1 |
%define sdb 1 |
2 |
%define pkcs11 1 |
3 |
|
4 |
%{?_with_sdb: %{expand: %%global sdb 1}} |
5 |
%{?_without_sdb: %{expand: %%global sdb 0}} |
6 |
%{?_with_pkcs11: %{expand: %%global pkcs11 1}} |
7 |
%{?_without_pkcs11: %{expand: %%global pkcs11 0}} |
8 |
|
9 |
%define major_version 9.11.37 |
10 |
#define patch_version P4 |
11 |
%define dashpatch %{?patch_version:-%patch_version}%nil |
12 |
%define dotpatch %{?patch_version:.%patch_version}%nil |
13 |
%define chroot_prefix /var/named/chroot |
14 |
%if %{sdb} |
15 |
%define chroot_sdb_prefix /var/named/chroot_sdb |
16 |
%endif |
17 |
%define chroot_create_directories /dev /run/named %{_localstatedir}/{log,named,tmp} \\\ |
18 |
%{_sysconfdir}/{crypto-policies/back-ends,pki/dnssec-keys,named} \\\ |
19 |
%{_libdir}/bind %{_datadir}/GeoIP |
20 |
|
21 |
# lib*.so.X versions of selected libraries |
22 |
%define dns_major 1115 |
23 |
%define irs_major 161 |
24 |
%define isc_major 1107 |
25 |
%define bind9_major 161 |
26 |
%define lwres_major 161 |
27 |
%define isccc_major 161 |
28 |
%define isccfg_major 163 |
29 |
%define dns_libname %mklibname dns %dns_major |
30 |
%define irs_libname %mklibname irs %irs_major |
31 |
%define isc_libname %mklibname isc %isc_major |
32 |
%define bind9_libname %mklibname bind9_ %bind9_major |
33 |
%define lwres_libname %mklibname lwres %lwres_major |
34 |
%define isccc_libname %mklibname isccc %isccc_major |
35 |
%define isccfg_libname %mklibname isccfg %isccfg_major |
36 |
%define dns_pkcs11_libname %mklibname dns_pkcs11_ %dns_major |
37 |
%define isc_pkcs11_libname %mklibname isc_pkcs11_ %isc_major |
38 |
|
39 |
# libisc-nosym requires to be linked with unresolved symbols |
40 |
# When libisc-nosym linking is fixed, it can be defined to 1 |
41 |
# Visit https://bugzilla.redhat.com/show_bug.cgi?id=1540300 |
42 |
%define _disable_ld_no_undefined 1 |
43 |
|
44 |
Name: bind |
45 |
Version: %{major_version}%{dotpatch} |
46 |
Release: %mkrel 1 |
47 |
Summary: A DNS (Domain Name System) server |
48 |
License: MPLv2.0 |
49 |
Group: System/Servers |
50 |
URL: http://www.isc.org/bind |
51 |
Source0: https://downloads.isc.org/isc/bind9/%{major_version}%{dashpatch}/%{name}-%{major_version}%{dashpatch}.tar.gz |
52 |
|
53 |
Source1: named.sysconfig |
54 |
Source3: named.logrotate |
55 |
Source7: bind-9.3.1rc1-sdb_tools-Makefile.in |
56 |
Source8: dnszone.schema |
57 |
Source11: ftp://ftp.internic.net/domain/named.cache |
58 |
Source12: README.sdb_pgsql |
59 |
Source16: named.conf |
60 |
# Refresh by command: dig @a.root-servers.net. +tcp +norec |
61 |
# or from URL |
62 |
Source17: https://www.internic.net/domain/named.root |
63 |
Source18: named.localhost |
64 |
Source19: named.loopback |
65 |
Source20: named.empty |
66 |
Source23: named.rfc1912.zones |
67 |
Source25: named.conf.sample |
68 |
Source27: named.root.key |
69 |
Source30: ldap2zone.c |
70 |
Source31: ldap2zone.1 |
71 |
Source32: named-sdb.8 |
72 |
Source33: zonetodb.1 |
73 |
Source34: zone2sqlite.1 |
74 |
Source35: bind.tmpfiles |
75 |
Source36: trusted-key.key |
76 |
Source37: named.service |
77 |
Source38: named-chroot.service |
78 |
Source39: named-sdb.service |
79 |
Source40: named-sdb-chroot.service |
80 |
Source41: setup-named-chroot.sh |
81 |
Source42: generate-rndc-key.sh |
82 |
Source43: named.rwtab |
83 |
Source44: named-chroot-setup.service |
84 |
Source45: named-sdb-chroot-setup.service |
85 |
Source46: named-setup-rndc.service |
86 |
Source47: named-pkcs11.service |
87 |
Source48: setup-named-softhsm.sh |
88 |
Source49: named-chroot.files |
89 |
|
90 |
# fedora patches |
91 |
Patch10: bind-9.5-PIE.patch |
92 |
Patch72: bind-9.5-dlz-64bit.patch |
93 |
Patch101:bind-96-old-api.patch |
94 |
Patch102:bind-95-rh452060.patch |
95 |
Patch106:bind93-rh490837.patch |
96 |
Patch109:bind97-rh478718.patch |
97 |
Patch112:bind97-rh645544.patch |
98 |
Patch130:bind-9.9.1-P2-dlz-libdb.patch |
99 |
Patch131:bind-9.9.1-P2-multlib-conflict.patch |
100 |
Patch133:bind99-rh640538.patch |
101 |
Patch134:bind97-rh669163.patch |
102 |
# Fedora specific patch to distribute native-pkcs#11 functionality |
103 |
Patch136:bind-9.10-dist-native-pkcs11.patch |
104 |
|
105 |
# [ISC-Bugs #42525] non-portable use of strlcat in contrib/sdb/ldap/zone2ldap.c |
106 |
# introduced by https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commit;h=fc9f0ac5778f78003a7acc957a23711811fec122 |
107 |
Patch137:bind-9.10-use-of-strlcat.patch |
108 |
Patch140:bind-9.11-rh1410433.patch |
109 |
Patch145:bind-9.11-rh1205168.patch |
110 |
# [ISC-Bugs #46853] commit cb616c6d5c2ece1fac37fa6e0bca2b53d4043098 ISC 4851 |
111 |
Patch149:bind-9.11-kyua-pkcs11.patch |
112 |
# Avoid conflicts with OpenSSL PKCS11 engine |
113 |
Patch150:bind-9.11-engine-pkcs11.patch |
114 |
Patch153:bind-9.11-export-suffix.patch |
115 |
Patch154:bind-9.11-oot-manual.patch |
116 |
Patch155:bind-9.11-pk11.patch |
