1,4 +1,4 @@
-#DNSCRYPT_OPTS="--config /etc/dnscrypt-proxy/dnscrypt-proxy.toml"
+#DNSCRYPT_OPTS="-config /etc/dnscrypt-proxy/dnscrypt-proxy.toml"
 #DNSCRYPT_USER="dnscrypt"
 #DNSCRYPT_GROUP="dnscrypt"
 
diff --git a/community/dnscrypt-proxy/dnscrypt-proxy.initd b/community/dnscrypt-proxy/dnscrypt-proxy.initd
index e24085f1..c52ba746 100644
--- a/community/dnscrypt-proxy/dnscrypt-proxy.initd
+++ b/community/dnscrypt-proxy/dnscrypt-proxy.initd
@@ -3,9 +3,9 @@
 # Distributed under the terms of the GNU General Public License v2
 
 command="/usr/bin/dnscrypt-proxy"
-command_args="${DNSCRYPT_OPTS:---config /etc/dnscrypt-proxy/dnscrypt-proxy.toml}"
+command_args="${DNSCRYPT_OPTS:--config /etc/dnscrypt-proxy/dnscrypt-proxy.toml}"
 command_user="${DNSCRYPT_USER:-dnscrypt}:${DNSCRYPT_GROUP:-dnscrypt}"
-pidfile="/run/dnscrypt-proxy/${SVCNAME}.pid"
+pidfile="/run/${SVCNAME}.pid"
 start_stop_daemon_args="--background --make-pidfile"
 
 depend() {
diff --git a/community/dnscrypt-proxy/dnscrypt-proxy.post-install b/community/dnscrypt-proxy/dnscrypt-proxy.post-install
new file mode 100644
index 00000000..7a7f4af3
--- /dev/null
+++ b/community/dnscrypt-proxy/dnscrypt-proxy.post-install
@@ -0,0 +1,2 @@
+#!/bin/sh
+/usr/sbin/setcap cap_net_bind_service=+pe /usr/bin/dnscrypt-proxy
-- 
2.17.0



---
Unsubscribe:  alpine-aports+unsubscribe@lists.alpinelinux.org
Help:         alpine-aports+help@lists.alpinelinux.org
---
Leonardo Arena
Details
Message ID
<CAGG_d8BW2taG4AVjqfh2J1MeV_NMGf5dpqYTF3Li6vbqQJJpqg@mail.gmail.com>
In-Reply-To
<20180412113635.27251-1-taner76@gmail.com> (view parent)
Sender timestamp
1531833774
DKIM signature
missing
Download raw message
Hi,

not sure if it's still needed, but needs be rebased against latest version.

Thanks

On Thu, Apr 12, 2018 at 1:36 PM, Taner Tas <taner76@gmail.com> wrote:

> * To able to bind on port 53, capabilities of binary file has to be
> changed via post-install script
> * Clarify license (ISC), thus removed -doc subpackage
> * Dynamically fetched server list file moved to /var/cache instead of /etc
> * Example configuration files moved to /usr/share instead of /etc
> * Configuration file patch added to ensure logs to be stored in /var/log
> ---
>  community/dnscrypt-proxy/APKBUILD             | 64 ++++++--------
>  .../dnscrypt-proxy/config-full-paths.patch    | 86 +++++++++++++++++++
>  community/dnscrypt-proxy/dnscrypt-proxy.confd |  2 +-
>  community/dnscrypt-proxy/dnscrypt-proxy.initd |  4 +-
>  .../dnscrypt-proxy.post-install               |  2 +
>  5 files changed, 116 insertions(+), 42 deletions(-)
>  create mode 100644 community/dnscrypt-proxy/config-full-paths.patch
>  create mode 100644 community/dnscrypt-proxy/dnscrypt-proxy.post-install
>
> diff --git a/community/dnscrypt-proxy/APKBUILD b/community/dnscrypt-proxy/
> APKBUILD
> index 7f375af8..bf60f917 100644
> --- a/community/dnscrypt-proxy/APKBUILD
> +++ b/community/dnscrypt-proxy/APKBUILD
> @@ -2,71 +2,57 @@
>  # Maintainer: Francesco Colista <fcolista@alpinelinux.org>
>  pkgname=dnscrypt-proxy
>  pkgver=2.0.9b2
> -pkgrel=2
> +pkgrel=3
>  pkgdesc="A tool for securing communications between a client and a DNS
> resolver"
>  url="https://dnscrypt.info"
>  arch="all"
> -license="custom"
> -makedepends="$depends_dev libsodium-dev ldns-dev go"
> -install="$pkgname.pre-install"
