Revision bump to fix non-root runs. Thanks to Ondrej Caletka for the patch and info about the issue.

Package-Manager: portage-2.2.0_alpha120/cvs/Linux x86_64
author: Tomas Chvatal <scarabeus@gentoo.org> 2012-07-26 14:00:35 +0000
committer: Tomas Chvatal <scarabeus@gentoo.org> 2012-07-26 14:00:35 +0000
commit: 1d3453c1cdcd47ab67636a1e0834e69b616117fc (patch)
tree: b93bc2a990e7705f2f716be832ac3ad93fff7a66 /net-dns/knot
parent: net-misc/gip: Version Bump; respect the *FLAGS, #427874 (diff)
download: historical-1d3453c1cdcd47ab67636a1e0834e69b616117fc.tar.gz
historical-1d3453c1cdcd47ab67636a1e0834e69b616117fc.tar.bz2
historical-1d3453c1cdcd47ab67636a1e0834e69b616117fc.zip
4 files changed, 372 insertions, 26 deletions
diff --git a/net-dns/knot/ChangeLog b/net-dns/knot/ChangeLog
index bf0d027e3b7d..8bcb179dc097 100644
--- a/net-dns/knot/ChangeLog
+++ b/net-dns/knot/ChangeLog
@@ -1,6 +1,13 @@
 # ChangeLog for net-dns/knot
 # Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-dns/knot/ChangeLog,v 1.9 2012/06/21 18:08:30 scarabeus Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-dns/knot/ChangeLog,v 1.10 2012/07/26 14:00:35 scarabeus Exp $
+
+*knot-1.0.6-r1 (26 Jul 2012)
+
+  26 Jul 2012; Tomáš Chvátal <scarabeus@gentoo.org>
+  +files/knot-1.0.6-userpriv.patch, +knot-1.0.6-r1.ebuild, -knot-1.0.6.ebuild:
+  Revision bump to fix non-root runs. Thanks to Ondrej Caletka for the patch and
+  info about the issue.
 
 *knot-1.0.6 (21 Jun 2012)
 
@@ -47,4 +54,3 @@
   Initial commit of knot dns authoritative server used by NIC.cz. Added to herd
   bind as it is closest herd. Can't do much runtime testing on gentoo but
   possibly can fix packaging errors.
-
diff --git a/net-dns/knot/Manifest b/net-dns/knot/Manifest
index e207409e2807..3c7ce6240c56 100644
--- a/net-dns/knot/Manifest
+++ b/net-dns/knot/Manifest
@@ -1,27 +1,28 @@
 -----BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA1
+Hash: SHA256
 
-AUX knot-braindead-lto.patch 483 RMD160 1df982f09ce5c8d039eebd0b2137ec32b1eccf47 SHA1 69b5f91c54180239628d9389210825dd86065e8e SHA256 66c398a04df766a0450842f3eacfe34fa32686632ffb6edef9adfc520b6264b0
-AUX knot-move-pidfile-to-var.patch 764 RMD160 dc47fcd5d4e96d7844238a085454a8cb1d414d58 SHA1 b258ff0f217ec71fc322678816fac1821b600425 SHA256 0ee573b4fb4cf16265f1ee431587dbdf090424dabd4b0cce0b3fbcaecbae8d60
-AUX knot.init 673 RMD160 c002635fba41fad5aca818fcd182fbf8d3f1bb0c SHA1 928f6b83fc6a6ea19d75aa6a30c2f8c2d1cfc1f1 SHA256 730e530a56e233cb92df4edbd918df8da24c62370f472ee449a47a344e7f738d
