Devuan bug report logs - #306
dnscrypt-proxy: init script missing for no-systemd systems

Severity: grave;
Package: dnscrypt-proxy; Reported by: "Dimitris T." <dimitris@stinpriza.org>;
Date: Wed, 13 Mar 2019 10:33:07 UTC;
Maintainer for dnscrypt-proxy is (unknown).

View this report as an mbox folder.


Report forwarded to devuan-bugs@lists.dyne.org, owner@bugs.devuan.org:
bug#306; Package dnscrypt-proxy. Full text available.



Acknowledgement sent to "Dimitris T." <dimitris@stinpriza.org>:
New bug report received and forwarded. Copy sent to owner@bugs.devuan.org. Full text available.



Message received at submit@bugs.devuan.org:

From: "Dimitris T." <dimitris@stinpriza.org>
To: Devuan Bug Tracking System <submit@bugs.devuan.org>
Subject: dnscrypt-proxy: init script missing for no-systemd systems
Date: Wed, 13 Mar 2019 01:22:42 +0200

Package: dnscrypt-proxy
Version: 2.0.19+ds1-2+b10
Severity: grave

hey,

dnscrypt-proxy doesn't work by default in Devuan. package doesn't provide a /etc/init.d/dnscrypt-proxy script to start with. (contains only systemd service files).
running it manually works flawlessly : 
# dnscrypt-proxy --config /etc/dnscrypt-proxy/dnscrypt-proxy.toml 

there was/is an init script[1] for dnscrypt-proxy currently in ascii or jessie (not sure), but doesn't work with latest beowulf version. 
older Debian bugs (just for reference): #857322 & #850069.

thanks, 
d

[1] https://git.devuan.org/devuan-packages/dnscrypt-proxy/blob/ea2016f86bcd54c1d2b558f121c95c3e9881d3e4/debian/dnscrypt-proxy.init

-- System Information:
Distributor ID:	Devuan
Description:	Devuan GNU/Linux beowulf/ceres
Release:	10
Codename:	n/a
Architecture: x86_64

Kernel: Linux 4.19.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
LSM: AppArmor: enabled

Versions of packages dnscrypt-proxy depends on:
ii  adduser   3.118
ii  libc6     2.28-8
ii  lsb-base  10.2018112800

dnscrypt-proxy recommends no packages.

Versions of packages dnscrypt-proxy suggests:
ii  resolvconf  1.79

-- Configuration Files:
/etc/dnscrypt-proxy/dnscrypt-proxy.toml changed:
listen_addresses = ['127.0.0.1:9453']
max_clients = 100
user_name = 'nobody'
ipv4_servers = true
ipv6_servers = false
dnscrypt_servers = true
doh_servers = true
require_dnssec = false
require_nolog = true
require_nofilter = true
force_tcp = false
timeout = 2000
keepalive = 30
use_syslog = true
cert_refresh_delay = 240
fallback_resolver = '193.183.98.66:53'
ignore_system_dns = false
netprobe_timeout = 60
log_files_max_size = 10
log_files_max_age = 7
log_files_max_backups = 1
block_ipv6 = false
cache = true
cache_size = 512
cache_min_ttl = 3600
cache_max_ttl = 86400
cache_neg_min_ttl = 60
cache_neg_max_ttl = 600
[query_log]
  ## Path to the query log file (absolute, or relative to the same directory as the executable file)
  # file = 'query.log'
  ## Query log format (currently supported: tsv and ltsv)
  format = 'tsv'
  ## Do not log these query types, to reduce verbosity. Keep empty to log everything.
  # ignored_qtypes = ['DNSKEY', 'NS']
[nx_log]
  ## Path to the query log file (absolute, or relative to the same directory as the executable file)
  # file = 'nx.log'
  ## Query log format (currently supported: tsv and ltsv)
  format = 'tsv'
[blacklist]
  ## Path to the file of blocking rules (absolute, or relative to the same directory as the executable file)
  # blacklist_file = 'blacklist.txt'
blacklist_file = '/etc/dnscrypt-proxy/mybase.txt'
  ## Optional path to a file logging blocked queries
  # log_file = 'blocked.log'
  ## Optional log format: tsv or ltsv (default: tsv)
  # log_format = 'tsv'
[ip_blacklist]
  ## Path to the file of blocking rules (absolute, or relative to the same directory as the executable file)
  # blacklist_file = 'ip-blacklist.txt'
  ## Optional path to a file logging blocked queries
  # log_file = 'ip-blocked.log'
  ## Optional log format: tsv or ltsv (default: tsv)
  # log_format = 'tsv'
[whitelist]
  ## Path to the file of whitelisting rules (absolute, or relative to the same directory as the executable file)
  # whitelist_file = 'whitelist.txt'
  ## Optional path to a file logging whitelisted queries
  # log_file = 'whitelisted.log'
  ## Optional log format: tsv or ltsv (default: tsv)
  # log_format = 'tsv'
[schedules]
  # [schedules.'time-to-sleep']
  # mon = [{after='21:00', before='7:00'}]
  # tue = [{after='21:00', before='7:00'}]
  # wed = [{after='21:00', before='7:00'}]
  # thu = [{after='21:00', before='7:00'}]
  # fri = [{after='23:00', before='7:00'}]
  # sat = [{after='23:00', before='7:00'}]
  # sun = [{after='21:00', before='7:00'}]
  # [schedules.'work']
  # mon = [{after='9:00', before='18:00'}]
  # tue = [{after='9:00', before='18:00'}]
  # wed = [{after='9:00', before='18:00'}]
  # thu = [{after='9:00', before='18:00'}]
  # fri = [{after='9:00', before='17:00'}]
[sources]
  ## An example of a remote source from https://github.com/DNSCrypt/dnscrypt-resolvers
  [sources.'public-resolvers']
  urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/public-resolvers.md', 'https://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md']
  cache_file = 'public-resolvers.md'
  minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
  refresh_delay = 72
  prefix = ''
  ## Quad9 over DNSCrypt - https://quad9.net/
  # [sources.quad9-resolvers]
  # urls = ["https://www.quad9.net/quad9-resolvers.md"]
  # minisign_key = "RWQBphd2+f6eiAqBsvDZEBXBGHQBJfeG6G+wJPPKxCZMoEQYpmoysKUN"
  # cache_file = "quad9-resolvers.md"
  # refresh_delay = 72
  # prefix = "quad9-"
  ## Another example source, with resolvers censoring some websites not appropriate for children
  ## This is a subset of the `public-resolvers` list, so enabling both is useless
  #  [sources.'parental-control']
  #  urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/parental-control.md', 'https://download.dnscrypt.info/resolvers-list/v2/parental-control.md']
  #  cache_file = 'parental-control.md'
  #  minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
[static]
  # [static.'google']
  # stamp = 'sdns://AgUAAAAAAAAAAAAOZG5zLmdvb2dsZS5jb20NL2V4cGVyaW1lbnRhbA'