> -options="!check" #upstream does not provide check/test
> +license="ISC"
> +depends="libcap"
> +makedepends="go"
> +install="$pkgname.pre-install $pkgname.post-install"
>  pkgusers=dnscrypt
>  pkggroups=dnscrypt
> -subpackages="$pkgname-doc $pkgname-setup::noarch"
> -source="$pkgname-$pkgver.tar.gz::https://github.com/
> jedisct1/$pkgname/archive/$pkgver.tar.gz
> +subpackages="$pkgname-setup::noarch"
> +source="${pkgname}-${pkgver}.tar.gz::https://github.com/
> jedisct1/${pkgname}/archive/${pkgver}.tar.gz
>         $pkgname.initd
>         $pkgname.confd
>         $pkgname.setup
> +       config-full-paths.patch
>         "
> -builddir="$srcdir"/$pkgname-$pkgver
> +options="!check"
>
>  prepare() {
> -       default_prepare
>         cd "$builddir"
> -       export GOPATH=$(pwd)
> -       ln -sfv vendor src
> +       ln -sf vendor src
> +       default_prepare
>  }
>
>  build() {
> -       cd "$builddir"/$pkgname
> -       go build -ldflags="-s -w" -v
> +       cd "$builddir"/"$pkgname"
> +       GOPATH="$builddir" go build -ldflags="-s -w" -v
>  }
>
>  package() {
>         cd "$builddir"/$pkgname
> +       mkdir -p "$pkgdir"/etc/$pkgname
>         mkdir -p "$pkgdir"/var/log/$pkgname
> -       mkdir -p "$pkgdir"/var/run/$pkgname
> -       mkdir -p "$pkgdir"/var/empty
> -       mkdir -p $pkgdir/usr/share/licenses/$pkgname
> -    install -m755 -D "$srcdir"/$pkgname.initd
> "$pkgdir"/etc/init.d/$pkgname
> +       mkdir -p "$pkgdir"/usr/share/$pkgname
> +        install -m755 -D dnscrypt-proxy "$pkgdir"/usr/bin/dnscrypt-proxy
> +        install -m644 -D example-dnscrypt-proxy.toml
> "$pkgdir"/etc/$pkgname/dnscrypt-proxy.toml
> +        install -m755 -D "$srcdir"/$pkgname.initd
> "$pkgdir"/etc/init.d/$pkgname
>         install -m644 -D "$srcdir"/$pkgname.confd
> "$pkgdir"/etc/conf.d/$pkgname
> -       install -m755 -D $pkgname "$pkgdir"/usr/bin/$pkgname
> -       install -vDm 644 "example-${pkgname}.toml" \
> -               "${pkgdir}/etc/${pkgname}/${pkgname}.toml"
> -       install -vDm 644 "example-blacklist.txt" \
> -               "${pkgdir}/etc/${pkgname}/example-blacklist.txt"
> -       install -vDm 644 "example-cloaking-rules.txt" \
> -               "${pkgdir}/etc/${pkgname}/example-cloaking-rules.txt"
> -       install -vDm 644 "example-forwarding-rules.txt" \
> -               "${pkgdir}/etc/${pkgname}/example-forwarding-rules.txt"
> -       install -vDm 644 "example-whitelist.txt" \
> -               "${pkgdir}/etc/${pkgname}/example-whitelist.txt"
>         chown dnscrypt "$pkgdir"/var/log/$pkgname
> -       chown dnscrypt "$pkgdir"/var/run/$pkgname
> -       chown dnscrypt "$pkgdir"/var/empty
> -       chown dnscrypt "$pkgdir"/etc/$pkgname
> -       install -m 644 ../LICENSE $pkgdir/usr/share/licenses/$pkgname
> +       for i in example-*; do install -m644 -D "$i"
> "$pkgdir"/usr/share/$pkgname/"$i"; done
>  }
>
>  setup() {
> -       pkgdesc="Script for setting up DNSCrypt Proxy"
> +       pkgdesc="Script for setting up dnscrypt-proxy"
>         depends="sed wget $pkgname"
> -
> -       mkdir -p "$subpkgdir"/sbin
> -       install -m755 -D "$srcdir"/$pkgname.setup "$subpkgdir"/sbin/setup-
> dnscrypt
> +       install -m755 -D "$srcdir"/$pkgname.setup
> "$subpkgdir"/usr/sbin/setup-dnscrypt
>  }
>
>  sha512sums="d64cc8e0b61e1e548b63531dc4c733af1605ccda89a9f905227e97cb966a