117 |
# [RT #31459] commit 06a8051d2476fb526fe6960832209392c763a9af |
118 |
Patch158:bind-9.11-rt31459.patch |
119 |
# [RT #46047] commit 24172bd2eeba91441ab1c65d2717b0692309244a ISC 4724 |
120 |
Patch159:bind-9.11-rt46047.patch |
121 |
# https://gitlab.isc.org/isc-projects/bind9/issues/555 |
122 |
Patch161:bind-9.11-host-idn-disable.patch |
123 |
# https://gitlab.isc.org/isc-projects/bind9/commit/8a98277811e |
124 |
Patch163:bind-9.11-rh1663318.patch |
125 |
# https://gitlab.isc.org/isc-projects/bind9/issues/819 |
126 |
Patch164:bind-9.11-rh1666814.patch |
127 |
# random_test fails too often by random, disable it |
128 |
Patch168:bind-9.11-unit-disable-random.patch |
129 |
Patch170:bind-9.11-feature-test-named.patch |
130 |
Patch171:bind-9.11-tests-variants.patch |
131 |
Patch172:bind-9.11-tests-pkcs11.patch |
132 |
Patch173:bind-9.11-rh1732883.patch |
133 |
# Make sure jsonccp-devel does not interfere |
134 |
Patch174:bind-9.11-json-c.patch |
135 |
Patch177: bind-9.11-serve-stale.patch |
136 |
Patch178: bind-9.11-serve-stale-dbfix.patch |
137 |
|
138 |
# SDB patches |
139 |
Patch11: bind-9.3.2b2-sdbsrc.patch |
140 |
Patch12: bind-9.10-sdb.patch |
141 |
# needs inpection |
142 |
Patch13: bind-9.3.2b1-fix_sdb_ldap.patch |
143 |
|
144 |
Recommends: bind-utils |
145 |
Recommends: bind-dnssec-utils |
146 |
Requires(post): systemd >= %{systemd_required_version} |
147 |
Requires(post): rpm-helper >= 0.24.8-1 |
148 |
Requires(preun): rpm-helper >= 0.24.8-1 |
149 |
BuildRequires: docbook5-style-xsl |
150 |
BuildRequires: xsltproc |
151 |
BuildRequires: pkgconfig(openssl) |
152 |
BuildRequires: multiarch-utils >= 1.0.3 |
153 |
BuildRequires: pkgconfig(libidn) |
154 |
BuildRequires: pkgconfig(libidn2) |
155 |
BuildRequires: postgresql-devel |
156 |
BuildRequires: mysql-devel |
157 |
BuildRequires: pkgconfig(libcap) >= 2.10 |
158 |
BuildRequires: pkgconfig(libxml-2.0) |
159 |
BuildRequires: pkgconfig(krb5) |
160 |
BuildRequires: libmaxminddb-devel |
161 |
%if %{sdb} |
162 |
BuildRequires: mysql-devel |
163 |
BuildRequires: openldap-devel |
164 |
BuildRequires: postgresql-devel |
165 |
BuildRequires: pkgconfig(sqlite3) |
166 |
BuildRequires: libdb-devel |
167 |
%endif |
168 |
%if %{pkcs11} |
169 |
BuildRequires: softhsm |
170 |
%endif |
171 |
BuildRequires: json-c-devel |
172 |
|
173 |
%description |
174 |
BIND (Berkeley Internet Name Domain) is an implementation of the DNS |
175 |
(Domain Name System) protocols. BIND includes a DNS server (named), |
176 |
which resolves host names to IP addresses; a resolver library |
177 |
(routines for applications to use when interfacing with DNS); and |
178 |
tools for verifying that the DNS server is operating properly. |
179 |
|
180 |
Build Options: |
181 |
--with sdb Build with database backends and DLZ support (enabled by default) |
182 |
--with pkcs11 Build with native PKCS#11 functionality (enabled by default) |
183 |
|
184 |
%if %{pkcs11} |
185 |
%package pkcs11 |
186 |
Summary: Bind with native PKCS#11 functionality for crypto |
187 |
Requires: bind = %{version}-%{release} |
188 |
Recommends: softhsm |
189 |
|
190 |
%description pkcs11 |
191 |
This is a version of BIND server built with native PKCS#11 functionality. |
192 |
It is important to have SoftHSM v2+ installed and some token initialized. |
193 |
For other supported HSM modules please check the BIND documentation. |
194 |
|
195 |
%package pkcs11-utils |
196 |
Summary: Bind tools with native PKCS#11 for using DNSSEC |
197 |
|
198 |
%description pkcs11-utils |
199 |
This is a set of PKCS#11 utilities that when used together create rsa |
200 |
keys in a PKCS11 keystore. Also utilities for working with DNSSEC |
201 |
compiled with native PKCS#11 functionality are included. |
202 |
%endif |
203 |
|
204 |
%if %{sdb} |
205 |
%package sdb |
206 |
Summary: BIND server with database backends and DLZ support |
207 |
Group: System/Servers |
208 |
Requires: bind = %{version}-%{release} |
209 |
Requires(post): rpm-helper >= 0.24.8-1 |
210 |
Requires(preun): rpm-helper >= 0.24.8-1 |
211 |
|
212 |
%description sdb |
213 |
BIND (Berkeley Internet Name Domain) is an implementation of the DNS |
214 |
(Domain Name System) protocols. BIND includes a DNS server (named-sdb) |
215 |
which has compiled-in SDB (Simplified Database Backend) which includes |
216 |
support for using alternative Zone Databases stored in an LDAP server |
217 |
(ldapdb), a postgreSQL database (pgsqldb), an sqlite database (sqlitedb), |
218 |
or in the filesystem (dirdb), in addition to the standard in-memory RBT |
219 |
(Red Black Tree) zone database. It also includes support for DLZ |
220 |
(Dynamic Loadable Zones) |
221 |
%endif |
222 |
|
223 |
%package utils |
224 |
Summary: Utilities for querying DNS name servers |
225 |
Group: Networking/Other |
226 |
Conflicts: bind < 9.11.5.P1-3 |
227 |
Conflicts: bind-dnssec-utils < 9.11.9 |