-DIST knot-1.0.6.tar.gz 1065751 RMD160 7b1bd551f06f413b71fc9d309df0b0d89babb939 SHA1 938f98a5d3ef5c661f9d7b335aa4a8266914174b SHA256 baa4e086372015e233ff90cf72ef06e18513b8f2b17196684b6718aa7854f028
-EBUILD knot-1.0.6.ebuild 1044 RMD160 6969a523dfccc22589ee0ed84c4282f2a49a3638 SHA1 5a07e81b8364fc2cdcf87db08204af74b0a72342 SHA256 25873f3be684b5e65a720b7edb53c66030f1732ff3adbf82ad2e52c57e8376a3
-MISC ChangeLog 1783 RMD160 1af978960089d1243c50a51213c351397378ad9c SHA1 0cbcb940c1847eb5098a5313f17a67eb34b3f3f6 SHA256 158711a941061495c3d401a91ca521bf4583bf2a858a736e0746fa2d13320f3d
-MISC metadata.xml 206 RMD160 9b9f87efcded9df0094879ee2d69ec2b6676a0cf SHA1 6874c1d3caa78557ccb1a0d9964ac896d185142e SHA256 87401a34cc110e7b975f1774eee544305a081b1de3346928a0a410a7e8e761bf
+AUX knot-1.0.6-userpriv.patch 9493 SHA256 c259100aa016a1976696a99fb06fd1b7e29227688e59a775e7fa3718f46c190a SHA512 b882b0a2eedb43ab2526ebc7bc4351fd326c28eeafccfceca3e537d980e1ce63afb48dbb151c7557029eefba14618217275ff0223680516260dc353f5bdbb952 WHIRLPOOL 3e3ece8745f4d961d5a52e7a0a784e391cf500e4115ce19d773e4954f7d22c34fd2ea8550409940fbff9accfa8de28f8951c64377f6d0a269eca09aa1c26d9ce
+AUX knot-braindead-lto.patch 483 SHA256 66c398a04df766a0450842f3eacfe34fa32686632ffb6edef9adfc520b6264b0 SHA512 3a61b7760f455b0048cf30ebbc8d582be378e337b8c93a2b8feae55bdc7a866d68b34982475d02e332415c9aa6c7f1461f3af8489828957775713930cc9ffbc2 WHIRLPOOL 7785a5688c2987ab87c1b5207d7fc02cbbf7a0d2565f9c913f7549a546f8031c99c8456a38174b88cf24d1604c8b01bd8b328f7f3017fc531280e8de0fdd5a59
+AUX knot-move-pidfile-to-var.patch 764 SHA256 0ee573b4fb4cf16265f1ee431587dbdf090424dabd4b0cce0b3fbcaecbae8d60 SHA512 83cf3a4de266fd18baba2fd5693444420410b0cc1beae2f4ca95caf8b3773ce5b1830901e4c186f927a5a128456ea56646a021abe27fa1e6fe3c4164350c889d WHIRLPOOL 982f7e4ac27443ea609347c042ca5401540c820c9bdc270d03fca107d24fa83d7eaadfbce9de698e06037eb01d0fb7a43440e6633042cfb905db069fb2f260f3
+AUX knot.init 673 SHA256 730e530a56e233cb92df4edbd918df8da24c62370f472ee449a47a344e7f738d SHA512 421cab56a6f80c15043efbb5006ac67071ac24d29d02fc5113e8c20d61b1633d14456d43fadc6a234a7392db2ef4103c45117fe61de499ea6251c5555d8504d9 WHIRLPOOL 0fe9d8549fce806eb03f3f55f541e70d011c93a35ee1d8c7b14b1c5bb7b87ffa253db686e335ee71c6a8280a8da5ae49a3b6adff3b4ee87c1b09e5a90cdc2928
+DIST knot-1.0.6.tar.gz 1065751 SHA256 baa4e086372015e233ff90cf72ef06e18513b8f2b17196684b6718aa7854f028 SHA512 dad45539e9649f68e7107b1784bb7f16b50ec3431824b896fcb7dc5caa731d9a93f22043479b9878f952df511b74067e3fa9fd1a3fbbea23f01b6a0326fc1943 WHIRLPOOL 55f7175a23fcecbf3f96fae79f0fd3d6d3e47cb430cb8856404de9aff760464efec602d973167d23d707f104bf2170c69755a5cec0b37ace556b0c90df911a9b
+EBUILD knot-1.0.6-r1.ebuild 1085 SHA256 629743c014a08da97fae54d6346d4454038860d4079b33411ea0a65cf458a5be SHA512 4bebdc289b410976b04f3ed1cbe4625bf368ee32c7dde86b9460d4eacf9aea41fee4933063b50675de863d0b16fcb648a7a89b7cd708e12ceed62bfcf998be72 WHIRLPOOL b35e4f464c0f5cda8cfb490923db4bbcfd6c1891659b95231ba90240f660c50fb99db78dd8693b129c0c424b94338b655fda9a3dfcac728ff1a01ae546500cca
+MISC ChangeLog 2053 SHA256 786e7d66e89eb2f9232d48f36715936bee5e1b12904b10a0cb7771f15553580e SHA512 fd74f524cdadf385f3c04906698556308a5f2896912e3e287581a2684f6128ea271eb8f29f164952e3406e3d8b350d8800f5d307a3e712e4588c355708169813 WHIRLPOOL 4b16f91c37be3a1f31620aa94e53d79f9e9a775811ab0bdd603379dca1dd83c77b7193ffa39518dda8596924969828924e1aec111734f2b2fabba5357bf06218
+MISC metadata.xml 206 SHA256 87401a34cc110e7b975f1774eee544305a081b1de3346928a0a410a7e8e761bf SHA512 6c37bce69957a1a76be6fe0b6a005d6f9f24e32429f0e6ea87e2a787ef1832d4fd8ee0fc029bba6487d6e6d9404594b365ad7d4a63a79cafa65dc4e5dc736dc1 WHIRLPOOL e4c0fc31bb5f4c03c8837d0102ab067e7c4fb1de15e93ee2926aa271515f10e4d27542151764ed199e6643f99c1010a07e1c7656ae6e286ddaed1f3e7f7f027a
 -----BEGIN PGP SIGNATURE-----
-Version: GnuPG v2.0.17 (GNU/Linux)
+Version: GnuPG v2.0.19 (GNU/Linux)
 
-iQIcBAEBAgAGBQJP42MkAAoJEOSiRoyO7jvoaEMP/1t8KiY0ujKksQDmRg5XjOko
-WFFpP2C+NZuKI8v+x+3JLAprCY7TBfqeP/wb2QofNAhROeVr8L1XAD9/Bn+2Vyab
-pfwqFqy/C+bkQWs0BJNoNvuY2yH0VzuF5jzqc9v5a8faTQYDhldu4Wk6u1F4/BId
-tl5Pmml1qP9U3cofmt4MR3b34YbRsPS5IvZoyOH3e8bX5E48PXsreSqCvQeje/mq
-/5wcFMKgq09jINURp3C2JoMHyrp2+cdEu/ENHQrhKbxK18PTD9FJ7Yepesrzq71D
-FHDjLS+VaqDwp+eR1unhaGhl+TaXeMNoznxn5lzPTpDjRiuPH/cfoBs8cABX6XAl
-COYf2+jbixr91PL5ewWMAf+XzvuCfSGz76cZCF4W2rFqCq12+XJ9NoNROYJca1KJ
-KQuSzJ+9FmA2UJRYrn60wkqyBF1gIPtvuFyW16Dz6PWTHjzo5h2RT0DbeyhPHqgY
-8m9fsx+TcIAH9PZNJugW28bJ2ANLoz5gKdCG1TlrwjMcyu6O78scySfKZNUy/cuQ
-bc6p7E4Oyhjgs8Yk3LI2FNQ6+fRSwKw9Dmoxg431aKQmInFp/Nge61EAOV6i7C6v
-FCt1BlCEnxMa6XSHSVcX7Jh816YEaWrp2+bivXapNHRFj/bOv7lszfLHS5bjoFh+
-LASnWQh06R7MvFUtwfoV
-=5CKn
+iQIcBAEBCAAGBQJQEU2iAAoJEOSiRoyO7jvoaCAP/116Z7k019BKJ2IErvku7kUD
+/gRRqsr3SIuXA05r+xclOpOBTjJm9Dnad7xnJn5EOTbaGDmZocfswcP2y2CF/iIb
+PQP+iSZKmFG3+zmyT8jUvdiPs7hARkz6frn/IiXvz50bXymVFlOjC7LFRaH+qRQO
+/n4/VehWEkhN+zcrA/hnrI1uHpwHpiuG9NrgaPgXRyt6NRFkCNt8qzWkXHMbm31G
+5wjBGPdbHvvp5uxPVwxJX1yAsMMHeAjyG9tY0/8Ourp4Dxk83ZQJg47P00zm2rpH
+p5CL2mKcXce5Y2Jpt//alxKrWce2okEzrLQJsSq7qbECEV0ggmfn+/29FYTAzCBy
+35RpKkiOQdoXfFZY7iNI76Z8YTGyRJcZc6ZKw75q7dNc+w7LQHJcEuQt0/JJTNhl
+Q6iwSwOM+jbZwoUgz+eni9lPnSroIA4VD8A395TqHiP0yOmox7gL/d8oBuSefwks
+0vCVzkj4r+fUC8WSXAser5ksBpx3px3NUbbl156r89OYoz8DZYOgr/+LodJbaxRE
+zMK7gjoKJ4KC2qZelzv+EsyXa1GX8WOdQm90mKliOUe5yymf0v7hgBvjxT2PF+Ha