> 3488104ac9af229521909ca88bde283dce224e712326b4d1717af70be2d04821c6c2
> dnscrypt-proxy-2.0.9b2.tar.gz
> -c38095ee38054fb0d3b51c002b5038cb073b8b9ec0ababf975e70d27e4c1
> bd90c0c3f846863e052f30ff2ac6d4ce84c5d4192ebae0eebfa013eb08edf840f8bf
> dnscrypt-proxy.initd
> -44a2d792aa80a048ea6bdb4a79c1e436bcad3610a28a963ebed5c0e77a8b
> 2a733c45311a66268fc4026d1c4c9b1f222813aeeea9c619832bbcb7c227542b65a8
> dnscrypt-proxy.confd
> -66dd43d84117a0151ae41f34d82b716760382a5a491424bf6418228ffd21
> f0dfbc88e34cc5074e11f97f006335d97b85367bb9ab1d96747a48e893c022ad52d0
> dnscrypt-proxy.setup"
> +b4913fada4172a12521d1beb731cc63e12fd45380a3973bedcefff394b24
> 4401c15ec74108b5e18c0aa34f0803b4e5abe90d33c1342b32bb9137aa598a7daf4a
> dnscrypt-proxy.initd
> +c001ae39da1b2db71764cab568f9ed18e4de0cea3d1a4e7bd6dd01a5668b
> 81a888ea9eef99de6beac08857ad7f8eb1a32d730e946ac3563e4dcfa27147e35052
> dnscrypt-proxy.confd
> +66dd43d84117a0151ae41f34d82b716760382a5a491424bf6418228ffd21
> f0dfbc88e34cc5074e11f97f006335d97b85367bb9ab1d96747a48e893c022ad52d0
> dnscrypt-proxy.setup
> +898d71dfba3d2af78ee5b26455073cc6d6ecd4ae2bb08b6f04537e9f3098
> 9da5053f364dc504a5c2f78e3da3b27b6f92ef301ed860abd4aa23b062043d317b64
> config-full-paths.patch"
> diff --git a/community/dnscrypt-proxy/config-full-paths.patch
> b/community/dnscrypt-proxy/config-full-paths.patch
> new file mode 100644
> index 00000000..5e22153f
> --- /dev/null
> +++ b/community/dnscrypt-proxy/config-full-paths.patch
> @@ -0,0 +1,86 @@
> +--- a/dnscrypt-proxy/example-dnscrypt-proxy.toml
> ++++ b/dnscrypt-proxy/example-dnscrypt-proxy.toml
> +@@ -96,7 +96,7 @@
> +
> + ## log file for the application
> +
> +-# log_file = 'dnscrypt-proxy.log'
> ++ log_file = '/var/log/dnscrypt-proxy/dnscrypt-proxy.log'
> +
> +
> + ## Use the system logger (syslog on Unix, Event Log on Windows)
> +@@ -255,7 +255,7 @@
> +
> +   ## Path to the query log file (absolute, or relative to the same
> directory as the executable file)
> +
> +-  # file = 'query.log'
> ++  # file = '/var/log/dnscrypt-proxy/query.log'
> +
> +
> +   ## Query log format (currently supported: tsv and ltsv)
> +@@ -281,7 +281,7 @@
> +
> +   ## Path to the query log file (absolute, or relative to the same
> directory as the executable file)
> +
> +-  # file = 'nx.log'
> ++  # file = '/var/log/dnscrypt-proxy/nx.log'
> +
> +
> +   ## Query log format (currently supported: tsv and ltsv)
> +@@ -311,12 +311,12 @@
> +
> +   ## Path to the file of blocking rules (absolute, or relative to the
> same directory as the executable file)
> +
> +-  # blacklist_file = 'blacklist.txt'
> ++  # blacklist_file = '/etc/dnscrypt-proxy/blacklist.txt'
> +
> +
> +   ## Optional path to a file logging blocked queries
> +
> +-  # log_file = 'blocked.log'
> ++  # log_file = '/var/log/dnscrypt-proxy/blocked.log'
> +
> +
> +   ## Optional log format: tsv or ltsv (default: tsv)
> +@@ -344,7 +344,7 @@
> +
> +   ## Optional path to a file logging blocked queries
> +
> +-  # log_file = 'ip-blocked.log'
> ++  # log_file = '/var/log/dnscrypt-proxy/ip-blocked.log'
> +
> +
> +   ## Optional log format: tsv or ltsv (default: tsv)
> +@@ -367,12 +367,12 @@
> +
> +   ## Path to the file of whitelisting rules (absolute, or relative to
> the same directory as the executable file)
> +
> +-  # whitelist_file = 'whitelist.txt'
