1 |
# default options |
2 |
%define sdb_ldap 1 |
3 |
%define sdb_mysql 0 |
4 |
%define geoip 0 |
5 |
%define gssapi 1 |
6 |
|
7 |
%{?_with_sdb_ldap: %{expand: %%global sdb_ldap 1}} |
8 |
%{?_without_sdb_ldap: %{expand: %%global sdb_ldap 0}} |
9 |
%{?_with_sdb_mysql: %{expand: %%global sdb_mysql 1}} |
10 |
%{?_without_sdb_mysql: %{expand: %%global sdb_mysql 0}} |
11 |
%{?_with_geoip: %{expand: %%global geoip 1}} |
12 |
%{?_without_geoip: %{expand: %%global geoip 0}} |
13 |
%{?_with_gssapi: %{expand: %%global gssapi 1}} |
14 |
%{?_without_gssapi: %{expand: %%global gssapi 0}} |
15 |
|
16 |
%if %{sdb_mysql} |
17 |
%define sdb_ldap 0 |
18 |
%endif |
19 |
|
20 |
%if %{sdb_ldap} |
21 |
%define sdb_mysql 0 |
22 |
%endif |
23 |
|
24 |
%if %{geoip} |
25 |
%define geoip 1 |
26 |
%endif |
27 |
|
28 |
%if %{gssapi} |
29 |
%define gssapi 1 |
30 |
%endif |
31 |
|
32 |
%define patchver P1 |
33 |
%define dashpatch %{?patchver:-%patchver}%nil |
34 |
%define dotpatch %{?patchver:.%patchver}%nil |
35 |
|
36 |
Summary: A DNS (Domain Name System) server |
37 |
Name: bind |
38 |
Version: 9.8.0 |
39 |
Release: %mkrel 1%dotpatch |
40 |
License: ISC |
41 |
Group: System/Servers |
42 |
URL: http://www.isc.org/products/BIND/ |
43 |
Source0: ftp://ftp.isc.org/isc/%{name}9/%{version}%{dashpatch}/%{name}-%{version}%{dashpatch}.tar.gz |
44 |
Source1: ftp://ftp.isc.org/isc/%{name}9/%{version}%{dashpatch}/%{name}-%{version}%{dashpatch}.tar.gz.asc |
45 |
Source2: bind-manpages.tar.bz2 |
46 |
Source3: bind-dhcp-dynamic-dns-examples.tar.bz2 |
47 |
Source4: bind-named.init |
48 |
Source6: bind-named.sysconfig |
49 |
Source7: bind-keygen.c |
50 |
Source11: ftp://ftp.internic.net/domain/named.cache |
51 |
# (oe) http://mysql-bind.sourceforge.net/ |
52 |
Source12: mysql-bind-0.1.tar.bz2 |
53 |
# (oe) http://bind9-ldap.bayour.com/bind-sdb-ldap-1.0.tar.gz |
54 |
Source13: bind-sdb-ldap-1.0.tar.bz2 |
55 |
# (oe) http://www.blue-giraffe.com/zone2ldap/zone2ldap-0.4.tar.gz |
56 |
Source14: zone2ldap-0.4.tar.bz2 |
57 |
# (oe) http://www.venaas.no/dns/ldap2zone/ |
58 |
Source15: ldap2zone.tar.bz2 |
59 |
# caching-nameserver files (S100-S112) |
60 |
Source100: bogon_acl.conf |
61 |
Source101: hosts |
62 |
Source102: localdomain.zone |
63 |
Source103: localhost.zone |
64 |
Source104: logging.conf |
65 |
Source105: named.broadcast |
66 |
Source106: named.conf |
67 |
Source107: named.ip6.local |
68 |
Source108: named.local |
69 |
Source109: named.zero |
70 |
Source110: rndc.conf |
71 |
Source111: rndc.key |
72 |
Source112: trusted_networks_acl.conf |
73 |
# make dig go to the 2nd server by default |
74 |
# likely deprecated, to be looked at |
75 |
Patch0: bind-fallback-to-second-server.diff |
76 |
Patch1: bind-queryperf_fix.diff |
77 |
Patch100: bind-9.2.3-sdb_ldap.patch |
78 |
Patch101: bind-9.3.1-zone2ldap_fixes.diff |
79 |
Patch102: bind-9.3.0rc2-sdb_mysql.patch |
80 |
Patch103: zone2ldap-0.4-ldapv3.patch |
81 |
Patch200: bind-9.2.0rc3-varrun.patch |
82 |
Patch204: bind-9.4.0rc1-ppc-asm.patch |
83 |
Patch205: bind-9.3.2-prctl_set_dumpable.patch |
84 |
Patch208: bind-9.5-overflow.patch |
85 |
Patch209: bind-9.5-dlz-64bit.patch |
86 |
Patch212: bind-9.5-libidn.patch |
87 |
Patch213: bind-9.5-libidn2.patch |
88 |
Patch215: bind-9.5-libidn3.patch |
89 |
Patch216: bind95-rh461409.patch |
90 |
Patch218: bind-96-libtool2.patch |
91 |
Patch219: bind-95-rh452060.patch |
92 |
Patch220: bind93-rh490837.patch |
93 |
Patch221: bind-96-dyndb.patch |
94 |
# (oe) rediffed patch originates from http://www.caraytech.com/geodns/ |
95 |
Patch300: bind-9.4.0-geoip.diff |
96 |
Requires(pre): rpm-helper |
97 |
Requires(postun): rpm-helper |
98 |
Requires: bind-utils >= %{version}-%{release} |
99 |
BuildRequires: openssl-devel |
100 |
BuildRequires: autoconf2.5 |
101 |
BuildRequires: automake |
102 |
BuildRequires: file |
103 |
%if %{sdb_mysql} |
104 |
BuildRequires: mysql-devel |
105 |
%endif |
106 |
%if %{sdb_ldap} |
107 |
BuildRequires: openldap-devel |
108 |
%endif |
109 |
Obsoletes: libdns0 |
110 |
Provides: libdns0 |
111 |
BuildRequires: multiarch-utils >= 1.0.3 |
112 |
%if %{geoip} |
113 |
BuildRequires: libgeoip-devel |
114 |
%endif |
115 |
BuildRequires: libidn-devel |
116 |
BuildRequires: postgresql-devel |
117 |
BuildRequires: mysql-devel |
118 |
BuildRequires: libcap-devel >= 2.10 |
119 |
%if %{gssapi} |
120 |
BuildRequires: krb5-devel |
121 |
%endif |
122 |
BuildRequires: libxml2-devel |
123 |
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot |
124 |
|
125 |
%description |
126 |
BIND (Berkeley Internet Name Domain) is an implementation of the DNS |
127 |
(domain Name System) protocols. BIND includes a DNS server (named), |
128 |
which resolves host names to IP addresses, and a resolver library |
129 |
(routines for applications to use when interfacing with DNS). A DNS |
130 |
server allows clients to name resources or objects and share the |
131 |
information with other network machines. The named DNS server can be |
132 |
used on workstations as a caching name server, but is generally only |
133 |
needed on one machine for an entire network. Note that the |
134 |
configuration files for making BIND act as a simple caching nameserver |
135 |
are included in the caching-nameserver package. |
136 |
|
137 |
Install the bind package if you need a DNS server for your network. If |
138 |
you want bind to act a caching name server, you will also need to install |
139 |
the caching-nameserver package. |
140 |
|
141 |
Many BIND 8 features previously unimplemented in BIND 9, including |
142 |
domain-specific forwarding, the \$GENERATE master file directive, and |
143 |
the "blackhole", "dialup", and "sortlist" options Forwarding of dynamic |
144 |
update requests; this is enabled by the "allow-update-forwarding" option |
145 |
A new, simplified database interface and a number of sample drivers based |
146 |
on it; see doc/dev/sdb for details |
147 |
Support for building single-threaded servers for environments that do not |
148 |
supply POSIX threads |
149 |
New configuration options: "min-refresh-time", "max-refresh-time", |
150 |
"min-retry-time", "max-retry-time", "additional-from-auth", |
151 |
"additional-from-cache", "notify explicit" |
152 |
Faster lookups, particularly in large zones. |
153 |
|
154 |
Build Options: |
155 |
