dev-db/pgbouncer: Bump and improve

Added optional dep on OpenSSL. Fixed logrotate script to always succeed. Address potential DoS by letting s-s-d handle the pidfile creation and backgrounding of pgbouncer. Dropped restart in initscript as online restart can’t be used with s-s-d and the pidfile isn’t writeable by the pgbouncer user. Bug: https://bugs.gentoo.org/500546 Bug: https://bugs.gentoo.org/577784 Bug: https://bugs.gentoo.org/629334 Closes: https://bugs.gentoo.org/565218 Package-Manager: Portage-2.3.13, Repoman-2.3.3
author: Aaron W. Swenson <titanofold@gentoo.org> 2017-12-21 06:51:28 -0500
committer: Aaron W. Swenson <titanofold@gentoo.org> 2017-12-21 06:51:28 -0500
commit: 855a26cb2380f20a90fe1873e3a35cb685320af4 (patch)
tree: 7a54e764840e2446f91addd9e2d5af4f4bf4d5c2 /dev-db
parent: net-libs/gsoap: Removed old. (diff)
download: gentoo-855a26cb2380f20a90fe1873e3a35cb685320af4.tar.gz
gentoo-855a26cb2380f20a90fe1873e3a35cb685320af4.tar.bz2
gentoo-855a26cb2380f20a90fe1873e3a35cb685320af4.zip
5 files changed, 216 insertions, 12 deletions
diff --git a/dev-db/pgbouncer/Manifest b/dev-db/pgbouncer/Manifest
index 47087ab67c88..224009111646 100644
--- a/dev-db/pgbouncer/Manifest
+++ b/dev-db/pgbouncer/Manifest
@@ -1 +1,2 @@
 DIST pgbouncer-1.7.2.tar.gz 462374 BLAKE2B 0fea85063e30dad3b7e5d145ecd8660d260c6c09202af3661e8acfdcb5ab25f5c23a2f4e02fcfdfcee872ddeb92b78e157457aafa158ee759a1d73a3d33eb009 SHA512 11c89606599f424b34f39a4b072ec6293fea0b14ee52ae4fbc44775e6d83771a22d194f4e8eabe410e0d6a70657508cf1a3b1012543d91873c36f644afb5675d
+DIST pgbouncer-1.8.1.tar.gz 465930 BLAKE2B 692c551cb7bfb56bfe1b354791b06bdf61866197150a78a7fa9688891a2e4cd3c015abc5fbe33bf66dc85ab0ae83745f2db852eae91ae99596c97be0154e8bd5 SHA512 595a94db98866cec211f2b8c1ad13d209dba00e5fd41f2e9025aabdcb660194f0f772810270a1d9f067c3039c9fee630e8ff2d56f231935add17207aecc10bee
diff --git a/dev-db/pgbouncer/files/pgbouncer-1.8-dirs.patch b/dev-db/pgbouncer/files/pgbouncer-1.8-dirs.patch
new file mode 100644
index 000000000000..cc4d0634b6b3
--- /dev/null
+++ b/dev-db/pgbouncer/files/pgbouncer-1.8-dirs.patch
@@ -0,0 +1,32 @@
+diff -Naruw pgbouncer-1.8.orig/etc/pgbouncer.ini pgbouncer-1.8/etc/pgbouncer.ini
+--- pgbouncer-1.8.orig/etc/pgbouncer.ini	2017-12-18 11:03:18.000000000 -0500
++++ pgbouncer-1.8/etc/pgbouncer.ini	2017-12-20 06:48:25.935839539 -0500
+@@ -34,7 +34,9 @@
+ ;;;
+ 
+ logfile = /var/log/pgbouncer/pgbouncer.log
+-pidfile = /var/run/pgbouncer/pgbouncer.pid
++
++; Leave unset. This is handled in the initscript.
++;pidfile =
+ 
+ ;;;
+ ;;; Where to wait for clients
+@@ -44,11 +46,12 @@
+ listen_addr = 127.0.0.1
+ listen_port = 6432
+ 
+-; Unix socket is also used for -R.
