# # spec file for package bind (Version 9.3.2) # # Copyright (c) 2006 SUSE LINUX Products GmbH, Nuernberg, Germany. # This file and all modifications and additions to the pristine # package are under the same license as the package itself. # # Please submit bugfixes or comments via http://bugs.opensuse.org/ # # norootforbuild Name: bind BuildRequires: openldap2 openldap2-devel Summary: Domain Name System (DNS) Server (named) Version: 9.3.2 Release: 42 %define SDB_LDAP_VERSION 1.0-beta License: GNU General Public License (GPL) - all versions, Other License(s), see package Group: Productivity/Networking/DNS/Servers Provides: dns_daemon bind8 bind9 Obsoletes: bind8 bind9 Requires: bind-utils bind-chrootenv PreReq: %fillup_prereq %insserv_prereq bind-utils /bin/grep /bin/sed /bin/mkdir /usr/bin/tee /bin/chmod /bin/chown /bin/mv /bin/cat /usr/bin/dirname /usr/bin/diff /usr/bin/old /usr/sbin/groupadd /usr/sbin/useradd /usr/sbin/usermod Autoreqprov: on URL: http://isc.org/sw/bind/ Source: ftp://ftp.isc.org/isc/bind9/%{version}/bind-%{version}.tar.gz Source1: vendor-files.tar.bz2 Source9: ftp://ftp.internic.net/domain/named.root Source40: http://www.venaas.no/ldap/bind-sdb/dnszone-schema.txt Source50: bind-sdb-ldap-%{SDB_LDAP_VERSION}.tar.gz Patch: configure.in.diff Patch1: Makefile.in.diff Patch2: pid-path.diff Patch3: idnkit-1.0.diff Patch4: perl-path.diff Patch50: sdb_ldap.diff Patch51: pie_compile.diff Patch52: named-bootconf.diff Patch53: nsupdate.8.diff Patch54: VU697164_VU915404.diff Patch55: bind-rsa.patch %if %ul_version >= 1 %define VENDOR UL %else %if "%{_vendor}" == "suse" %define VENDOR SUSE %else %define VENDOR %_vendor %endif %endif # Defines for user and group add %define NAMED_UID 44 %define NAMED_UID_NAME named %define NAMED_GID 44 %define NAMED_GID_NAME named %define NAMED_COMMENT Name server daemon %define NAMED_HOMEDIR /var/lib/named %define NAMED_SHELL /bin/false %define GROUPADD_NAMED /usr/sbin/groupadd -g %{NAMED_GID} -o -r %{NAMED_GID_NAME} 2> /dev/null || : %define USERADD_NAMED /usr/sbin/useradd -r -o -g %{NAMED_GID_NAME} -u %{NAMED_UID} -s %{NAMED_SHELL} -c "%{NAMED_COMMENT}" -d %{NAMED_HOMEDIR} %{NAMED_UID_NAME} 2> /dev/null || : %define USERMOD_NAMED /usr/sbin/usermod -s %{NAMED_SHELL} -d %{NAMED_HOMEDIR} %{NAMED_UID_NAME} 2>/dev/null || : BuildRoot: %{_tmppath}/%{name}-%{version}-build %description Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols and provides an openly redistributable reference implementation of the major components of the Domain Name System. This package includes the components to operate a DNS server. Authors: -------- ISC Software %package chrootenv Summary: Chroot environment for BIND named and lwresd Group: Productivity/Networking/DNS/Servers PreReq: /usr/sbin/groupadd /usr/sbin/useradd %description chrootenv This package contains all directories and files which are common to the chroot environment of BIND named and lwresd. Most is part of the structure below /var/lib/named. Authors: -------- ISC Software %package devel Summary: Development Libraries and Header Files of