> ++  # whitelist_file = '/etc/dnscrypt-proxy/whitelist.txt'
> +
> +
> +   ## Optional path to a file logging whitelisted queries
> +
> +-  # log_file = 'whitelisted.log'
> ++  # log_file = '/var/log/dnscrypt-proxy/whitelisted.log'
> +
> +
> +   ## Optional log format: tsv or ltsv (default: tsv)
> +@@ -442,7 +442,7 @@
> +
> +   [sources.'public-resolvers']
> +   urls = ['https://raw.githubusercontent.com/
> DNSCrypt/dnscrypt-resolvers/master/v2/public-resolvers.md', '
> https://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md']
> +-  cache_file = 'public-resolvers.md'
> ++  cache_file = '/var/cache/dnscrypt-proxy/public-resolvers.md'
> +   minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPp
> vWucNSCh1CBM0QTaLn73Y7GFO3'
> +   refresh_delay = 72
> +   prefix = ''
> +@@ -452,7 +452,7 @@
> +
> +   #  [sources.'parental-control']
> +   #  urls = ['https://raw.githubusercontent.com/
> DNSCrypt/dnscrypt-resolvers/master/v2/parental-control.md', '
> https://download.dnscrypt.info/resolvers-list/v2/parental-control.md']
> +-  #  cache_file = 'parental-control.md'
> ++  #  cache_file = '/var/cache/dnscrypt-proxy/parental-control.md'
> +   #  minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPp
> vWucNSCh1CBM0QTaLn73Y7GFO3'
> +
> +
> diff --git a/community/dnscrypt-proxy/dnscrypt-proxy.confd
> b/community/dnscrypt-proxy/dnscrypt-proxy.confd
> index 070ba95d..a1dc6a69 100644
> --- a/community/dnscrypt-proxy/dnscrypt-proxy.confd
> +++ b/community/dnscrypt-proxy/dnscrypt-proxy.confd
> @@ -1,4 +1,4 @@
> -#DNSCRYPT_OPTS="--config /etc/dnscrypt-proxy/dnscrypt-proxy.toml"
> +#DNSCRYPT_OPTS="-config /etc/dnscrypt-proxy/dnscrypt-proxy.toml"
>  #DNSCRYPT_USER="dnscrypt"
>  #DNSCRYPT_GROUP="dnscrypt"
>
> diff --git a/community/dnscrypt-proxy/dnscrypt-proxy.initd
> b/community/dnscrypt-proxy/dnscrypt-proxy.initd
> index e24085f1..c52ba746 100644
> --- a/community/dnscrypt-proxy/dnscrypt-proxy.initd
> +++ b/community/dnscrypt-proxy/dnscrypt-proxy.initd
> @@ -3,9 +3,9 @@
>  # Distributed under the terms of the GNU General Public License v2
>
>  command="/usr/bin/dnscrypt-proxy"
> -command_args="${DNSCRYPT_OPTS:---config /etc/dnscrypt-proxy/dnscrypt-
> proxy.toml}"
> +command_args="${DNSCRYPT_OPTS:--config /etc/dnscrypt-proxy/dnscrypt-
> proxy.toml}"
>  command_user="${DNSCRYPT_USER:-dnscrypt}:${DNSCRYPT_GROUP:-dnscrypt}"
> -pidfile="/run/dnscrypt-proxy/${SVCNAME}.pid"
> +pidfile="/run/${SVCNAME}.pid"
>  start_stop_daemon_args="--background --make-pidfile"
>
>  depend() {
> diff --git a/community/dnscrypt-proxy/dnscrypt-proxy.post-install
> b/community/dnscrypt-proxy/dnscrypt-proxy.post-install
> new file mode 100644
> index 00000000..7a7f4af3
> --- /dev/null
> +++ b/community/dnscrypt-proxy/dnscrypt-proxy.post-install
> @@ -0,0 +1,2 @@
> +#!/bin/sh
> +/usr/sbin/setcap cap_net_bind_service=+pe /usr/bin/dnscrypt-proxy
> --
> 2.17.0
>
>
>
> ---
> Unsubscribe:  alpine-aports+unsubscribe@lists.alpinelinux.org
> Help:         alpine-aports+help@lists.alpinelinux.org
> ---
>
>
Taner Tas
Details
Message ID
<6082faba-4223-d5e9-d218-45035abd2ff6@gmail.com>
In-Reply-To
<CAGG_d8BW2taG4AVjqfh2J1MeV_NMGf5dpqYTF3Li6vbqQJJpqg@mail.gmail.com> (view parent)
Sender timestamp
1531834676
DKIM signature
missing
Download raw message
Hi,

This is no longer needed.