228 |
|
229 |
%description utils |
230 |
Bind-utils contains a collection of utilities for querying DNS (Domain |
231 |
Name System) name servers to find out information about Internet |
232 |
hosts. These tools will provide you with the IP addresses for given |
233 |
host names, as well as other information about registered domains and |
234 |
network addresses. |
235 |
|
236 |
You should install bind-utils if you need to get information from DNS name |
237 |
servers. |
238 |
|
239 |
%package dnssec-utils |
240 |
Summary: Utilities for DNSSEC keys and DNS zone files management |
241 |
Group: Networking/Other |
242 |
Conflicts: bind-utils < 9.11.5.P1-6 |
243 |
Requires: python3-bind = %{version}-%{release} |
244 |
|
245 |
%description dnssec-utils |
246 |
Bind-dnssec-utils contains a collection of utilities for editing |
247 |
DNSSEC keys and BIND zone files. These tools provide generation, |
248 |
revocation and verification of keys and DNSSEC signatures in zone files. |
249 |
|
250 |
You should install bind-dnssec-utils if you need to sign a DNS zone |
251 |
or maintain keys for it. |
252 |
|
253 |
%package -n %{dns_libname} |
254 |
Summary: libdns shared library for bind DNS |
255 |
Group: System/Libraries |
256 |
|
257 |
%description -n %{dns_libname} |
258 |
This package contains the libdns shared library for bind DNS. |
259 |
|
260 |
%package -n %{irs_libname} |
261 |
Summary: libirs shared library for bind DNS |
262 |
Group: System/Libraries |
263 |
|
264 |
%description -n %{irs_libname} |
265 |
This package contains the libirs shared library for bind DNS. |
266 |
|
267 |
%package -n %{isc_libname} |
268 |
Summary: libisc shared library for bind DNS |
269 |
Group: System/Libraries |
270 |
|
271 |
%description -n %{isc_libname} |
272 |
This package contains the libisc shared library for bind DNS. |
273 |
|
274 |
%package -n %{bind9_libname} |
275 |
Summary: libbind9 shared library for bind DNS |
276 |
Group: System/Libraries |
277 |
|
278 |
%description -n %{bind9_libname} |
279 |
This package contains the libbind9 shared libraries for bind DNS. |
280 |
|
281 |
%package -n %{lwres_libname} |
282 |
Summary: liblwres shared library for bind DNS |
283 |
Group: System/Libraries |
284 |
|
285 |
%description -n %{lwres_libname} |
286 |
This package contains the liblwres shared libraries for bind DNS. |
287 |
|
288 |
%package -n %{isccc_libname} |
289 |
Summary: libisccc shared library for bind DNS |
290 |
Group: System/Libraries |
291 |
|
292 |
%description -n %{isccc_libname} |
293 |
This package contains the libisccc shared libraries for bind DNS. |
294 |
|
295 |
%package -n %{isccfg_libname} |
296 |
Summary: libisccfg shared library for bind DNS |
297 |
Group: System/Libraries |
298 |
|
299 |
%description -n %{isccfg_libname} |
300 |
This package contains the libisccfg shared library for bind DNS. |
301 |
|
302 |
%if %{pkcs11} |
303 |
%package -n %{dns_pkcs11_libname} |
304 |
Summary: libdns shared library for bind DNS (native PKCS#11 version) |
305 |
Group: System/Libraries |
306 |
|
307 |
%description -n %{dns_pkcs11_libname} |
308 |
This package contains the libdns shared library for bind DNS, compiled with |
309 |
native PKCS#11 functionality. |
310 |
|
311 |
%package -n %{isc_pkcs11_libname} |
312 |
Summary: libisc shared library for bind DNS ((native PKCS#11 version) |
313 |
Group: System/Libraries |
314 |
|
315 |
%description -n %{isc_pkcs11_libname} |
316 |
This package contains the libisc shared library for bind DNS, compiled with |
317 |
native PKCS#11 functionality. |
318 |
%endif |
319 |
|
320 |
%package devel |
321 |
Summary: Include files and libraries needed for bind DNS development |
322 |
Group: Development/C |
323 |
Requires: %{dns_libname} = %{version}-%{release} |
324 |
Requires: %{irs_libname} = %{version}-%{release} |
325 |
Requires: %{isc_libname} = %{version}-%{release} |
326 |
Requires: %{bind9_libname} = %{version}-%{release} |
327 |
Requires: %{lwres_libname} = %{version}-%{release} |
328 |
Requires: %{isccc_libname} = %{version}-%{release} |
329 |
Requires: %{isccfg_libname} = %{version}-%{release} |
330 |
|
331 |
%description devel |
332 |
The bind-devel package contains full version of the header files and libraries |
333 |
required for development with ISC BIND 9 |
334 |
|
335 |
%if %{pkcs11} |
336 |
%package pkcs11-devel |
337 |
Summary: Development files for Bind libraries compiled with native PKCS#11 |
338 |
Requires: bind-devel = %{version}-%{release} |
339 |
Requires: %{dns_pkcs11_libname} = %{version}-%{release} |
340 |
Requires: %{isc_pkcs11_libname} = %{version}-%{release} |
341 |
|
342 |
%description pkcs11-devel |
343 |
This a set of development files for BIND libraries (dns, isc) compiled |
344 |
with native PKCS#11 functionality. |
345 |
%endif |
346 |
|
347 |
%package chroot |
348 |