--without sdb_ldap Build without ldap simple database support (enabled |
156 |
per default) |
157 |
--with sdb_mysql Build with MySQL database support (disables ldap |
158 |
support, it's either way.) |
159 |
--with geoip Build with GeoIP support (disabled per default) |
160 |
|
161 |
%package utils |
162 |
Summary: Utilities for querying DNS name servers |
163 |
Group: Networking/Other |
164 |
|
165 |
%description utils |
166 |
Bind-utils contains a collection of utilities for querying DNS (Domain |
167 |
Name Service) name servers to find out information about Internet hosts. |
168 |
These tools will provide you with the IP addresses for given host names, |
169 |
as well as other information about registered domains and network |
170 |
addresses. |
171 |
|
172 |
You should install bind-utils if you need to get information from DNS name |
173 |
servers. |
174 |
|
175 |
%package devel |
176 |
Summary: Include files and libraries needed for bind DNS development |
177 |
Group: Development/C |
178 |
|
179 |
%description devel |
180 |
The bind-devel package contains all the include files and the |
181 |
library required for DNS (Domain Name Service) development for |
182 |
BIND versions 9.x.x. |
183 |
|
184 |
%package doc |
185 |
Summary: Documentation for BIND |
186 |
Group: Books/Other |
187 |
|
188 |
%description doc |
189 |
The bind-devel package contains the documentation for BIND. |
190 |
|
191 |
%prep |
192 |
|
193 |
%setup -q -n %{name}-%{version}%{dashpatch} -a2 -a3 -a12 -a13 -a14 -a15 |
194 |
|
195 |
%patch0 -p1 -b .fallback-to-second-server.droplet |
196 |
%patch1 -p0 -b .queryperf_fix.droplet |
197 |
|
198 |
%if %{sdb_ldap} |
199 |
%__cp bind-sdb-ldap-*/ldapdb.c bin/named/ |
200 |
%__cp bind-sdb-ldap-*/ldapdb.h bin/named/include/ |
201 |
%patch100 -p1 -b .ldap_sdb.droplet |
202 |
%patch101 -p0 -b .zone2ldap_fixes.droplet |
203 |
%patch103 -p0 -b .ldapv3.droplet |
204 |
%endif |
205 |
|
206 |
%if %{sdb_mysql} |
207 |
mv mysql-bind-0.1 contrib/sdb/mysql |
208 |
%__cp contrib/sdb/mysql/mysqldb.c bin/named |
209 |
%__cp contrib/sdb/mysql/mysqldb.h bin/named/include |
210 |
%patch102 -p1 -b .sdb_mysql.droplet |
211 |
%endif |
212 |
|
213 |
%patch200 -p0 -b .varrun.droplet |
214 |
%patch204 -p0 -b .no-register-names.droplet |
215 |
%patch205 -p0 -b .prctl_set_dumpable.droplet |
216 |
%patch208 -p1 -b .overflow.droplet |
217 |
%patch209 -p0 -b .64bit |
218 |
|
219 |
%patch212 -p1 -b .libidn |
220 |
%patch213 -p1 -b .libidn2 |
221 |
%patch215 -p1 -b .libidn3 |
222 |
%patch216 -p1 -b .rh461409 |
223 |
mkdir -p m4 |
224 |
%patch218 -p1 -b .libtool2 |
225 |
%patch219 -p0 -b .rh452060 |
226 |
%patch220 -p0 -b .rh490837 |
227 |
%patch221 -p1 -b .dyndb |
228 |
|
229 |
%if %{geoip} |
230 |
%patch300 -p1 -b .geoip |
231 |
%endif |
232 |
|
233 |
sed -e "s#@BUILD_ARCH@#%{_target_cpu}#" %{SOURCE4} >named.init |
234 |
cp %{SOURCE6} named.sysconfig |
235 |
cp %{SOURCE7} keygen.c |
236 |
cp %{SOURCE11} named.cache |
237 |
|
238 |
mkdir -p caching-nameserver |
239 |
cp %{SOURCE100} caching-nameserver/bogon_acl.conf |
240 |
cp %{SOURCE101} caching-nameserver/hosts |
241 |
cp %{SOURCE102} caching-nameserver/localdomain.zone |
242 |
