* [bug#33020] [PATCH] gnu: Add nullmailer.
@ 2018-10-11 23:06 Tobias Geerinckx-Rice
2018-10-15 20:01 ` Ludovic Courtès
0 siblings, 1 reply; 15+ messages in thread
From: Tobias Geerinckx-Rice @ 2018-10-11 23:06 UTC (permalink / raw)
To: 33020
* gnu/packages/mail.scm (nullmailer): New public variable.
---
gnu/packages/mail.scm | 82 +++++++++++++++++++++++++++++++++++++++++++
1 file changed, 82 insertions(+)
diff --git a/gnu/packages/mail.scm b/gnu/packages/mail.scm
index 7348719ed..e7f5584b0 100644
--- a/gnu/packages/mail.scm
+++ b/gnu/packages/mail.scm
@@ -45,6 +45,7 @@
(define-module (gnu packages mail)
#:use-module (gnu packages)
+ #:use-module (gnu packages admin)
#:use-module (gnu packages aspell)
#:use-module (gnu packages autotools)
#:use-module (gnu packages base)
@@ -225,6 +226,87 @@ software.")
;; Libraries are under LGPLv3+, and programs under GPLv3+.
(list gpl3+ lgpl3+))))
+(define-public nullmailer
+ (package
+ (name "nullmailer")
+ (version "2.1")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (list
+ (string-append "https://untroubled.org/nullmailer/"
+ "nullmailer-" version ".tar.gz")
+ ;; Previous releases are moved to this subdirectory.
+ (string-append "https://untroubled.org/nullmailer/archive/"
+ "nullmailer-" version ".tar.gz")))
+ (sha256
+ (base32 "0gykh0qc86rk0knfvp8ndqkryal3pvqdfdya94wvb6n1cc8p3ild"))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:configure-flags
+ (list "--enable-tls"
+ "--localstatedir=/var"
+ "--sysconfdir=/etc")
+ #:phases
+ (modify-phases %standard-phases
+ (add-before 'check 'patch-test-FHS-file-names
+ (lambda _
+ (with-directory-excursion "test"
+ (substitute* (list "functions.in"
+ "tests/send")
+ ;; Fix some shebangs later generated on the fly.
+ (("/bin/sh") (which "bash"))))
+ #t))
+ (add-before 'check 'pass-PATH-to-tests
+ ;; 'runtest' launches each test through 'env -', clearing $PATH. The
+ ;; tests then source 'functions', which first demands a working $PATH,
+ ;; and later clobbers it again. Pass our $PATH to the test environment
+ ;; and don't touch it after that.
+ (lambda _
+ (with-directory-excursion "test"
+ (substitute* "runtests"
+ (("env - bash")
+ (string-append "env - PATH=\"" (getenv "PATH") "\" bash")))
+ (substitute* "functions.in"
+ (("export PATH=.*") "")))
+ #t))
+ (add-before 'check 'delete-failing-tests
+ (lambda _
+ (with-directory-excursion "test/tests"
+ (for-each delete-file
+ (list
+ ;; XXX 'nullmailer-inject: nullmailer-queue failed: 15'
+ "inject/queue"
+ ;; XXX This equires the not-yet-packaged tcpserver.
+ "protocols")))
+ #t))
+ (add-before 'install 'skip-install-data-local
+ ;; Don't attempt to install run-time files outside of the store.
+ (lambda _
+ (substitute* "Makefile"
+ ((" install-data-local") ""))
+ #t)))))
+ (native-inputs
+ ;; For tests.
+ `(("daemontools" ,daemontools))) ; for svc
+ (inputs
+ `(("gnutls" ,gnutls)))
+ (home-page "https://untroubled.org/nullmailer/")
+ (synopsis "Simple relay-only mail transport agent")
+ (description
+ "Nullmailer is a simple replacement Mail Transfer Agent (@dfn{MTA}) for
+hosts that receive no local mail and only relay mail to a fixed set of smart
+relays. It's useful for systems such as Web servers that must be able to send
+email notifications, without having to run a full-blown MTA such as sendmail
+or qmail.
+
+Nullmailer is designed to be simple to configure, easy to extend, and secure.
+It requires little ongoing administration. The included @command{sendmail}
+emulator front-end should allow most (if not all) sendmail-compatible programs
+to run without any changes.")
+ (license (list lgpl2.1+ ; lib/cli++/ (but some files lack headers)
+ gpl2+)))) ; everything else
+
(define-public fetchmail
(package
(name "fetchmail")
--
2.18.0
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [bug#33026] [PATCH] gnu: Add pdns.
@ 2018-10-12 18:58 Tobias Geerinckx-Rice
2018-10-15 20:08 ` Ludovic Courtès
` (2 more replies)
0 siblings, 3 replies; 15+ messages in thread
From: Tobias Geerinckx-Rice @ 2018-10-12 18:58 UTC (permalink / raw)
To: 33026
* gnu/packages/dns.scm (pdns): New public variable.
---
The p stands for power.
gnu/packages/dns.scm | 133 +++++++++++++++++++++++++++++++++++++++++++
1 file changed, 133 insertions(+)
diff --git a/gnu/packages/dns.scm b/gnu/packages/dns.scm
index ad1a8638b..b91a7d77c 100644
--- a/gnu/packages/dns.scm
+++ b/gnu/packages/dns.scm
@@ -31,9 +31,11 @@
#:use-module (gnu packages autotools)
#:use-module (gnu packages base)
#:use-module (gnu packages bash)
+ #:use-module (gnu packages boost)
#:use-module (gnu packages databases)
#:use-module (gnu packages compression)
#:use-module (gnu packages crypto)
+ #:use-module (gnu packages curl)
#:use-module (gnu packages datastructures)
#:use-module (gnu packages flex)
#:use-module (gnu packages glib)
@@ -43,6 +45,7 @@
#:use-module (gnu packages libevent)
#:use-module (gnu packages libidn)
#:use-module (gnu packages linux)
+ #:use-module (gnu packages lua)
#:use-module (gnu packages ncurses)
#:use-module (gnu packages nettle)
#:use-module (gnu packages networking)
@@ -360,6 +363,136 @@ run in a @code{chroot} jail, thus making any security flaws in NSD less likely
to result in system-wide compromise.")
(license (list license:bsd-3))))
+(define-public pdns
+ (package
+ (name "pdns")
+ (version "4.1.4")
+ (source
+ (origin
+ (method url-fetch)
+ (uri
+ (string-append "https://downloads.powerdns.com/releases/pdns-"
+ version ".tar.bz2"))
+ (sha256
+ (base32 "1m9yhzrxh315gv855c590b2qc8bx31rrnl72pqxrnlix701qch79"))))
+ (build-system gnu-build-system)
+ ;; There's no make target or other way to cleanly separate the tools from
+ ;; the core. We have to rely on a hard-coded list below, which needs to
+ ;; be kept up to date when changing the package version or configuration.
+ (outputs (list "out" "tools"))
+ (arguments
+ `(#:configure-flags
+ (list "--enable-libsodium" ; ed25519 (DNSSEC algorithm 15)
+ ;; "--enable-libdecaf" ; ed25519 & Ed448 (XXX unpackaged)
+ "--enable-reproducible"
+ "--enable-tools" ; not the default, so we split them off
+ "--enable-unit-tests"
+
+ ;; /sbin/pdns_server retains references to 'optional' dependencies
+ ;; like PostgreSQL, so packaging backends separately saves nothing.
+ (string-append
+ "--with-dynmodules=" ; build dynamic modules...
+ (string-join
+ (list "bind" ; BIND-style zone files
+ "gpgsql" ; generic PostgreSQL
+ "gsqlite3" ; generic Sqlite
+ "lua" ; Lua scripting
+ "pipe" ; simple stdin/stdout pipe
+ "remote") ; generic JSON/RPC connector
+ " "))
+ "--with-modules=" ; ...and no static modules
+
+ "--with-luajit" ; use JIT variant for Lua backend
+ "--with-protobuf" ; log DNS query information
+ "--with-sqlite3"
+
+ (string-append "--docdir=" (assoc-ref %outputs "out") "/share/doc/"
+ ,name "-" ,version)
+ "--sysconfdir=/etc/powerdns"
+ "--with-socketdir=/run")
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'omit-PDNS_CONFIG_ARGS
+ ;; Stop 'pdns_server --version' printing build-time details, like
+ ;; PKG_CONFIG_PATH, which embed references to almost every input.
+ (lambda _
+ (substitute* "configure"
+ (("#define PDNS_CONFIG_ARGS.*") ""))
+ #t))
+ (replace 'install
+ ;; Don't try to install configuration files to /etc.
+ (lambda* (#:key make-flags #:allow-other-keys)
+ (apply invoke "make" "sysconfdir=$(docdir)/examples" "install"
+ make-flags)))
+ (add-after 'install 'move-tools
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (tools (assoc-ref outputs "tools"))
+ (files
+ (list "bin/calidns" "share/man/man1/calidns.1"
+ "bin/dnsbulktest" "share/man/man1/dnsbulktest.1"
+ "bin/dnsgram" "share/man/man1/dnsgram.1"
+ "bin/dnsreplay" "share/man/man1/dnsreplay.1"
+ "bin/dnsscan" "share/man/man1/dnsscan.1"
+ "bin/dnsscope" "share/man/man1/dnsscope.1"
+ "bin/dnstcpbench" "share/man/man1/dnstcpbench.1"
+ "bin/dnswasher" "share/man/man1/dnswasher.1"
+ "bin/dumresp" "share/man/man1/dumresp.1"
+ "bin/ixplore" "share/man/man1/ixplore.1"
+ "bin/nproxy" "share/man/man1/nproxy.1"
+ "bin/nsec3dig" "share/man/man1/nsec3dig.1"
+ "bin/pdns_notify" "share/man/man1/pdns_notify.1"
+ "bin/saxfr" "share/man/man1/saxfr.1"
+ "bin/sdig" "share/man/man1/sdig.1"
+ "bin/stubquery")))
+ (with-directory-excursion out
+ (for-each (lambda (file)
+ (let ((target (string-append tools "/" file)))
+ (mkdir-p (dirname target))
+ (rename-file file target)))
+ files))
+ #t))))))
+ (native-inputs
+ `(("pkg-config" ,pkg-config)
+
+ ;; For tests.
+ ("curl" ,curl)))
+ (inputs
+ `(("boost" ,boost)
+ ("libsodium" ,libsodium)
+ ("luajit" ,luajit)
+ ("openssl" ,openssl)
+ ("postgresql" ,postgresql)
+ ("protobuf" ,protobuf)
+ ("sqlite" ,sqlite)
+ ("zlib" ,zlib)))
+ (home-page "https://www.powerdns.com/")
+ (synopsis "Authoritative DNS name server with dynamic back-ends")
+ (description
+ "This is the PowerDNS Authoritative Server, a versatile name server for the
+Domain Name System (@dfn{DNS}) that supports a wide variety of storage methods.
+
+The core server (@command{pdns_server}) handles all packet processing and DNS
+intelligence, while retrieving and updating the actual DNS records (and any
+additional metadata) through one or more of numerous loadable backends.
