GNU bug report logs - #30748
[PATCH] gnu: Add nsd.

Previous Next

Package: guix-patches;

Reported by: Tobias Geerinckx-Rice <me <at> tobias.gr>

Date: Thu, 8 Mar 2018 08:22:02 UTC

Severity: normal

Tags: patch

Done: Tobias Geerinckx-Rice <me <at> tobias.gr>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: help-debbugs <at> gnu.org (GNU bug Tracking System)
To: Tobias Geerinckx-Rice <me <at> tobias.gr>
Subject: bug#30748: closed (Re: [bug#30748] [PATCH] gnu: Add nsd.)
Date: Thu, 04 Oct 2018 19:39:02 +0000

[Message part 1 (text/plain, inline)]
Your bug report

#30748: [PATCH] gnu: Add nsd.

which was filed against the guix-patches package, has been closed.

The explanation is attached below, along with your original report.
If you require more details, please reply to 30748 <at> debbugs.gnu.org.

-- 
30748: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=30748
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems

[Message part 2 (message/rfc822, inline)]
From: Tobias Geerinckx-Rice <me <at> tobias.gr>
To: 30748-done <at> debbugs.gnu.org
Subject: Re: [bug#30748] [PATCH] gnu: Add nsd.
Date: Thu, 04 Oct 2018 21:38:23 +0200

Guix,

I've pushed an updated NSD as 
7382ecd81859de878b22a6510b8262abe69d38bf. We're now one server 
(PowerDNS) away from having all major name servers in Guix, though 
not all have services.

Thanks for the reviews, Marius & Danny! I never understood what's 
obscure about the regex, but I tried to make it a bit more 
self-explanatory.

Kind regards,

T G-R


[Message part 3 (message/rfc822, inline)]
From: Tobias Geerinckx-Rice <me <at> tobias.gr>
To: guix-patches <at> gnu.org
Subject: [PATCH] gnu: Add nsd.
Date: Thu,  8 Mar 2018 09:20:50 +0100

* gnu/packages/dns.scm (nsd): New public variable.
---

Guix,

Have this two-year-old patch I found.

Kind regards,

T G-R

 gnu/packages/dns.scm | 68 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 68 insertions(+)

diff --git a/gnu/packages/dns.scm b/gnu/packages/dns.scm
index b0f6ddaec..b0649dc53 100644
--- a/gnu/packages/dns.scm
+++ b/gnu/packages/dns.scm
@@ -573,3 +573,71 @@ synthesis, and on-the-fly re-configuration.")
       license:lgpl2.0+              ; parts of scr/contrib/ucw
       license:public-domain         ; src/contrib/fnv and possibly murmurhash3
       license:gpl3+))))             ; everything else
+
+(define-public nsd
+  (package
+    (name "nsd")
+    (version "4.1.20")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (string-append "https://www.nlnetlabs.nl/downloads/"
+                           name "/" name "-" version ".tar.gz"))
+       (sha256
+        (base32
+         "04zph9zli3a0zx1sfphwbxx6f8whdxcjai6w0k7a565vgcfzd5wa"))))
+    (build-system gnu-build-system)
+    (inputs
+     `(("libevent" ,libevent)
+       ("openssl" ,openssl)))
+    (arguments
+     `(#:configure-flags
+       (list "--enable-pie"             ; fully benefit from ASLR
+             "--enable-ratelimit"
+             "--enable-recvmmsg"
+             "--enable-relro-now"       ; protect GOT and .dtor areas
+             "--disable-radix-tree"
+             (string-append "--with-libevent="
+                            (assoc-ref %build-inputs "libevent"))
+             (string-append "--with-ssl="
+                            (assoc-ref %build-inputs "openssl"))
+             "--with-configdir=/etc"
+             "--with-nsd_conf_file=/etc/nsd/nsd.conf"
+             "--with-logfile=/var/log/nsd.log"
+             "--with-pidfile=/var/db/nsd/nsd.pid"
+             "--with-dbfile=/var/db/nsd/nsd.db"
+             "--with-zonesdir=/etc/nsd"
+             "--with-xfrdfile=/var/db/nsd/xfrd.state"
+             "--with-zonelistfile=/var/db/nsd/zone.list")
+       #:phases
+       (modify-phases %standard-phases
+         (add-before 'configure 'patch-installation-paths
+           (lambda* (#:key outputs #:allow-other-keys)
+             (let* ((out (assoc-ref outputs "out"))
+                    (doc (string-append out "/share/doc/" ,name "-" ,version)))
+               (substitute* "Makefile.in"
+                 (((string-append ".*\\$\\(DESTDIR\\)\\$\\("
+                                  "(config|pid|xfr|db)dir"
+                                  "\\).*"))
+                  "")
+                 (("\\$\\(nsdconfigfile\\)\\.sample")
+                  (string-append doc "/examples/$(nsdconfigfile).sample")))
+               #t))))
+       #:tests? #f))                    ; no tests
+    (home-page "https://www.nlnetlabs.nl/projects/nsd/")
+    (synopsis "Authoritative DNS name server")
+    (description "@dfn{NSD}, short for Name Server Daemon, is an authoritative
+name server for the Domain Name System (@dfn{DNS}).  It aims to be a fast and
+RFC-compliant nameserver.
+
+NSD uses zone information compiled via @command{zonec} into a binary database
+file (@file{nsd.db}).  This allows fast startup of the name service daemon and
+allows syntax-structural errors in zone files to be flagged at compile time,
+before being made available to NSD service itself.  However, most traditional
+BIND-style zone files can be directly imported into NSD without modification.
+
+The collection of programs and processes that make up NSD are designed so that
+the daemon itself runs as a non-privileged user and can be easily configured to
+run in a @code{chroot} jail, thus making any security flaws in NSD less likely
+to result in system-wide compromise.")
+    (license (list license:bsd-3))))
-- 
2.15.1
This bug report was last modified 6 years and 226 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.