cp %{SOURCE103} caching-nameserver/localhost.zone |
243 |
cp %{SOURCE104} caching-nameserver/logging.conf |
244 |
cp %{SOURCE105} caching-nameserver/named.broadcast |
245 |
cp %{SOURCE106} caching-nameserver/named.conf |
246 |
cp %{SOURCE107} caching-nameserver/named.ip6.local |
247 |
cp %{SOURCE108} caching-nameserver/named.local |
248 |
cp %{SOURCE109} caching-nameserver/named.zero |
249 |
cp %{SOURCE110} caching-nameserver/rndc.conf |
250 |
cp %{SOURCE111} caching-nameserver/rndc.key |
251 |
cp %{SOURCE112} caching-nameserver/trusted_networks_acl.conf |
252 |
|
253 |
# strip away annoying ^M |
254 |
find . -type f|xargs file|grep 'CRLF'|cut -d: -f1|xargs perl -p -i -e 's/\r//' |
255 |
find . -type f|xargs file|grep 'text'|cut -d: -f1|xargs perl -p -i -e 's/\r//' |
256 |
|
257 |
%build |
258 |
%serverbuild |
259 |
|
260 |
export CPPFLAGS="$CPPFLAGS -DDIG_SIGCHASE" |
261 |
export STD_CDEFINES="$CPPFLAGS" |
262 |
|
263 |
export WANT_AUTOCONF_2_5=1 |
264 |
libtoolize --copy --force; aclocal -I m4 --force; autoheader --force; autoconf --force |
265 |
|
266 |
# (oe) make queryperf from the contrib _before_ bind..., makes it |
267 |
# easier to determine if it builds or not, it saves time... |
268 |
pushd contrib/queryperf |
269 |
export WANT_AUTOCONF_2_5=1 |
270 |
rm -f configure |
271 |
autoconf |
272 |
%configure2_5x |
273 |
%make CFLAGS="$CFLAGS" |
274 |
popd |
275 |
|
276 |
pushd contrib/query-loc-* |
277 |
export WANT_AUTOCONF_2_5=1 |
278 |
perl -pi -e "s|-lnsl|-lnsl -lresolv|g" configure* |
279 |
rm -f configure |
280 |
autoconf |
281 |
%configure2_5x |
282 |
%make CFLAGS="$CFLAGS" |
283 |
popd |
284 |
|
285 |
export CFLAGS="$CFLAGS -DLDAP_DEPRECATED" |
286 |
|
287 |
%if %{geoip} |
288 |
export CFLAGS="$CFLAGS -DLDAP_DEPRECATED -DGEOIP" |
289 |
export LDFLAGS="$LDFLAGS -lGeoIP" |
290 |
%endif |
291 |
|
292 |
# threading is evil for the host command |
293 |
%configure \ |
294 |
--localstatedir=/var \ |
295 |
--disable-openssl-version-check \ |
296 |
--disable-threads \ |
297 |
--enable-largefile \ |
298 |
--enable-ipv6 \ |
299 |
--with-openssl=%{_prefix} \ |
300 |
--with-randomdev=/dev/urandom |
301 |
|
302 |
make -C lib |
303 |
make -C bin/dig |
304 |
make -C bin/dig DESTDIR="`pwd`" install |
305 |
make clean |
306 |
|
307 |
%configure \ |
308 |
--localstatedir=/var \ |
309 |
--disable-openssl-version-check \ |
310 |
--enable-threads \ |
311 |
--enable-largefile \ |
312 |
--enable-ipv6 \ |
313 |
--enable-filter-aaaa \ |
314 |
--enable-epoll \ |
315 |
--with-openssl=%{_prefix} \ |
316 |
%if %{gssapi} |
317 |
--with-gssapi=%{_prefix} --disable-isc-spnego \ |
318 |
%endif |
319 |
--with-randomdev=/dev/urandom \ |
320 |
--with-libxml2=yes \ |
321 |
--with-dlz-postgres=yes \ |
322 |
--with-dlz-mysql=yes \ |
323 |
--with-dlz-bdb=no \ |
324 |
--with-dlz-filesystem=yes \ |
325 |
--with-dlz-ldap=yes \ |
326 |
--with-dlz-odbc=no \ |
327 |
--with-dlz-stub=yes |
328 |
|
329 |
# pkcs11 support requires a working backend, otherwise bind won't start |
330 |
# http://blogs.sun.com/janp/ |
331 |
# http://sourceforge.net/projects/opencryptoki |
332 |
#--with-pkcs11 \ |
333 |
|
334 |
make |
335 |
|
336 |
%if %{sdb_ldap} |
337 |
