Update to 0.999.8-1

4 files changed, 75 insertions, 62 deletions

diff --git a/.SRCINFO b/.SRCINFO
index c3486b777550..a41d63d0358c 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,43 +1,26 @@
 pkgbase = hostsblock
-	pkgdesc = A script that downloads, sorts, and compiles multiple ad- and malware-blocking hosts files.
-	pkgver = 0.999.7
+	pkgdesc = An ad- and malware-blocking utility for POSIX systems
+	pkgver = 0.999.8
 	pkgrel = 1
-	url = http://gaenserich.github.com/hostsblock/
+	url = https://github.com/gaenserich/hostsblock
 	install = hostsblock.install
 	changelog = hostsblock.changelog
 	arch = any
 	license = GPL
-	depends = bash
+	depends = sh
 	depends = curl
 	depends = grep
 	depends = sed
 	depends = coreutils
-	depends = gzip
+	depends = findutils
 	optdepends = dnsmasq: helps speed up DNS resolutions
 	optdepends = pixelserv: removes boilerplate page on blocked urls
 	optdepends = kwakd: removes boilerplate page on blocked urls (recommended)
 	optdepends = pixelserv-tls: removes boilerplate page on blocked urls (supports HTTPS)
 	optdepends = unzip: allows the use of zipped downloads
 	optdepends = p7zip: allows the use of 7zipped downloads
-	optdepends = pigz: improves performance of gzip operations
-	backup = var/lib/hostsblock/hostsblock.conf
-	backup = var/lib/hostsblock/black.list
-	backup = var/lib/hostsblock/white.list
-	backup = var/lib/hostsblock/hosts.head
-	source = hostsblock.sh
-	source = hostsblock.conf
-	source = black.list
-	source = white.list
-	source = hosts.head
-	source = hostsblock.service
-	source = hostsblock.timer
-	sha1sums = 895e820e6ff80d9e7a8fec5992dedd72b7dc57c7
-	sha1sums = 38a04854bda5a96b57abd6f5c18f5db472c843b9
-	sha1sums = 30fdaad1ee0497b9b88b61cfbd958d20c644801b
-	sha1sums = 11ab0a6bac002879a04872ec06a3611c32c80e1d
-	sha1sums = cff64336645b54e11248d31a6e4406cc3642483f
-	sha1sums = 7196c143f060f4dcfc12d2d1ca36a5055ac51ef2
-	sha1sums = f57b1cd082e29631b6fbaae5a7191dbc3ddf176b
+	source = https://github.com/gaenserich/hostsblock/archive/v0.999.8.tar.gz
+	sha1sums = ad67ce3f45cc5a4b967f5c9e3af6ef8d65b56fa1
 
 pkgname = hostsblock
 
diff --git a/PKGBUILD b/PKGBUILD
index 6f313f9b3570..05c8f4e70a08 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -1,39 +1,40 @@
 # Maintainer/Originator: Jake VanderKolk <jakevanderkolk@gmail.com>
 pkgname=hostsblock
-pkgver=0.999.7
+pkgver=0.999.8
 pkgrel=1
-pkgdesc="A script that downloads, sorts, and compiles multiple ad- and malware-blocking hosts files."
+pkgdesc="An ad- and malware-blocking utility for POSIX systems"
 arch=(any)
-url="http://gaenserich.github.com/hostsblock/"
+url="https://github.com/gaenserich/hostsblock"
 license=('GPL')
-depends=(bash curl grep sed coreutils gzip)
+depends=(sh curl grep sed coreutils findutils)
 optdepends=('dnsmasq: helps speed up DNS resolutions'
 	    'pixelserv: removes boilerplate page on blocked urls'
 	    'kwakd: removes boilerplate page on blocked urls (recommended)'
-            'pixelserv-tls: removes boilerplate page on blocked urls (supports HTTPS)'
+        'pixelserv-tls: removes boilerplate page on blocked urls (supports HTTPS)'
 	    'unzip: allows the use of zipped downloads'
-	    'p7zip: allows the use of 7zipped downloads'
-            'pigz: improves performance of gzip operations')
-backup=('var/lib/hostsblock/hostsblock.conf' 'var/lib/hostsblock/black.list' 'var/lib/hostsblock/white.list' 'var/lib/hostsblock/hosts.head')
+	    'p7zip: allows the use of 7zipped downloads')
+source=(https://github.com/gaenserich/hostsblock/archive/v$pkgver.tar.gz)
 changelog=$pkgname.changelog
 install=$pkgname.install
-source=('hostsblock.sh' 'hostsblock.conf' 'black.list' 'white.list' 'hosts.head' 'hostsblock.service' 'hostsblock.timer')
-sha1sums=('895e820e6ff80d9e7a8fec5992dedd72b7dc57c7'
-          '38a04854bda5a96b57abd6f5c18f5db472c843b9'
-          '30fdaad1ee0497b9b88b61cfbd958d20c644801b'
-          '11ab0a6bac002879a04872ec06a3611c32c80e1d'
-          'cff64336645b54e11248d31a6e4406cc3642483f'
-          '7196c143f060f4dcfc12d2d1ca36a5055ac51ef2'
-          'f57b1cd082e29631b6fbaae5a7191dbc3ddf176b')
+sha1sums=('ad67ce3f45cc5a4b967f5c9e3af6ef8d65b56fa1')
 