+-; On Debian it should be /var/run/postgresql
+-;unix_socket_dir = /tmp
+-;unix_socket_mode = 0777
+-;unix_socket_group =
++; Unix socket is also used for -R (online restart), but the
++; initscripts can't do that. Generally, you'll want to leave these
++; alone. System-wide default is: /run/postgresql
++unix_socket_dir = /run/postgresql
++unix_socket_mode = 0777
++unix_socket_group = postgres
+ 
+ ;;;
+ ;;; TLS settings for accepting clients
diff --git a/dev-db/pgbouncer/files/pgbouncer.initd-r1 b/dev-db/pgbouncer/files/pgbouncer.initd-r1
new file mode 100755
index 000000000000..7392918593bb
--- /dev/null
+++ b/dev-db/pgbouncer/files/pgbouncer.initd-r1
@@ -0,0 +1,83 @@
+#!/sbin/openrc-run
+
+extra_started_commands="reload"
+
+PIDFILE="/run/pgbouncer.pid"
+
+depend() {
+    use net
+    after postgresql
+}
+
+get_config() {
+    [ -f "${INIFILE}" ] || eend 1 "'${INIFILE}' not found"
+
+    eval echo $(sed -e 's:;.*::' "${INIFILE}" | \
+                    awk '$1 == "'$1'" { print ($2 == "=" ? $3 : $2) }')
+}
+
+start_pre() {
+    local s="$(get_config unix_socket_dir)"
+
+    if [ -n "${s}" ] ; then
+        checkpath -o root:postgres -m 1775 -d "${s}" || return 1
+
+        local listen_port="$(get_config listen_port)"
+
+        if [ -e "${s%/}/.s.PGSQL.${listen_port}" ] ; then
+            eerror "Socket conflict."
+            eerror "A server is already listening on:"
+            eerror "    ${s%/}/.s.PGSQL.${listen_port}"
+            eerror "HINT: Change listen_port in pgbouncer.ini to listen on a"
+            eerror "different socket."
+            return 1
+        fi
+    fi
+
+    checkpath -o pgbouncer:postgres -m 0755 \
+              -d "$(dirname $(get_config logfile))" || return 1
+    checkpath -o pgbouncer:postgres -m 0640 \
+              -f "$(get_config logfile)" || return 1
+
+    return 0
+}
+
+start() {
+    ebegin "Starting PgBouncer"
+    [ -f ${PIDFILE} ] && rm ${PIDFILE}
+
+    start-stop-daemon --start \
+                      --pidfile ${PIDFILE} \
+                      --background \
+                      --make-pidfile \
+                      --user pgbouncer \
+                      --exec /usr/bin/pgbouncer \
+                      -- -q "${INIFILE}"
+    eend $?
+}
+
+stop() {
+    local seconds=$(( ${NICE_TIMEOUT} + ${FORCE_QUIT_TIMEOUT} ))
+    ebegin "Stopping PgBouncer (this can take up to ${seconds} seconds)"
+
+    local retries=SIGINT/${NICE_TIMEOUT}
+
+    if [ "${FORCE_QUIT}" = "YES" ] ; then
+        einfo "FORCE_QUIT enabled."
+        retries="${retries}/SIGTERM/${FORCE_QUIT_TIMEOUT}"
+    fi
+
+    # Loops through nice and force quit in one go.
+    start-stop-daemon --stop \
+                      --user pgbouncer \
+                      --pidfile ${PIDFILE} \
+                      --retry ${retries}
+
+    eend $?
+}
+
+reload() {
+    ebegin "Reloading PgBouncer configuration from '${INIFILE}'"
+    start-stop-daemon --signal HUP --pidfile ${PIDFILE}
+    eend $?
+}
diff --git a/dev-db/pgbouncer/metadata.xml b/dev-db/pgbouncer/metadata.xml
index 0d24afdb221a..29bfef0ab645 100644
--- a/dev-db/pgbouncer/metadata.xml
+++ b/dev-db/pgbouncer/metadata.xml
@@ -1,16 +1,18 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
 <pkgmetadata>
-    <maintainer type="person">
-        <email>titanofold@gentoo.org</email>
-        <name>Aaron W. Swenson</name>
-    </maintainer>
-    <maintainer type="project">
-        <email>pgsql-bugs@gentoo.org</email>
-        <name>PostgreSQL and Related Package Development</name>
-    </maintainer>
-    <use>
-        <flag name="libevent">Use libevent 2.0+ and evdns as the DNS backend</flag>
-        <flag name="udns">Use udns as the DNS backend. Supports IPv4 only.</flag>
-    </use>
+	<maintainer type="project">
+		<email>pgsql-bugs@gentoo.org</email>
+		<name>PostgreSQL</name>
+	</maintainer>
+	<use>
+		<flag name="c-ares">
+			Use c-ares as the DNS backend instead of evdns (libevent).