pushd zone2ldap |
338 |
# fix references to zone2ldap |
339 |
perl -pi -e "s|zone2ldap|zonetoldap|g" * |
340 |
gcc $CFLAGS -I../lib/dns/include -I../lib/dns/sec/dst/include \ |
341 |
-I../lib/isc/include -I../lib/isc/unix/include -I../lib/isc/pthreads/include -c zone2ldap.c |
342 |
gcc $CFLAGS -o zone2ldap zone2ldap.o ../lib/dns/libdns.a -lcrypto -lpthread \ |
343 |
../lib/isc/libisc.a -lldap -llber -lresolv %{?gssapi:-lgssapi_krb5} -lxml2 $LDFLAGS |
344 |
popd |
345 |
|
346 |
pushd ldap2zone |
347 |
gcc $CFLAGS -I../lib/dns/include -I../lib/dns/sec/dst/include \ |
348 |
-I../lib/isc/include -I../lib/isc/unix/include -I../lib/isc/pthreads/include -c ldap2zone.c |
349 |
gcc $CFLAGS -o ldap2zone ldap2zone.o ../lib/dns/libdns.a -lcrypto -lpthread \ |
350 |
../lib/isc/libisc.a -lldap -llber -lresolv %{?_with_gssapi:-lgssapi_krb5} -lxml2 $LDFLAGS |
351 |
popd |
352 |
%endif |
353 |
|
354 |
%if %{sdb_mysql} |
355 |
pushd contrib/sdb/mysql |
356 |
gcc $CFLAGS -I%{_includedir}/mysql -I../../../lib/dns/include -I../../../lib/dns/sec/dst/include \ |
357 |
-I../../../lib/isc/include -I../../../lib/isc/unix/include -I../../../lib/isc/pthreads/include \ |
358 |
-c zonetodb.c |
359 |
gcc $CFLAGS -o zonetodb zonetodb.o \ |
360 |
../../../lib/dns/libdns.a -lcrypto -lpthread ../../../lib/isc/libisc.a \ |
361 |
-lmysqlclient -lresolv %{?_with_gssapi:-lgssapi_krb5} -lxml2 $LDFLAGS |
362 |
popd |
363 |
%endif |
364 |
|
365 |
gcc $CFLAGS -o dns-keygen keygen.c |
366 |
|
367 |
#%%check |
368 |
## run the test suite |
369 |
#make check |
370 |
|
371 |
%install |
372 |
rm -rf %{buildroot} |
373 |
|
374 |
pushd doc |
375 |
rm -rf html |
376 |
popd |
377 |
|
378 |
# make some directories |
379 |
install -d %{buildroot}%{_initrddir} |
380 |
install -d %{buildroot}%{_sysconfdir}/sysconfig |
381 |
install -d %{buildroot}/var/run/named |
382 |
|
383 |
%makeinstall_std |
384 |
|
385 |
ln -snf named %{buildroot}%{_sbindir}/lwresd |
386 |
|
387 |
install -m0755 contrib/named-bootconf/named-bootconf.sh %{buildroot}%{_sbindir}/named-bootconf |
388 |
install -m0755 contrib/queryperf/queryperf %{buildroot}%{_bindir}/ |
389 |
cp contrib/queryperf/README README.queryperf |
390 |
|
391 |
install -m0755 contrib/query-loc-*/query-loc %{buildroot}%{_bindir}/ |
392 |
install -m0644 contrib/query-loc-*/query-loc.1 %{buildroot}%{_mandir}/man1/ |
393 |
cp contrib/query-loc-*/ADDRESSES ADDRESSES.query-loc |
394 |
cp contrib/query-loc-*/ALGO ALGO.query-loc |
395 |
cp contrib/query-loc-*/README README.query-loc |
396 |
cp contrib/query-loc-*/USAGE USAGE.query-loc |
397 |
|
398 |
|
399 |
install -m0755 named.init %{buildroot}%{_initrddir}/named |
400 |
install -m0644 named.sysconfig %{buildroot}%{_sysconfdir}/sysconfig/named |
401 |
|
402 |
%if %{sdb_ldap} |
403 |
install -m0755 zone2ldap/zone2ldap %{buildroot}%{_bindir}/zonetoldap |
404 |
install -m0644 zone2ldap/zone2ldap.1 %{buildroot}%{_mandir}/man1/zonetoldap.1 |
405 |
install -m0755 ldap2zone/ldap2zone %{buildroot}%{_bindir}/ldap2zone |
406 |
%endif |
407 |
|
408 |
%if %{sdb_mysql} |
409 |
install -m0755 contrib/sdb/mysql/zonetodb %{buildroot}%{_bindir}/ |
410 |
cp contrib/sdb/mysql/ChangeLog contrib/sdb/mysql/ChangeLog.mysql |