Thanks.

---
Taner

On 17.07.2018 16:22, Leonardo Arena wrote:
> Hi,
>
> not sure if it's still needed, but needs be rebased against latest 
> version.
>
> Thanks
>
> On Thu, Apr 12, 2018 at 1:36 PM, Taner Tas <taner76@gmail.com 
> <mailto:taner76@gmail.com>> wrote:
>
>     * To able to bind on port 53, capabilities of binary file has to
>     be changed via post-install script
>     * Clarify license (ISC), thus removed -doc subpackage
>     * Dynamically fetched server list file moved to /var/cache instead
>     of /etc
>     * Example configuration files moved to /usr/share instead of /etc
>     * Configuration file patch added to ensure logs to be stored in
>     /var/log
>     ---
>      community/dnscrypt-proxy/APKBUILD             | 64 ++++++--------
>      .../dnscrypt-proxy/config-full-paths.patch    | 86
>     +++++++++++++++++++
>      community/dnscrypt-proxy/dnscrypt-proxy.confd |  2 +-
>      community/dnscrypt-proxy/dnscrypt-proxy.initd |  4 +-
>      .../dnscrypt-proxy.post-install               |  2 +
>      5 files changed, 116 insertions(+), 42 deletions(-)
>      create mode 100644 community/dnscrypt-proxy/config-full-paths.patch
>      create mode 100644
>     community/dnscrypt-proxy/dnscrypt-proxy.post-install
>
>     diff --git a/community/dnscrypt-proxy/APKBUILD
>     b/community/dnscrypt-proxy/APKBUILD
>     index 7f375af8..bf60f917 100644
>     --- a/community/dnscrypt-proxy/APKBUILD
>     +++ b/community/dnscrypt-proxy/APKBUILD
>     @@ -2,71 +2,57 @@
>      # Maintainer: Francesco Colista <fcolista@alpinelinux.org
>     <mailto:fcolista@alpinelinux.org>>
>      pkgname=dnscrypt-proxy
>      pkgver=2.0.9b2
>     -pkgrel=2
>     +pkgrel=3
>      pkgdesc="A tool for securing communications between a client and
>     a DNS resolver"
>      url="https://dnscrypt.info"
>      arch="all"
>     -license="custom"
>     -makedepends="$depends_dev libsodium-dev ldns-dev go"
>     -install="$pkgname.pre-install"
>     -options="!check" #upstream does not provide check/test
>     +license="ISC"
>     +depends="libcap"
>     +makedepends="go"
>     +install="$pkgname.pre-install $pkgname.post-install"
>      pkgusers=dnscrypt
>      pkggroups=dnscrypt
>     -subpackages="$pkgname-doc $pkgname-setup::noarch"
>     -source="$pkgname-$pkgver.tar.gz::https://github.com/jedisct1/$pkgname/archive/$pkgver.tar.gz
>     <https://github.com/jedisct1/$pkgname/archive/$pkgver.tar.gz>
>     +subpackages="$pkgname-setup::noarch"
>     +source="${pkgname}-${pkgver}.tar.gz::https://github.com/jedisct1/${pkgname}/archive/${pkgver}.tar.gz
>     <https://github.com/jedisct1/$%7Bpkgname%7D/archive/$%7Bpkgver%7D.tar.gz>
>             $pkgname.initd
>             $pkgname.confd
>             $pkgname.setup
>     +       config-full-paths.patch
>             "
>     -builddir="$srcdir"/$pkgname-$pkgver
>     +options="!check"
>
>      prepare() {
>     -       default_prepare
>             cd "$builddir"
>     -       export GOPATH=$(pwd)
>     -       ln -sfv vendor src
>     +       ln -sf vendor src
>     +       default_prepare
>      }
>
>      build() {
>     -       cd "$builddir"/$pkgname
>     -       go build -ldflags="-s -w" -v
>     +       cd "$builddir"/"$pkgname"
>     +       GOPATH="$builddir" go build -ldflags="-s -w" -v