+		</flag>
+		<flag name="libevent">Use libevent 2.0+ and evdns as the DNS backend</flag>
+		<flag name="udns">
+			Use udns as the DNS backend instead of evdns (libevent). Supports
+			IPv4 only.
+		</flag>
+	</use>
 </pkgmetadata>
diff --git a/dev-db/pgbouncer/pgbouncer-1.8.1.ebuild b/dev-db/pgbouncer/pgbouncer-1.8.1.ebuild
new file mode 100644
index 000000000000..69a361cbeaeb
--- /dev/null
+++ b/dev-db/pgbouncer/pgbouncer-1.8.1.ebuild
@@ -0,0 +1,86 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+
+inherit user
+
+DESCRIPTION="Lightweight connection pooler for PostgreSQL"
+HOMEPAGE="https://pgbouncer.github.io"
+SRC_URI="https://pgbouncer.github.io/downloads/files/${PV}/${P}.tar.gz"
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="+c-ares debug doc pam ssl -udns"
+
+# At-most-one-of, one can be enabled but not both
+REQUIRED_USE="?? ( c-ares udns )"
+
+RDEPEND="
+	>=dev-libs/libevent-2.0
+	>=sys-libs/glibc-2.10
+	c-ares? ( >=net-dns/c-ares-1.10 )
+	ssl? ( >=dev-libs/openssl-1.0.1:=[-bindist] )
+	udns? ( >=net-libs/udns-0.1 )
+"
+
+DEPEND="${RDEPEND}"
+
+pkg_setup() {
+	enewgroup postgres 70
+	enewuser postgres 70 /bin/bash /var/lib/postgresql postgres
+
+	enewuser pgbouncer -1 -1 -1 postgres
+}
+
+src_prepare() {
+	eapply "${FILESDIR}/pgbouncer-1.8-dirs.patch"
+
+	default
+}
+
+src_configure() {
+	# --enable-debug is only used to disable stripping
+	econf \
+		--docdir=/usr/share/doc/${PF} \
+		--enable-debug \
+		$(use_with c-ares cares) \
+		$(use_enable debug cassert) \
+		$(use_with pam) \
+		$(use_with ssl openssl) \
+		$(use_with udns)
+}
+
+src_test() {
+	cd "${S}/test"
+	emake
+}
+
+src_install() {
+	emake DESTDIR="${D}" install
+
+	dodoc AUTHORS
+	use doc && dodoc doc/*.rst
+
+	newconfd "${FILESDIR}/${PN}.confd" "${PN}"
+	newinitd "${FILESDIR}/${PN}.initd-r1" "${PN}"
+
+	insinto /etc
+	doins etc/pgbouncer.ini
+
+	insinto /etc/logrotate.d
+	newins "${FILESDIR}/logrotate" pgbouncer
+}
+
+pkg_postinst() {
+	if [[ -z ${REPLACING_VERSIONS} ]] ; then
+		einfo "Please read the config.txt for Configuration Directives"
+		einfo
+		einfo "For Administration Commands, see:"
+		einfo "    man pgbouncer"
+		einfo
+		einfo "By default, PgBouncer does not have access to any database."
+		einfo "GRANT the permissions needed for your application and make sure that it"
+		einfo "exists in PgBouncer's auth_file."
+	fi
+}
author	Aaron W. Swenson <titanofold@gentoo.org>	2017-12-21 06:51:28 -0500
committer	Aaron W. Swenson <titanofold@gentoo.org>	2017-12-21 06:51:28 -0500
commit	855a26cb2380f20a90fe1873e3a35cb685320af4 (patch)
tree	7a54e764840e2446f91addd9e2d5af4f4bf4d5c2 /dev-db
parent	net-libs/gsoap: Removed old. (diff)
download	gentoo-855a26cb2380f20a90fe1873e3a35cb685320af4.tar.gz gentoo-855a26cb2380f20a90fe1873e3a35cb685320af4.tar.bz2 gentoo-855a26cb2380f20a90fe1873e3a35cb685320af4.zip