411 |
cp contrib/sdb/mysql/README contrib/sdb/mysql/README.mysql |
412 |
%endif |
413 |
|
414 |
install -m0755 dns-keygen %{buildroot}%{_sbindir}/dns-keygen |
415 |
|
416 |
# install the non-threaded host command |
417 |
# fixes #16855 |
418 |
install -m0755 usr/bin/host %{buildroot}%{_bindir}/ |
419 |
|
420 |
# make the chroot |
421 |
install -d %{buildroot}/var/lib/named/{dev,etc} |
422 |
install -d %{buildroot}/var/lib/named/var/{log,run,tmp} |
423 |
install -d %{buildroot}/var/lib/named/var/named/{master,slaves,reverse} |
424 |
|
425 |
install -m 644 \ |
426 |
caching-nameserver/named.conf \ |
427 |
caching-nameserver/logging.conf \ |
428 |
caching-nameserver/trusted_networks_acl.conf \ |
429 |
caching-nameserver/hosts \ |
430 |
caching-nameserver/bogon_acl.conf \ |
431 |
%{buildroot}/var/lib/named/etc |
432 |
install -m 640 \ |
433 |
caching-nameserver/rndc.conf\ |
434 |
caching-nameserver/rndc.key \ |
435 |
%{buildroot}/var/lib/named/etc |
436 |
install -m 644 \ |
437 |
caching-nameserver/localdomain.zone \ |
438 |
caching-nameserver/localhost.zone \ |
439 |
%{buildroot}/var/lib/named/var/named/master |
440 |
install -m 644 \ |
441 |
caching-nameserver/named.broadcast \ |
442 |
caching-nameserver/named.ip6.local \ |
443 |
caching-nameserver/named.local \ |
444 |
caching-nameserver/named.zero \ |
445 |
%{buildroot}/var/lib/named/var/named/reverse |
446 |
|
447 |
# fix some compat symlinks |
448 |
ln -s /var/lib/named/etc/named.conf %{buildroot}%{_sysconfdir}/named.conf |
449 |
ln -s /var/lib/named/etc/rndc.conf %{buildroot}%{_sysconfdir}/rndc.conf |
450 |
ln -s /var/lib/named/etc/rndc.key %{buildroot}%{_sysconfdir}/rndc.key |
451 |
mv %{buildroot}%{_sysconfdir}/bind.keys %{buildroot}/var/lib/named/etc/ |
452 |
ln -s /var/lib/named/etc/bind.keys %{buildroot}%{_sysconfdir}/bind.keys |
453 |
|
454 |
echo "; Use \"dig @A.ROOT-SERVERS.NET . ns\" to update this file if it's outdated." > named.cache.tmp |
455 |
cat named.cache >> named.cache.tmp |
456 |
install -m0644 named.cache.tmp %{buildroot}/var/lib/named/var/named/named.ca |
457 |
|
458 |
# fix man pages |
459 |
install -m0644 man5/resolver.5 %{buildroot}%{_mandir}/man5/ |
460 |
ln -s resolver.5 %{buildroot}%{_mandir}/man5/resolv.5 |
461 |
|
462 |
# the following 3 lines is needed to make it short-circuit compliant. |
463 |
pushd doc |
464 |
rm -rf html |
465 |
popd |
466 |
|
467 |
install -d doc/html |
468 |
cp -f `find . -type f |grep html |sed -e 's#\/%{name}-%{version}##'|grep -v contrib` doc/html |
469 |
|
470 |
%multiarch_binaries %{buildroot}%{_bindir}/isc-config.sh |
471 |
|
472 |
cat > README.urpmi << EOF |
473 |
The most significant changes starting from the bind-9.3.2-5mdk package: |
474 |
|
475 |
o Installs in a chroot environment per default (/var/lib/named) for |
476 |
security measures. |
477 |
|
478 |
o Acts as a caching only resolver per default, ip addresses that should be |
479 |
allowed to use recursive lookups must be defined in the |
480 |
/var/lib/named/etc/trusted_networks_acl.conf file. |
481 |
EOF |
482 |
|
483 |
%pre |
484 |
%_pre_useradd named /var/lib/named /bin/false |
485 |
|
486 |