BIND Group: Development/Libraries/C and C++ Requires: bind-utils = %{version} Provides: bind8-devel bind9-devel Obsoletes: bind8-devel bind9-devel %description devel This package contains the header files, libraries, and documentation for building programs using the libraries of the Berkeley Internet Name Domain (BIND) Domain Name System implementation of the Domain Name System (DNS) protocols. Authors: -------- ISC Software %package doc Summary: BIND documentation Group: Documentation/Other %description doc Documentation of the Berkeley Internet Name Domain (BIND) Domain Name System implementation of the Domain Name System (DNS) protocols. This includes also the BIND Administrator Reference Manual (ARM). Authors: -------- ISC Software %package libs Summary: Shared libraries of BIND Group: Development/Libraries/C and C++ %description libs This package contains the shared libraries of the Berkeley Internet Name Domain (BIND) Domain Name System implementation of the Domain Name System (DNS) protocols. Authors: -------- ISC Software %package lwresd Summary: Lightweight Resolver Daemon Group: Productivity/Networking/DNS/Utilities Requires: bind-chrootenv Provides: dns_daemon PreReq: /usr/sbin/groupadd /usr/sbin/useradd %description lwresd Bind-lwresd provides resolution services to local clients using a combination of the lightweight resolver library liblwres and the resolver daemon process lwresd running on the local host. These communicate using a simple UDP-based protocol, the "lightweight resolver protocol" that is distinct from and simpler than the full DNS protocol. Authors: -------- ISC Software %package utils Summary: Utilities to query and test DNS Group: Productivity/Networking/DNS/Utilities Provides: dns_utils bindutil bind9-utils Obsoletes: bindutil bind9-utils %description utils This package includes the utilities host, dig, and nslookup used to test and query the Domain Name System (DNS). The Berkeley Internet Name Domain (BIND) DNS server is found in the package named bind. Authors: -------- ISC Software %prep [ "${RPM_BUILD_DIR}/%{name}-%{version}" != "/" -a -d "${RPM_BUILD_DIR}/%{name}-%{version}" ] && rm -rf "${RPM_BUILD_DIR}/%{name}-%{version}" %setup %setup -T -D -a1 -a50 %patch -p1 %patch1 -p1 %patch3 -p1 %patch2 -p1 %patch4 -p1 %patch50 %patch51 %patch52 %patch53 %patch54 %patch55 # modify settings of some files regarding to OS version and vendor function replaceStrings() { file="$1" sed -e "s@__NSD__@/lib@g" \ -e "s@__BIND_PACKAGE_NAME__@%{name}@g" \ -e "s@__VENDOR__@%{VENDOR}@g" \ "${file}" >"${file}.new" && \ mv "${file}.new" "${file}" } pushd vendor-files for file in docu/README tools/createNamedConfInclude config/{README,named.conf} init/{named,lwresd} sysconfig/{named-common,named-named,syslog-named}; do replaceStrings ${file} done popd cp bind-sdb-ldap-%{SDB_LDAP_VERSION}/ldapdb.c bin/named/ cp bind-sdb-ldap-%{SDB_LDAP_VERSION}/ldapdb.h bin/named/include/ # --------------------------------------------------------------------------- %build %{?suse_update_config:%{suse_update_config -f}} cat /usr/share/aclocal/libtool.m4 >> aclocal.m4 %{__libtoolize} -f %{__aclocal} %{__autoconf} pushd lib/bind %{?suse_update_config:%{suse_update_config -f}} cat /usr/share/aclocal/libtool.m4 >> aclocal.m4 %{__libtoolize} -f %{__aclocal} %{__autoconf} popd #pushd contrib/idn/idnkit-1.0-src #%{?suse_update_config:%{suse_update_config -f}} #cat /usr/share/aclocal/libtool.m4 >> aclocal.m4 #%{__libtoolize} -f #%{__aclocal} #%{__autoconf} #popd export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing -DLDAP_DEPRECATED" LDFLAGS="-L%{_libdir}" #export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing -fpie" LDFLAGS="-L%{_libdir} -pie" CONFIGURE_OPTIONS="\ --prefix=%{_prefix} \ --bindir=%{_bindir} \ --sbindir=%{_sbindir} \ --sysconfdir=%{_sysconfdir} \ --localstatedir=%{_var} \ --libdir=%{_libdir} \ --includedir=%{_includedir}/bind \ --mandir=%{_mandir} \ --infodir=%{_infodir} \ --with-openssl \ --enable-threads \ --enable-libbind \ --with-libtool \ --enable-runidn \ " ./configure ${CONFIGURE_OPTIONS} %{__make} pushd contrib/idn/idnkit-1.0-src ./configure ${CONFIGURE_OPTIONS} %{__make} popd # running BIND system tests # FIXME: enable make test if every test checks for a free port first; fixed port # 5300 might lead to test failures if port is already in use. #pushd bin/tests/system/ #./ifconfig.sh up #%{__make} test #./ifconfig.sh down #popd # replace __NSD__ in some files by a sub directory to set the full path to # named's root directory # --------------------------------------------------------------------------- %install %{GROUPADD_NAMED} %{USERADD_NAMED} mkdir -p \ ${RPM_BUILD_ROOT}/%{_sysconfdir}/init.d \ ${RPM_BUILD_ROOT}/%{_sysconfdir}/named.d \ ${RPM_BUILD_ROOT}/%{_sysconfdir}/openldap/schema \ ${RPM_BUILD_ROOT}/%{_sysconfdir}/slp.reg.d \ ${RPM_BUILD_ROOT}/usr/{bin,%{_lib},sbin,include} \ ${RPM_BUILD_ROOT}/%{_datadir}/bind \ ${RPM_BUILD_ROOT}/%{_datadir}/susehelp/meta/Administration/System \ ${RPM_BUILD_ROOT}/%{_defaultdocdir}/bind \ ${RPM_BUILD_ROOT}/var/lib/named/{etc/named.d,dev,dyn,log,master,slave,var/{lib,run/named}} \ ${RPM_BUILD_ROOT}%{_mandir}/{man1,man3,man5,man8} \ ${RPM_BUILD_ROOT}/var/adm/fillup-templates \ ${RPM_BUILD_ROOT}/var/run %{__make} DESTDIR=${RPM_BUILD_ROOT} install pushd contrib/idn/idnkit-1.0-src %{__make} DESTDIR=${RPM_BUILD_ROOT} install popd mv vendor-files/config/named.conf ${RPM_BUILD_ROOT}/%{_sysconfdir} mv vendor-files/config/bind.reg ${RPM_BUILD_ROOT}/%{_sysconfdir}/slp.reg.d mv vendor-files/config/rndc-access.conf ${RPM_BUILD_ROOT}/%{_sysconfdir}/named.d for file in named.conf.include rndc.key; do touch ${RPM_BUILD_ROOT}/%{_sysconfdir}/${file} done for file in lwresd named; do install -m 0754 vendor-files/init/${file} ${RPM_BUILD_ROOT}/etc/init.d/${file} ln -sf /etc/init.d/${file} ${RPM_BUILD_ROOT}/usr/sbin/rc${file} done install -m 0644 ${RPM_SOURCE_DIR}/named.root ${RPM_BUILD_ROOT}/var/lib/named/root.hint mv vendor-files/config/{127.0.0,localhost}.zone ${RPM_BUILD_ROOT}/var/lib/named install -m 0754 vendor-files/tools/createNamedConfInclude ${RPM_BUILD_ROOT}/%{_datadir}/bind install -m 0755 vendor-files/tools/bind.genDDNSkey ${RPM_BUILD_ROOT}/%{_bindir}/genDDNSkey cp -a vendor-files/docu/BIND.desktop ${RPM_BUILD_ROOT}/%{_datadir}/susehelp/meta/Administration/System cp -p ${RPM_SOURCE_DIR}/dnszone-schema.txt ${RPM_BUILD_ROOT}/%{_sysconfdir}/openldap/schema/dnszone.schema install -m 0754 vendor-files/tools/ldapdump ${RPM_BUILD_ROOT}/%{_datadir}/bind find ${RPM_BUILD_ROOT}/%{_libdir} -type f -name '*.so*' -print0 | xargs -0 chmod 0755 touch ${RPM_BUILD_ROOT}/var/lib/named/etc/{localtime,named.conf.include,named.d/rndc.access.conf} touch ${RPM_BUILD_ROOT}/var/lib/named/dev/log ln -s ../.. ${RPM_BUILD_ROOT}/var/lib/named/var/lib/named ln -s ../log ${RPM_BUILD_ROOT}/var/lib/named/var ln -s ../lib/named/var/run/named ${RPM_BUILD_ROOT}/var/run for file in named-common named-named syslog-named; do install -m 0644 vendor-files/sysconfig/${file} ${RPM_BUILD_ROOT}/var/adm/fillup-templates/sysconfig.${file} done # Cleanup doc rm doc/misc/Makefile* # Remove samples rm ${RPM_BUILD_ROOT}/etc/*.sample find doc/arm -type f ! -name '*.html' -print0 | xargs -0 rm -f # Create doc as we want it in bind and not bind-doc cp -a vendor-files/docu/README ${RPM_BUILD_ROOT}/%{_defaultdocdir}/bind/README.%{VENDOR} cp -a vendor-files/docu/dnszonehowto.html contrib/sdb/ldap/ mkdir -p vendor-files/config/ISC-examples cp -a bin/tests/*.conf* vendor-files/config/ISC-examples for file in CHANGES COPYRIGHT README FAQ version contrib doc/{arm,draft,misc,rfc} vendor-files/config; do basename=$( basename ${file}) cp -a ${file} ${RPM_BUILD_ROOT}/%{_defaultdocdir}/bind/${basename} echo "%doc %{_defaultdocdir}/bind/${basename}" >>filelist-bind-doc done pushd ${RPM_BUILD_ROOT}%{_defaultdocdir}/bind/contrib/idn/idnkit-1.0-src %{__make} distclean rm -rf include lib man map patch tools win wsock Makefile.in acconfig.h aclocal.m4 config.* configure* install-sh ltconfig make.wnt mkinstalldirs popd # --------------------------------------------------------------------------- %clean [ "${RPM_BUILD_ROOT}" != "/" -a -d "${RPM_BUILD_ROOT}" ] && rm -rf "${RPM_BUILD_ROOT}" # --------------------------------------------------------------------------- %pre # Are we updating from a package named bind9? if test -d usr/share/doc/packages/bind9 && sbin/chkconfig -c named; then NAMED_ACTIVE_FILE="var/adm/named.was.active" test -f ${NAMED_ACTIVE_FILE} && old ${NAMED_ACTIVE_FILE} ACTIVE_DIR=$( dirname ${NAMED_ACTIVE_FILE}) test -d ${ACTIVE_DIR} || mkdir -p ${ACTIVE_DIR} touch ${NAMED_ACTIVE_FILE} fi %{GROUPADD_NAMED} %{USERADD_NAMED} # Might be an update. %{USERMOD_NAMED} # var/run/named is now a sym link pointing to the chroot jail test -L var/run/named || rm -rf var/run/named test -f etc/sysconfig/named && \ . etc/sysconfig/named # Store NAMED_RUN_CHROOTED setting to a temp file. TEMP_SYSCONFIG_FILE="var/adm/named-chroot" TEMP_DIR=$( dirname ${TEMP_SYSCONFIG_FILE}) test -d ${TEMP_DIR} || \ mkdir -p ${TEMP_DIR} test -e ${TEMP_SYSCONFIG_FILE} && \ old ${TEMP_SYSCONFIG_FILE} echo "NAMED_RUN_CHROOTED=\"${NAMED_RUN_CHROOTED}\"" >${TEMP_SYSCONFIG_FILE} %preun %stop_on_removal named %post %{fillup_and_insserv -nf named} %{fillup_only -nsa named named} if [ ! -f etc/rndc.key ]; then usr/sbin/rndc-confgen -a -b 512 -r dev/urandom chmod 0640 etc/rndc.key chown root:named etc/rndc.key fi TEMP_SYSCONFIG_FILE="var/adm/named-chroot" # Are we in update mode? if [ ${FIRST_ARG:-0} -gt 1 ]; then # Is named.conf an old, /var/named configuration? if [ -f etc/named.conf ] && grep -qi '^[[:space:]]*directory[[:space:]]*"/var/named"[[:space:]]*;' etc/named.conf; then test -d var/log || \ mkdir -p var/log CONVLOG="/var/log/named-move-to-var-lib" # move zone files to new location echo "Moving zone files to new location /var/lib/named" | tee ${CONVLOG} IFS=" " for dir in var/named var/named/slave; do for source in $( find ${dir} -maxdepth 1 ); do case "${source#var/named/}" in localhost.zone|127.0.0.zone|root.hint|slave|var/named) continue ;; esac sourcedir=$( echo "${source%/*}") destdir=$( echo "${sourcedir#var/named}") if [ -e "var/lib/named/${destdir}/${source##*/}" ]; then echo "Warning: /var/lib/named${destdir}/${source##*/} already exists; skipped." | tee -a ${CONVLOG} else echo "${source#var/named/}" | tee -a ${CONVLOG} mv "${source}" "var/lib/named/${destdir}" fi done done # updating named.conf echo -n "Backup old /etc/named.conf to " | tee -a ${CONVLOG} oldconfig=$( old etc/named.conf) 2>/dev/null oldconfig=${oldconfig##*/} echo -en "/etc/${oldconfig}. Conversion " | tee -a ${CONVLOG} sed -e "s@\"/var/named\"@\"/var/lib/named\"@" "etc/${oldconfig}" > etc/named.conf 2>/dev/null conv_rc=$? if [ ${conv_rc} -eq 0 ]; then echo "succeded." | tee -a ${CONVLOG} chmod --reference="etc/${oldconfig}" etc/named.conf chown --reference="etc/${oldconfig}" etc/named.conf else echo "failed." | tee -a ${CONVLOG} fi if [ ${conv_rc} -eq 0 ]; then cat << EOF >>${CONVLOG} Result: named.conf conversion succeded. For details check the following diff of the the old and new configuration. Ergebnis: Die named.conf-Konvertierung war erfolgreich. Details finden Sie in der nachfolgenden Differenz der alten und neuen Konfiguration. EOF diff -u etc/${oldconfig} etc/named.conf >>${CONVLOG} else cat << EOF >>${CONVLOG} Result: Conversion failed. You must check your /etc/named.conf Ergebnis: Die Konvertierung ist fehlgeschlagen. Sie müssen Ihre /etc/named.conf überprüfen. EOF fi else rm -f var/lib/update-messages/bind.1 fi # End of 'Is named.conf an old, /var/named configuration?'. # Add include files to NAMED_CONF_INCLUDE_FILES if we have already a include # file (SL Standard Server 8) and NAMED_RUN_CHROOTED from the # TEMP_SYSCONFIG_FILE is empty. if [ -f ${TEMP_SYSCONFIG_FILE} ]; then . ${TEMP_SYSCONFIG_FILE} fi if [ -s etc/named.conf.include -a -z "${NAMED_RUN_CHROOTED}" ]; then test -f etc/sysconfig/named && . etc/sysconfig/named if [ "${NAMED_INITIALIZE_SCRIPTS}" = "createNamedConfInclude" -a \ -z "${NAMED_CONF_INCLUDE_FILES}" ]; then # Get the included files from an existing meta include file. INCLUDE_LINES=$( grep -e '^[[:space:]]*include' etc/named.conf.include | cut -f 2 -d '"') if [ "${INCLUDE_LINES}" -a -z "${NAMED_CONF_INCLUDE_FILES}" ]; then for file in ${INCLUDE_LINES}; do # don't add a file a second time echo "${INCLUDE_FILES}" | grep -qe "\<${file#/etc/named.d/}\>" && continue # don't add the meta include file as the init script copy it anyway # to the chroot jail test "${file}" = "/etc/named.conf.include" && continue test "${INCLUDE_FILES}" && INCLUDE_FILES="${INCLUDE_FILES} " # strip off any leading /etc/named.d/ as the init script takes care # of relative file names INCLUDE_FILES="${INCLUDE_FILES}${file#/etc/named.d/}" done TMPFILE=$( mktemp /var/tmp/named.sysconfig.XXXXXX) if [ $? -ne 0 ]; then echo -e "Can't create temp file. Please add your included files from /etc/named.conf to\nNAMED_CONF_INCLUDE_FILES of /etc/sysconfig/named manually." return fi chmod --reference=etc/sysconfig/named ${TMPFILE} if sed "s+^NAMED_CONF_INCLUDE_FILES.*$+NAMED_CONF_INCLUDE_FILES=\"${INCLUDE_FILES}\"+" etc/sysconfig/named > "${TMPFILE}"; then mv "${TMPFILE}" etc/sysconfig/named else echo "Can't set NAMED_CONF_INCLUDE_FILES of /etc/sysconfig/named to \"${INCLUDE_FILES}\"." fi fi fi else rm -f touch var/lib/update-messages/bind.3 fi # End of 'Add include files to NAMED_CONF_INCLUDE_FILES' fi # End of 'Are we in update mode?' # Remove TEMP_SYSCONFIG_FILE in any case. rm -f ${TEMP_SYSCONFIG_FILE} NAMED_ACTIVE_FILE="var/adm/named.was.active" if [ -f ${NAMED_ACTIVE_FILE} ]; then sbin/insserv named test ! -s ${NAMED_ACTIVE_FILE} && rm -f ${NAMED_ACTIVE_FILE} fi %postun %restart_on_update named %insserv_cleanup %pre chrootenv %{GROUPADD_NAMED} %{USERADD_NAMED} %post chrootenv %{fillup_only -nsa named common} %{fillup_only -nsa syslog named} %pre lwresd %{GROUPADD_NAMED} %{USERADD_NAMED} %post lwresd # Create a key if usr/sbin/rndc-confgen is installed. if [ -x usr/sbin/rndc-confgen -a ! -f etc/rndc.key ]; then usr/sbin/rndc-confgen -a -b 512 -r dev/urandom chmod 0640 etc/rndc.key chown root:named etc/rndc.key fi # delete an emtpy lwresd.conf file if [ ! -s etc/lwresd.conf ]; then rm -f etc/lwresd.conf fi if [ $1 -le 1 ]; then %{fillup_and_insserv -fy lwresd} fi; %preun lwresd %stop_on_removal lwresd %postun lwresd %restart_on_update lwresd %insserv_cleanup %post utils %run_ldconfig # Create a key if lwresd is installed. if [ -x usr/sbin/lwresd -a ! -f etc/rndc.key ]; then usr/sbin/rndc-confgen -a -b 512 -r dev/urandom chmod 0640 etc/rndc.key chown root:named etc/rndc.key fi # --------------------------------------------------------------------------- %files %defattr(-,root,root) %attr(0644,root,named) %config(noreplace) /%{_sysconfdir}/named.conf %{_sysconfdir}/slp.reg.d %attr(0644,root,root) /%{_sysconfdir}/slp.reg.d/bind.reg %attr(0644,root,named) %ghost /%{_sysconfdir}/named.conf.include %attr(0640,root,named) %ghost %config(noreplace) /%{_sysconfdir}/rndc.key %config /%{_sysconfdir}/init.d/named %{_sbindir}/rcnamed %{_sbindir}/named %{_sbindir}/named-checkconf %{_sbindir}/named-checkzone %{_sbindir}/dnssec-keygen %{_sbindir}/dnssec-signzone %doc %{_mandir}/man5/named.conf.5.gz %doc %{_mandir}/man8/dnssec-keygen.8.gz %doc %{_mandir}/man8/dnssec-signzone.8.gz %doc %{_mandir}/man8/named-checkconf.8.gz %doc %{_mandir}/man8/named-checkzone.8.gz %doc %{_mandir}/man8/named.8.gz %dir %{_datadir}/bind %{_datadir}/bind/createNamedConfInclude %{_datadir}/bind/ldapdump %{_var}/adm/fillup-templates/sysconfig.named-named %dir %{_var}/lib/named/master %attr(-,named,named) %dir %{_var}/lib/named/dyn %attr(-,named,named) %dir %{_var}/lib/named/slave %config %{_var}/lib/named/root.hint %config %{_var}/lib/named/127.0.0.zone %config %{_var}/lib/named/localhost.zone %ghost %{_var}/lib/named/etc/localtime %attr(0644,root,named) %ghost %{_var}/lib/named/etc/named.conf.include %files chrootenv %defattr(-,root,root) %dir %{_var}/lib/named %dir %{_var}/lib/named/etc %dir %{_var}/lib/named/etc/named.d %dir %{_var}/lib/named/dev %dir %{_var}/lib/named/var %dir %{_var}/lib/named/var/lib %dir %{_var}/lib/named/var/run %attr(-,named,named) %dir %{_var}/lib/named/log %attr(-,named,named) %dir %{_var}/lib/named/var/run/named %ghost %{_var}/lib/named/etc/named.d/rndc.access.conf %ghost %{_var}/lib/named/dev/log %attr(0666, root, root) %dev(c, 1, 3) %{_var}/lib/named/dev/null %attr(0666, root, root) %dev(c, 1, 8) %{_var}/lib/named/dev/random %{_var}/lib/named/var/lib/named %{_var}/lib/named/var/log %{_var}/run/named %{_var}/adm/fillup-templates/sysconfig.named-common %{_var}/adm/fillup-templates/sysconfig.syslog-named %files devel %defattr(-,root,root) %{_bindir}/isc-config.sh %{_libdir}/*.a %{_libdir}/*.so %{_includedir}/bind %doc %{_mandir}/man3/* %files doc -f filelist-bind-doc %defattr(-,root,root) %dir %doc %{_defaultdocdir}/bind %doc %{_datadir}/susehelp %files libs %defattr(-,root,root) %{_libdir}/*.so.* %files lwresd %defattr(-,root,root) %config /etc/init.d/lwresd %{_sbindir}/rclwresd %{_sbindir}/lwresd %doc %{_mandir}/man8/lwresd.8.gz %files utils %defattr(-,root,root) %config(noreplace) %{_sysconfdir}/idn.conf %config(noreplace) %{_sysconfdir}/idnalias.conf %dir /etc/named.d %config(noreplace) /etc/named.d/rndc-access.conf %dir %{_sysconfdir}/openldap/schema %attr(0444,root,root) %config %{_sysconfdir}/openldap/schema/dnszone.schema %{_libdir}/*.la %{_bindir}/dig %{_bindir}/host %{_bindir}/idnconv %{_bindir}/nslookup %{_bindir}/nsupdate %{_bindir}/genDDNSkey %{_bindir}/runidn %{_sbindir}/rndc %{_sbindir}/rndc-confgen %dir %{_datadir}/idnkit %{_datadir}/idnkit/jp.map %dir %doc %{_defaultdocdir}/bind %dir %{_defaultdocdir}/bind/README.%{VENDOR} %doc %{_mandir}/man1/dig.1.gz %doc %{_mandir}/man1/host.1.gz %doc %{_mandir}/man1/nslookup.1.gz %doc %{_mandir}/man5/rndc.conf.5.gz %doc %{_mandir}/man8/nsupdate.8.gz %doc %{_mandir}/man8/rndc-confgen.8.gz %doc %{_mandir}/man8/rndc.8.gz # idn kit %doc %{_mandir}/man1/idnconv.1.gz %doc %{_mandir}/man1/runidn.1.gz %doc %{_mandir}/man5/idn.conf.5.gz %doc %{_mandir}/man5/idnalias.conf.5.gz %doc %{_mandir}/man5/idnrc.5.gz %changelog -n bind * Fri Nov 10 2006 - ug@suse.de - security fix (#218303) workarounds OpenSSL's recently discovered RSA signature verification issue (CVE-2006-4339) by using the exponent 65537 (0x10001) instead of the widely used 