 package() {
-  mkdir -p -m 750 "$pkgdir"/var/lib/hostsblock
-  install -Dm750 "$srcdir"/hostsblock.sh "$pkgdir"/usr/bin/hostsblock
-  ln -sf /usr/bin/hostsblock "$pkgdir"/usr/bin/hostsblock-urlcheck
-  install -Dm644 "$srcdir"/hostsblock.conf "$pkgdir"/var/lib/hostsblock/hostsblock.conf
-  install -Dm644 "$srcdir"/black.list "$pkgdir"/var/lib/hostsblock/black.list
-  install -Dm644 "$srcdir"/white.list "$pkgdir"/var/lib/hostsblock/white.list
-  install -Dm644 "$srcdir"/hosts.head "$pkgdir"/var/lib/hostsblock/hosts.head
-  install -Dm644 "$srcdir"/hostsblock.service "$pkgdir"/usr/lib/systemd/system/hostsblock.service
-  install -Dm644 "$srcdir"/hostsblock.timer "$pkgdir"/usr/lib/systemd/system/hostsblock.timer
+  cd "$srcdir"/"$pkgname"-"$pkgver"
+  mkdir -p -m 755 "$pkgdir"/var/lib/hostsblock
+  install -Dm500 src/hostsblock.sh "$pkgdir"/usr/lib/hostsblock.sh
+  [ ! -d "$pkgdir"/usr/bin ] && mkdir "$pkgdir"/usr/bin
+  sed "s/%PREFIX%/\/usr/g" src/hostsblock-wrapper.sh > "$pkgdir"/usr/bin/hostsblock
+  chmod 550 "$pkgdir"/usr/bin/hostsblock
+  install -Dm600 conf/hostsblock.conf "$pkgdir"/var/lib/hostsblock/config.examples/hostsblock.conf
+  install -Dm600 conf/black.list "$pkgdir"/var/lib/hostsblock/config.examples/black.list
+  install -Dm600 conf/white.list "$pkgdir"/var/lib/hostsblock/config.examples/white.list
+  install -Dm600 conf/hosts.head "$pkgdir"/var/lib/hostsblock/config.examples/hosts.head
+  install -Dm600 conf/block.urls "$pkgdir"/var/lib/hostsblock/config.examples/block.urls
+  install -Dm600 conf/redirect.urls "$pkgdir"/var/lib/hostsblock/config.examples/redirect.urls
+  install -Dm444 systemd/hostsblock.service "$pkgdir"/usr/lib/systemd/system/hostsblock.service
+  install -Dm444 systemd/hostsblock.timer "$pkgdir"/usr/lib/systemd/system/hostsblock.timer
+  install -Dm444 systemd/hostsblock-dnsmasq-restart.path "$pkgdir"/usr/lib/systemd/system/hostsblock-dnsmasq-restart.path
+  install -Dm444 systemd/hostsblock-dnsmasq-restart.service "$pkgdir"/usr/lib/systemd/system/hostsblock-dnsmasq-restart.service
+  install -Dm444 systemd/hostsblock-hosts-clobber.path "$pkgdir"/usr/lib/systemd/system/hostsblock-hosts-clobber.path
+  install -Dm444 systemd/hostsblock-hosts-clobber.service "$pkgdir"/usr/lib/systemd/system/hostsblock-hosts-clobber.service
 }
diff --git a/hostsblock.changelog b/hostsblock.changelog
index 2becd0969634..66ac3a4cd73e 100644
--- a/hostsblock.changelog
+++ b/hostsblock.changelog
@@ -1,5 +1,36 @@
 See https://github.com/gaenserich/hostsblock/commits/master for a complete list of updates
 
