GNU bug report logs - #30748
[PATCH] gnu: Add nsd.

Previous Next

Full log

View this message in rfc822 format

From: help-debbugs <at> gnu.org (GNU bug Tracking System)
To: Tobias Geerinckx-Rice <me <at> tobias.gr>
Cc: tracker <at> debbugs.gnu.org
Subject: bug#30748: closed ([PATCH] gnu: Add nsd.)
Date: Thu, 04 Oct 2018 19:39:02 +0000

[Message part 1 (text/plain, inline)]

Your message dated Thu, 04 Oct 2018 21:38:23 +0200
with message-id <87lg7da4eo.fsf <at> tobias.gr>
and subject line Re: [bug#30748] [PATCH] gnu: Add nsd.
has caused the debbugs.gnu.org bug report #30748,
regarding [PATCH] gnu: Add nsd.
to be marked as done.

(If you believe you have received this mail in error, please contact
help-debbugs <at> gnu.org.)


-- 
30748: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=30748
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems

[Message part 2 (message/rfc822, inline)]

From: Tobias Geerinckx-Rice <me <at> tobias.gr>
To: guix-patches <at> gnu.org
Subject: [PATCH] gnu: Add nsd.
Date: Thu,  8 Mar 2018 09:20:50 +0100

* gnu/packages/dns.scm (nsd): New public variable.
---

Guix,

Have this two-year-old patch I found.

Kind regards,

T G-R

 gnu/packages/dns.scm | 68 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 68 insertions(+)

diff --git a/gnu/packages/dns.scm b/gnu/packages/dns.scm
index b0f6ddaec..b0649dc53 100644
--- a/gnu/packages/dns.scm
+++ b/gnu/packages/dns.scm
@@ -573,3 +573,71 @@ synthesis, and on-the-fly re-configuration.")
       license:lgpl2.0+              ; parts of scr/contrib/ucw
       license:public-domain         ; src/contrib/fnv and possibly murmurhash3
       license:gpl3+))))             ; everything else
+
+(define-public nsd
+  (package
+    (name "nsd")
+    (version "4.1.20")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (string-append "https://www.nlnetlabs.nl/downloads/"
+                           name "/" name "-" version ".tar.gz"))
+       (sha256
+        (base32
+         "04zph9zli3a0zx1sfphwbxx6f8whdxcjai6w0k7a565vgcfzd5wa"))))
+    (build-system gnu-build-system)
+    (inputs
+     `(("libevent" ,libevent)
+       ("openssl" ,openssl)))
+    (arguments
+     `(#:configure-flags
+       (list "--enable-pie"             ; fully benefit from ASLR
+             "--enable-ratelimit"
+             "--enable-recvmmsg"
+             "--enable-relro-now"       ; protect GOT and .dtor areas
+             "--disable-radix-tree"
+             (string-append "--with-libevent="
+                            (assoc-ref %build-inputs "libevent"))
+             (string-append "--with-ssl="
+                            (assoc-ref %build-inputs "openssl"))
+             "--with-configdir=/etc"
+             "--with-nsd_conf_file=/etc/nsd/nsd.conf"
+             "--with-logfile=/var/log/nsd.log"
+             "--with-pidfile=/var/db/nsd/nsd.pid"
+             "--with-dbfile=/var/db/nsd/nsd.db"
+             "--with-zonesdir=/etc/nsd"
+             "--with-xfrdfile=/var/db/nsd/xfrd.state"
+             "--with-zonelistfile=/var/db/nsd/zone.list")
+       #:phases
+       (modify-phases %standard-phases
+         (add-before 'configure 'patch-installation-paths
+           (lambda* (#:key outputs #:allow-other-keys)
+             (let* ((out (assoc-ref outputs "out"))
+                    (doc (string-append out "/share/doc/" ,name "-" ,version)))
+               (substitute* "Makefile.in"
+                 (((string-append ".*\\$\\(DESTDIR\\)\\$\\("
+                                  "(config|pid|xfr|db)dir"
+                                  "\\).*"))
+                  "")
+                 (("\\$\\(nsdconfigfile\\)\\.sample")
+                  (string-append doc "/examples/$(nsdconfigfile).sample")))
+               #t))))
+       #:tests? #f))                    ; no tests
+    (home-page "https://www.nlnetlabs.nl/projects/nsd/")
+    (synopsis "Authoritative DNS name server")
+    (description "@dfn{NSD}, short for Name Server Daemon, is an authoritative
+name server for the Domain Name System (@dfn{DNS}).  It aims to be a fast and
+RFC-compliant nameserver.
+
+NSD uses zone information compiled via @command{zonec} into a binary database
+file (@file{nsd.db}).  This allows fast startup of the name service daemon and
+allows syntax-structural errors in zone files to be flagged at compile time,
+before being made available to NSD service itself.  However, most traditional
+BIND-style zone files can be directly imported into NSD without modification.
+
+The collection of programs and processes that make up NSD are designed so that
+the daemon itself runs as a non-privileged user and can be easily configured to
+run in a @code{chroot} jail, thus making any security flaws in NSD less likely
+to result in system-wide compromise.")
+    (license (list license:bsd-3))))
-- 
2.15.1

[Message part 3 (message/rfc822, inline)]

From: Tobias Geerinckx-Rice <me <at> tobias.gr>
To: 30748-done <at> debbugs.gnu.org
Subject: Re: [bug#30748] [PATCH] gnu: Add nsd.
Date: Thu, 04 Oct 2018 21:38:23 +0200

Guix,

I've pushed an updated NSD as 
7382ecd81859de878b22a6510b8262abe69d38bf. We're now one server 
(PowerDNS) away from having all major name servers in Guix, though 
not all have services.

Thanks for the reviews, Marius & Danny! I never understood what's 
obscure about the regex, but I tried to make it a bit more 
self-explanatory.

Kind regards,

T G-R

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.