|
|
9fcdf7c |
Summary: NetworkManager plugin to update/reconfigure DNSSEC resolving
|
|
|
9fcdf7c |
Name: dnssec-trigger
|
|
|
3b755a6 |
Version: 0.10
|
|
|
3851aaf |
Release: 2%{?dist}
|
|
|
9fcdf7c |
License: BSD
|
|
|
9fcdf7c |
Url: http://www.nlnetlabs.nl/downloads/dnssec-trigger/
|
|
|
9fcdf7c |
Source: http://www.nlnetlabs.nl/downloads/dnssec-trigger/%{name}-%{version}.tar.gz
|
|
|
9fcdf7c |
Source1:dnssec-triggerd.service
|
|
|
9fcdf7c |
Source2: dnssec-triggerd-keygen.service
|
|
|
9fcdf7c |
Source3: dnssec-trigger.conf
|
|
|
9fcdf7c |
Requires(postun): initscripts
|
|
|
9fcdf7c |
Requires: ldns >= 1.6.10, NetworkManager, unbound
|
|
|
9fcdf7c |
Requires(pre): shadow-utils
|
|
|
9fcdf7c |
BuildRequires: desktop-file-utils systemd-units, openssl-devel, ldns-devel
|
|
|
9fcdf7c |
BuildRequires: gtk2-devel, NetworkManager-devel
|
|
|
9fcdf7c |
|
|
|
9fcdf7c |
Requires(post): systemd-sysv
|
|
|
9fcdf7c |
Requires(post): systemd-units
|
|
|
9fcdf7c |
Requires(preun): systemd-units
|
|
|
9fcdf7c |
Requires(postun): systemd-units
|
|
|
9fcdf7c |
|
|
|
9fcdf7c |
%description
|
|
|
9fcdf7c |
dnssec-trigger reconfigures the local unbound DNS server. This unbound DNS
|
|
|
9fcdf7c |
server performs DNSSEC validation, but dnssec-trigger will signal it to
|
|
|
9fcdf7c |
use the DHCP obtained forwarders if possible, and fallback to doing its
|
|
|
9fcdf7c |
own AUTH queries if that fails, and if that fails prompt the user via
|
|
|
9fcdf7c |
dnssec-trigger-applet the option to go with insecure DNS only.
|
|
|
9fcdf7c |
|
|
|
9fcdf7c |
%prep
|
|
|
9fcdf7c |
%setup -q
|
|
|
9fcdf7c |
|
|
|
9fcdf7c |
%build
|
|
|
9fcdf7c |
%configure --with-keydir=/etc/dnssec-trigger
|
|
|
9fcdf7c |
%{__make} %{?_smp_mflags}
|
|
|
9fcdf7c |
# Fixup the name to not include "Panel" in the menu item
|
|
|
9fcdf7c |
sed -i "s/ Panel//" dnssec-trigger-panel.desktop
|
|
|
9fcdf7c |
|
|
|
9fcdf7c |
%install
|
|
|
9fcdf7c |
rm -rf %{buildroot}
|
|
|
9fcdf7c |
%{__make} DESTDIR=%{buildroot} install
|
|
|
9fcdf7c |
install -d 0755 %{buildroot}%{_unitdir}
|
|
|
9fcdf7c |
install -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/%{name}d.service
|
|
|
9fcdf7c |
install -m 0644 %{SOURCE2} %{buildroot}%{_unitdir}/%{name}d-keygen.service
|
|
|
9fcdf7c |
install -m 0644 %{SOURCE3} %{buildroot}%{_sysconfdir}/%{name}/
|
|
|
9fcdf7c |
|
|
|
9fcdf7c |
desktop-file-install --dir=%{buildroot}%{_datadir}/applications dnssec-trigger-panel.desktop
|
|
|
3851aaf |
sed -i "s/^dnssec-trigger-control/\/usr\/sbin\/dnssec-trigger-control/" %{buildroot}%{_sysconfdir}/NetworkManager/dispatcher.d/01-dnssec-trigger-hook
|
|
|
9fcdf7c |
|
|
|
9fcdf7c |
%clean
|
|
|
9fcdf7c |
rm -rf ${RPM_BUILD_ROOT}
|
|
|
9fcdf7c |
|
|
|
9fcdf7c |
%files
|
|
|
9fcdf7c |
%defattr(-,root,root,-)
|
|
|
9fcdf7c |
%doc README LICENSE
|
|
|
9fcdf7c |
%{_unitdir}/%{name}d.service
|
|
|
9fcdf7c |
%{_unitdir}/%{name}d-keygen.service
|
|
|
9fcdf7c |
|
|
|
9fcdf7c |
%attr(0755,root,root) %dir %{_sysconfdir}/%{name}
|
|
|
9fcdf7c |
%attr(0755,root,root) %{_sysconfdir}/NetworkManager/dispatcher.d/01-dnssec-trigger-hook
|
|
|
9fcdf7c |
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/%{name}/dnssec-trigger.conf
|
|
|
9fcdf7c |
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/xdg/autostart/dnssec-trigger-panel.desktop
|
|
|