+
+Included backends range from simple BIND-style zone files and relational
+databases to (geographical) load-balancing, JSON APIs, and entire scripting
+languages. Records can be transparently signed for use with the @dfn{Domain Name
+System Security Extensions} (DNSSEC). Automated key management is available.
+
+Real-time statistics can be exported to different formats, or through an optional
+built-in Web server and API that allow for basic remote administration.")
+ (license
+ (list license:bsd-3 ; ext/luawrapper/include/LuaContext.*
+ license:expat ; ext/{json11,yahttp}
+ license:lgpl2.1+ ; m4/pdns*
+ ;; modules/oraclebackend/README says MIT, actual headers state GPL2,
+ ;; as do pdns/{ssqlite3,tcpreceiver,test-tsig,zone2ldap}.* and
+ ;; modules/ldapbackend.
+ license:gpl2
+ license:gpl3+)))) ; the rest is GPL[23]+
+
(define-public unbound
(package
(name "unbound")
--
2.18.0
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [bug#33020] [PATCH] gnu: Add nullmailer.
2018-10-11 23:06 [bug#33020] [PATCH] gnu: Add nullmailer Tobias Geerinckx-Rice
@ 2018-10-15 20:01 ` Ludovic Courtès
0 siblings, 0 replies; 15+ messages in thread
From: Ludovic Courtès @ 2018-10-15 20:01 UTC (permalink / raw)
To: Tobias Geerinckx-Rice; +Cc: 33020
Hello!
Tobias Geerinckx-Rice <me@tobias.gr> skribis:
> * gnu/packages/mail.scm (nullmailer): New public variable.
[...]
> + (add-before 'check 'delete-failing-tests
> + (lambda _
> + (with-directory-excursion "test/tests"
> + (for-each delete-file
> + (list
> + ;; XXX 'nullmailer-inject: nullmailer-queue failed: 15'
> + "inject/queue"
> + ;; XXX This equires the not-yet-packaged tcpserver.
> + "protocols")))
(Typo in the second comment.)
If the first failure something we should worry about?
> + (synopsis "Simple relay-only mail transport agent")
s/transport/transfer/
> + (description
> + "Nullmailer is a simple replacement Mail Transfer Agent (@dfn{MTA}) for
I think you can remove @dfn here (normally it’s used on a phrase that is
being introduced, not on an abbreviation.)
Otherwise LGTM, thanks!
Ludo’.
^ permalink raw reply [flat|nested] 15+ messages in thread
* [bug#33026] [PATCH] gnu: Add pdns.
2018-10-12 18:58 [bug#33026] [PATCH] gnu: Add pdns Tobias Geerinckx-Rice
@ 2018-10-15 20:08 ` Ludovic Courtès
2018-10-17 20:01 ` Tobias Geerinckx-Rice
2019-03-04 16:19 ` [bug#33026] [PATCH v2 0/2] " Tobias Geerinckx-Rice
2018-11-07 21:11 ` [bug#33026] [PATCH] " Leo Famulari
2019-02-19 23:07 ` [bug#33026] Progress Andreas Enge
2 siblings, 2 replies; 15+ messages in thread
From: Ludovic Courtès @ 2018-10-15 20:08 UTC (permalink / raw)
To: Tobias Geerinckx-Rice; +Cc: 33026
Hi,
Tobias Geerinckx-Rice <me@tobias.gr> skribis:
> * gnu/packages/dns.scm (pdns): New public variable.
> ---
>
> The p stands for power.
What about “powerdns” then?
> + ;; There's no make target or other way to cleanly separate the tools from
> + ;; the core. We have to rely on a hard-coded list below, which needs to
> + ;; be kept up to date when changing the package version or configuration.
> + (outputs (list "out" "tools"))
Why not keep all the commands in the same output? Is it to avoiding
cluttering user profiles, or is it a matter of package size?
> + (description
> + "This is the PowerDNS Authoritative Server, a versatile name server for the
> +Domain Name System (@dfn{DNS}) that supports a wide variety of storage methods.
I think you can avoid @dfn here as well. :-)
> + (license
> + (list license:bsd-3 ; ext/luawrapper/include/LuaContext.*
> + license:expat ; ext/{json11,yahttp}
> + license:lgpl2.1+ ; m4/pdns*
> + ;; modules/oraclebackend/README says MIT, actual headers state GPL2,
> + ;; as do pdns/{ssqlite3,tcpreceiver,test-tsig,zone2ldap}.* and
> + ;; modules/ldapbackend.
> + license:gpl2
> + license:gpl3+)))) ; the rest is GPL[23]+
A few questions:
• Are things under ext/ simply bundled libraries? If so, do you think
there’s something we could/should do about them?
• I suppose we don’t build and thus don’t care about the license of
modules/oraclebackend, do we? :-)
• The license of m4/* doesn’t matter for the combined work; I’d just
remove it.
• GPLv2-only code cannot be combined with GPLv3+ code. Is it really
what’s happening?
Thank you!
Ludo’.
^ permalink raw reply [flat|nested] 15+ messages in thread
* [bug#33026] [PATCH] gnu: Add pdns.
2018-10-15 20:08 ` Ludovic Courtès
@ 2018-10-17 20:01 ` Tobias Geerinckx-Rice
2018-10-19 8:35 ` Ludovic Courtès
2019-03-04 16:19 ` [bug#33026] [PATCH v2 0/2] " Tobias Geerinckx-Rice
1 sibling, 1 reply; 15+ messages in thread
From: Tobias Geerinckx-Rice @ 2018-10-17 20:01 UTC (permalink / raw)
To: Ludovic Courtès; +Cc: 33026
Ludo',
Ludovic Courtès wrote:
> What about “powerdns” then?