Summary: A chroot runtime environment for the ISC BIND DNS server, named(8) |
349 |
Prefix: %{chroot_prefix} |
350 |
# grep is required due to setup-named-chroot.sh script |
351 |
Requires: grep |
352 |
Requires: bind = %{version}-%{release} |
353 |
|
354 |
%description chroot |
355 |
This package contains a tree of files which can be used as a |
356 |
chroot(2) jail for the named(8) program from the BIND package. |
357 |
Based on the code from Jan "Yenya" Kasprzak <kas@fi.muni.cz> |
358 |
|
359 |
%if %{sdb} |
360 |
%package sdb-chroot |
361 |
Summary: A chroot runtime environment for the ISC BIND DNS server, named-sdb(8) |
362 |
Prefix: %{chroot_sdb_prefix} |
363 |
# grep is required due to setup-named-chroot.sh script |
364 |
Requires: grep |
365 |
Requires: bind-sdb = %{version}-%{release} |
366 |
|
367 |
%description sdb-chroot |
368 |
This package contains a tree of files which can be used as a |
369 |
chroot(2) jail for the named-sdb(8) program from the BIND package. |
370 |
Based on the code from Jan "Yenya" Kasprzak <kas@fi.muni.cz> |
371 |
%endif |
372 |
|
373 |
%package -n python3-bind |
374 |
Summary: A module allowing rndc commands to be sent from Python programs |
375 |
Requires: python3 |
376 |
Requires: python3-ply |
377 |
BuildRequires: python3 |
378 |
BuildRequires: python3-ply |
379 |
BuildArch: noarch |
380 |
%{?python_provide:%python_provide python3-bind} |
381 |
%{?python_provide:%python_provide python3-isc} |
382 |
|
383 |
%description -n python3-bind |
384 |
This package provides a module which allows commands to be sent to rndc directly from Python programs. |
385 |
%prep |
386 |
%setup -q -n %{name}-%{major_version}%{dashpatch} |
387 |
|
388 |
%patch10 -p1 -b .PIE |
389 |
%patch72 -p1 -b .64bit |
390 |
%patch102 -p1 -b .rh452060 |
391 |
%patch106 -p1 -b .rh490837 |
392 |
%patch109 -p1 -b .rh478718 |
393 |
%patch112 -p1 -b .rh645544 |
394 |
%patch130 -p1 -b .libdb |
395 |
%patch131 -p1 -b .multlib-conflict |
396 |
%patch140 -p1 -b .rh1410433 |
397 |
%patch145 -p1 -b .rh1205168 |
398 |
%patch153 -p1 -b .export_suffix |
399 |
%patch154 -p1 -b .oot-man |
400 |
%patch155 -p1 -b .pk11-internal |
401 |
%patch158 -p1 -b .rt31459 |
402 |
%patch159 -p1 -b .rt46047 |
403 |
%patch161 -p1 -b .host-idn-disable |
404 |
%patch163 -p1 -b .rh1663318 |
405 |
%patch164 -p1 -b .rh1666814 |
406 |
%patch168 -p1 -b .random_test-disable |
407 |
%patch170 -p1 -b .featuretest-named |
408 |
%patch171 -p1 -b .test-variant |
409 |
%patch172 -p1 -b .test-pkcs11 |
410 |
%patch173 -p1 -b .rh1732883 |
411 |
%patch174 -p1 -b .json-c |
412 |
%patch177 -p1 -b .serve-stale |
413 |
%patch178 -p1 -b .rh1770492 |
414 |
|
415 |
# Avoid having [FIXME: manual] on top of generated manual pages |
416 |
# https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/4524 |
417 |
find bin lib/lwres/man -name '*.docbook' -exec \ |
418 |
sed -e 's|<refmiscinfo>BIND9|<refmiscinfo class="manual">BIND9|' -i '{}' ';' |
419 |
|
420 |
%if %{pkcs11} |
421 |
cp -r bin/named{,-pkcs11} |
422 |
cp -r bin/dnssec{,-pkcs11} |
423 |
cp -r lib/isc{,-pkcs11} |
424 |
cp -r lib/dns{,-pkcs11} |
425 |
%patch136 -p1 -b .dist_pkcs11 |
426 |
%patch149 -p1 -b .kyua-pkcs11 |
427 |
%patch150 -p1 -b .engine-pkcs11 |
428 |
%endif |
429 |
|
430 |
%if %{sdb} |
431 |
%patch101 -p1 -b .old-api |
432 |
mkdir bin/named-sdb |
433 |
cp -r bin/named/* bin/named-sdb |
434 |
%patch11 -p1 -b .sdbsrc |
435 |
# SDB ldap |
436 |
cp -fp contrib/sdb/ldap/ldapdb.[ch] bin/named-sdb |
437 |
# SDB postgreSQL |
438 |
cp -fp contrib/sdb/pgsql/pgsqldb.[ch] bin/named-sdb |
439 |
# SDB sqlite |
440 |
cp -fp contrib/sdb/sqlite/sqlitedb.[ch] bin/named-sdb |
441 |
# SDB Berkeley DB - needs to be ported to DB4! |
442 |
#cp -fp contrib/sdb/bdb/bdb.[ch] bin/named_sdb |
443 |
# SDB dir |
444 |
cp -fp contrib/sdb/dir/dirdb.[ch] bin/named-sdb |
445 |
# SDB tools |
446 |
mkdir -p bin/sdb_tools |
447 |
cp -fp %{SOURCE30} bin/sdb_tools/ldap2zone.c |
448 |
cp -fp %{SOURCE7} bin/sdb_tools/Makefile.in |
449 |
#cp -fp contrib/sdb/bdb/zone2bdb.c bin/sdb_tools |
450 |
cp -fp contrib/sdb/ldap/{zone2ldap.1,zone2ldap.c} bin/sdb_tools |
451 |
cp -fp contrib/sdb/pgsql/zonetodb.c bin/sdb_tools |
452 |
cp -fp contrib/sdb/sqlite/zone2sqlite.c bin/sdb_tools |
453 |
%patch12 -p1 -b .sdb |
454 |
%patch13 -p1 -b .fix_sdb_ldap |
455 |
%patch137 -p1 -b .strlcat_fix |
456 |
%endif |
457 |
|
458 |
%patch133 -p1 -b .rh640538 |
459 |
%patch134 -p1 -b .rh669163 |
460 |
|
461 |
cp %{SOURCE11} named.cache |
462 |
|
463 |
%build |
464 |
%serverbuild |
465 |
|
466 |
export CFLAGS="$CFLAGS $RPM_OPT_FLAGS" |
467 |
export CPPFLAGS="$CPPFLAGS -DDIG_SIGCHASE" |
468 |
export STD_CDEFINES="$CPPFLAGS" |
469 |
|
470 |
sed -i -e \ |
471 |
's/RELEASEVER=\(.*\)/RELEASEVER=Mageia-%{release}/' \ |
472 |
version |
473 |
|
474 |
libtoolize -c -f; aclocal -I libtool.m4 --force; autoconf -f |
475 |
|
476 |
%configure \ |
477 |
--with-python=%{__python3} \ |
478 |
--with-libtool \ |
479 |
--localstatedir=/var \ |
480 |
--enable-threads \ |
481 |
--enable-ipv6 \ |
482 |
--enable-filter-aaaa \ |
483 |
--with-pic \ |
484 |
--disable-static \ |
485 |
--includedir=%{_includedir}/bind9 \ |
486 |
--with-tuning=large \ |
487 |
--with-libidn2 \ |
488 |
--enable-openssl-hash \ |
489 |
--with-geoip2 \ |
490 |
%if %{pkcs11} |
491 |
--enable-native-pkcs11 \ |
492 |
--with-pkcs11=%{_libdir}/pkcs11/libsofthsm2.so \ |
493 |
%endif |
494 |
%if %{sdb} |
495 |
--with-dlopen=yes \ |
496 |
--with-dlz-ldap=yes \ |
497 |
--with-dlz-postgres=yes \ |
498 |
--with-dlz-mysql=yes \ |
499 |
--with-dlz-filesystem=yes \ |
500 |
--with-dlz-bdb=yes \ |
501 |
%endif |
502 |
--with-gssapi=yes \ |
503 |
--with-libjson \ |
504 |
--with-lmdb=no \ |
505 |
--enable-fixed-rrset \ |
506 |
--with-docbook-xsl=%{_datadir}/sgml/docbook/xsl-ns-stylesheets \ |
507 |
--enable-full-report \ |
508 |
; |
509 |
|
510 |
%make_build |
511 |
|
512 |
# Regenerate dig.1 manpage |
513 |
pushd bin/dig |
514 |
make man |
515 |
popd |
516 |
pushd bin/python |
517 |
make man |
518 |
popd |
519 |
|
520 |
pushd contrib/queryperf |
521 |
rm -f configure |
522 |
autoconf |
523 |
%configure |
524 |
%make_build CFLAGS="$CFLAGS" |
525 |
popd |
526 |
|
527 |
%install |
528 |
|
529 |
# Build directory hierarchy |
530 |
mkdir -p %{buildroot}/etc/logrotate.d |
531 |
mkdir -p %{buildroot}%{_libdir}/bind |
532 |
mkdir -p %{buildroot}/var/named/{slaves,data,dynamic} |
533 |
mkdir -p %{buildroot}%{_mandir}/{man1,man5,man8} |
534 |
mkdir -p %{buildroot}/var/log |
535 |
|
536 |
#chroot |
537 |
for D in %{chroot_create_directories}; do |
538 |
mkdir -p %{buildroot}/%{chroot_prefix}${D} |
539 |
done |
540 |
|
541 |
# create symlink as it is on real filesystem |
542 |
pushd %{buildroot}/%{chroot_prefix}/var |
543 |
ln -s ../run run |
544 |
popd |
545 |
|
546 |
mkdir -p %{buildroot}/%{chroot_prefix}/etc/{pki/dnssec-keys,named} |
547 |
mkdir -p %{buildroot}/%{chroot_prefix}/%{_libdir}/bind |
548 |
# these are required to prevent them being erased during upgrade of previous |
549 |
touch %{buildroot}/%{chroot_prefix}/etc/named.conf |
550 |
#end chroot |
551 |
|
552 |
#sdb-chroot |
553 |
%if %{sdb} |
554 |
for D in %{chroot_create_directories}; do |
555 |
mkdir -p %{buildroot}/%{chroot_sdb_prefix}${D} |
556 |
done |
557 |
|
558 |
# create symlink as it is on real filesystem |
559 |
pushd %{buildroot}/%{chroot_sdb_prefix}/var |
560 |
ln -s ../run run |
561 |
popd |
562 |
|
563 |
mkdir -p %{buildroot}/%{chroot_sdb_prefix}/etc/{pki/dnssec-keys,named} |
564 |
mkdir -p %{buildroot}/%{chroot_sdb_prefix}/%{_libdir}/bind |
565 |
# these are required to prevent them being erased during upgrade of previous |
566 |
touch %{buildroot}/%{chroot_sdb_prefix}/etc/named.conf |
567 |
%endif |
568 |
#end sdb-chroot |
569 |
|
570 |
%make_install |
571 |
|
572 |
# Remove unwanted files |
573 |
rm -f %{buildroot}/etc/bind.keys |
574 |
|
575 |
# Systemd unit files |
576 |
install -d -m 755 %{buildroot}%{_unitdir} |
577 |
install -m 644 %{SOURCE37} %{buildroot}%{_unitdir} |
578 |
install -m 644 %{SOURCE38} %{buildroot}%{_unitdir} |
579 |
install -m 644 %{SOURCE44} %{buildroot}%{_unitdir} |
580 |
install -m 644 %{SOURCE46} %{buildroot}%{_unitdir} |
581 |
|
582 |
%if %{sdb} |
583 |
install -m 644 %{SOURCE39} %{buildroot}%{_unitdir} |
584 |
install -m 644 %{SOURCE40} %{buildroot}%{_unitdir} |
585 |
install -m 644 %{SOURCE45} %{buildroot}%{_unitdir} |
586 |
%endif |
587 |
|
588 |
%if %{pkcs11} |
589 |
install -m 644 %{SOURCE47} %{buildroot}%{_unitdir} |
590 |
%endif |
591 |
|
592 |
mkdir -p %{buildroot}%{_libexecdir} |
593 |
install -m 755 %{SOURCE41} %{buildroot}%{_libexecdir}/setup-named-chroot.sh |
594 |
install -m 755 %{SOURCE42} %{buildroot}%{_libexecdir}/generate-rndc-key.sh |
595 |
|
596 |
%if %{pkcs11} |
597 |
install -m 644 %{SOURCE48} %{buildroot}%{_libexecdir}/setup-named-softhsm.sh |
598 |
%endif |
599 |
|
600 |
install -m 644 %SOURCE3 %{buildroot}/etc/logrotate.d/named |
601 |
mkdir -p %{buildroot}%{_sysconfdir}/sysconfig |
602 |
install -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/sysconfig/named |
603 |
install -m 644 %{SOURCE49} %{buildroot}%{_sysconfdir}/named-chroot.files |
604 |
|
605 |
%if %{sdb} |
606 |
mkdir -p %{buildroot}/etc/openldap/schema |
607 |
install -m 644 %{SOURCE8} %{buildroot}/etc/openldap/schema/dnszone.schema |
608 |
install -m 644 %{SOURCE12} contrib/sdb/pgsql/ |
609 |
%endif |
610 |
|
611 |
# Install isc/errno2result.h header |
612 |
install -m 644 lib/isc/unix/errno2result.h %{buildroot}%{_includedir}/bind9/isc |
613 |
|
614 |
cp -fp config.h %{buildroot}/%{_includedir}/bind9 |
615 |
# Remove libtool .la files: |
616 |
find %{buildroot}/%{_libdir} -name '*.la' -exec '/bin/rm' '-f' '{}' ';'; |
617 |
|
618 |
install -d -m 755 %{buildroot}%{_sysconfdir}/rsyslog.d/ |
619 |