+zS7xq99S7g/OAP+3QeP2U3eOWpjoPxuuL1XWionkjsa4AS7eHxgv8jORuyoPP5LV
+uL4MYvCPb3VPndYqmO5p
+=BwRA
 -----END PGP SIGNATURE-----
diff --git a/net-dns/knot/files/knot-1.0.6-userpriv.patch b/net-dns/knot/files/knot-1.0.6-userpriv.patch
new file mode 100644
index 000000000000..1526ca445dfb
--- /dev/null
+++ b/net-dns/knot/files/knot-1.0.6-userpriv.patch
@@ -0,0 +1,338 @@
+diff --git a/src/knot/conf/conf.c b/src/knot/conf/conf.c
+index 4bbf622..0785b04 100644
+--- a/src/knot/conf/conf.c
++++ b/src/knot/conf/conf.c
+@@ -309,6 +309,10 @@ static int conf_process(conf_t *conf)
+ 		strncat(dest, dbext, strlen(dbext));
+ 		zone->ixfr_db = dest;
+ 	}
++	
++	/* Update UID and GID. */
++	if (conf->uid < 0) conf->uid = getuid();
++	if (conf->gid < 0) conf->gid = getgid();
+ 
+ 	return ret;
+ }
+diff --git a/src/knot/ctl/knotc_main.c b/src/knot/ctl/knotc_main.c
+index 97412dd..7f74bca 100644
+--- a/src/knot/ctl/knotc_main.c
++++ b/src/knot/ctl/knotc_main.c
+@@ -43,7 +43,8 @@ enum knotc_flag_t {
+ 	F_VERBOSE     = 1 << 1,
+ 	F_WAIT        = 1 << 2,
+ 	F_INTERACTIVE = 1 << 3,
+-	F_AUTO        = 1 << 4
++	F_AUTO        = 1 << 4,
++	F_UNPRIVILEGED= 1 << 5
+ };
+ 
+ static inline unsigned has_flag(unsigned flags, enum knotc_flag_t f) {
+@@ -142,10 +143,15 @@ pid_t wait_cmd(pid_t proc, int *rc)
+ 	return proc;
+ }
+ 
+-pid_t start_cmd(const char *argv[], int argc)
++pid_t start_cmd(const char *argv[], int argc, int flags)
+ {
+ 	pid_t chproc = fork();
+ 	if (chproc == 0) {
++	
++		/* Alter privileges. */
++		if (flags & F_UNPRIVILEGED) {
++			proc_update_privileges(conf()->uid, conf()->gid);
++		}
+ 
+ 		/* Duplicate, it doesn't run from stack address anyway. */
+ 		char **args = malloc((argc + 1) * sizeof(char*));
+@@ -180,7 +186,7 @@ pid_t start_cmd(const char *argv[], int argc)
+ int exec_cmd(const char *argv[], int argc)
+ {
+ 	int ret = 0;
+-	pid_t proc = start_cmd(argv, argc);
++	pid_t proc = start_cmd(argv, argc, 0);
+ 	wait_cmd(proc, &ret);
+ 	return ret;
+ }
+@@ -291,17 +297,6 @@ int execute(const char *action, char **argv, int argc, pid_t pid,
+ 	int valid_cmd = 0;
+ 	int rc = 0;
+ 	if (strcmp(action, "start") == 0) {
+-		// Check pidfile for w+
+-		FILE* chkf = fopen(pidfile, "w+");
+-		if (chkf == NULL) {
+-			log_server_error("PID file '%s' is not writeable, "
+-			                 "refusing to start\n", pidfile);
+-			return 1;
+-		} else {
+-			fclose(chkf);
+-			chkf = NULL;
+-		}
+-
+ 		// Check PID
+ 		valid_cmd = 1;
+ //		if (pid < 0 && pid == KNOT_ERANGE) {
+@@ -604,7 +599,7 @@ int execute(const char *action, char **argv, int argc, pid_t pid,