>      }
>
>      package() {
>             cd "$builddir"/$pkgname
>     +       mkdir -p "$pkgdir"/etc/$pkgname
>             mkdir -p "$pkgdir"/var/log/$pkgname
>     -       mkdir -p "$pkgdir"/var/run/$pkgname
>     -       mkdir -p "$pkgdir"/var/empty
>     -       mkdir -p $pkgdir/usr/share/licenses/$pkgname
>     -    install -m755 -D "$srcdir"/$pkgname.initd
>     "$pkgdir"/etc/init.d/$pkgname
>     +       mkdir -p "$pkgdir"/usr/share/$pkgname
>     +        install -m755 -D dnscrypt-proxy
>     "$pkgdir"/usr/bin/dnscrypt-proxy
>     +        install -m644 -D example-dnscrypt-proxy.toml
>     "$pkgdir"/etc/$pkgname/dnscrypt-proxy.toml
>     +        install -m755 -D "$srcdir"/$pkgname.initd
>     "$pkgdir"/etc/init.d/$pkgname
>             install -m644 -D "$srcdir"/$pkgname.confd
>     "$pkgdir"/etc/conf.d/$pkgname
>     -       install -m755 -D $pkgname "$pkgdir"/usr/bin/$pkgname
>     -       install -vDm 644 "example-${pkgname}.toml" \
>     -               "${pkgdir}/etc/${pkgname}/${pkgname}.toml"
>     -       install -vDm 644 "example-blacklist.txt" \
>     -               "${pkgdir}/etc/${pkgname}/example-blacklist.txt"
>     -       install -vDm 644 "example-cloaking-rules.txt" \
>     -               "${pkgdir}/etc/${pkgname}/example-cloaking-rules.txt"
>     -       install -vDm 644 "example-forwarding-rules.txt" \
>     -             
>      "${pkgdir}/etc/${pkgname}/example-forwarding-rules.txt"
>     -       install -vDm 644 "example-whitelist.txt" \
>     -               "${pkgdir}/etc/${pkgname}/example-whitelist.txt"
>             chown dnscrypt "$pkgdir"/var/log/$pkgname
>     -       chown dnscrypt "$pkgdir"/var/run/$pkgname
>     -       chown dnscrypt "$pkgdir"/var/empty
>     -       chown dnscrypt "$pkgdir"/etc/$pkgname
>     -       install -m 644 ../LICENSE $pkgdir/usr/share/licenses/$pkgname
>     +       for i in example-*; do install -m644 -D "$i"
>     "$pkgdir"/usr/share/$pkgname/"$i"; done
>      }
>
>      setup() {
>     -       pkgdesc="Script for setting up DNSCrypt Proxy"
>     +       pkgdesc="Script for setting up dnscrypt-proxy"
>             depends="sed wget $pkgname"
>     -
>     -       mkdir -p "$subpkgdir"/sbin
>     -       install -m755 -D "$srcdir"/$pkgname.setup
>     "$subpkgdir"/sbin/setup-dnscrypt
>     +       install -m755 -D "$srcdir"/$pkgname.setup
>     "$subpkgdir"/usr/sbin/setup-dnscrypt
>      }
>
>      sha512sums="d64cc8e0b61e1e548b63531dc4c733af1605ccda89a9f905227e97cb966a3488104ac9af229521909ca88bde283dce224e712326b4d1717af70be2d04821c6c2
>     dnscrypt-proxy-2.0.9b2.tar.gz
>     -c38095ee38054fb0d3b51c002b5038cb073b8b9ec0ababf975e70d27e4c1bd90c0c3f846863e052f30ff2ac6d4ce84c5d4192ebae0eebfa013eb08edf840f8bf
>     dnscrypt-proxy.initd
>     -44a2d792aa80a048ea6bdb4a79c1e436bcad3610a28a963ebed5c0e77a8b2a733c45311a66268fc4026d1c4c9b1f222813aeeea9c619832bbcb7c227542b65a8
>     dnscrypt-proxy.confd
>     -66dd43d84117a0151ae41f34d82b716760382a5a491424bf6418228ffd21f0dfbc88e34cc5074e11f97f006335d97b85367bb9ab1d96747a48e893c022ad52d0
>     dnscrypt-proxy.setup"
>     +b4913fada4172a12521d1beb731cc63e12fd45380a3973bedcefff394b244401c15ec74108b5e18c0aa34f0803b4e5abe90d33c1342b32bb9137aa598a7daf4a
>     dnscrypt-proxy.initd
