Remove obsolete patches and update installed conffile with latest options

4 files changed, 55 insertions, 220 deletions

diff --git a/debian/patches/0001-move_pidfile_to_var_run.patch b/debian/patches/0001-move_pidfile_to_var_run.patch
deleted file mode 100644
index 2dc60c9..0000000
--- a/debian/patches/0001-move_pidfile_to_var_run.patch
+++ /dev/null
@@ -1,22 +0,0 @@
---- knot.orig/src/knot/common.h
-+++ knot/src/knot/common.h
-@@ -42,7 +42,7 @@ typedef unsigned int uint; /*!< \brief U
- 
- #define PROJECT_EXEC SBINDIR "/" "knotd" /*!< \brief  Project executable. */
- #define ZONEPARSER_EXEC LIBEXECDIR "/" "knot-zcompile" /*!< \brief  Zoneparser executable. */
--#define PID_FILE "knot.pid" /*!< \brief Server PID file name. */
-+#define PID_FILE "/run/knot/knotd.pid" /*!< \brief Server PID file name. */
- 
- /*
-  * Server.
---- knot.orig/src/knot/conf/conf.c
-+++ knot/src/knot/conf/conf.c
-@@ -154,7 +154,7 @@ static int conf_process(conf_t *conf)
- 
- 	// Create PID file
- 	if (conf->pidfile == NULL) {
--		conf->pidfile = strcdup(conf->storage, "/" PID_FILE);
-+		conf->pidfile = strdup(PID_FILE);
- 		if (conf->pidfile == NULL) {
- 			return KNOT_ENOMEM;
- 		}
diff --git a/debian/patches/knotd-pidfile.patch b/debian/patches/knotd-pidfile.patch
deleted file mode 100644
index 4525ee5..0000000
--- a/debian/patches/knotd-pidfile.patch
+++ /dev/null
@@ -1,190 +0,0 @@
---- knot.orig/src/knot/ctl/knotc_main.c
-+++ knot/src/knot/ctl/knotc_main.c
-@@ -774,10 +774,6 @@ static int cmd_start(int argc, char *arg
- 		return 1;
- 	}
- 	
--	/* Alter privileges. */
--	log_update_privileges(conf()->uid, conf()->gid);
--	proc_update_privileges(conf()->uid, conf()->gid);
--	
- 	/* Fetch PID. */
- 	char *pidfile = pid_filename();
- 	pid_t pid = pid_read(pidfile);
-@@ -806,16 +802,6 @@ static int cmd_start(int argc, char *arg
- 			log_server_info("Forcing server start.\n");
- 			pid_remove(pidfile);
- 		}
--	} else {
--		/* Create empty PID file. */
--		FILE *f = fopen(pidfile, "w");
--		if (f == NULL) {
--			log_server_warning("PID file '%s' is not writeable.\n",
--			                   pidfile);
--			free(pidfile);
--			return 1;
--		}
--		fclose(f);
- 	}
- 	
- 	/* Recompile zones if needed. */
-@@ -840,7 +826,6 @@ static int cmd_start(int argc, char *arg
- 		fflush(stdout);
- 	}
- 	if ((rc = cmd_exec(args, args_c)) < 0) {
--		pid_remove(pidfile);
- 		rc = 1;
- 	}
- 	fflush(stderr);
-@@ -875,11 +860,7 @@ static int cmd_stop(int argc, char *argv
- 		                 "continue.\n");
- 		return 1;
- 	}
--	
--	/* Alter privileges. */
--	log_update_privileges(conf()->uid, conf()->gid);
--	proc_update_privileges(conf()->uid, conf()->gid);
--	
-+
- 	/* Fetch PID. */
- 	char *pidfile = pid_filename();
- 	pid_t pid = pid_read(pidfile);
---- knot.orig/src/knot/ctl/process.c
-+++ knot/src/knot/ctl/process.c
-@@ -25,6 +25,7 @@
- #include <unistd.h>
- #include <assert.h>
- #include <sys/wait.h>
-+#include <sys/stat.h>
- 
- #include "knot/common.h"
- #include "knot/ctl/process.h"
-@@ -50,6 +51,11 @@ pid_t pid_read(const char* fn)
- 	char buf[64];
- 
- 	if (fn) {
-+		struct stat st;
-+		if (stat(fn, &st) != 0) {
-+			return KNOT_ENOENT;
-+		}
-+
- 		FILE *fp = fopen(fn, "r");
- 		if (!fp) {
- 			return KNOT_ENOENT;
-@@ -128,7 +134,7 @@ int pid_running(pid_t pid)
- 	return kill(pid, 0) == 0;
- }
- 
--void proc_update_privileges(int uid, int gid)
-+int proc_update_privileges(int uid, int gid)
- {
- #ifdef HAVE_SETGROUPS
- 	/* Drop supplementary groups. */
-@@ -158,17 +164,21 @@ void proc_update_privileges(int uid, int
- 	}
- 	
- 	/* Check storage writeability. */
-+	int ret = KNOT_EOK;
- 	char *lfile = strcdup(conf()->storage, "/knot.lock");
- 	assert(lfile != NULL);
- 	FILE* fp = fopen(lfile, "w");
- 	if (fp == NULL) {
- 		log_server_warning("Storage directory '%s' is not writeable.\n",
- 		                   conf()->storage);
-+		ret = KNOT_EACCES;
- 	} else {
- 		fclose(fp);
- 		unlink(lfile);
- 	}
-+
- 	free(lfile);
-+	return ret;
- }
- 
- pid_t pid_wait(pid_t proc, int *rc)
---- knot.orig/src/knot/ctl/process.h
-+++ knot/src/knot/ctl/process.h
-@@ -89,8 +89,10 @@ int pid_running(pid_t pid);
-  * \param uid New user ID.
-  * \param gid New group ID.
-  *
-+ * \retval KNOT_EOK on success.
-+ * \retval KNOT_EACCESS if storage is not writeable.
-  */
--void proc_update_privileges(int uid, int gid);
-+int proc_update_privileges(int uid, int gid);
- 
- /*!
-  * \brief Wait for process to finish.
---- knot.orig/src/knot/main.c
-+++ knot/src/knot/main.c
-@@ -20,6 +20,7 @@
- #include <unistd.h>
- #include <getopt.h>
- #include <limits.h>
-+#include <sys/stat.h>
- 
- #ifdef HAVE_CAP_NG_H
- #include <cap-ng.h>
-@@ -247,10 +248,51 @@ int main(int argc, char **argv)
- 	}
- 	log_server_info("\n");
- 
-+	/* Check PID. */
-+	struct stat st;
-+	unsigned do_start = 0;
-+	char* pidfile = pid_filename();
-+	int pid = pid_read(pidfile);
-+	if (pid > 0 && pid_running(pid)) {
-+		log_server_error("Server PID found, already running.\n");
-+	} else if (stat(pidfile, &st) == 0) {
-+		log_server_warning("PID file '%s' exists, another process "
-+		                   "is starting or PID file is stale.\n",
-+		                   pidfile);
-+	} else {
-+		do_start = 1;
-+	}
-+	if (!do_start) {
-+		free(pidfile);
-+		server_wait(server);
-+		server_destroy(&server);
-+		return 1;
-+	}
-+
-+	/* Create empty PID file. */
-+	FILE *f = fopen(pidfile, "w");
-+	if (f == NULL) {
-+		log_server_warning("PID file '%s' is not writeable.\n",
-+		                   pidfile);
-+		free(pidfile);
-+		return 1;
-+	}
-+	fclose(f);
-+
-+	/* Alter PID file privileges. */
-+	if (chown(pidfile, conf()->uid, conf()->gid) < 0) {
-+		log_server_warning("Cannot change PID file ownership\n");
-+		pid_remove(pidfile);
-+		free(pidfile);
-+		return 1;
-+	}
-+
- 	/* Alter privileges. */
- 	log_update_privileges(conf()->uid, conf()->gid);
--	proc_update_privileges(conf()->uid, conf()->gid);
--	
-+	if (proc_update_privileges(conf()->uid, conf()->gid) != KNOT_EOK) {
-+		return 1;
-+	}
-+
- 	/* Load zones and add hook. */
- 	zones_ns_conf_hook(conf(), server->nameserver);
- 	conf_add_hook(conf(), CONF_ALL, zones_ns_conf_hook, server->nameserver);
-@@ -258,7 +300,6 @@ int main(int argc, char **argv)
- 	// Run server
- 	int res = 0;
- 	int has_pid = 0;
--	char* pidfile = pid_filename();
- 	log_server_info("Starting server...\n");
- 	if ((server_start(server)) == KNOT_EOK) {
- 
diff --git a/debian/patches/run-as-knot.knot.patch b/debian/patches/run-as-knot.knot.patch
index cfc42bb..1cf760f 100644
--- a/debian/patches/run-as-knot.knot.patch
+++ b/debian/patches/run-as-knot.knot.patch
@@ -1,17 +1,51 @@
 --- knot.orig/samples/knot.sample.conf.in
 +++ knot/samples/knot.sample.conf.in
-@@ -1,16 +1,19 @@
+@@ -6,19 +6,67 @@
+ #
+ 
  system {
++  # Identity of the server (see RFC 4892).
    identity "@package@ @version@";
-   storage "@localstatedir@/@package@";
++
++  # User for running server
++  # May also specify user.group (e.g. knot.knot)
 +  user knot.knot;
-+  pidfile "/run/knot/knotd.pid";
++
++  # Working directory of the server
++  # Used to store compiled zones and PID file
++  # default: ${sharedstatedir}/knot, configured with --with-storage
++  storage "/var/lib/knot";
++
++  # Directory for storing run-time data
++  # default: ${localstatedir}/run/knot, configured with --with-rundir
++  rundir "/run/knot";
  }
  
