diff --git a/unbound.spec b/unbound.spec index 26edfff3342d64b5882b5b0a9e24ffc74974e378..d3a38bba6fdc15ea9cf1113e34460bd0bb196b7d 100644 --- a/unbound.spec +++ b/unbound.spec @@ -2,7 +2,7 @@ Name: unbound Version: 1.13.2 -Release: 11 +Release: 12 Summary: Unbound is a validating, recursive, caching DNS resolver License: BSD Url: https://nlnetlabs.nl/projects/unbound/about/ @@ -35,6 +35,7 @@ BuildRequires: gcc %{?systemd_requires} Requires: %{name}-libs = %{version}-%{release} +Requires: %{name}-anchor = %{version}-%{release} %description Unbound is a validating, recursive, caching DNS resolver. It is designed @@ -52,6 +53,13 @@ Requires(pre): shadow-utils %description libs Libraries for %{name}. +%package anchor +Requires: %{name}-libs = %{version}-%{release} +Summary: DNSSEC trust anchor maintaining tool + +%description anchor +Contains tool maintaining trust anchor using RFC 5011 key rollover algorithm. + %package devel Summary: Libraries and header files Requires: %{name}-libs = %{version}-%{release} openssl-devel pkgconfig @@ -153,10 +161,11 @@ useradd -r -g unbound -d %{_sysconfdir}/unbound -s /sbin/nologin \ %systemd_post unbound.service %systemd_post unbound-keygen.service -%post libs -%{?ldconfig} -%systemd_post unbound-anchor.timer +%post anchor +%systemd_post unbound-anchor.service unbound-anchor.timer +# start the timer only if installing the package to prevent starting it, if it was stopped on purpose if [ "$1" -eq 1 ]; then + # the Unit is in presets, but would be started after reboot /bin/systemctl start unbound-anchor.timer >/dev/null 2>&1 || : fi @@ -164,16 +173,15 @@ fi %systemd_preun unbound.service %systemd_preun unbound-keygen.service -%preun libs -%systemd_preun unbound-anchor.timer +%preun anchor +%systemd_preun unbound-anchor.service unbound-anchor.timer %postun %systemd_postun_with_restart unbound.service %systemd_postun unbound-keygen.service -%postun libs -%{?ldconfig} -%systemd_postun_with_restart unbound-anchor.timer +%postun anchor +%systemd_postun_with_restart unbound-anchor.service unbound-anchor.timer %triggerun -- unbound < 1.4.12-4 /usr/bin/systemd-sysv-convert --save unbound >/dev/null 2>&1 ||: @@ -211,22 +219,14 @@ popd %files libs %defattr(-,root,root) -%dir %attr(0755,root,root) %{_sysconfdir}/%{name} %if %{?openEuler:1}0 -%attr(0644,root,root) %config %{_sysconfdir}/%{name}/root.key %dir %attr(0755,unbound,unbound) %{_sharedstatedir}/%{name} %attr(0644,unbound,unbound) %config %{_sharedstatedir}/%{name}/root.key -%{_sysconfdir}/%{name}/icannbundle.pem %else -%attr(0600,root,root) %config %{_sysconfdir}/%{name}/root.key %dir %attr(0755,unbound,unbound) %{_sharedstatedir}/%{name} %attr(0600,unbound,unbound) %config %{_sharedstatedir}/%{name}/root.key -%attr(0600,root,root) %{_sysconfdir}/%{name}/icannbundle.pem %endif -%{_sbindir}/unbound-anchor %{_libdir}/libunbound.so.* -%{_unitdir}/unbound-anchor.timer -%{_unitdir}/unbound-anchor.service %files -n python3-unbound %defattr(-,root,root) @@ -239,11 +239,25 @@ popd %{_libdir}/pkgconfig/*.pc %{_includedir}/* +%files anchor +%dir %attr(0755,root,root) %{_sysconfdir}/%{name} +%{_sbindir}/unbound-anchor +%attr(0644,root,root) %config %{_sysconfdir}/%{name}/root.key +%{_sysconfdir}/%{name}/icannbundle.pem +%{_unitdir}/unbound-anchor.timer +%{_unitdir}/unbound-anchor.service + %files help %defattr(-,root,root) %{_mandir}/man* %changelog +* Tue Jun 25 2024 gaihuiying - 1.13.2-12 +- Type:bugfix +- CVE:NA +- SUG:NA +- DESC:move files about anchor and pem to separate package + * Tue Mar 05 2024 gaihuiying - 1.13.2-11 - Type:bugfix - CVE:NA