This patch originally added 'powerdns' (my preference), then I
changed it :-)
pdns is the far more common name in GNU/Linux land. The BSDs tend
to go with powerdns.
- pdns: Alpine, Debian, Fedora, Gentoo, brew, openSUSE, Slackware
:-), and derivatives
- power: Arch, *BSD, Nix :-), and derivatives
The upstream tarball also uses the pdns- prefix.
So I'm all for using 'power' but expected some astonishment during
the review. POLA and all that.
> Why not keep all the commands in the same output? Is it to
> avoiding
> cluttering user profiles, or is it a matter of package size?
The former. Building them is not the upstream default, and I
personally don't like them littering my profile (this is entirely
subjective).
On the other hand I don't think users should have to go so far as
to customise the package to get to the tools, so this was the
compromise.
I don't think either is ideal.
>> +Domain Name System (@dfn{DNS}) that supports a wide variety of
>> storage methods.
>
> I think you can avoid @dfn here as well. :-)
OK. I'll also remove it from my (already reviewed) NSD package for
consistency.
> A few questions:
>
> • Are things under ext/ simply bundled libraries? If so, do
> you think
> there’s something we could/should do about them?
I'll take a closer look.
> • I suppose we don’t build and thus don’t care about the
> license of
> modules/oraclebackend, do we? :-)
Hm, is that how this works? Or is Oracle's DB non-free? I know
nothing about Oracle, which might itself be the anwser to that
question.
If it is, shouldn't we remove the whole thing in a snippet unless
the build system really hates that?
> • The license of m4/* doesn’t matter for the combined work;
> I’d just
> remove it.
OK. I'll never fully grasp these legal combinatorics.
> • GPLv2-only code cannot be combined with GPLv3+ code. Is it
> really
> what’s happening?
Let's hope and assume not, then. Closer look.
Thanks!
T G-R
^ permalink raw reply [flat|nested] 15+ messages in thread
* [bug#33026] [PATCH] gnu: Add pdns.
2018-10-17 20:01 ` Tobias Geerinckx-Rice
@ 2018-10-19 8:35 ` Ludovic Courtès
0 siblings, 0 replies; 15+ messages in thread
From: Ludovic Courtès @ 2018-10-19 8:35 UTC (permalink / raw)
To: Tobias Geerinckx-Rice; +Cc: 33026
Hello!
Tobias Geerinckx-Rice <me@tobias.gr> skribis:
> Ludovic Courtès wrote:
>> What about “powerdns” then?
>
> This patch originally added 'powerdns' (my preference), then I changed
> it :-)
> pdns is the far more common name in GNU/Linux land. The BSDs tend to
> go with powerdns.
>
> - pdns: Alpine, Debian, Fedora, Gentoo, brew, openSUSE, Slackware
> :-), and derivatives
> - power: Arch, *BSD, Nix :-), and derivatives
>
> The upstream tarball also uses the pdns- prefix.
Alright, go for “pdns” then! Sorry for asking. ;-)
>> Why not keep all the commands in the same output? Is it to avoiding
>> cluttering user profiles, or is it a matter of package size?
>
> The former. Building them is not the upstream default, and I
> personally don't like them littering my profile (this is entirely
> subjective).
>
> On the other hand I don't think users should have to go so far as to
> customise the package to get to the tools, so this was the compromise.
OK, that makes sense to me. Maybe add a comment to explain this.
>> A few questions:
>>
>> • Are things under ext/ simply bundled libraries? If so, do you
>> think
>> there’s something we could/should do about them?
>
> I'll take a closer look.
>
>> • I suppose we don’t build and thus don’t care about the license
>> of
>> modules/oraclebackend, do we? :-)
>
> Hm, is that how this works? Or is Oracle's DB non-free? I know nothing
> about Oracle, which might itself be the anwser to that question.
Oracle’s DB is non-free indeed (though Oracle also acquired MySQL, but
this isn’t usually referred to as “Oracle DB”.)
> If it is, shouldn't we remove the whole thing in a snippet unless the
> build system really hates that?
We could do that indeed! Well the backend itself may be free, but it’s
useless without the non-free piece of software, so it makes sense to
remove it (as long as the build system allows it.)
>> • The license of m4/* doesn’t matter for the combined work; I’d
>> just
>> remove it.
>
> OK. I'll never fully grasp these legal combinatorics.
>
>> • GPLv2-only code cannot be combined with GPLv3+ code. Is it
>> really
>> what’s happening?
>
> Let's hope and assume not, then. Closer look.
OK, thanks!
Ludo’.
^ permalink raw reply [flat|nested] 15+ messages in thread
* [bug#33026] [PATCH] gnu: Add pdns.
2018-10-12 18:58 [bug#33026] [PATCH] gnu: Add pdns Tobias Geerinckx-Rice
2018-10-15 20:08 ` Ludovic Courtès
@ 2018-11-07 21:11 ` Leo Famulari
2019-02-19 23:07 ` [bug#33026] Progress Andreas Enge
2 siblings, 0 replies; 15+ messages in thread
From: Leo Famulari @ 2018-11-07 21:11 UTC (permalink / raw)
To: Tobias Geerinckx-Rice; +Cc: 33026
[-- Attachment #1: Type: text/plain, Size: 743 bytes --]
On Fri, Oct 12, 2018 at 08:58:54PM +0200, Tobias Geerinckx-Rice wrote:
> +(define-public pdns
> + (package
> + (name "pdns")
> + (version "4.1.4")
Please update to 4.1.5 before pushing, in order to get fixes for these
bugs:
* 2018-03: Crafted zone record can cause a denial of service
(CVE-2018-10851, Authoritative)
* 2018-04: Crafted answer can cause a denial of service
(CVE-2018-10851, Recursor)
* 2018-05: Packet cache pollution via crafted query (CVE-2018-14626,
Authoritative >= 4.1.0)
* 2018-06: Packet cache pollution via crafted query (CVE-2018-14626,
Recursor >= 4.0.0)
* 2018-07: Crafted query for meta-types can cause a denial of service
(CVE-2018-14644, Recursor >= 4.0.0)
https://seclists.org/oss-sec/2018/q4/137
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 15+ messages in thread
* [bug#33026] Progress
2018-10-12 18:58 [bug#33026] [PATCH] gnu: Add pdns Tobias Geerinckx-Rice
2018-10-15 20:08 ` Ludovic Courtès
2018-11-07 21:11 ` [bug#33026] [PATCH] " Leo Famulari
@ 2019-02-19 23:07 ` Andreas Enge
2019-03-07 13:22 ` bug#33026: [bug#33020] Progress Andreas Enge
2 siblings, 1 reply; 15+ messages in thread
From: Andreas Enge @ 2019-02-19 23:07 UTC (permalink / raw)
To: 33026, 33020
Is this patch still of interest, or should we close the bug report?