  interfaces {
--  my-iface { address 127.0.0.1@5353; }
-+  v4-interface { address 127.0.0.1@53; }
-+  # v6-interface { address ::1@53; }
+-  my-iface { address 127.0.0.1@53533; }
++  ipv4 {
++    address 127.0.0.1;
++    port 53;
++  }
++#  ipv6 {
++#    address ::1;
++#    port 53;
++#  }
++}
++
++control {
++  # Specifies interface, syntax is exactly the same as in 'interfaces' section
++  # Default: $(run_dir)/knot.sock
++  listen-on "knot.sock";
++
++  # As an alternative, you can use an IPv4/v6 address and port
++  # listen-on { address 127.0.0.1@5533; }
++
++  # Specifies ACL list for remote control
++  # Same syntax as for ACLs in zones
++  # List of remotes or groups delimited by comma
++  # Notice: keep in mind that ACLs bear no effect with UNIX sockets
++  # allow server0, admins;
  }
  
  zones {
@@ -24,3 +58,18 @@
  }
  
  log {
+-  syslog { any info, notice, warning, error; }
++  syslog {
++    # log errors of any category
++    any error;    # for <category> and <severity> see above
++    # log also warnings and notices from category 'zone'
++    zone warning, notice;
++    # log info from server
++    server info;
++  }
++
++  # Log fatal, warnings and errors to stderr
++  stderr {
++    any error, warning;
++  }
+ }
diff --git a/debian/patches/series b/debian/patches/series
index c5e1303..e2d6de4 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,3 +1 @@
-0001-move_pidfile_to_var_run.patch
-knotd-pidfile.patch
 run-as-knot.knot.patch