>     +c001ae39da1b2db71764cab568f9ed18e4de0cea3d1a4e7bd6dd01a5668b81a888ea9eef99de6beac08857ad7f8eb1a32d730e946ac3563e4dcfa27147e35052
>     dnscrypt-proxy.confd
>     +66dd43d84117a0151ae41f34d82b716760382a5a491424bf6418228ffd21f0dfbc88e34cc5074e11f97f006335d97b85367bb9ab1d96747a48e893c022ad52d0
>     dnscrypt-proxy.setup
>     +898d71dfba3d2af78ee5b26455073cc6d6ecd4ae2bb08b6f04537e9f30989da5053f364dc504a5c2f78e3da3b27b6f92ef301ed860abd4aa23b062043d317b64
>     config-full-paths.patch"
>     diff --git a/community/dnscrypt-proxy/config-full-paths.patch
>     b/community/dnscrypt-proxy/config-full-paths.patch
>     new file mode 100644
>     index 00000000..5e22153f
>     --- /dev/null
>     +++ b/community/dnscrypt-proxy/config-full-paths.patch
>     @@ -0,0 +1,86 @@
>     +--- a/dnscrypt-proxy/example-dnscrypt-proxy.toml
>     ++++ b/dnscrypt-proxy/example-dnscrypt-proxy.toml
>     +@@ -96,7 +96,7 @@
>     +
>     + ## log file for the application
>     +
>     +-# log_file = 'dnscrypt-proxy.log'
>     ++ log_file = '/var/log/dnscrypt-proxy/dnscrypt-proxy.log'
>     +
>     +
>     + ## Use the system logger (syslog on Unix, Event Log on Windows)
>     +@@ -255,7 +255,7 @@
>     +
>     +   ## Path to the query log file (absolute, or relative to the
>     same directory as the executable file)
>     +
>     +-  # file = 'query.log'
>     ++  # file = '/var/log/dnscrypt-proxy/query.log'
>     +
>     +
>     +   ## Query log format (currently supported: tsv and ltsv)
>     +@@ -281,7 +281,7 @@
>     +
>     +   ## Path to the query log file (absolute, or relative to the
>     same directory as the executable file)
>     +
>     +-  # file = 'nx.log'
>     ++  # file = '/var/log/dnscrypt-proxy/nx.log'
>     +
>     +
>     +   ## Query log format (currently supported: tsv and ltsv)
>     +@@ -311,12 +311,12 @@
>     +
>     +   ## Path to the file of blocking rules (absolute, or relative
>     to the same directory as the executable file)
>     +
>     +-  # blacklist_file = 'blacklist.txt'
>     ++  # blacklist_file = '/etc/dnscrypt-proxy/blacklist.txt'
>     +
>     +
>     +   ## Optional path to a file logging blocked queries
>     +
>     +-  # log_file = 'blocked.log'
>     ++  # log_file = '/var/log/dnscrypt-proxy/blocked.log'
>     +
>     +
>     +   ## Optional log format: tsv or ltsv (default: tsv)
>     +@@ -344,7 +344,7 @@
>     +
>     +   ## Optional path to a file logging blocked queries
>     +
>     +-  # log_file = 'ip-blocked.log'
>     ++  # log_file = '/var/log/dnscrypt-proxy/ip-blocked.log'
>     +
>     +
>     +   ## Optional log format: tsv or ltsv (default: tsv)
>     +@@ -367,12 +367,12 @@
>     +
>     +   ## Path to the file of whitelisting rules (absolute, or
>     relative to the same directory as the executable file)
>     +
>     +-  # whitelist_file = 'whitelist.txt'
>     ++  # whitelist_file = '/etc/dnscrypt-proxy/whitelist.txt'
>     +
>     +
>     +   ## Optional path to a file logging whitelisted queries
>     +
>     +-  # log_file = 'whitelisted.log'
>     ++  # log_file = '/var/log/dnscrypt-proxy/whitelisted.log'
>     +
>     +
>     +   ## Optional log format: tsv or ltsv (default: tsv)
>     +@@ -442,7 +442,7 @@
>     +
>     +   [sources.'public-resolvers']
