diff --git a/debian/changelog b/debian/changelog index 382a9c8..f4d03f4 100644 --- a/debian/changelog +++ b/debian/changelog @@ -11,6 +11,7 @@ dnsmasq (2.81-1) unstable; urgency=low only one of the interfaces. (closes: #949565) * Fix breakage of dig +trace. (closes: #942363) * Fix build faliure with newer Nettle libraries. (closes: #940985) + * Support runscript init-system (closes: #929884) -- Simon Kelley Mon, 27 Jan 2020 22:31:15 +0000 diff --git a/debian/control b/debian/control index e30d592..af38d91 100644 --- a/debian/control +++ b/debian/control @@ -4,7 +4,7 @@ Priority: optional Build-depends: gettext, libnetfilter-conntrack-dev [linux-any], libidn2-dev, libdbus-1-dev (>=0.61), libgmp-dev, nettle-dev (>=2.4-3), libbsd-dev [!linux-any], - liblua5.2-dev + liblua5.2-dev, dh-runit, debhelper-compat (= 10) Maintainer: Simon Kelley Homepage: http://www.thekelleys.org.uk/dnsmasq/doc.html Vcs-Git: http://thekelleys.org.uk/git/dnsmasq.git @@ -14,9 +14,10 @@ Standards-Version: 3.9.8 Package: dnsmasq Architecture: all Depends: netbase, dnsmasq-base, - init-system-helpers (>= 1.18~), lsb-base (>= 3.0-6) + init-system-helpers (>= 1.18~), lsb-base (>= 3.0-6), ${misc:Depends} Suggests: resolvconf -Conflicts: resolvconf (<<1.15) +Breaks: ${runit:Breaks} +Conflicts: resolvconf (<<1.15), ${runit:Conflicts} Description: Small caching DNS proxy and DHCP/TFTP server Dnsmasq is a lightweight, easy to configure, DNS forwarder and DHCP server. It is designed to provide DNS and optionally, DHCP, to a diff --git a/debian/dnsmasq.runit b/debian/dnsmasq.runit new file mode 100644 index 0000000..6a457f7 --- /dev/null +++ b/debian/dnsmasq.runit @@ -0,0 +1 @@ +debian/dnsmasq.runscript name=dnsmasq,logscript,since=2.80-1+runit diff --git a/debian/dnsmasq.runscript/finish b/debian/dnsmasq.runscript/finish new file mode 100755 index 0000000..cf35240 --- /dev/null +++ b/debian/dnsmasq.runscript/finish @@ -0,0 +1,5 @@ +#!/bin/sh -eu +if [ -x /sbin/resolvconf ] ; then + /sbin/resolvconf -d lo.dnsmasq +fi + diff --git a/debian/dnsmasq.runscript/run b/debian/dnsmasq.runscript/run new file mode 100755 index 0000000..1a43393 --- /dev/null +++ b/debian/dnsmasq.runscript/run @@ -0,0 +1,43 @@ +#!/lib/runit/invoke-run + +readonly name=dnsmasq +readonly daemon=/usr/sbin/dnsmasq +readonly marker=/usr/share/dnsmasq/installed-marker + +test -e "${marker}" || exec sv down "${name}" +test -x "${daemon}" || exec sv down "${name}" + +if [ ! "${RESOLV_CONF:-}" ] && + [ "${IGNORE_RESOLVCONF:-}" != "yes" ] && + [ -x /sbin/resolvconf ] +then + RESOLV_CONF=/run/dnsmasq/resolv.conf +fi + +# This tells dnsmasq to ignore DNS requests that don't come from a local network. +# It's automatically ignored if --interface --except-interface, --listen-address +# or --auth-server exist in the configuration, so for most installations, it will +# have no effect, but for otherwise-unconfigured installations, it stops dnsmasq +# from being vulnerable to DNS-reflection attacks. + +DNSMASQ_OPTS="${DNSMASQ_OPTS:-} --local-service" + +# If the dns-root-data package is installed, then the trust anchors will be +# available in $ROOT_DS, in BIND zone-file format. Reformat as dnsmasq +# --trust-anchor options. + +ROOT_DS="/usr/share/dns/root.ds" + +if [ -f $ROOT_DS ]; then + DNSMASQ_OPTS="$DNSMASQ_OPTS `env LC_ALL=C sed -rne "s/^([.a-zA-Z0-9]+)([[:space:]]+[0-9]+)*([[:space:]]+IN)*[[:space:]]+DS[[:space:]]+/--trust-anchor=\1,/;s/[[:space:]]+/,/gp" $ROOT_DS | tr '\n' ' '`" +fi + +mkdir -p /run/dnsmasq +chown dnsmasq:nogroup /run/dnsmasq +[ -x /sbin/restorecon ] && /sbin/restorecon /run/dnsmasq +exec "${daemon}" \ + --keep-in-foreground \ + --log-facility=/dev/stdout \ + ${RESOLV_CONF:+ -r $RESOLV_CONF} \ + ${DNSMASQ_OPTS} \ + -u dnsmasq diff --git a/debian/rules b/debian/rules index fe5253d..d9e305e 100755 --- a/debian/rules +++ b/debian/rules @@ -175,6 +175,10 @@ binary-indep: checkroot -d debian/trees/daemon/etc/insserv.conf.d install -m 644 debian/conffiles debian/trees/daemon/DEBIAN install -m 755 debian/postinst debian/postrm debian/prerm debian/trees/daemon/DEBIAN + rm -f debian/dnsmasq.postinst.debhelper debian/dnsmasq.postrm.debhelper + dh_runit -pdnsmasq -Pdebian/trees/daemon + cat debian/dnsmasq.postinst.debhelper >> debian/trees/daemon/DEBIAN/postinst + cat debian/dnsmasq.postrm.debhelper >> debian/trees/daemon/DEBIAN/postrm install -m 755 debian/init debian/trees/daemon/etc/init.d/dnsmasq install -m 755 debian/resolvconf debian/trees/daemon/etc/resolvconf/update.d/dnsmasq install -m 755 debian/resolvconf-package debian/trees/daemon/usr/lib/resolvconf/dpkg-event.d/dnsmasq @@ -188,7 +192,7 @@ binary-indep: checkroot install -m 644 debian/insserv debian/trees/daemon/etc/insserv.conf.d/dnsmasq ln -s $(package) debian/trees/daemon/usr/share/doc/dnsmasq cd debian/trees/daemon && find . -type f ! -regex '.*DEBIAN/.*' -printf '%P\0' | LC_ALL=C sort -z | xargs -r0 md5sum > DEBIAN/md5sums - dpkg-gencontrol $(PACKAGE_VERSION) -T -pdnsmasq -Pdebian/trees/daemon + dpkg-gencontrol $(PACKAGE_VERSION) -Tdebian/dnsmasq.substvars -pdnsmasq -Pdebian/trees/daemon find debian/trees/daemon -depth -newermt '$(BUILD_DATE)' -print0 | xargs -0r touch --no-dereference --date='$(BUILD_DATE)' chown -R root.root debian/trees/daemon chmod -R g-ws debian/trees/daemon