cat > %{buildroot}%{_sysconfdir}/rsyslog.d/named.conf <<'EOF' |
620 |
$AddUnixListenSocket %{chroot_prefix}/dev/log |
621 |
EOF |
622 |
cat > %{buildroot}%{_sysconfdir}/rsyslog.d/named-sdb.conf <<'EOF' |
623 |
$AddUnixListenSocket %{chroot_sdb_prefix}/dev/log |
624 |
EOF |
625 |
|
626 |
# SDB manpages |
627 |
%if %{sdb} |
628 |
install -m 644 %{SOURCE31} %{buildroot}%{_mandir}/man1/ldap2zone.1 |
629 |
install -m 644 %{SOURCE32} %{buildroot}%{_mandir}/man8/named-sdb.8 |
630 |
install -m 644 %{SOURCE33} %{buildroot}%{_mandir}/man1/zonetodb.1 |
631 |
install -m 644 %{SOURCE34} %{buildroot}%{_mandir}/man1/zone2sqlite.1 |
632 |
|
633 |
# PKCS11 versions manpages |
634 |
%if %{pkcs11} |
635 |
pushd %{buildroot}%{_mandir}/man8 |
636 |
ln -s named.8 named-pkcs11.8 |
637 |
ln -s dnssec-checkds.8 dnssec-checkds-pkcs11.8 |
638 |
ln -s dnssec-coverage.8 dnssec-coverage-pkcs11.8 |
639 |
ln -s dnssec-dsfromkey.8 dnssec-dsfromkey-pkcs11.8 |
640 |
ln -s dnssec-importkey.8 dnssec-importkey-pkcs11.8 |
641 |
ln -s dnssec-keyfromlabel.8 dnssec-keyfromlabel-pkcs11.8 |
642 |
ln -s dnssec-keygen.8 dnssec-keygen-pkcs11.8 |
643 |
ln -s dnssec-revoke.8 dnssec-revoke-pkcs11.8 |
644 |
ln -s dnssec-settime.8 dnssec-settime-pkcs11.8 |
645 |
ln -s dnssec-signzone.8 dnssec-signzone-pkcs11.8 |
646 |
ln -s dnssec-verify.8 dnssec-verify-pkcs11.8 |
647 |
popd |
648 |
%endif |
649 |
|
650 |
mkdir -p %{buildroot}/etc/openldap/schema |
651 |
install -m 644 %{SOURCE8} %{buildroot}/etc/openldap/schema/dnszone.schema |
652 |
install -m 644 %{SOURCE12} contrib/sdb/pgsql/ |
653 |
|
654 |
%endif |
655 |
|
656 |
# Ghost config files: |
657 |
touch %{buildroot}%{_localstatedir}/log/named.log |
658 |
|
659 |
# configuration files: |
660 |
install -m 644 %{SOURCE16} %{buildroot}%{_sysconfdir}/named.conf |
661 |
touch %{buildroot}%{_sysconfdir}/rndc.{key,conf} |
662 |
install -m 644 %{SOURCE27} %{buildroot}%{_sysconfdir}/named.root.key |
663 |
install -m 644 %{SOURCE36} %{buildroot}%{_sysconfdir}/trusted-key.key |
664 |
mkdir %{buildroot}%{_sysconfdir}/named |
665 |
|
666 |
# data files: |
667 |
mkdir -p %{buildroot}%{_localstatedir}/named |
668 |
install -m 644 %{SOURCE17} %{buildroot}%{_localstatedir}/named/named.ca |
669 |
install -m 644 %{SOURCE18} %{buildroot}%{_localstatedir}/named/named.localhost |
670 |
install -m 644 %{SOURCE19} %{buildroot}%{_localstatedir}/named/named.loopback |
671 |
install -m 644 %{SOURCE20} %{buildroot}%{_localstatedir}/named/named.empty |
672 |
install -m 644 %{SOURCE23} %{buildroot}%{_sysconfdir}/named.rfc1912.zones |
673 |
|
674 |
# sample bind configuration files for %%doc: |
675 |
mkdir -p sample/etc sample/var/named/{data,slaves} |
676 |
install -m 644 %{SOURCE25} sample/etc/named.conf |
677 |
# Copy default configuration to %%doc to make it usable from system-config-bind |
678 |
install -m 644 %{SOURCE16} named.conf.default |
679 |
install -m 644 %{SOURCE23} sample/etc/named.rfc1912.zones |
680 |
install -m 644 %{SOURCE18} %{SOURCE19} %{SOURCE20} sample/var/named |
681 |
install -m 644 %{SOURCE17} sample/var//named/named.ca |
682 |
for f in my.internal.zone.db slaves/my.slave.internal.zone.db slaves/my.ddns.internal.zone.db my.external.zone.db; do |
683 |
echo '@ in soa localhost. root 1 3H 15M 1W 1D |
684 |
ns localhost.' > sample/var/named/$f; |
685 |
done |
686 |
:; |
687 |
|
688 |
mkdir -p %{buildroot}%{_tmpfilesdir} |
689 |
install -m 644 %{SOURCE35} %{buildroot}%{_tmpfilesdir}/named.conf |
690 |
|
691 |
mkdir -p %{buildroot}%{_sysconfdir}/rwtab.d |
692 |
install -m 644 %{SOURCE43} %{buildroot}%{_sysconfdir}/rwtab.d/named |
693 |
|
694 |
# contrib |
695 |
install -m0755 contrib/queryperf/queryperf %{buildroot}%{_bindir}/ |
696 |
cp contrib/queryperf/README README.queryperf |
697 |
|
698 |
%multiarch_binaries %{buildroot}%{_bindir}/isc-config.sh |
699 |
%multiarch_binaries %{buildroot}%{_bindir}/bind9-config |
700 |
|
701 |
cat > README.urpmi.update <<EOF |
702 |
Important package setup changes |
703 |
|
704 |
Starting with bind 9.11.5P1-2mga7, the files needed to run bind in a chroot are |
705 |
now shipped in distinct subpackages: |
706 |
- bind-chroot for the standard bind |
707 |
- bind-sdb-chroot for bind with SDB support |
708 |
|
709 |
The new systemcl units follow the same logic: |
710 |
- bind.service runs bind |
711 |
- bind-sdb.service runs bind with SDB support |
712 |
- bind-chroot.service runs bind in a chroot |
713 |
- bind-sdb-chroot.service runs with SDB support in a chroot |
714 |
EOF |
715 |
|
716 |
%triggerun -- bind < 9.11.5.P1-2.mga7 |
717 |
# stop the service so as to be able to umount old chroot |
718 |
systemctl condstop named.service |
719 |
|
720 |
%pre |
721 |
%_pre_useradd named /var/named /bin/false |
722 |
|
723 |
%post |
724 |
%_tmpfilescreate named |
725 |
%_post_service named |
726 |
|
727 |
%preun |
728 |
%_preun_service named |
729 |
|
730 |
