me/guix
Archived
1
0
Fork 0
Code Activity

gnu: knot-resolver: Install but disable the default managed root TA.

Browse source 
* gnu/packages/dns.scm (knot-resolver)[arguments]: Enable 'managed_ta', so
'icann-ca.pem' get installed.  Add 'disable-default-ta' phase.
This commit is contained in:
宋文武 2020-01-22 20:06:41 +08:00
parent fe109349d0
commit 8a5c4384e0
No known key found for this signature in database
GPG key ID: D415BF253B515976
1 changed files with 8 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
gnu/packages/dns.scm
View file

@ -680,11 +680,16 @@ synthesis, and on-the-fly re-configuration.")
"09ffmqx79lv5psr433x4n946njgsn071b9b7161pcb9bmrqz380c")))) "09ffmqx79lv5psr433x4n946njgsn071b9b7161pcb9bmrqz380c"))))
(build-system meson-build-system) (build-system meson-build-system)
(arguments (arguments
'(#:configure-flags '(#:configure-flags '("-Ddoc=enabled")
'("-Dmanaged_ta=disabled" ; we'll manage the DNS root data ourself
"-Ddoc=enabled")
#:phases #:phases
(modify-phases %standard-phases (modify-phases %standard-phases
(add-before 'configure 'disable-default-ta
(lambda _
;; Disable the default managed root TA, since we don't have
;; write access to the keyfile and its directory in store.
(substitute* "daemon/lua/sandbox.lua.in"
(("^trust_anchors\\.add_file.*") ""))
#t))
(add-after 'build 'build-doc (add-after 'build 'build-doc
(lambda _ (lambda _
(invoke "ninja" "doc"))) (invoke "ninja" "doc")))