9fcdf7c |
%{_bindir}/dnssec-trigger-panel
|
|
|
9fcdf7c |
%{_sbindir}/dnssec-trigger*
|
|
|
9fcdf7c |
%{_mandir}/*/*
|
|
|
9fcdf7c |
%attr(0755,root,root) %dir %{_datadir}/%{name}
|
|
|
9fcdf7c |
%attr(0644,root,root) %{_datadir}/%{name}/*
|
|
|
9fcdf7c |
%attr(0644,root,root) %{_datadir}/applications/dnssec-trigger-panel.desktop
|
|
|
9fcdf7c |
|
|
|
9fcdf7c |
|
|
|
9fcdf7c |
%post
|
|
|
9fcdf7c |
# Enable (but don't start) the units by default
|
|
|
9fcdf7c |
/bin/systemctl enable %{name}d.service >/dev/null 2>&1 || :
|
|
|
9fcdf7c |
/bin/systemctl enable %{name}d-keygen.service >/dev/null 2>&1 || :
|
|
|
9fcdf7c |
|
|
|
9fcdf7c |
|
|
|
9fcdf7c |
%preun
|
|
|
9fcdf7c |
if [ "$1" -eq "0" ] ; then
|
|
|
9fcdf7c |
# Package removal, not upgrade
|
|
|
9fcdf7c |
/bin/systemctl --no-reload disable %{name}d.service > /dev/null 2>&1 || :
|
|
|
9fcdf7c |
/bin/systemctl --no-reload disable %{name}d-keygen.service > /dev/null 2>&1 || :
|
|
|
9fcdf7c |
/bin/systemctl stop %{name}d.service >/dev/null 2>&1 || :
|
|
|
9fcdf7c |
/bin/systemctl stop %{name}d-keygen.service >/dev/null 2>&1 || :
|
|
|
9fcdf7c |
# dnssec-triggerd makes /etc/resolv.conf immutable, undo that on removal
|
|
|
9fcdf7c |
chattr -i /etc/resolv.conf
|
|
|
9fcdf7c |
fi
|
|
|
9fcdf7c |
|
|
|
9fcdf7c |
%postun
|
|
|
9fcdf7c |
/bin/systemctl daemon-reload >/dev/null 2>&1 || :
|
|
|
9fcdf7c |
|
|
|
9fcdf7c |
%changelog
|
|
|
3851aaf |
* Wed Feb 22 2012 Paul Wouters <pwouters@redhat.com> - 0.10-2
|
|
|
3851aaf |
- The NM hook was not modified at the right time during build
|
|
|
3851aaf |
|
|
|
c12723c |
* Wed Feb 22 2012 Paul Wouters <pwouters@redhat.com> - 0.10-1
|
|
|
3b755a6 |
- Updated to 0.10
|
|
|
3b755a6 |
- The NM hook lacks /usr/sbin in path, resulting in empty resolv.conf on hotspot
|
|
|
3b755a6 |
|
|
|
82d6eee |
* Wed Feb 08 2012 Paul Wouters <pwouters@redhat.com> - 0.9-4
|
|
|
82d6eee |
- Updated tls443 / tls80 resolver instances supplied by Fedora Hosted
|
|
|
82d6eee |
|
|
|
9fcdf7c |
* Mon Feb 06 2012 Paul Wouters <pwouters@redhat.com> - 0.9-3
|
|
|
9fcdf7c |
- Convert from SysV to systemd for initial Fedora release
|
|
|
9fcdf7c |
- Moved configs and pem files to /etc/dnssec-trigger/
|
|
|
9fcdf7c |
- No more /var/run/dnssec-triggerd/
|
|
|
9fcdf7c |
- Fix Build-requires
|
|
|
9fcdf7c |
- Added commented tls443 port80 entries of pwouters resolvers
|
|
|
9fcdf7c |
- On uninstall ensure there is no immutable bit on /etc/resolv.conf
|
|
|
9fcdf7c |
|
|
|
9fcdf7c |
* Sat Jan 07 2012 Paul Wouters <paul@xelerance.com> - 0.9-2
|
|
|
9fcdf7c |
- Added LICENCE to doc section
|
|
|
9fcdf7c |
|
|
|
9fcdf7c |
* Mon Dec 19 2011 Paul Wouters <paul@xelerance.com> - 0.9-1
|
|
|
9fcdf7c |
- Upgraded to 0.9
|
|
|
9fcdf7c |
|
|
|
9fcdf7c |
* Fri Oct 28 2011 Paul Wouters <paul@xelerance.com> - 0.7-1
|
|
|
9fcdf7c |
- Upgraded to 0.7
|
|
|
9fcdf7c |
|
|
|
9fcdf7c |
* Fri Sep 23 2011 Paul Wouters <paul@xelerance.com> - 0.4-1
|
|
|
9fcdf7c |
- Upgraded to 0.4
|
|
|
9fcdf7c |
|
|
|
9fcdf7c |
* Sat Sep 17 2011 Paul Wouters <paul@xelerance.com> - 0.3-5
|
|
|
9fcdf7c |
- Start 01-dnssec-trigger-hook in daemon start
|
|
|
9fcdf7c |
- Ensure dnssec-triggerd starts after NetworkManager
|
|
|
9fcdf7c |
|
|
|
9fcdf7c |
* Fri Sep 16 2011 Paul Wouters <paul@xelerance.com> - 0.3-4
|
|
|
9fcdf7c |
- Initial package
|