Commit 7f8a07f2 authored by Leonardo Arena's avatar Leonardo Arena

main/dns-root-hints: add manual update script

parent 1e3974cf
......@@ -2,15 +2,15 @@
# Maintainer: Leonardo Arena <rnalrd@alpinelinux.org>
pkgname=dns-root-hints
pkgver=2019031302
pkgrel=1
pkgrel=2
pkgdesc="The DNS root hint(s)"
url="https://www.internic.net/domain"
arch="noarch"
license="Public-Domain"
makedepends="curl gnupg"
options="net"
source="verisign-grs-nstld-key.asc named.root named.root.sig"
builddir="$srcdir/$pkgname-$pkgver"
source="verisign-grs-nstld-key.asc named.root named.root.sig
update-$pkgname"
build() {
mkdir -p "$builddir"
......@@ -24,6 +24,8 @@ package() {
"$pkgdir"/usr/share/$pkgname/named.root.sig
install -D -m 644 -o root -g root "$srcdir"/verisign-grs-nstld-key.asc \
"$pkgdir"/usr/share/$pkgname/verisign-grs-nstld-key.asc
install -D -m 755 -o root -g root "$srcdir"/update-$pkgname \
"$pkgdir"/usr/bin/update-$pkgname
# compatibility links
cd "$pkgdir/usr/share/$pkgname"
......@@ -82,4 +84,5 @@ _check_sig() {
sha512sums="3ecf5d66e506526ad98ea0b371202f0763b987322bd4407b40fcd95415202bddb18fd06c82eb397566b393e214dc88cb17ec94f3908328e8a55f5f68cc730993 verisign-grs-nstld-key.asc
ad14d7b6c6c52ebdd6c21448aa79d0560701df3b92576fab7ed1611314a5279e317dcfbcb05f2f2cb9d9b0a8932f56e6a03c7a52709fc75929d568267aa64f8b named.root
774ac61ee930611a1876447c981e20f0340ad25c49703b2d068164a681c3d5bac8f5c8f6fc0a4ba98e04d9aa4b922d4ea8936029cf2336b94e7cd6588ee6ba69 named.root.sig"
774ac61ee930611a1876447c981e20f0340ad25c49703b2d068164a681c3d5bac8f5c8f6fc0a4ba98e04d9aa4b922d4ea8936029cf2336b94e7cd6588ee6ba69 named.root.sig
7e640e997dd0eae47fb1e609f73d5206e09684eada15d3b6043fc23e639859af743b99cbd868e98269c2af25e7c3eeea307f52f2fb7d4a6f3e00f8b14a289322 update-dns-root-hints"
#!/bin/sh
url=https://www.internic.net/domain
base_dir=/usr/share/dns-root-hints
_tmp=$(mktemp -d -p .)
if [ $(id -u) != "0" ]; then
echo "Needs to run as root."
exit 1
fi
_check_sig() {
local GNUPGHOME="$HOME/.gpg"
install -d -m 0700 "$GNUPGHOME"
gpg --import < $base_dir/verisign-grs-nstld-key.asc
gpg --verify "${_tmp}/named.root.sig" "${_tmp}/named.root"
}
for file in named.root named.root.sig; do
curl -sLR ${url}/${file} -o "${_tmp}/${file}" || exit 1
done
# compare new and current versions
_drh_new_ver=$(grep "related version of root zone:" ${_tmp}/named.root | egrep -o '[0-9]{10}')
_drh_current_ver=$(grep "related version of root zone:" $base_dir/named.root | egrep -o '[0-9]{10}')
# update to new version if needed
echo "Version $_drh_current_ver <- Installed"
echo "Version $_drh_new_ver <- Downloaded"
if [ "$_drh_new_ver" != "$_drh_current_ver" ]; then
_check_sig || exit 1
mv ${_tmp}/named.root $base_dir/named.root || exit 1
mv ${_tmp}/named.root.sig $base_dir/named.root.sig || exit 1
echo -e "\nZone file updated.\n"
else
echo -e "\nZone file already up-to-date.\n"
fi
# cleanup
rm "${_tmp}"/* 2>/dev/null || true
rmdir "${_tmp}" 2>/dev/null || true
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment