Devuan bug report logs - #306
dnscrypt-proxy: init script missing for no-systemd systems

Package: dnscrypt-proxy; Maintainer for dnscrypt-proxy is Devuan Developers <devuan-dev@lists.dyne.org>;

Reported by: "Dimitris T." <dimitris@stinpriza.org>

Date: Wed, 13 Mar 2019 10:33:07 UTC

Severity: grave

Tags: beowulf

Done: Mark Hindley <mark@hindley.org.uk>

Reply or subscribe to this bug.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to devuan-bugs@lists.dyne.org, owner@bugs.devuan.org:
bug#306; Package dnscrypt-proxy. (full text, mbox, link).


Acknowledgement sent to "Dimitris T." <dimitris@stinpriza.org>:
New bug report received and forwarded. Copy sent to owner@bugs.devuan.org. (full text, mbox, link).


Message #5 received at submit@bugs.devuan.org (full text, mbox, reply):

From: "Dimitris T." <dimitris@stinpriza.org>
To: Devuan Bug Tracking System <submit@bugs.devuan.org>
Subject: dnscrypt-proxy: init script missing for no-systemd systems
Date: Wed, 13 Mar 2019 01:22:42 +0200
Package: dnscrypt-proxy
Version: 2.0.19+ds1-2+b10
Severity: grave

hey,

dnscrypt-proxy doesn't work by default in Devuan. package doesn't provide a /etc/init.d/dnscrypt-proxy script to start with. (contains only systemd service files).
running it manually works flawlessly : 
# dnscrypt-proxy --config /etc/dnscrypt-proxy/dnscrypt-proxy.toml 

there was/is an init script[1] for dnscrypt-proxy currently in ascii or jessie (not sure), but doesn't work with latest beowulf version. 
older Debian bugs (just for reference): #857322 & #850069.

thanks, 
d

[1] https://git.devuan.org/devuan-packages/dnscrypt-proxy/blob/ea2016f86bcd54c1d2b558f121c95c3e9881d3e4/debian/dnscrypt-proxy.init

-- System Information:
Distributor ID:	Devuan
Description:	Devuan GNU/Linux beowulf/ceres
Release:	10
Codename:	n/a
Architecture: x86_64

Kernel: Linux 4.19.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
LSM: AppArmor: enabled

Versions of packages dnscrypt-proxy depends on:
ii  adduser   3.118
ii  libc6     2.28-8
ii  lsb-base  10.2018112800

dnscrypt-proxy recommends no packages.