Andreas
^ permalink raw reply [flat|nested] 15+ messages in thread
* [bug#33026] [PATCH v2 0/2] gnu: Add pdns.
2018-10-15 20:08 ` Ludovic Courtès
2018-10-17 20:01 ` Tobias Geerinckx-Rice
@ 2019-03-04 16:19 ` Tobias Geerinckx-Rice
2019-03-04 16:19 ` [bug#33026] [PATCH v2 1/2] gnu: Add yahttp Tobias Geerinckx-Rice
2019-03-04 16:19 ` [bug#33026] [PATCH v2 2/2] gnu: Add pdns Tobias Geerinckx-Rice
1 sibling, 2 replies; 15+ messages in thread
From: Tobias Geerinckx-Rice @ 2019-03-04 16:19 UTC (permalink / raw)
To: 33026
From: Tobias Geerinckx-Rice <me@tobias.gr>
Ludo',
Thanks for the review and sorry for the late reply. I've think I've addressed all your points below, apart from the last one.
I've also added Ruby and Perl to run the full test suite, and tried to make the ‘move-tools’ phase a bit more straightforward.
Ludovic Courtès wrote:
> What about “powerdns” then?
>
> Tobias Geerinckx-Rice <me@tobias.gr> skribis:
>> [blah blah blah blah]
>
> Alright, go for “pdns” then! Sorry for asking. ;-)
You'll never make that mistake again.
> We could do that indeed! Well the backend itself may be free, but
> it's useless without the non-free piece of software, so it makes
> sense to remove it (as long as the build system allows it.)
OK.
> I think you can avoid @dfn here as well. :-)
OK. Replaced with @acronym if that's all right.
> A few questions:
>
> • Are things under ext/ simply bundled libraries? If so, do you think
> there’s something we could/should do about them?
There are 3 libraries under ext/:
- json11 (https://github.com/dropbox/json11) is a one-C++-file library
without own build system, intended for bundling;
- luawrapper is just a lone header file (LuaContext.hpp);
- yahttp (https://github.com/cmouse/yahttp) is most like a real package,
and while the README instructs developers to just plonk its headers in
with their own and ship it that way, I was able to package & use it.
> • I suppose we don’t build and thus don’t care about the license of
> modules/oraclebackend, do we? :-)
Out it goes.
> • The license of m4/* doesn’t matter for the combined work; I’d just
> remove it.
Done.
> • GPLv2-only code cannot be combined with GPLv3+ code. Is it really
> what’s happening?
I think so:
$ head pdns/ssqlite3.cc
/* SQLite backend for PowerDNS
* Copyright (C) 2003, Michel Stol <michel@powerdns.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2
* as published by the Free Software Foundation.
*
* Additionally, the license of this program contains a special
* exception which allows to distribute the program in binary form when
* it is linked against OpenSSL.
Is this really a deal-breaker?
We could disable the sqlite and LDAP back ends (hardly ideal) but pdns/tcpreceiver.cc is linked into the core pdns_server…
Uh oh,
T G-R
Tobias Geerinckx-Rice (2):
gnu: Add yahttp.
gnu: Add pdns.
gnu/packages/dns.scm | 176 +++++++++++++++++++++++++++++++++++++++++++
gnu/packages/web.scm | 42 +++++++++++
2 files changed, 218 insertions(+)
--
2.20.1
^ permalink raw reply [flat|nested] 15+ messages in thread
* [bug#33026] [PATCH v2 1/2] gnu: Add yahttp.
2019-03-04 16:19 ` [bug#33026] [PATCH v2 0/2] " Tobias Geerinckx-Rice
@ 2019-03-04 16:19 ` Tobias Geerinckx-Rice
2019-03-04 16:19 ` [bug#33026] [PATCH v2 2/2] gnu: Add pdns Tobias Geerinckx-Rice
1 sibling, 0 replies; 15+ messages in thread
From: Tobias Geerinckx-Rice @ 2019-03-04 16:19 UTC (permalink / raw)
To: 33026
From: Tobias Geerinckx-Rice <me@tobias.gr>
* gnu/packages/web.scm (yahttp): New public variable.
---
gnu/packages/web.scm | 42 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 42 insertions(+)
diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm
index b0ee78b92b..95099e450e 100644
--- a/gnu/packages/web.scm
+++ b/gnu/packages/web.scm
@@ -66,6 +66,7 @@
#:use-module (gnu packages admin)
#:use-module (gnu packages adns)
#:use-module (gnu packages apr)
+ #:use-module (gnu packages boost)
#:use-module (gnu packages check)
#:use-module (gnu packages documentation)
#:use-module (gnu packages docbook)
@@ -86,6 +87,7 @@
#:use-module (gnu packages gnupg)
#:use-module (gnu packages gnuzilla)
#:use-module (gnu packages gperf)
+ #:use-module (gnu packages graphviz)
#:use-module (gnu packages gtk)
#:use-module (gnu packages guile)
#:use-module (gnu packages guile-xyz)
@@ -4907,6 +4909,46 @@ and xinetd usually launches another daemon to handle the request. It can be
used to start services with both privileged and non-privileged port numbers.")
(license (l:fsf-free "file://COPYRIGHT"))))
+(define-public yahttp
+ (package
+ (name "yahttp")
+ (version "0.2.1")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/cmouse/yahttp.git")
+ (commit (string-append "v" version))))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32 "09pxykgby8hlyvaff106p6m847idg6nkprahx62kr05ks5r6i77v"))))
+ ;; Separate the ~7.5 MiB of HTML documentation from the rest (~700 KiB).
+ ;; Installing the package without it would require patching Makefiles.
+ (outputs (list "out" "doc"))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:configure-flags
+ (list (string-append "--htmldir=" (assoc-ref %outputs "doc")
+ "/share/doc/" ,name "-" ,version))))
+ (native-inputs
+ `(("autoconf" ,autoconf)
+ ("automake" ,automake)
+ ("libtool" ,libtool)
+
+ ;; For creating the documentation.
+ ("doxygen" ,doxygen)
+ ("graphviz" ,graphviz)))
+ (inputs
+ `(("boost" ,boost)))
+ (home-page "https://github.com/cmouse/yahttp")
+ (synopsis "Small-footprint HTTP request/response parser")
+ (description
+ "@acronym{YaHTTP, Yet Another HTTP Library} aims to be purely an HTTP
+request/response parser with no input/output ties. It is intended to be used in
+small-footprint applications and other utilities that want to use HTTP over
+something else than network I/O.")
+ (license l:expat)))
+
(define-public tidy-html
(package
(name "tidy-html")
--
2.20.1
^ permalink raw reply related [flat|nested] 15+ messages in thread
* [bug#33026] [PATCH v2 2/2] gnu: Add pdns.
2019-03-04 16:19 ` [bug#33026] [PATCH v2 0/2] " Tobias Geerinckx-Rice
2019-03-04 16:19 ` [bug#33026] [PATCH v2 1/2] gnu: Add yahttp Tobias Geerinckx-Rice
@ 2019-03-04 16:19 ` Tobias Geerinckx-Rice
1 sibling, 0 replies; 15+ messages in thread
From: Tobias Geerinckx-Rice @ 2019-03-04 16:19 UTC (permalink / raw)
To: 33026
From: Tobias Geerinckx-Rice <me@tobias.gr>
* gnu/packages/dns.scm (pdns): New public variable.
---
gnu/packages/dns.scm | 176 +++++++++++++++++++++++++++++++++++++++++++
1 file changed, 176 insertions(+)
diff --git a/gnu/packages/dns.scm b/gnu/packages/dns.scm
index 9cc707e5b4..b929f8b426 100644
--- a/gnu/packages/dns.scm
+++ b/gnu/packages/dns.scm
@@ -32,9 +32,11 @@
#:use-module (gnu packages autotools)
#:use-module (gnu packages base)
#:use-module (gnu packages bash)
+ #:use-module (gnu packages boost)
#:use-module (gnu packages databases)
#:use-module (gnu packages compression)
#:use-module (gnu packages crypto)
+ #:use-module (gnu packages curl)
#:use-module (gnu packages datastructures)
#:use-module (gnu packages flex)
#:use-module (gnu packages glib)
@@ -44,6 +46,7 @@
#:use-module (gnu packages libevent)
#:use-module (gnu packages libidn)
#:use-module (gnu packages linux)
+ #:use-module (gnu packages lua)
#:use-module (gnu packages ncurses)
#:use-module (gnu packages nettle)
#:use-module (gnu packages networking)
@@ -51,6 +54,8 @@
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages protobuf)
#:use-module (gnu packages python)
+ #:use-module (gnu packages ruby)
+ #:use-module (gnu packages sqlite)
#:use-module (gnu packages swig)
#:use-module (gnu packages tls)
#:use-module (gnu packages web)
@@ -403,6 +408,177 @@ run in a @code{chroot} jail, thus making any security flaws in NSD less likely
to result in system-wide compromise.")
(license (list license:bsd-3))))
+(define-public pdns
+ (package
+ (name "pdns")
+ (version "4.1.6")
+ (source
+ (origin
+ (method url-fetch)
+ (uri
+ (string-append "https://downloads.powerdns.com/releases/pdns-"
+ version ".tar.bz2"))
+ (sha256
+ (base32 "0ggpcvzj90a31qf71m8788ql0hbxnkb9y6c3wgqr9l0qwv8dsgpm"))
+ (modules '((guix build utils)))
+ (snippet
+ '(begin
+ ;; Delete (free) back ends for a non-free database. This also
+ ;; side-steps some licence confusion where modules/oraclebackend's
+ ;; README says ‘MIT’ but the actual file headers state GPL2 [only].
+ (for-each
+ (lambda (back-end)
+ (with-directory-excursion "modules"
+ (delete-file-recursively back-end))
+ (substitute* "configure"
+ (((format " modules/~a/Makefile" back-end))
+ ""))
+ (substitute* "modules/Makefile.in"
+ (((format ".*~a.*" back-end)) ; delete the whole line
+ "")))
+ (list "goraclebackend"
+ "oraclebackend"))
+ #t))))
+ (build-system gnu-build-system)
+ ;; Keep the extra tools from littering the user's profile unless desired.
