Commit cce099cb authored by Sören Tempel's avatar Sören Tempel

main/unbound: remove dependency on dns-root-hints

The dns-root-hints dependency has been introduced in [1]. Strictly
speaking dns-root-hints is not necessary as unbound provides builtin
root hints. This change switches to using the builtin root hints by
default, thereby avoiding installation of a cron and a dependency on
gnupg. If desired, users can still manually install and configure
dns-root-hints with unbound.

See #11324 for further information on this topic.

[1]: https://github.com/alpinelinux/aports/pull/5950
parent ff665a5d
Pipeline #70629 passed with stages
in 3 minutes and 8 seconds
......@@ -4,14 +4,14 @@
# Maintainer: Jakub Jirutka <jakub@jirutka.cz>
pkgname=unbound
pkgver=1.13.0
pkgrel=3
pkgrel=4
pkgdesc="Unbound is a validating, recursive, and caching DNS resolver"
url="http://unbound.net/"
arch="all"
license="BSD-3-Clause"
depends="dns-root-hints dnssec-root"
depends="dnssec-root"
depends_dev="expat-dev"
_depends_migrate="/bin/sh apk-tools dns-root-hints openrc"
_depends_migrate="/bin/sh apk-tools openrc"
makedepends="$depends_dev libevent-dev openssl-dev python3-dev swig linux-headers"
install="$pkgname.pre-install"
options="!check"
......@@ -74,10 +74,6 @@ package() {
cd "$pkgdir"
mkdir -p ./etc/unbound
rm -f ./etc/unbound/root.hints
ln -s ../../usr/share/dns-root-hints/named.root ./etc/unbound/root.hints
install -Dm755 "$srcdir"/unbound.initd ./etc/init.d/unbound
install -Dm644 "$srcdir"/unbound.confd ./etc/conf.d/unbound
}
......@@ -113,7 +109,7 @@ migrate() {
}
sha512sums="d4f3c5a7df5d46f8b1ee32b61e68bdc0d63030820d236ecc51bc3ac356d15248acb9a5e0b6009e1936b03b751e8dd05a071a95ab239fdbbbb308442a59642ad5 unbound-1.13.0.tar.gz
10e76b0c0e256cf81d55a6f089644693feb94bd2470730bcbcedb5f340397d2316f3a9ee57adc3d5e84e83cc26109c8cb48f6e2e3bfdbd186e40071b7b4284f1 conf.patch
0a5c7b8f2b8c79c5384bce05962c8f8f5f31ce3aeb967b0e897361a24ea7065eb4e7c28ff3acfb0fb0d46be966d4e526e64b231f49b589ec63f576c25433bb59 migrate-dnscache-to-unbound
05fec1829dfb5279f35a76eeab768d88b6dffee4477b1db693360021969bdcc89e309f71ea6cc63e0f921b1fc223a073b97892be2095ed93d7da917a59e09d00 conf.patch
7ab3f57ade3fe8add60bfce208efccc968728fac5c94c759c34aaa09aa71e0da06dd7c24ae0fecf9e2ccc869594226d68b24fe2b0a0b161b833e22c0de1b03b6 migrate-dnscache-to-unbound
c8e29190a7ab2803bb528fcc008d9788c1d46ca96abd7273023778068156aa65330a99af76a755929d24dfa936a3900bd400368ddf7b89fb3bcef29dbaa32683 unbound.initd
0ceae15d69deb24baa16990226de31fe743d84779a2595f31b4910b46ef925fc132cec1683d0a06141f707d9cbe517d731015702c60d9df4958ccfb9abd5a23f unbound.confd"
--- a/doc/example.conf.in
+++ b/doc/example.conf.in
@@ -337,12 +337,9 @@
diff -upr unbound-1.13.0.orig/doc/example.conf.in unbound-1.13.0/doc/example.conf.in
--- unbound-1.13.0.orig/doc/example.conf.in 2020-12-21 09:58:04.154390497 +0100
+++ unbound-1.13.0/doc/example.conf.in 2020-12-21 09:58:53.094583255 +0100
@@ -355,9 +355,6 @@ server:
# print log lines that say why queries return SERVFAIL to clients.
# log-servfail: no
......@@ -9,12 +10,8 @@
-
# file to read root hints from.
# get one from https://www.internic.net/domain/named.cache
- # root-hints: ""
+ root-hints: /usr/share/dns-root-hints/named.root
# enable to not answer id.server and hostname.bind queries.
# hide-identity: no
@@ -489,7 +486,7 @@
# root-hints: ""
@@ -507,7 +504,7 @@ server:
# you start unbound (i.e. in the system boot scripts). And enable:
# Please note usage of unbound-anchor root anchor is at your own risk
# and under the terms of our LICENSE (see that file in the source).
......@@ -23,7 +20,7 @@
# trust anchor signaling sends a RFC8145 key tag query after priming.
# trust-anchor-signaling: yes
@@ -506,7 +503,7 @@
@@ -519,7 +516,7 @@ server:
# with several entries, one file per entry.
# Zone file format, with DS and DNSKEY entries.
# Note this gets out of date, use auto-trust-anchor-file please.
......@@ -32,7 +29,7 @@
# Trusted key for validation. DS or DNSKEY. specify the RR on a
# single line, surrounded by "". TTL is ignored. class is IN default.
@@ -841,12 +838,13 @@
@@ -900,12 +897,13 @@ dynlib:
remote-control:
# Enable remote control with unbound-control(8) here.
# set up the keys and certificates with unbound-control-setup.
......
......@@ -14,7 +14,6 @@ to_subnet() {
gen_config() {
echo "# Config generated by $0, $(date)"
echo "server:"
echo -e "\troot-hints: /usr/share/dns-root-hints/named.root\n"
[ -n "$IP" ] && echo -e "\tinterface: $IP\n"
[ -n "$IPSEND" ] && echo -e "\toutgoing-interface: $IPSEND\n"
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment