Building from sources

Note

Latest up-to-date packages for various distribution can be obtainedfrom webhttps://knot-resolver.cz/download/.

Knot Resolver is written for UNIX-like systems using modern C standards.Beware that some 64-bit systems with LuaJIT 2.1 may be affected bya problem– Linux on x86_64 is unaffected butLinux on aarch64 is.

$ git clone --recursive https://gitlab.labs.nic.cz/knot/knot-resolver.git

Dependencies

Note

This section lists basic requirements. Individual modulesmight have additional build or runtime dependencies.

The following dependencies are needed to build and run Knot Resolver:

RequirementNotes
ninjabuild only
meson >= 0.46build only[1]
C and C++ compilerbuild only[2]
pkg-configbuild only[3]
libknot 2.8+Knot DNS libraries
LuaJIT 2.0+Embedded scripting language
libuv 1.7+Multiplatform I/O and services
lmdbMemory-mapped database for cache
GnuTLSTLS

There are alsooptional packages that enable specific functionality in KnotResolver:

OptionalNeeded forNotes
lua-httpmodules/httpHTTP/2 client/server for Lua.
lua-cqueuesmodules/graphiteSend statistics over the Graphite protocol.
cmockaunittestsUnit testing framework.
DoxygendocumentationGenerating API documentation.
Sphinx andsphinx_rtd_themedocumentationBuilding thisHTML/PDF documentation.
breathedocumentationExposing Doxygen API doc to Sphinx.
libsystemddaemonSystemd watchdog support.
libprotobuf 3.0+modules/dnstapProtocol Buffers support fordnstap.
libprotobuf-c 1.0+modules/dnstapC bindings for Protobuf.
libfstrm 0.2+modules/dnstapFrame Streams data transportprotocol.
luachecklint-luaSyntax and static analysis checker for Lua.
clang-tidylint-cSyntax and static analysis checker for C.
luacovcheck-configCode coverage analysis for Lua modules.
[1]Ifmeson>=0.46 isn’t available for your distro, check backportsrepository or use python pip to install it.
[2]Requires__attribute__((cleanup)) and-MMD-MP fordependency file generation. We test GCC and Clang, and ICC is likely to work as well.
[3]You can use variables<dependency>_CFLAGS and<dependency>_LIBSto configure dependencies manually (i.e.libknot_CFLAGS andlibknot_LIBS).

Packaged dependencies

Note

Some build dependencies can be found inhome:CZ-NIC:knot-resolver-build.

On reasonably new systems most of the dependencies can be resolved from packages,here’s an overview for several platforms.

  • Debian/Ubuntu - Current stable doesn’t have new enough Mesonand libknot. Use repository above or build them yourself. Fresh list of dependencies can be found inDebian control file in our repo, search for “Build-Depends”.
  • CentOS/Fedora/RHEL/openSUSE - Fresh list of dependencies can be found inRPM spec file in our repo, search for “BuildRequires”.
  • FreeBSD - when installing from ports, all dependencies will installautomatically, corresponding to the selected options.
  • Mac OS X - the dependencies can be obtained fromHomebrew formula.

Compilation

Note

Knot Resolver usesMeson Build system.Shell snippets below should be sufficient for basic usagebut users unfamiliar with Meson Build might want to read introductoryarticleUsing Meson.

Following example script will:

  • create new build directory namedbuild_dir
  • configure installation path/tmp/kr
  • enable static build (to allow installation to non-standard path)
  • build Knot Resolver
  • install it into the previously configured path
$ meson build_dir --prefix=/tmp/kr --default-library=static$ ninja -C build_dir$ ninja install -C build_dir

At this point you can execute the newly installed binary using path/tmp/kr/sbin/kresd.

Note

When compiling on OS X, creating a shared library is currently notpossible when using luajit package from Homebrew due to#37169.

Build options

It’s possible to change the compilation with build options. These are useful topackagers or developers who wish to customize the daemon behaviour, runextended test suites etc. By default, these are all set to sensible values.

For complete list of build options create a build directory and run:

$ meson build_dir$ meson configure build_dir

To customize project build options, use-Doption=value when creatinga build directory:

$ meson build_dir -Ddoc=enabled

… or change options in an already existing build directory:

$ meson configure build_dir -Ddoc=enabled

Customizing compiler flags

If you’d like to use customize the build, see meson’sbuilt-in options. For hardening, seeb_pie.

For complete control over the build flags, use--buildtype=plain and setCFLAGS,LDFLAGS when creating the build directory withmesoncommand.

Tests

The following command runs all enabled tests. By default, only unit tests are enabled.

$ ninja -C build_dir$ mesontest -C build_dir

More comprehensive tests require you to installkresd into the configuredprefix before running the test suite. They also have to be explicitly enabledby using either-Dconfig_tests=enabled for postinstall config tests, or-Dextra_tests=enabled for all tests, including deckard tests. Please notethe latter also requires-Dsendmmsg=disabled.

$ meson configure build_dir -Dconfig_tests=enabled$ ninja install -C build_dir$ mesontest -C build_dir

It’s also possible to run only specific test suite or a test.

$ mesontest -C build_dir --help$ mesontest -C build_dir --list$ mesontest -C build_dir --no-suite postinstall$ mesontest -C build_dir integration.serve_stale

HTML Documentation

To check for documentation dependencies and allow its installation, use-Ddoc=enabled. The documentation doesn’t build automatically. Instead,targetdoc must be called explicitly.

$ meson build_dir -Ddoc=enabled$ ninja -C build_dir doc

Tarball

Released tarballs are available fromhttps://knot-resolver.cz/download/

To make a release tarball from git, use the follwing command. The

$ ninja -C build_dir dist

It’s also possible to make a development snapshot tarball:

$ ./scripts/make-dev-archive.sh

Packaging

Recommended build options for packagers:

  • --buildtype=release for default flags (optimalization, asserts, …). For complete control over flags, useplain and seeCustomizing compiler flags.
  • --prefix=/usr to customizeprefix, other directories can be set in a similar fashion, seemesonsetup--help
  • -Dsystemd_files=enabled for systemd unit files
  • -Ddoc=enabled for offline html documentation (seeHTML Documentation)
  • -Dinstall_kresd_conf=enabled to install default config file
  • -Dclient=enabled to force build of kresc
  • -Dunit_tests=enabled to force build of unit tests

Systemd

It’s recommended to use the upstream system unit files. If any customizationsare required, drop-in files should be used, instead of patching/changing theunit files themselves.

To install systemd unit files, use the-Dsystemd_files=enabled build option.

To support enabling services after boot, you must also linkkresd.target tomulti-user.target.wants:

ln -s ../kresd.target /usr/lib/systemd/system/multi-user.target.wants/kresd.target

Trust anchors

If the target distro has externally managed (read-only) DNSSEC trust anchorsor root hints use this:

  • -Dkeyfile_default=/usr/share/dns/root.key
  • -Droot_hints=/usr/share/dns/root.hints
  • -Dmanaged_ta=disabled

In case you want to have automatically managed DNSSEC trust anchors instead,set-Dmanaged_ta=enabled and make sure bothkeyfile_default file andits parent directories are writable by kresd process (after package installation!).

Docker image

Visithub.docker.com/r/cznic/knot-resolver for instructions how to runthe container.

For development, it’s possible to build the container directly from your git tree:

$ docker build -t knot-resolver .