Versions of packages dnscrypt-proxy suggests:
ii  resolvconf  1.79

-- Configuration Files:
/etc/dnscrypt-proxy/dnscrypt-proxy.toml changed:
listen_addresses = ['127.0.0.1:9453']
max_clients = 100
user_name = 'nobody'
ipv4_servers = true
ipv6_servers = false
dnscrypt_servers = true
doh_servers = true
require_dnssec = false
require_nolog = true
require_nofilter = true
force_tcp = false
timeout = 2000
keepalive = 30
use_syslog = true
cert_refresh_delay = 240
fallback_resolver = '193.183.98.66:53'
ignore_system_dns = false
netprobe_timeout = 60
log_files_max_size = 10
log_files_max_age = 7
log_files_max_backups = 1
block_ipv6 = false
cache = true
cache_size = 512
cache_min_ttl = 3600
cache_max_ttl = 86400
cache_neg_min_ttl = 60
cache_neg_max_ttl = 600
[query_log]
  ## Path to the query log file (absolute, or relative to the same directory as the executable file)
  # file = 'query.log'
  ## Query log format (currently supported: tsv and ltsv)
  format = 'tsv'
  ## Do not log these query types, to reduce verbosity. Keep empty to log everything.
  # ignored_qtypes = ['DNSKEY', 'NS']
[nx_log]
  ## Path to the query log file (absolute, or relative to the same directory as the executable file)
  # file = 'nx.log'
  ## Query log format (currently supported: tsv and ltsv)
  format = 'tsv'
[blacklist]
  ## Path to the file of blocking rules (absolute, or relative to the same directory as the executable file)
  # blacklist_file = 'blacklist.txt'
blacklist_file = '/etc/dnscrypt-proxy/mybase.txt'
  ## Optional path to a file logging blocked queries
  # log_file = 'blocked.log'
  ## Optional log format: tsv or ltsv (default: tsv)
  # log_format = 'tsv'
[ip_blacklist]
  ## Path to the file of blocking rules (absolute, or relative to the same directory as the executable file)
  # blacklist_file = 'ip-blacklist.txt'
  ## Optional path to a file logging blocked queries
  # log_file = 'ip-blocked.log'
  ## Optional log format: tsv or ltsv (default: tsv)
  # log_format = 'tsv'
[whitelist]
  ## Path to the file of whitelisting rules (absolute, or relative to the same directory as the executable file)
  # whitelist_file = 'whitelist.txt'
  ## Optional path to a file logging whitelisted queries
  # log_file = 'whitelisted.log'
  ## Optional log format: tsv or ltsv (default: tsv)
  # log_format = 'tsv'
[schedules]
  # [schedules.'time-to-sleep']
  # mon = [{after='21:00', before='7:00'}]
  # tue = [{after='21:00', before='7:00'}]
  # wed = [{after='21:00', before='7:00'}]
  # thu = [{after='21:00', before='7:00'}]
  # fri = [{after='23:00', before='7:00'}]
  # sat = [{after='23:00', before='7:00'}]
  # sun = [{after='21:00', before='7:00'}]
  # [schedules.'work']
  # mon = [{after='9:00', before='18:00'}]
  # tue = [{after='9:00', before='18:00'}]
  # wed = [{after='9:00', before='18:00'}]
  # thu = [{after='9:00', before='18:00'}]
  # fri = [{after='9:00', before='17:00'}]
[sources]
  ## An example of a remote source from https://github.com/DNSCrypt/dnscrypt-resolvers
  [sources.'public-resolvers']
  urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/public-resolvers.md', 'https://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md']
  cache_file = 'public-resolvers.md'
  minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
  refresh_delay = 72
  prefix = ''
  ## Quad9 over DNSCrypt - https://quad9.net/
  # [sources.quad9-resolvers]
  # urls = ["https://www.quad9.net/quad9-resolvers.md"]
  # minisign_key = "RWQBphd2+f6eiAqBsvDZEBXBGHQBJfeG6G+wJPPKxCZMoEQYpmoysKUN"
  # cache_file = "quad9-resolvers.md"
  # refresh_delay = 72
  # prefix = "quad9-"
  ## Another example source, with resolvers censoring some websites not appropriate for children
  ## This is a subset of the `public-resolvers` list, so enabling both is useless
  #  [sources.'parental-control']
  #  urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/parental-control.md', 'https://download.dnscrypt.info/resolvers-list/v2/parental-control.md']
  #  cache_file = 'parental-control.md'
  #  minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
[static]
  # [static.'google']
  # stamp = 'sdns://AgUAAAAAAAAAAAAOZG5zLmdvb2dsZS5jb20NL2V4cGVyaW1lbnRhbA'


-- no debconf information


Information forwarded to devuan-bugs@lists.dyne.org, owner@bugs.devuan.org:
bug#306; Package dnscrypt-proxy. (full text, mbox, link).


Acknowledgement sent to Dimitris <dimitris@stinpriza.org>:
Extra info received and forwarded to list. Copy sent to owner@bugs.devuan.org. (full text, mbox, link).