# check if bind is chrooted and try to restore it |
487 |
if [ -x %{_sbindir}/bind-chroot.sh ]; then |
488 |
ROOTDIR="/var/lib/named-chroot" |
489 |
[ -f /etc/sysconfig/named ] && . /etc/sysconfig/named |
490 |
if [ -d $ROOTDIR -a ! -d /var/lib/named ]; then |
491 |
echo "old chroot found at $ROOTDIR, copying to /var/lib/named" |
492 |
cp -rp $ROOTDIR /var/lib/named |
493 |
chown -R named:named /var/lib/named |
494 |
fi |
495 |
if grep -q "$ROOTDIR" /etc/sysconfig/syslog; then |
496 |
if [ -f /var/lock/subsys/named ]; then |
497 |
service named stop > /dev/null 2>/dev/null || : |
498 |
fi |
499 |
%{_sbindir}/bind-chroot.sh --unchroot > /dev/null 2>/dev/null || : |
500 |
fi |
501 |
if [ -f /var/lock/subsys/syslog ]; then |
502 |
service syslog restart > /dev/null 2>/dev/null || : |
503 |
fi |
504 |
fi |
505 |
|
506 |
DATE=`date +%%Y%%m%%d%%j%%S` |
507 |
for f in named.conf rndc.conf rndc.key; do |
508 |
# move away files to prepare for softlinks |
509 |
if [ -f /etc/$f -a ! -h /etc/$f ]; then mv -vf /etc/$f /etc/$f.$DATE; fi |
510 |
if [ -f /etc/$f -a ! -h /etc/$f ]; then mv -vf /etc/$f /etc/$f.$DATE; fi |
511 |
if [ -f /etc/$f -a ! -h /etc/$f ]; then mv -vf /etc/$f /etc/$f.$DATE; fi |
512 |
done |
513 |
|
514 |
%post |
515 |
if grep -q "_MY_KEY_" /var/lib/named/etc/rndc.conf /var/lib/named/etc/rndc.key; then |
516 |
MYKEY="`%{_sbindir}/dns-keygen`" |
517 |
perl -pi -e "s|_MY_KEY_|$MYKEY|g" /var/lib/named/etc/rndc.conf /var/lib/named/etc/rndc.key |
518 |
fi |
519 |
|
520 |
%_post_service named |
521 |
|
522 |
%preun |
523 |
%_preun_service named |
524 |
|
525 |
%postun |
526 |
%_postun_userdel named |
527 |
|
528 |
%clean |
529 |
rm -rf %{buildroot} |
530 |
|
531 |
%files |
532 |
%defattr(-,root,root) |
533 |
%doc CHANGES README FAQ COPYRIGHT README.urpmi |
534 |
%if %{sdb_ldap} |
535 |
%doc contrib/sdb/ldap/README.ldap contrib/sdb/ldap/INSTALL.ldap |
536 |
%endif |
537 |
%if %{sdb_mysql} |
538 |
%doc contrib/sdb/mysql/ChangeLog.mysql contrib/sdb/mysql/README.mysql |
539 |
%endif |
540 |
%if %{geoip} |
541 |
%doc geodns.INSTALL geodns.named.conf-sample |
542 |
%endif |
543 |
%config(noreplace) %{_sysconfdir}/sysconfig/named |
544 |
%{_initrddir}/named |
545 |
%{_sbindir}/arpaname |
546 |
%{_sbindir}/ddns-confgen |
547 |
%{_sbindir}/dns-keygen |
548 |
%{_sbindir}/dnssec-dsfromkey |
549 |
%{_sbindir}/dnssec-keyfromlabel |
550 |
%{_sbindir}/dnssec-keygen |
551 |
%{_sbindir}/dnssec-revoke |
552 |
%{_sbindir}/dnssec-settime |
553 |
%{_sbindir}/dnssec-signzone |
554 |
%{_sbindir}/genrandom |
555 |
%{_sbindir}/isc-hmac-fixup |
556 |
%{_sbindir}/lwresd |
557 |
%{_sbindir}/named |
558 |
%{_sbindir}/named-bootconf |
559 |
%{_sbindir}/named-checkconf |
560 |
%{_sbindir}/named-checkzone |
561 |
%{_sbindir}/named-compilezone |
562 |
%{_sbindir}/named-journalprint |
563 |
%{_sbindir}/nsec3hash |
564 |
%{_sbindir}/rndc |
565 |
%{_sbindir}/rndc-confgen |
566 |
%{_mandir}/man1/arpaname.1.* |
567 |
%{_mandir}/man5/named.conf.5* |
568 |
%{_mandir}/man5/rndc.conf.5* |
569 |
%{_mandir}/man8/ddns-confgen.8.* |
570 |
%{_mandir}/man8/dnssec-*.8* |
571 |
%{_mandir}/man8/genrandom.8.* |
572 |
%{_mandir}/man8/isc-hmac-fixup.8.* |
573 |