+ 			}
+ 			fflush(stdout);
+ 			fflush(stderr);
+-			pid_t zcpid = start_cmd(args, ac);
++			pid_t zcpid = start_cmd(args, ac, F_UNPRIVILEGED);
+ 			zctask_add(tasks, jobs, zcpid, zone);
+ 			++running;
+ 		}
+@@ -722,7 +717,7 @@ int main(int argc, char **argv)
+ 		log_levels_add(LOGT_STDOUT, LOG_ANY,
+ 		               LOG_MASK(LOG_INFO)|LOG_MASK(LOG_DEBUG));
+ 	}
+-
++	
+ 	// Fetch PID
+ 	char* pidfile = pid_filename();
+ 	if (!pidfile) {
+diff --git a/src/knot/ctl/process.c b/src/knot/ctl/process.c
+index bb61804..8864cd0 100644
+--- a/src/knot/ctl/process.c
++++ b/src/knot/ctl/process.c
+@@ -21,6 +21,8 @@
+ #include <errno.h>
+ #include <string.h>
+ #include <signal.h>
++#include <grp.h>
++#include <unistd.h>
+ 
+ #include "knot/common.h"
+ #include "knot/ctl/process.h"
+@@ -113,6 +115,7 @@ int pid_write(const char* fn)
+ int pid_remove(const char* fn)
+ {
+ 	if (unlink(fn) < 0) {
++		perror("unlink");
+ 		return KNOTD_EINVAL;
+ 	}
+ 
+@@ -124,3 +127,45 @@ int pid_running(pid_t pid)
+ 	return kill(pid, 0) == 0;
+ }
+ 
++void proc_update_privileges(int uid, int gid)
++{
++#ifdef HAVE_SETGROUPS
++	/* Drop supplementary groups. */
++	if (uid != getuid() || gid != getgid()) {
++		if (setgroups(0, NULL) < 0) {
++			log_server_warning("Failed to drop supplementary groups"
++			                   " for uid '%d' (%s).\n",
++			                   getuid(), strerror(errno));
++		}
++	}
++#endif
++	
++	/* Watch uid/gid. */
++	if (gid != getgid()) {
++		log_server_info("Changing group id to '%d'.\n", gid);
++		if (setregid(gid, gid) < 0) {
++			log_server_error("Failed to change gid to '%d'.\n",
++			                 gid);
++		}
++	}
++	if (uid != getuid()) {
++		log_server_info("Changing user id to '%d'.\n", uid);
++		if (setreuid(uid, uid) < 0) {
++			log_server_error("Failed to change uid to '%d'.\n",
++			                 uid);
++		}
++	}
++	
++	/* Check storage writeability. */
++	char *lfile = strcdup(conf()->storage, "/knot.lock");
++	assert(lfile != NULL);
++	FILE* fp = fopen(lfile, "w");
++	if (fp == NULL) {
++		log_server_warning("Storage directory '%s' is not writeable.\n",
++		                   conf()->storage);
++	} else {
++		fclose(fp);
++		unlink(lfile);
++	}
++	free(lfile);
++}
+diff --git a/src/knot/ctl/process.h b/src/knot/ctl/process.h
+index d8f2f4c..a387add 100644
+--- a/src/knot/ctl/process.h
++++ b/src/knot/ctl/process.h
+@@ -83,6 +83,15 @@ int pid_remove(const char* fn);
+  */
+ int pid_running(pid_t pid);
+ 
++/*!
++ * \brief Update process privileges to new UID/GID.
++ *
++ * \param uid New user ID.
++ * \param gid New group ID.