-- no debconf information





Information forwarded to devuan-bugs@lists.dyne.org, owner@bugs.devuan.org:
bug#306; Package dnscrypt-proxy. Full text available.



Acknowledgement sent to Dimitris <dimitris@stinpriza.org>:
Extra info received and forwarded to list. Copy sent to owner@bugs.devuan.org. Full text available.



Message received at 306@bugs.devuan.org:

To: 306@bugs.devuan.org
From: Dimitris <dimitris@stinpriza.org>
Subject: Re: bug#306: Acknowledgement (dnscrypt-proxy: init script missing for
Date: Wed, 13 Mar 2019 13:09:54 +0200

[Message part 1 (text/plain, inline)]

so, i've done some digging and the way to a proper working init script
for dnscrypt-proxy v2, is to run -as documented officially[1]- :

# dnscrypt-proxy -service install -config
/etc/dnscrypt-proxy/dnscrypt-proxy.toml

this will install a working /etc/init.d/dnscrypt-proxy, so maybe it
should be added in post-install for devuan?
i only had to also add -config flag in cmd parameter inside installed
init script. defaults can't find dnscrypt-proxy.toml and script doesn't
start.
you can find final working init script here[2].

---
tried lots of different older init scripts before reading through v2
docs, but none working. dnscrypt-proxy v2 has no "--daemonize" flag and
new "-child" flag,  fails even in manual run :
Mar 13 00:01:59 hostname dnscrypt-proxy[4942]: Source
[public-resolvers.md] loaded
Mar 13 00:01:59 hostname dnscrypt-proxy[4942]: dnscrypt-proxy 2.0.19
Mar 13 00:01:59 hostname dnscrypt-proxy[4942]: file file+net
listenerTCP: getsockopt: socket operation on non-socket

but that's another bug, for upstream most probably.
--

also gentoo provides an operc script[3]. but while i could get daemon
started with that, it would fail with any other action afterwards
(stop/restart/status). couldn't find /usr/sbin/dnscrypt-proxy running.

thanks,
d.


[1]
https://github.com/jedisct1/dnscrypt-proxy/wiki/Installation-linux#step-6-install-the-proxy-as-a-system-service
[2] https://annuel.framapad.org/p/devuan-dnscrypt-proxyinit
[3]
https://gitweb.gentoo.org/repo/gentoo.git/tree/net-dns/dnscrypt-proxy/files/dnscrypt-proxy.initd



[signature.asc (application/pgp-signature, attachment)]






Devuan BTS -- Powered by Debian bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997 nCipher Corporation Ltd, 1994-97 Ian Jackson.

Devuan Bugs Owner <owner@bugs.devuan.org>.
Last modified: Fri, 23 Aug 2019 04:36:15 UTC