+Version 0.999.8 (Alpha 8)
+*Background Job Improvements
+  *systemd service now heavily hardened and sandboxed for enhanced security
+  *Fixed simultaneous download feature so that it actually does what it is supposed to
+  *Added processing support for source blocklists that just list domain names to be blocked, e.g. "ads.google.com" instead of "0.0.0.0 ads.google.com"
+  *Added support to read directly from zip and 7z files containing a single file without decompressing to a cache
+  *Optimized filters used to process domains with improved throughput
+  *If run with dash instead of bash, significant performance improvements
+  *Removed annotation feature to reduce dependencies and overall processing demands
+  *Vastly expanded list of potential blocklists
+
+*POSIX-compatibility improvements
+  *Supports POSIX shells (dash, ash, zsh) instead of just bash
+  *Removed GNU-specific utilities, relies only on POSIX options
+  *Should now run on *BSD and macOS (and perhaps even Android and iOS!) if proper POSIX environments are installed. !UNTESTED!
+
+*UrlCheck mode improvements
+  *User-facing command now a wrapper script that handles sudo execution for the user, reducing configuration demands
+  *Significant performance improvements by moving from incremental to mass handling of domain names
+  *Added noninteractive commands -s (status), -b (block), -l (blacklist), -w (whitelist), -b -o (unblock), -l -o (deblacklist), -w -o (dewhitelist)
+  *Interactive and noninteractive commands can now recursively handle urls contained in target page (with -r subcommand), and even target just blocked domains (with -k subcommand)
+  *To minimize repeated writes, changes to target hosts file now don't write to file until after the whole process completes
+
+*Caveats
+  *The hostsblock-urlcheck symlink is depreciated. Please use hostsblock -c URL instead.
+  *Due to enhanced security hardening, hostsblock no longer handles its own postprocessing. New systemd files handle postprocessing in a more secure way.
+  *Large hosts files will generate large temporary cache files that will eat up a lot of temporary storage. If you have a machine with little RAM (<6GB) and want to block a lot of domains, consider changing your $tmpdir to an HDD- or SSD-backed filesystem instead of using the default tmpfs under /tmp.
+  *UrlCheck mode will not be able to provide information on which block list blocked which domains anymore (annotation feature removed)
+  *blocklists= in hostsblock.conf now points to another file (instead of being a bash array), since POSIX-compatibility does not include support for arrays
+  *Now uses 0.0.0.0 as default redirection IP address instead of 127.0.0.1. 0.0.0.0 theoretically offers better performance without the need of a pseudo-server.
+
 Version 0.999.7 (Alpha 7) (19.01.2018)
 *Typo fixes in install.sh (Commits ccdd26d14fce89452e71f7fa4310360f51e0c94e 895e820e6ff80d9e7a8fec5992dedd72b7dc57c7)
 *Added cryptomining block lists (Commits efee8ca4a08867a076c5ac8a0a93d7a149214239 2dc51cdc97db0d73bcb00d68b54da0f8e929ee36)
diff --git a/hostsblock.install b/hostsblock.install
index 2a1ec5a202a2..77796943f04a 100644
--- a/hostsblock.install
+++ b/hostsblock.install
@@ -1,32 +1,29 @@
 add_user_group() {
     _changed=0
-    if getent passwd | grep -q "^hostsblock:"; then
-        true
-    else
+    if ! getent passwd hostsblock >/dev/null 2>&1; then
         _changed=1
         useradd -d /var/lib/hostsblock -c "hostsblock" -m -U hostsblock
     fi
-    if getent group | grep -q "^hostsblock:"; then
-        true
-    else
+    if ! getent group hostsblock >/dev/null 2>&1; then
         _changed=1
         groupadd hostsblock
     fi
-    if [ $_changed == 1 ]; then
+    if [ $_changed = 1 ]; then
         gpasswd -a hostsblock hostsblock
         gpasswd -A hostsblock hostsblock
     fi
-    chown -R hostsblock:hostsblock /var/lib/hostsblock /usr/bin/hostsblock
+    chown -R hostsblock:hostsblock /var/lib/hostsblock /usr/bin/hostsblock /usr/lib/hostsblock.sh
     chmod 755 /var/lib/hostsblock
+    chmod 500 /usr/lib/hostsblock.sh
+    chmod 550 /usr/bin/hostsblock
+    chmod 600 /var/lib/hostsblock/config.examples/*
 }
 
 post_install() {
     add_user_group
     cat << EOF
 
-As of 0.999.4, hostsblock requires additional sudo permissions.
-Please see https://github.com/gaenserich/hostsblock for details.
-
+Please see https://github.com/gaenserich/hostsblock for details on how to configure hostsblock.
 EOF
 }
 
@@ -35,8 +32,9 @@ post_upgrade() {
     chown hostsblock:hostsblock /usr/bin/hostsblock
     cat << EOF
 
-As of 0.999.4, hostsblock requires additional sudo permissions.
-Please see https://github.com/gaenserich/hostsblock for details.
+As of 0.999.8, hostsblock's configuration has changed significantly. Please see
+https://github.com/gaenserich/hostsblock#upgrade09998
+for a guide on how to migrate your configuration
 
 EOF
 }