++ *
++ */
++void proc_update_privileges(int uid, int gid);
++
+ #endif // _KNOTD_PROCESS_H_
+ 
+ /*! @} */
+diff --git a/src/knot/main.c b/src/knot/main.c
+index 99ee1cf..a62230a 100644
+--- a/src/knot/main.c
++++ b/src/knot/main.c
+@@ -20,6 +20,7 @@
+ #include <unistd.h>
+ #include <getopt.h>
+ #include <limits.h>
++
+ #ifdef HAVE_CAP_NG_H
+ #include <cap-ng.h>
+ #endif /* HAVE_CAP_NG_H */
+@@ -161,7 +162,6 @@ int main(int argc, char **argv)
+ 	conf_read_lock();
+ 	conf_add_hook(conf(), CONF_LOG, log_conf_hook, 0);
+ 	conf_add_hook(conf(), CONF_ALL, server_conf_hook, server);
+-	conf_add_hook(conf(), CONF_ALL, zones_ns_conf_hook, server->nameserver);
+ 	conf_read_unlock();
+ 
+ 	// Find implicit configuration file
+@@ -242,21 +242,28 @@ int main(int argc, char **argv)
+ 	}
+ 	log_server_info("\n");
+ 
+-	// Create server instance
+-	char* pidfile = pid_filename();
++	/* Alter privileges. */
++	proc_update_privileges(conf()->uid, conf()->gid);
++	
++	/* Load zones and add hook. */
++	zones_ns_conf_hook(conf(), server->nameserver);
++	conf_add_hook(conf(), CONF_ALL, zones_ns_conf_hook, server->nameserver);
+ 
+ 	// Run server
+ 	int res = 0;
++	int has_pid = 0;
++	char* pidfile = pid_filename();
+ 	log_server_info("Starting server...\n");
+ 	if ((server_start(server)) == KNOTD_EOK) {
+ 
+ 		// Save PID
+-		int has_pid = 1;
++		has_pid = 1;
+ 		int rc = pid_write(pidfile);
+ 		if (rc < 0) {
+ 			has_pid = 0;
+ 			log_server_warning("Failed to create "
+-					   "PID file '%s'.\n", pidfile);
++					   "PID file '%s' (%s).\n",
++					   pidfile, strerror(errno));
+ 		}
+ 
+ 		// Change directory if daemonized
+@@ -370,7 +377,7 @@ int main(int argc, char **argv)
+ 	server_destroy(&server);
+ 
+ 	// Remove PID file
+-	if (pid_remove(pidfile) < 0) {
++	if (has_pid && pid_remove(pidfile) < 0) {
+ 		log_server_warning("Failed to remove PID file.\n");
+ 	}
+ 
+diff --git a/src/knot/server/server.c b/src/knot/server/server.c
+index 5611a0c..5df7fe1 100644
+--- a/src/knot/server/server.c
++++ b/src/knot/server/server.c
+@@ -22,8 +22,6 @@
+ #include <errno.h>
+ #include <openssl/evp.h>
+ #include <assert.h>
+-#include <grp.h>
+-
+ 
+ #include "common/prng.h"
+ #include "knot/common.h"
+@@ -743,51 +741,9 @@ int server_conf_hook(const struct conf_t *conf, void *data)
+ 			                 "configured interfaces.\n");
+ 		}
+ 	}
+-	
+-	/* Lock configuration. */
+-	conf_read_lock();
+-	int priv_failed = 0;
+-	
+-#ifdef HAVE_SETGROUPS
+-	/* Drop supplementary groups. */
+-	if (conf->gid > -1 || conf->uid > -1) {
+-		ret = setgroups(0, NULL);
+-		
+-		/* Collect results. */
+-		if (ret < 0) {
+-			log_server_error("Failed to set supplementary groups "
+-			                 "for uid '%d' (%s).\n",
+-			                 getuid(), strerror(errno));
+-			priv_failed = 1;
+-		}
+-	}
+-#endif
+-	
+-	/* Watch uid/gid. */
+-	if (conf->gid > -1 && conf->gid != getgid()) {
+-		log_server_info("Changing group id to '%d'.\n", conf->gid);
+-		if (setregid(conf->gid, conf->gid) < 0) {