%{_mandir}/man8/lwresd.8* |
574 |
%{_mandir}/man8/named-*.8* |
575 |
%{_mandir}/man8/named.8* |
576 |
%{_mandir}/man8/nsec3hash.8.* |
577 |
%{_mandir}/man8/rndc.8* |
578 |
%{_mandir}/man8/rndc-confgen.8* |
579 |
# the chroot |
580 |
%dir /var/lib/named |
581 |
%dir /var/lib/named/dev |
582 |
%dir /var/lib/named/etc |
583 |
%dir /var/lib/named/var |
584 |
%dir /var/lib/named/var/named |
585 |
%attr(-,named,named) %dir /var/lib/named/var/log |
586 |
%attr(-,named,named) %dir /var/lib/named/var/run |
587 |
%attr(-,named,named) %dir /var/lib/named/var/tmp |
588 |
%attr(-,named,named) %dir /var/lib/named/var/named/master |
589 |
%attr(-,named,named) %dir /var/lib/named/var/named/slaves |
590 |
%attr(-,named,named) %dir /var/lib/named/var/named/reverse |
591 |
%config(noreplace) /var/lib/named/etc/named.conf |
592 |
%attr(-,root,named) %config(noreplace) /var/lib/named/etc/bind.keys |
593 |
%attr(-,root,named) %config(noreplace) /var/lib/named/etc/rndc.conf |
594 |
%attr(-,root,named) %config(noreplace) /var/lib/named/etc/rndc.key |
595 |
%{_sysconfdir}/bind.keys |
596 |
%{_sysconfdir}/named.conf |
597 |
%{_sysconfdir}/rndc.conf |
598 |
%{_sysconfdir}/rndc.key |
599 |
%config(noreplace) /var/lib/named/etc/bogon_acl.conf |
600 |
%config(noreplace) /var/lib/named/etc/logging.conf |
601 |
%config(noreplace) /var/lib/named/etc/trusted_networks_acl.conf |
602 |
%config(noreplace) /var/lib/named/etc/hosts |
603 |
%config(noreplace) /var/lib/named/var/named/master/localdomain.zone |
604 |
%config(noreplace) /var/lib/named/var/named/master/localhost.zone |
605 |
%config(noreplace) /var/lib/named/var/named/reverse/named.broadcast |
606 |
%config(noreplace) /var/lib/named/var/named/reverse/named.ip6.local |
607 |
%config(noreplace) /var/lib/named/var/named/reverse/named.local |
608 |
%config(noreplace) /var/lib/named/var/named/reverse/named.zero |
609 |
%config(noreplace) /var/lib/named/var/named/named.ca |
610 |
|
611 |
%files devel |
612 |
%defattr(-,root,root) |
613 |
%doc CHANGES README |
614 |
%multiarch %{multiarch_bindir}/isc-config.sh |
615 |
%{_bindir}/isc-config.sh |
616 |
%{_includedir}/* |
617 |
%{_libdir}/*.a |
618 |
%{_mandir}/man1/isc-config.sh.1* |
619 |
%{_mandir}/man3/lwres*.3* |
620 |
|
621 |
%files utils |
622 |
%defattr(-,root,root) |
623 |
%doc README COPYRIGHT *.query-loc *.queryperf |
624 |
%{_bindir}/dig |
625 |
%{_bindir}/host |
626 |
%{_bindir}/nslookup |
627 |
%{_bindir}/nsupdate |
628 |
%{_bindir}/queryperf |
629 |
%{_bindir}/query-loc |
630 |
%{_mandir}/man1/host.1* |
631 |
%{_mandir}/man1/dig.1* |
632 |
%{_mandir}/man1/nslookup.1* |
633 |
%{_mandir}/man1/nsupdate.1* |
634 |
%{_mandir}/man1/query-loc.1* |
635 |
%if %{sdb_ldap} |
636 |
%doc zone2ldap/zone2ldap.README ldap2zone/README.ldap2zone ldap2zone/dnszone-schema.txt |
637 |
%{_bindir}/zonetoldap |
638 |
%{_bindir}/ldap2zone |
639 |
%{_mandir}/man1/zonetoldap.1* |
640 |
%endif |
641 |
%{_mandir}/man5/resolver.5* |
642 |
%{_mandir}/man5/resolv.5* |
643 |
|
644 |
%files doc |
645 |
%defattr(-,root,root) |
646 |
%doc doc/draft doc/html doc/rfc doc/misc/ |
647 |
%doc doc/dhcp-dynamic-dns-examples doc/chroot doc/trustix |
648 |
|
649 |
|