%postun |
731 |
%_postun_userdel named |
732 |
|
733 |
%files |
734 |
%{_libdir}/bind |
735 |
%config(noreplace) %{_sysconfdir}/sysconfig/named |
736 |
%config(noreplace) %{_sysconfdir}/named.root.key |
737 |
%{_tmpfilesdir}/named.conf |
738 |
%{_sysconfdir}/rwtab.d/named |
739 |
%{_unitdir}/named.service |
740 |
%{_unitdir}/named-setup-rndc.service |
741 |
%{_sbindir}/named-journalprint |
742 |
%{_sbindir}/named-checkconf |
743 |
%{_bindir}/named-rrchecker |
744 |
%{_bindir}/mdig |
745 |
%{_sbindir}/lwresd |
746 |
%{_sbindir}/named |
747 |
%{_sbindir}/rndc* |
748 |
%{_libexecdir}/generate-rndc-key.sh |
749 |
%{_mandir}/man1/mdig.1* |
750 |
%{_mandir}/man1/named-rrchecker.1* |
751 |
%{_mandir}/man5/named.conf.5* |
752 |
%{_mandir}/man5/rndc.conf.5* |
753 |
%{_mandir}/man8/rndc.8* |
754 |
%{_mandir}/man8/named.8* |
755 |
%{_mandir}/man8/lwresd.8* |
756 |
%{_mandir}/man8/named-checkconf.8* |
757 |
%{_mandir}/man8/rndc-confgen.8* |
758 |
%{_mandir}/man8/named-journalprint.8* |
759 |
%doc CHANGES README named.conf.default README.urpmi.update |
760 |
%doc doc/arm/*html doc/arm/*pdf |
761 |
%doc sample/ |
762 |
|
763 |
# main configuration |
764 |
%dir %{_sysconfdir}/named |
765 |
%config(noreplace) %verify(not link) %{_sysconfdir}/named.conf |
766 |
%config(noreplace) %verify(not link) %{_sysconfdir}/named.rfc1912.zones |
767 |
%attr(-,named,named) %dir %{_localstatedir}/named |
768 |
%attr(-,named,named) %dir %{_localstatedir}/named/slaves |
769 |
%attr(-,named,named) %dir %{_localstatedir}/named/data |
770 |
%attr(-,named,named) %dir %{_localstatedir}/named/dynamic |
771 |
%ghost %{_localstatedir}/log/named.log |
772 |
%config %verify(not link) %{_localstatedir}/named/named.ca |
773 |
%config %verify(not link) %{_localstatedir}/named/named.localhost |
774 |
%config %verify(not link) %{_localstatedir}/named/named.loopback |
775 |
%config %verify(not link) %{_localstatedir}/named/named.empty |
776 |
%ghost %config(noreplace) %{_sysconfdir}/rndc.key |
777 |
# ^- rndc.key now created on first install only if it does not exist |
778 |
%ghost %config(noreplace) %{_sysconfdir}/rndc.conf |
779 |
# ^- The default rndc.conf which uses rndc.key is in named's default internal config - |
780 |
# so rndc.conf is not necessary. |
781 |
%config(noreplace) %{_sysconfdir}/logrotate.d/named |
782 |
|
783 |
%files -n %{dns_libname} |
784 |
%{_libdir}/libdns.so.%{dns_major}{,.*} |
785 |
|
786 |
%files -n %{irs_libname} |
787 |
%{_libdir}/libirs.so.%{irs_major}{,.*} |
788 |
|
789 |
%files -n %{isc_libname} |
790 |
%{_libdir}/libisc.so.%{isc_major}{,.*} |
791 |
|
792 |
%files -n %{bind9_libname} |
793 |
%{_libdir}/libbind9.so.%{bind9_major}{,.*} |
794 |
|
795 |
%files -n %{lwres_libname} |
796 |
%{_libdir}/liblwres.so.%{lwres_major}{,.*} |
797 |
|
798 |
%files -n %{isccc_libname} |
799 |
%{_libdir}/libisccc.so.%{isccc_major}{,.*} |
800 |
|
801 |
%files -n %{isccfg_libname} |
802 |
%{_libdir}/libisccfg.so.%{isccfg_major}{,.*} |
803 |
|
804 |
%if %{pkcs11} |
805 |
%files -n %{dns_pkcs11_libname} |
806 |
%{_libdir}/libdns-pkcs11.so.%{dns_major}{,.*} |
807 |
|
808 |
%files -n %{isc_pkcs11_libname} |
809 |
%{_libdir}/libisc-pkcs11.so.%{isc_major}{,.*} |
810 |
%endif |
811 |
|
812 |
%if %{sdb} |
813 |
%files sdb |
814 |
%{_unitdir}/named-sdb.service |
815 |
%{_mandir}/man1/zone2ldap.1* |
816 |
%{_mandir}/man1/ldap2zone.1* |
817 |
%{_mandir}/man1/zonetodb.1* |
818 |
%{_mandir}/man1/zone2sqlite.1* |
819 |
%{_mandir}/man8/named-sdb.8* |
820 |
%doc contrib/sdb/ldap/README.ldap contrib/sdb/ldap/INSTALL.ldap contrib/sdb/pgsql/README.sdb_pgsql |
821 |
%dir %{_sysconfdir}/openldap/schema |
822 |
%config(noreplace) %{_sysconfdir}/openldap/schema/dnszone.schema |
823 |
%{_sbindir}/named-sdb |
824 |
%{_sbindir}/zone2ldap |
825 |
%{_sbindir}/ldap2zone |
826 |
%{_sbindir}/zonetodb |
827 |
%{_sbindir}/zone2sqlite |
828 |
%endif |
829 |
|
830 |
%files utils |
831 |
%{_bindir}/dig |
832 |
%{_bindir}/delv |
833 |
%{_bindir}/host |
834 |
%{_bindir}/nslookup |
835 |
%{_bindir}/nsupdate |
836 |
%{_bindir}/arpaname |
837 |
%{_bindir}/queryperf |
838 |
%{_sbindir}/ddns-confgen |
839 |
%{_sbindir}/tsig-keygen |
840 |
%{_sbindir}/genrandom |
841 |
%{_sbindir}/nsec3hash |
842 |
%{_sbindir}/isc-hmac-fixup |
843 |
%{_sbindir}/named-checkzone |
844 |
%{_sbindir}/named-compilezone |
845 |
%{_mandir}/man1/host.1* |
846 |
%{_mandir}/man1/nsupdate.1* |
847 |
%{_mandir}/man1/dig.1* |
848 |
%{_mandir}/man1/delv.1* |
849 |
%{_mandir}/man1/nslookup.1* |
850 |
%{_mandir}/man1/arpaname.1* |
851 |
%{_mandir}/man8/ddns-confgen.8* |
852 |
%{_mandir}/man8/tsig-keygen.8* |
853 |
%{_mandir}/man8/genrandom.8* |
854 |
%{_mandir}/man8/nsec3hash.8* |
855 |
%{_mandir}/man8/isc-hmac-fixup.8* |
856 |
%{_mandir}/man8/named-checkzone.8* |
857 |
%{_mandir}/man8/named-compilezone.8* |
858 |
%{_sysconfdir}/trusted-key.key |
859 |
|
860 |
%files dnssec-utils |