+-			log_server_error("Failed to change gid to '%d'.\n",
+-			                 conf->gid);
+-			priv_failed = 1;
+-		}
+-	}
+-	if (conf->uid > -1 && conf->uid != getuid()) {
+-		log_server_info("Changing user id to '%d'.\n", conf->uid);
+-		if (setreuid(conf->uid, conf->uid) < 0) {
+-			log_server_error("Failed to change uid to '%d'.\n",
+-			                 conf->uid);
+-			priv_failed = 1;
+-		}
+-	}
+-
+-	if (priv_failed) {
+-		ret = KNOTD_EACCES;
+-	}
+ 
+ 	/* Exit if the server is not running. */
+ 	if (ret != KNOTD_EOK || !(server->state & ServerRunning)) {
+-		conf_read_unlock();
+ 		return KNOTD_ENOTRUNNING;
+ 	}
+ 
+@@ -807,9 +763,6 @@ int server_conf_hook(const struct conf_t *conf, void *data)
+ 		}
+ 	}
+ 
+-	/* Unlock config. */
+-	conf_read_unlock();
+-
+ 	return ret;
+ }
+ 
+diff --git a/src/zcompile/zcompile.c b/src/zcompile/zcompile.c
+index c4415d4..3c39004 100644
+--- a/src/zcompile/zcompile.c
++++ b/src/zcompile/zcompile.c
+@@ -570,7 +570,7 @@ int zone_read(const char *name, const char *zonefile, const char *outfile,
+ 	}
+ 
+ 	if (!knot_dname_is_fqdn(dname)) {
+-		fprintf(stderr, "Error: given zone origin is not FQDN.\n");
++		log_zone_error("Error: given zone origin is not FQDN.\n");
+ 		knot_dname_release(dname);
+ 		return KNOTDZCOMPILE_EINVAL;
+ 	}
+@@ -660,8 +660,7 @@ int zone_read(const char *name, const char *zonefile, const char *outfile,
+ 
+ 	if (found_orphans != parser->rrsig_orphan_count) {
+ 		/*! \todo This might be desired behaviour. */
+-		fprintf(stderr,
+-		        "There are unassigned RRSIGs in the zone!\n");
++		log_zone_error("There are unassigned RRSIGs in the zone!\n");
+ 		parser->errors++;
+ 	}
+ 
diff --git a/net-dns/knot/knot-1.0.6.ebuild b/net-dns/knot/knot-1.0.6-r1.ebuild
index 6036622730bf..980cf69f11af 100644
--- a/net-dns/knot/knot-1.0.6.ebuild
+++ b/net-dns/knot/knot-1.0.6-r1.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2012 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-dns/knot/knot-1.0.6.ebuild,v 1.1 2012/06/21 18:08:30 scarabeus Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-dns/knot/knot-1.0.6-r1.ebuild,v 1.1 2012/07/26 14:00:35 scarabeus Exp $
 
 EAPI=4
 
@@ -29,7 +29,8 @@ DEPEND="${RDEPEND}
 src_prepare() {
 	epatch \
 		"${FILESDIR}"/${PN}-move-pidfile-to-var.patch \
-		"${FILESDIR}"/${PN}-braindead-lto.patch
+		"${FILESDIR}"/${PN}-braindead-lto.patch \
+		"${FILESDIR}"/${P}-userpriv.patch
 	sed -i \
 		-e 's:-Werror::g' \
 		configure.ac || die
author	Tomas Chvatal <scarabeus@gentoo.org>	2012-07-26 14:00:35 +0000
committer	Tomas Chvatal <scarabeus@gentoo.org>	2012-07-26 14:00:35 +0000
commit	1d3453c1cdcd47ab67636a1e0834e69b616117fc (patch)
tree	b93bc2a990e7705f2f716be832ac3ad93fff7a66 /net-dns/knot
parent	net-misc/gip: Version Bump; respect the *FLAGS, #427874 (diff)
download	historical-1d3453c1cdcd47ab67636a1e0834e69b616117fc.tar.gz historical-1d3453c1cdcd47ab67636a1e0834e69b616117fc.tar.bz2 historical-1d3453c1cdcd47ab67636a1e0834e69b616117fc.zip