+ ;; There's no make target or other way to cleanly separate the tools from
+ ;; the core. We have to rely on a hard-coded list (below), which needs to
+ ;; be double-checked when changing the package version or configuration.
+ (outputs (list "out" "tools"))
+ (arguments
+ `(#:configure-flags
+ (list "--enable-libsodium" ; ed25519 (DNSSEC algorithm 15)
+ ;; "--enable-libdecaf" ; ed25519 & Ed448 (XXX unpackaged)
+ "--enable-reproducible"
+ "--enable-tools"
+ "--enable-unit-tests"
+
+ ;; XXX The 'core' (sbin/pdns_server) retains references to some
+ ;; dependencies (e.g. luajit, sqlite) but not all of them (e.g.
+ ;; postgresql). Moving backend modules to their own output (or
+ ;; package?) might reduce the closure size significantly and/or
+ ;; allow us to build more (all?) of them. Something to consider.
+ (string-append
+ "--with-dynmodules=" ; build dynamic modules...
+ (string-join
+ (list "bind" ; BIND-style zone files
+ "gpgsql" ; generic PostgreSQL
+ "gsqlite3" ; generic Sqlite
+ "lua" ; Lua scripting
+ "pipe" ; simple stdin/stdout pipe
+ "remote") ; generic JSON/RPC connector
+ " "))
+ "--with-modules=" ; ...and no static modules
+
+ "--with-luajit" ; use JIT variant for Lua backend
+ "--with-protobuf" ; for logging DNS query information
+ "--with-sqlite3" ; include the sqlite3 driver
+
+ (string-append "--docdir=" (assoc-ref %outputs "out") "/share/doc/"
+ ,name "-" ,version)
+ "--sysconfdir=/etc/powerdns"
+ "--with-socketdir=/run")
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'use-packaged-yahttp
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((yahttp (assoc-ref inputs "yahttp")))
+ (delete-file-recursively "ext/yahttp")
+ (substitute* "configure"
+ (("\\$\\(top_builddir\\)/ext/yahttp/yahttp")
+ (string-append yahttp "/lib"))
+ (("ext/(yahttp/)+Makefile") ""))
+ (substitute* "ext/Makefile.in"
+ (("yahttp ") ""))
+ #t)))
+ (add-after 'unpack 'omit-PDNS_CONFIG_ARGS
+ ;; Avoid ‘pdns_server --version’ printing build-time details, like
+ ;; PKG_CONFIG_PATH, which embed references to almost every input.
+ (lambda _
+ (substitute* "configure"
+ (("#define PDNS_CONFIG_ARGS.*") ""))
+ #t))
+ (replace 'install
+ ;; Don't try to install configuration files to /etc.
+ (lambda* (#:key make-flags #:allow-other-keys)
+ (apply invoke "make" "sysconfdir=$(docdir)/examples" "install"
+ make-flags)))
+ (add-after 'install 'move-tools
+ ;; Move tools (and their documentation) to a separate output.
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (tools (assoc-ref outputs "tools"))
+ (move (lambda (file)
+ (let ((target (string-append tools "/" file)))
+ (mkdir-p (dirname target))
+ (rename-file file target)))))
+ (with-directory-excursion out
+ (for-each (lambda (tool)
+ (move (string-append "bin/" tool))
+ (move (string-append "share/man/man1/"
+ tool ".1")))
+ (list "calidns"
+ "dnsbulktest"
+ "dnsgram"
+ "dnsreplay"
+ "dnsscan"
+ "dnsscope"
+ "dnstcpbench"
+ "dnswasher"
+ "dumresp"
+ "ixplore"
+ "nproxy"
+ "nsec3dig"
+ "pdns_notify"
+ "saxfr"
+ "sdig"))
+
+ ;; This one weird tool doesn't have a man page.
+ (move "bin/stubquery")
+ #t)))))))
+ (native-inputs
+ `(("pkg-config" ,pkg-config)
+
+ ;; For tests.
+ ("curl" ,curl)
+ ("perl" ,perl)
+ ("ruby" ,ruby)))
+ (inputs
+ `(("boost" ,boost)
+ ("libsodium" ,libsodium)
+ ("luajit" ,luajit)
+ ("openssl" ,openssl)
+ ("postgresql" ,postgresql)
+ ("protobuf" ,protobuf)
+ ("sqlite" ,sqlite)
+ ("yahttp" ,yahttp)
+ ("zlib" ,zlib)))
+ (home-page "https://www.powerdns.com/")
+ (synopsis "Authoritative DNS name server with dynamic back-ends")
+ (description
+ "This is the PowerDNS Authoritative Server, a versatile name server for the
+@acronym{DNS, Domain Name System} that supports a wide variety of storage back
+ends.
+
+The core server (@command{pdns_server}) handles all packet processing and DNS
+intelligence, while retrieving and updating the actual DNS records (and any
+additional metadata) through one or more of numerous loadable backends.
+
+Included back ends range from simple BIND-style zone files and relational
+databases to (geographical) load-balancing, JSON APIs, and entire scripting
+languages. Records can be transparently signed for use with @acronym{DNSSEC,
+Domain Name System Security Extensions}. Automated key management is available.
+
+Real-time statistics can be exported to different formats, or through an optional
+built-in Web server and API that allow for basic remote administration.")
+ (license
+ (list license:bsd-3 ; ext/luawrapper/include/LuaContext.*
+ license:expat ; ext/{json11,yahttp}
+ ;; pdns/{ssqlite3,tcpreceiver,test-tsig,zone2ldap}.* and
+ ;; modules/ldapbackend are GPL2-only.
+ license:gpl2
+ license:gpl3+)))) ; the rest is GPL[23]+
+
(define-public unbound
(package
(name "unbound")
--
2.20.1
^ permalink raw reply related [flat|nested] 15+ messages in thread
* bug#33026: [bug#33020] Progress
2019-02-19 23:07 ` [bug#33026] Progress Andreas Enge
@ 2019-03-07 13:22 ` Andreas Enge
[not found] ` <87tvge7qjv.fsf@nckx>
0 siblings, 1 reply; 15+ messages in thread
From: Andreas Enge @ 2019-03-07 13:22 UTC (permalink / raw)
To: 33026-done, 33020-done
Two weeks later without any reaction, closing.
Andreas
^ permalink raw reply [flat|nested] 15+ messages in thread
* [bug#33026] [bug#33020] Progress
[not found] ` <87tvge7qjv.fsf@nckx>
@ 2019-03-07 14:02 ` Andreas Enge
2019-03-07 14:08 ` Andreas Enge
1 sibling, 0 replies; 15+ messages in thread
From: Andreas Enge @ 2019-03-07 14:02 UTC (permalink / raw)
To: Tobias Geerinckx-Rice; +Cc: 33026
On Thu, Mar 07, 2019 at 02:38:28PM +0100, Tobias Geerinckx-Rice wrote:
> Do you think this is reasonable?
I do - in the spirit of dropping packages that do not build after about
two weeks, as discussed around FOSDEM. I think there is no point in keeping
orphaned patches around for packages that apparently nobody cares about
any more.
> I'm reopening this and welcome any feedback that will help get this merged.
That is fine as well, if you care about the package, that contradicts
my motivation above!
> If no-one answers in the next 2 weeks, fine.
Well, then you replace 2 weeks by twice 2 weeks, which is also fine,
but not fundamentally different from the approach that apparently
you find unreasonable.
Andreas
^ permalink raw reply [flat|nested] 15+ messages in thread
* [bug#33026] [bug#33020] Progress
[not found] ` <87tvge7qjv.fsf@nckx>
2019-03-07 14:02 ` [bug#33026] " Andreas Enge
@ 2019-03-07 14:08 ` Andreas Enge
2019-03-07 14:58 ` Tobias Geerinckx-Rice
1 sibling, 1 reply; 15+ messages in thread
From: Andreas Enge @ 2019-03-07 14:08 UTC (permalink / raw)
To: Tobias Geerinckx-Rice; +Cc: 33026
On Thu, Mar 07, 2019 at 02:38:28PM +0100, Tobias Geerinckx-Rice wrote:
> Do you think this is reasonable?
Sorry, actually I did not see your reply from March 4 - the closing message
was sent to two entangled bug reports (this one and 33020), and the other
one did not receive any reply. Apologies for closing this one, and feel free
to reopen 33020 as well if you would still like to push nullmailer.
Andreas
^ permalink raw reply [flat|nested] 15+ messages in thread
* [bug#33026] [bug#33020] Progress
2019-03-07 14:08 ` Andreas Enge
@ 2019-03-07 14:58 ` Tobias Geerinckx-Rice
0 siblings, 0 replies; 15+ messages in thread
From: Tobias Geerinckx-Rice @ 2019-03-07 14:58 UTC (permalink / raw)
To: Andreas Enge; +Cc: Tobias Geerinckx-Rice, 33026, 33020-done
Andreas,
Andreas Enge wrote:
> On Thu, Mar 07, 2019 at 02:38:28PM +0100, Tobias Geerinckx-Rice
> wrote:
>> Do you think this is reasonable?
>
> Sorry, actually I did not see your reply from March 4 - the
> closing message
> was sent to two entangled bug reports (this one and 33020), and
> the other
> one did not receive any reply.
Oh, OK. I hadn't yet received any notification for done-33020
when I replied to done-33026, and you did also ping 33026 exactly
two weeks ago, so it seemed plausibly… intentional? Apologies for
acting slighted.
> Apologies for closing this one, and feel free
> to reopen 33020 as well if you would still like to push
> nullmailer.
-done! With an upgrade to 2.2 to boot.
Kind regards,
T G-R
^ permalink raw reply [flat|nested] 15+ messages in thread
end of thread, other threads:[~2019-03-07 14:59 UTC | newest]
Thread overview: 15+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-10-12 18:58 [bug#33026] [PATCH] gnu: Add pdns Tobias Geerinckx-Rice
2018-10-15 20:08 ` Ludovic Courtès
2018-10-17 20:01 ` Tobias Geerinckx-Rice
2018-10-19 8:35 ` Ludovic Courtès
2019-03-04 16:19 ` [bug#33026] [PATCH v2 0/2] " Tobias Geerinckx-Rice
2019-03-04 16:19 ` [bug#33026] [PATCH v2 1/2] gnu: Add yahttp Tobias Geerinckx-Rice
2019-03-04 16:19 ` [bug#33026] [PATCH v2 2/2] gnu: Add pdns Tobias Geerinckx-Rice
2018-11-07 21:11 ` [bug#33026] [PATCH] " Leo Famulari
2019-02-19 23:07 ` [bug#33026] Progress Andreas Enge
2019-03-07 13:22 ` bug#33026: [bug#33020] Progress Andreas Enge
[not found] ` <87tvge7qjv.fsf@nckx>
2019-03-07 14:02 ` [bug#33026] " Andreas Enge
2019-03-07 14:08 ` Andreas Enge
2019-03-07 14:58 ` Tobias Geerinckx-Rice
-- strict thread matches above, loose matches on Subject: below --
2018-10-11 23:06 [bug#33020] [PATCH] gnu: Add nullmailer Tobias Geerinckx-Rice
2018-10-15 20:01 ` Ludovic Courtès
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).