Summary: | change RDEPEND in net-dns/pdns-recursor ebuild | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Sergio Bevilacqua <sergio.bevilacqua> |
Component: | New packages | Assignee: | Gentoo Linux bug wranglers <bug-wranglers> |
Status: | RESOLVED INVALID | ||
Severity: | normal | CC: | swegener |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | All | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Attachments: | patch for the ebuild |
Created attachment 89470 [details, diff]
patch for the ebuild
pdns already includes the recursor. (In reply to comment #2) > pdns already includes the recursor. > yes but the use of authoritative and recursor function on the same server isn't secure. this approach is more exposed to cache-poisoning attacks. using two separate servers is a better solution Those two things simply collide, they install same binary and same initscript, not possible to remove the blocker. Read the ebuilds, please. (In reply to comment #4) > Those two things simply collide, they install same binary and same initscript, > not possible to remove the blocker. Read the ebuilds, please. > what? collide? but I HAVE INSTALLED the two packages on the same machine! this is the file list installed by pdns-recursor: ./ ./usr/ ./usr/sbin/ ./usr/sbin/pdns_recursor ./usr/sbin/rec_control ./usr/share/ ./usr/share/man/ ./usr/share/man/man1/ ./usr/share/man/man1/pdns_recursor.1.gz ./usr/share/man/man1/rec_control.1.gz ./etc/ ./etc/powerdns/ ./etc/powerdns/recursor.conf ./etc/init.d/ ./etc/init.d/precursor >>> Done. >>> Extracting info >>> Extracting pdns-recursor-3.1.1 >>> Merging net-dns/pdns-recursor-3.1.1 to / --- /usr/ --- /usr/sbin/ >>> /usr/sbin/pdns_recursor >>> /usr/sbin/rec_control --- /usr/share/ --- /usr/share/man/ --- /usr/share/man/man1/ >>> /usr/share/man/man1/pdns_recursor.1.gz >>> /usr/share/man/man1/rec_control.1.gz --- /etc/ --- /etc/powerdns/ >>> /etc/powerdns/recursor.conf --- /etc/init.d/ >>> /etc/init.d/precursor NO ONE OF THESE FILES IS ALREADY PROVIDED BY POWERDNS!!! please change the bug status. your answer is invalid! pdns-2.9.20.ebuild <snip> doinitd "${FILESDIR}"/precursor insinto /etc/powerdns doins "${FILESDIR}"/recursor.conf </snip> Obviously won't collide, right? They will collide, if the recursor USE flag is enabled. As the recursor has been split out by upstream, the plan was to make a new pdns ebuild without the recursor USE flag and without installing the recursor. I just didn't want to do that just after the recursor has been commited to the tree. I just commited the new ebuild. (In reply to comment #6) > Obviously won't collide, right? > it collides only if you compile pdns with USE="recursor". in this case it's not necessary to install pdns-recursor. but i don't want to use the same server for both functions. it's not secure! That point is irrelevant. Whether you use pdns with USE="recursor" or pdns-recursor, both times the recursor will be a separate application, based on the same code. Upstream just decided to provide the recursor in it's own package. |
i need to install two different DNS servers on a border machine: net-dns/pdns for the authoritative responses on the internet and net-dns/pdns-recursor for the intranet. i can't because the pdns-recursor ebuild don't permit it i suggest to remove change the net-dns/pdns-recursor ebuild: < RDEPEND="${DEPEND} < !net-dns/pdns" --- > RDEPEND="${DEPEND}"