From c79f35c371c5016299fcdb64b7abe164d1e0140c82a0aa110cab0e872ff28a90 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Josef=20M=C3=B6llers?= Date: Mon, 23 Mar 2020 07:34:53 +0000 Subject: [PATCH] Accepting request 787151 from home:kukuk:container - Use sysusers.d to create named user - Have only one package creating the user - coreutils are not used in %post, remove Requires. - Use systemd_ordering instead of hard requiring systemd OBS-URL: https://build.opensuse.org/request/show/787151 OBS-URL: https://build.opensuse.org/package/show/network/bind?expand=0&rev=269 --- bind.changes | 12 ++++++++++++ bind.spec | 40 ++++++++++++++++++++++++---------------- named.conf | 3 +++ 3 files changed, 39 insertions(+), 16 deletions(-) create mode 100644 named.conf diff --git a/bind.changes b/bind.changes index 95367de..0e82b03 100644 --- a/bind.changes +++ b/bind.changes @@ -1,3 +1,15 @@ +------------------------------------------------------------------- +Sat Mar 21 08:56:28 UTC 2020 - Thorsten Kukuk + +- Use sysusers.d to create named user +- Have only one package creating the user + +------------------------------------------------------------------- +Fri Mar 20 09:00:07 UTC 2020 - Thorsten Kukuk + +- coreutils are not used in %post, remove Requires. +- Use systemd_ordering instead of hard requiring systemd + ------------------------------------------------------------------- Fri Mar 20 08:04:19 UTC 2020 - Josef Möllers diff --git a/bind.spec b/bind.spec index 1654408..64e3bb9 100644 --- a/bind.spec +++ b/bind.spec @@ -33,6 +33,10 @@ %define libns_sonum 1601 %define VENDOR SUSE +%if 0%{?suse_version} >= 1500 +%define with_systemd 1 +%else +%define with_systemd 0 # Defines for user and group add %define NAMED_UID 44 %define NAMED_UID_NAME named @@ -44,10 +48,6 @@ %define GROUPADD_NAMED getent group %{NAMED_GID_NAME} >/dev/null || %{_sbindir}/groupadd -g %{NAMED_GID} -o -r %{NAMED_GID_NAME} %define USERADD_NAMED getent passwd %{NAMED_UID_NAME} >/dev/null || %{_sbindir}/useradd -r -o -g %{NAMED_GID_NAME} -u %{NAMED_UID} -s %{NAMED_SHELL} -c "%{NAMED_COMMENT}" -d %{NAMED_HOMEDIR} %{NAMED_UID_NAME} %define USERMOD_NAMED getent passwd %{NAMED_UID_NAME} >/dev/null || %{_sbindir}/usermod -s %{NAMED_SHELL} -d %{NAMED_HOMEDIR} %{NAMED_UID_NAME} -%if 0%{?suse_version} >= 1500 -%define with_systemd 1 -%else -%define with_systemd 0 %endif %if 0%{?suse_version} < 1315 %define with_sfw2 1 @@ -78,6 +78,7 @@ Source60: dlz-schema.txt # configuation files for systemd-tmpfiles Source70: bind.conf Source71: bind-chrootenv.conf +Source72: named.conf Patch1: Makefile.in.diff Patch51: pie_compile.diff Patch52: named-bootconf.diff @@ -102,8 +103,6 @@ Requires: %{name}-chrootenv Requires: %{name}-utils Requires(post): %fillup_prereq Requires(post): bind-utils -Requires(post): coreutils -Requires(pre): shadow Provides: bind8 = %{version} Provides: bind9 = %{version} Provides: dns_daemon @@ -111,11 +110,15 @@ Obsoletes: bind8 < %{version} Obsoletes: bind9 < %{version} %if %{with_systemd} BuildRequires: systemd-rpm-macros +BuildRequires: sysuser-shadow +BuildRequires: sysuser-tools BuildRequires: pkgconfig(libsystemd) BuildRequires: pkgconfig(systemd) -%{?systemd_requires} +%{?systemd_ordering} +%sysusers_requires %else Requires(post): %insserv_prereq +Requires(pre): shadow %endif %description @@ -204,8 +207,9 @@ This BIND library contains the configuration file parser. %package chrootenv Summary: Chroot environment for BIND named +# We need the named user and group, have only one authoritative place Group: Productivity/Networking/DNS/Servers -Requires(pre): shadow +Requires(pre): %{name} %description chrootenv This package contains all directories and files which are common to the @@ -331,6 +335,9 @@ sed -i ' s|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g ' libtool make %{?_smp_mflags} +%if %{with_systemd} +%sysusers_generate_pre %{SOURCE72} named +%endif %install mkdir -p \ @@ -417,14 +424,20 @@ for file in CHANGES COPYRIGHT README version contrib doc/{arm,misc} vendor-files done # --------------------------------------------------------------------------- install -m 0644 bind.keys %{buildroot}%{_localstatedir}/lib/named/named.root.key +%if %{with_systemd} +mkdir -p %{buildroot}%{_sysusersdir} +install -m 644 %{SOURCE72} %{buildroot}%{_sysusersdir}/ +%endif +%if %{with_systemd} +%pre -f named.pre +%service_add_pre named.service +%else %pre %{GROUPADD_NAMED} %{USERADD_NAMED} # Might be an update. %{USERMOD_NAMED} -%if %{with_systemd} -%service_add_pre named.service %endif %preun @@ -470,10 +483,6 @@ fi %postun -n %{libisccc} -p /sbin/ldconfig %post -n %{libisccfg} -p /sbin/ldconfig %postun -n %{libisccfg} -p /sbin/ldconfig -%pre chrootenv -%{GROUPADD_NAMED} -%{USERADD_NAMED} - %post chrootenv %{fillup_only -nsa named common} %{fillup_only -nsa syslog named} @@ -481,8 +490,6 @@ fi %tmpfiles_create bind-chrootenv.conf %endif -%post utils - %files %license LICENSE %attr(0644,root,named) %config(noreplace) /%{_sysconfdir}/named.conf @@ -493,6 +500,7 @@ fi %config %{_unitdir}/named.service %{_sbindir}/named.init %{_prefix}/lib/tmpfiles.d/bind.conf +%{_sysusersdir}/named.conf %{_datadir}/factory %else %config /%{_sysconfdir}/init.d/named diff --git a/named.conf b/named.conf new file mode 100644 index 0000000..5463c1b --- /dev/null +++ b/named.conf @@ -0,0 +1,3 @@ +# Type Name ID GECOS [HOME] +g named 44 - - +u named 44 "Name server daemon" /var/lib/named