Message #10 received at 306@bugs.devuan.org (full text, mbox, reply):

From: Dimitris <dimitris@stinpriza.org>
To: 306@bugs.devuan.org
Subject: Re: bug#306: Acknowledgement (dnscrypt-proxy: init script missing for no-systemd systems)
Date: Wed, 13 Mar 2019 13:09:54 +0200
[Message part 1 (text/plain, inline)]
so, i've done some digging and the way to a proper working init script
for dnscrypt-proxy v2, is to run -as documented officially[1]- :

# dnscrypt-proxy -service install -config
/etc/dnscrypt-proxy/dnscrypt-proxy.toml

this will install a working /etc/init.d/dnscrypt-proxy, so maybe it
should be added in post-install for devuan?
i only had to also add -config flag in cmd parameter inside installed
init script. defaults can't find dnscrypt-proxy.toml and script doesn't
start.
you can find final working init script here[2].

---
tried lots of different older init scripts before reading through v2
docs, but none working. dnscrypt-proxy v2 has no "--daemonize" flag and
new "-child" flag,  fails even in manual run :
Mar 13 00:01:59 hostname dnscrypt-proxy[4942]: Source
[public-resolvers.md] loaded
Mar 13 00:01:59 hostname dnscrypt-proxy[4942]: dnscrypt-proxy 2.0.19
Mar 13 00:01:59 hostname dnscrypt-proxy[4942]: file file+net
listenerTCP: getsockopt: socket operation on non-socket

but that's another bug, for upstream most probably.
--

also gentoo provides an operc script[3]. but while i could get daemon
started with that, it would fail with any other action afterwards
(stop/restart/status). couldn't find /usr/sbin/dnscrypt-proxy running.

thanks,
d.


[1]
https://github.com/jedisct1/dnscrypt-proxy/wiki/Installation-linux#step-6-install-the-proxy-as-a-system-service
[2] https://annuel.framapad.org/p/devuan-dnscrypt-proxyinit
[3]
https://gitweb.gentoo.org/repo/gentoo.git/tree/net-dns/dnscrypt-proxy/files/dnscrypt-proxy.initd

[signature.asc (application/pgp-signature, attachment)]

Information forwarded to devuan-bugs@lists.dyne.org, Hleb Valoshka <375gnu@gmail.com>:
bug#306; Package dnscrypt-proxy. (Tue, 14 Jan 2020 17:33:02 GMT) (full text, mbox, link).


Message #13 received at 306@bugs.devuan.org (full text, mbox, reply):

From: Mark Hindley <mark@hindley.org.uk>
To: 306@bugs.devuan.org
Subject: Re: bug#306: Acknowledgement (dnscrypt-proxy: init script missing for no-systemd systems)
Date: Tue, 14 Jan 2020 17:15:06 +0000
Control: tag -1 beowulf

Dimitris,

I have just confirmed that this is still an issue.

I think we will have to fork the package.

Thanks

LeePen

Added tag(s) beowulf. Request was from Mark Hindley <mark@hindley.org.uk> to 306-submit@bugs.devuan.org. (Tue, 14 Jan 2020 17:33:06 GMT) (full text, mbox, link).


Reply sent to Mark Hindley <mark@hindley.org.uk>:
You have taken responsibility. (Thu, 16 Jan 2020 18:18:01 GMT) (full text, mbox, link).


Notification sent to "Dimitris T." <dimitris@stinpriza.org>:
bug acknowledged by developer. (Thu, 16 Jan 2020 18:18:04 GMT) (full text, mbox, link).


Message #20 received at 306-close@bugs.devuan.org (full text, mbox, reply):

From: Mark Hindley <mark@hindley.org.uk>
To: 306-close@bugs.devuan.org
Subject: Re: bug#306: Acknowledgement (dnscrypt-proxy: init script missing for no-systemd systems)
Date: Thu, 16 Jan 2020 18:09:25 +0000
Devuan's fork of dnscrypt-proxy, version 2.0.19+ds1-2+devuan2 is now
in unstable, beowulf and chimaera.

Closing.

Mark

Send a report that this bug log contains spam.


Devuan BTS -- Powered by Debian bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.

Devuan Bugs Owner <owner@bugs.devuan.org>.
Last modified: Sun May 31 00:39:08 2020;