- Add a sensible default for maximal size of cache

- Run under unpriviledged user by default PR: ports/108062 Submitted by: Sten Spans <sten@blinkenlights.nl> (maintainer)
svn path=/head/; revision=182748
2025-01-26 09:46:09 +00:00 · 2007-01-18 18:57:26 +00:00 · 2007-01-18 18:57:26 +00:00 · cf7b585184 · 2021-03-31 03:12:20 +00:00
commit cf7b585184
parent 0118bafc21
3 changed files with 59 additions and 1 deletions
--- a/dns/powerdns-recursor/Makefile
+++ b/dns/powerdns-recursor/Makefile
@ -7,7 +7,7 @@

 PORTNAME=	powerdns-recursor
 PORTVERSION=	3.1.4
-PORTREVISION=	2
+PORTREVISION=	3
 CATEGORIES=	dns ipv6
 MASTER_SITES=	http://downloads.powerdns.com/releases/ \
 		http://mirrors.evolva.ro/powerdns.com/releases/
@ -64,6 +64,10 @@ post-patch:
 	@${REINPLACE_CMD} -e 's;"/etc/powerdns/";"${PREFIX}/etc/pdns/";' \
 		${WRKSRC}/config.h

+pre-install:
+		@${ECHO} "==>  Creating custom user to run pdns_recursor..."
+		@${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL
+
 post-install:
 .if !exists(${PREFIX}/etc/pdns/recursor.conf)
 	${INSTALL_DATA} ${PREFIX}/etc/pdns/recursor.conf-dist \
--- a/dns/powerdns-recursor/files/patch-pdns_nameserver.cc
+++ b/dns/powerdns-recursor/files/patch-pdns_nameserver.cc
@ -0,0 +1,22 @@
+--- pdns_recursor.cc.orig	Wed Jan 17 23:45:51 2007
+++ pdns_recursor.cc	Thu Jan 18 00:01:47 2007
+@@ -1669,8 +1669,8 @@
+     ::arg().set("daemon","Operate as a daemon")="yes";
+     ::arg().set("log-common-errors","If we should log rather common errors")="yes";
+     ::arg().set("chroot","switch to chroot jail")="";
+-    ::arg().set("setgid","If set, change group id to this gid for more security")="";
+-    ::arg().set("setuid","If set, change user id to this uid for more security")="";
+    ::arg().set("setgid","If set, change group id to this gid for more security")="pdns";
+    ::arg().set("setuid","If set, change user id to this uid for more security")="pdns_recursor";
+ #ifdef WIN32
+     ::arg().set("quiet","Suppress logging of questions and answers")="off";
+     ::arg().setSwitch( "register-service", "Register the service" )= "no";
+@@ -1691,7 +1691,7 @@
+     ::arg().set("client-tcp-timeout","Timeout in seconds when talking to TCP clients")="2";
+     ::arg().set("max-tcp-clients","Maximum number of simultaneous TCP clients")="128";
+     ::arg().set("hint-file", "If set, load root hints from this file")="";
+-    ::arg().set("max-cache-entries", "If set, maximum number of entries in the main cache")="0";
+    ::arg().set("max-cache-entries", "If set, maximum number of entries in the main cache")="500000";
+     ::arg().set("max-negative-ttl", "maximum number of seconds to keep a negative cached entry in memory")="3600";
+     ::arg().set("server-id", "Returned when queried for 'server.id' TXT, defaults to hostname")="";
+     ::arg().set("remotes-ringbuffer-entries", "maximum number of packets to store statistics for")="0";
--- a/dns/powerdns-recursor/pkg-install
+++ b/dns/powerdns-recursor/pkg-install
@ -0,0 +1,32 @@
+#!/bin/sh
+
+if [ "$2" != "PRE-INSTALL" ]; then
+    exit 0
+fi
+
+PDNSUSER=${PDNSUSER:-pdns_recursor}
+PDNSUID=${PDNSUID:-120}
+PDNSGROUP=${PDNSGROUP:-pdns}
+PDNSGID=${PDNSGID:-120}
+
+if ! pw groupshow "$PDNSGROUP" 2>/dev/null 1>&2; then
+	if pw groupadd $PDNSGROUP -g $PDNSGID; then
+		echo "=> Added group \"$PDNSGROUP\"."
+	else
+		echo "=> Adding group \"$PDNSGROUP\" failed..."
+		exit 1
+	fi
+fi
+
+if ! pw usershow "$PDNSUSER" 2>/dev/null 1>&2; then
+	if pw useradd $PDNSUSER -u $PDNSUID -g $PDNSGROUP -h - \
+		-s "/sbin/nologin" -d "/nonexistent" \
+		-c "pdns_recursor pseudo-user"; \
+	then
+		echo "=> Added user \"$PDNSUSER\"."
+	else
+		echo "=> Adding user \"$PDNSUSER\" failed..."
+		exit 1
+	fi
+fi
+exit 0