>     +   urls =
>     ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/public-resolvers.md
>     <https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/public-resolvers.md>',
>     'https://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md
>     <https://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md>']
>     +-  cache_file = 'public-resolvers.md'
>     ++  cache_file = '/var/cache/dnscrypt-proxy/public-resolvers.md'
>     +   minisign_key =
>     'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
>     +   refresh_delay = 72
>     +   prefix = ''
>     +@@ -452,7 +452,7 @@
>     +
>     +   #  [sources.'parental-control']
>     +   #  urls =
>     ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/parental-control.md
>     <https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/parental-control.md>',
>     'https://download.dnscrypt.info/resolvers-list/v2/parental-control.md
>     <https://download.dnscrypt.info/resolvers-list/v2/parental-control.md>']
>     +-  #  cache_file = 'parental-control.md'
>     ++  #  cache_file = '/var/cache/dnscrypt-proxy/parental-control.md'
>     +   #  minisign_key =
>     'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
>     +
>     +
>     diff --git a/community/dnscrypt-proxy/dnscrypt-proxy.confd
>     b/community/dnscrypt-proxy/dnscrypt-proxy.confd
>     index 070ba95d..a1dc6a69 100644
>     --- a/community/dnscrypt-proxy/dnscrypt-proxy.confd
>     +++ b/community/dnscrypt-proxy/dnscrypt-proxy.confd
>     @@ -1,4 +1,4 @@
>     -#DNSCRYPT_OPTS="--config /etc/dnscrypt-proxy/dnscrypt-proxy.toml"
>     +#DNSCRYPT_OPTS="-config /etc/dnscrypt-proxy/dnscrypt-proxy.toml"
>      #DNSCRYPT_USER="dnscrypt"
>      #DNSCRYPT_GROUP="dnscrypt"
>
>     diff --git a/community/dnscrypt-proxy/dnscrypt-proxy.initd
>     b/community/dnscrypt-proxy/dnscrypt-proxy.initd
>     index e24085f1..c52ba746 100644
>     --- a/community/dnscrypt-proxy/dnscrypt-proxy.initd
>     +++ b/community/dnscrypt-proxy/dnscrypt-proxy.initd
>     @@ -3,9 +3,9 @@
>      # Distributed under the terms of the GNU General Public License v2
>
>      command="/usr/bin/dnscrypt-proxy"
>     -command_args="${DNSCRYPT_OPTS:---config
>     /etc/dnscrypt-proxy/dnscrypt-proxy.toml}"
>     +command_args="${DNSCRYPT_OPTS:--config
>     /etc/dnscrypt-proxy/dnscrypt-proxy.toml}"
>      command_user="${DNSCRYPT_USER:-dnscrypt}:${DNSCRYPT_GROUP:-dnscrypt}"
>     -pidfile="/run/dnscrypt-proxy/${SVCNAME}.pid"
>     +pidfile="/run/${SVCNAME}.pid"
>      start_stop_daemon_args="--background --make-pidfile"
>
>      depend() {
>     diff --git a/community/dnscrypt-proxy/dnscrypt-proxy.post-install
>     b/community/dnscrypt-proxy/dnscrypt-proxy.post-install
>     new file mode 100644
>     index 00000000..7a7f4af3
>     --- /dev/null
>     +++ b/community/dnscrypt-proxy/dnscrypt-proxy.post-install
>     @@ -0,0 +1,2 @@
>     +#!/bin/sh
>     +/usr/sbin/setcap cap_net_bind_service=+pe /usr/bin/dnscrypt-proxy
>     -- 
>     2.17.0
>
>
>
>     ---
>     Unsubscribe: alpine-aports+unsubscribe@lists.alpinelinux.org
>     <mailto:alpine-aports%2Bunsubscribe@lists.alpinelinux.org>
>     Help: alpine-aports+help@lists.alpinelinux.org
>     <mailto:alpine-aports%2Bhelp@lists.alpinelinux.org>
>     ---
>
>