861 |
%{_sbindir}/dnssec* |
862 |
%{_mandir}/man8/dnssec*.8* |
863 |
%if %{pkcs11} |
864 |
%exclude %{_sbindir}/dnssec*pkcs11 |
865 |
%exclude %{_mandir}/man8/dnssec*-pkcs11.8* |
866 |
%endif |
867 |
|
868 |
%files devel |
869 |
%multiarch %{multiarch_bindir}/isc-config.sh |
870 |
%multiarch %{multiarch_bindir}/bind9-config |
871 |
%{_libdir}/libbind9.so |
872 |
%{_libdir}/libisccc.so |
873 |
%{_libdir}/liblwres.so |
874 |
%{_mandir}/man1/isc-config.sh.1* |
875 |
%{_mandir}/man1/bind9-config.1* |
876 |
%{_mandir}/man3/lwres* |
877 |
%{_bindir}/isc-config.sh |
878 |
%{_bindir}/bind9-config |
879 |
%{_libdir}/libdns.so |
880 |
%{_libdir}/libirs.so |
881 |
%{_libdir}/libisc.so |
882 |
%{_libdir}/libisccfg.so |
883 |
%{_includedir}/bind9 |
884 |
|
885 |
%files chroot |
886 |
%config(noreplace) %{_sysconfdir}/rsyslog.d/named.conf |
887 |
%config(noreplace) %{_sysconfdir}/named-chroot.files |
888 |
%{_unitdir}/named-chroot.service |
889 |
%{_unitdir}/named-chroot-setup.service |
890 |
%{_libexecdir}/setup-named-chroot.sh |
891 |
%attr(0664,root,named) %ghost %dev(c,1,3) %verify(not mtime) %{chroot_prefix}/dev/null |
892 |
%attr(0664,root,named) %ghost %dev(c,1,8) %verify(not mtime) %{chroot_prefix}/dev/random |
893 |
%attr(0664,root,named) %ghost %dev(c,1,9) %verify(not mtime) %{chroot_prefix}/dev/urandom |
894 |
%attr(0664,root,named) %ghost %dev(c,1,5) %verify(not mtime) %{chroot_prefix}/dev/zero |
895 |
%dir %{chroot_prefix} |
896 |
%dir %{chroot_prefix}/dev |
897 |
%dir %{chroot_prefix}/etc |
898 |
%dir %{chroot_prefix}/etc/named |
899 |
%dir %{chroot_prefix}/etc/pki |
900 |
%dir %{chroot_prefix}/etc/pki/dnssec-keys |
901 |
%dir %{chroot_prefix}/etc/crypto-policies |
902 |
%dir %{chroot_prefix}/etc/crypto-policies/back-ends |
903 |
%ghost %config(noreplace) %{chroot_prefix}/etc/named.conf |
904 |
%dir %{chroot_prefix}/run |
905 |
%dir %{chroot_prefix}/usr |
906 |
%dir %{chroot_prefix}/%{_libdir} |
907 |
%dir %{chroot_prefix}/%{_libdir}/bind |
908 |
%dir %{chroot_prefix}/%{_datadir}/GeoIP |
909 |
%dir %{chroot_prefix}/var |
910 |
%dir %{chroot_prefix}/var/named |
911 |
%attr(-,named,named) %dir %{chroot_prefix}/var/tmp |
912 |
%attr(-,named,named) %dir %{chroot_prefix}/var/log |
913 |
%attr(-,named,named) %dir %{chroot_prefix}/run/named |
914 |
%attr(-,named,named) %{chroot_prefix}/var/run |
915 |
|
916 |
%if %{sdb} |
917 |
%files sdb-chroot |
918 |
%config(noreplace) %{_sysconfdir}/rsyslog.d/named-sdb.conf |
919 |
%config(noreplace) %{_sysconfdir}/named-chroot.files |
920 |
%{_unitdir}/named-sdb-chroot.service |
921 |
%{_unitdir}/named-sdb-chroot-setup.service |
922 |
%{_libexecdir}/setup-named-chroot.sh |
923 |
%attr(0664,root,named) %ghost %dev(c,1,3) %verify(not mtime) %{chroot_sdb_prefix}/dev/null |
924 |
%attr(0664,root,named) %ghost %dev(c,1,8) %verify(not mtime) %{chroot_sdb_prefix}/dev/random |
925 |
%attr(0664,root,named) %ghost %dev(c,1,9) %verify(not mtime) %{chroot_sdb_prefix}/dev/urandom |
926 |
%attr(0664,root,named) %ghost %dev(c,1,5) %verify(not mtime) %{chroot_sdb_prefix}/dev/zero |
927 |
%dir %{chroot_sdb_prefix} |
928 |
%dir %{chroot_sdb_prefix}/dev |
929 |
%dir %{chroot_sdb_prefix}/etc |
930 |
%dir %{chroot_sdb_prefix}/etc/named |
931 |
%dir %{chroot_sdb_prefix}/etc/pki |
932 |
%dir %{chroot_sdb_prefix}/etc/pki/dnssec-keys |
933 |
%dir %{chroot_sdb_prefix}/etc/crypto-policies |
934 |
%dir %{chroot_sdb_prefix}/etc/crypto-policies/back-ends |
935 |
%ghost %config(noreplace) %{chroot_sdb_prefix}/etc/named.conf |
936 |
%dir %{chroot_sdb_prefix}/run |
937 |
%dir %{chroot_sdb_prefix}/usr |
938 |
%dir %{chroot_sdb_prefix}/%{_libdir} |
939 |
%dir %{chroot_sdb_prefix}/%{_libdir}/bind |
940 |
%dir %{chroot_sdb_prefix}/var |
941 |
%dir %{chroot_sdb_prefix}/var/named |
942 |
%attr(-,named,named) %dir %{chroot_sdb_prefix}/var/tmp |
943 |
%attr(-,named,named) %dir %{chroot_sdb_prefix}/var/log |
944 |
%attr(-,named,named) %dir %{chroot_sdb_prefix}/run/named |
945 |
%attr(-,named,named) %{chroot_sdb_prefix}/var/run |
946 |
%endif |
947 |
|
948 |
%if %{pkcs11} |
949 |
%files pkcs11 |
950 |
%{_sbindir}/named-pkcs11 |
951 |
%{_unitdir}/named-pkcs11.service |
952 |
%{_mandir}/man8/named-pkcs11.8* |
953 |
%{_libexecdir}/setup-named-softhsm.sh |
954 |
|
955 |
%files pkcs11-utils |
956 |
%{_sbindir}/dnssec*pkcs11 |
957 |
%{_sbindir}/pkcs11-destroy |
958 |
%{_sbindir}/pkcs11-keygen |
959 |
%{_sbindir}/pkcs11-list |
960 |
%{_sbindir}/pkcs11-tokens |
961 |
%{_mandir}/man8/pkcs11*.8* |
962 |
%{_mandir}/man8/dnssec*-pkcs11.8* |
963 |
|
964 |
%files pkcs11-devel |
965 |
%{_includedir}/bind9/pk11/*.h |
966 |
%exclude %{_includedir}/bind9/pk11/site.h |
967 |
%{_includedir}/bind9/pkcs11 |
968 |
%{_libdir}/libdns-pkcs11.so |
969 |
%{_libdir}/libisc-pkcs11.so |
970 |
%endif |
971 |
|
972 |
%files -n python3-bind |
973 |
%{python3_sitelib}/*.egg-info |
974 |
%{python3_sitelib}/isc |
975 |
|