3. * Tue Oct 17 2006 - poeml@suse.de - there is no SuSEconfig.syslog script anymore, thus remove the YaST hint from the sysconfig template * Mon Oct 16 2006 - ug@suse.de - typo in sysconfig file fixed (#212337) * Fri Sep 01 2006 - ug@suse.de - security fix Bug #201424 VUL-0: bind: two denial-of-service attacks VU#697164 BIND INSIST failure due to excessive recursive queries VU#915404 BIND assertion failure during SIG query processing * Tue Aug 15 2006 - ug@suse.de - update messages removed * Fri Aug 04 2006 - ug@suse.de - moved the la files to bind-utils (#182448) * Thu Jul 06 2006 - ug@suse.de - fix for the nsupdate man page (#92730) thanx to Werner * Wed May 17 2006 - ug@suse.de - fix for ldapdump script (#175587) * Mon Mar 13 2006 - ug@suse.de - typos fixed (#157611) * Wed Feb 08 2006 - ug@suse.de - fixed #148527 a broken symlink in the chroot jail is in the way * Fri Jan 27 2006 - mls@suse.de - converted neededforbuild to BuildRequires * Wed Jan 25 2006 - ug@suse.de - fixed #145169 (follow symlinks during chroot jail creation) * Sat Jan 14 2006 - schwab@suse.de - Don't remove sources. * Mon Jan 02 2006 - ug@suse.de - version update from 9.3.1 to 9.3.2 * Mon Nov 21 2005 - ug@suse.de - fixed an insecure tmp file bug in the named-bootconf.sh contrib script * Mon Sep 26 2005 - ro@suse.de - added LDAP_DEPRECATED to CFLAGS * Fri Jul 22 2005 - lmuelle@suse.de - Copy the right default file if /etc/sysconfig/named is missing while calling the lwresd init script; [#97187]. * Fri Jun 17 2005 - ug@suse.de - compilation with -fpie and -pie now which makes it harder to use exploits with fixed memory addresses. * Wed Apr 13 2005 - mls@suse.de - fix SLP registration * Fri Mar 25 2005 - schwab@suse.de - Fix leak in lwres library [#74529]. * Fri Mar 11 2005 - ug@suse.de - version update from 9.3.0 to 9.3.1 - fixed bug #72153 lwresd doesn't notice if name server is unreachable and times out * Fri Mar 11 2005 - ug@suse.de - rndc dropped from the lwresd init script it conflicts with a running bind * Mon Mar 07 2005 - ug@suse.de - lwresd init script "status" changed. rndc is not used anymore * Wed Feb 16 2005 - ug@suse.de - lwresd name string changed (just beautify) * Fri Feb 04 2005 - ug@suse.de - changed the "insserv" behaviour on updates - fixed empty lwresd.conf file in chroot env. * Thu Feb 03 2005 - ug@suse.de - empty lwresd.conf file fix (Bug #49081) - lwresd is on by default now during boot * Fri Jan 21 2005 - ug@suse.de - sdb-ldap activated (ldapdb.c version from 16.01.2005) - fixed security problem bug #49927 - remote denial-of-service An incorrect assumption in the validator (authvalidated) can result in a REQUIRE (internal consistancy) test failing and named exiting. * Tue Nov 30 2004 - ug@suse.de - fixed #48659 "rclwresd status" answered with OKAY even if only bind was running "rcnamed status" answered with OKAY even if only lwresd was running * Fri Nov 19 2004 - ug@suse.de - SLP support via /etc/slp.reg.d/bind.reg file added * Thu Nov 04 2004 - ug@suse.de - version update to 9.3.0 - ldapdump script bug fixed (#44452) - dnssec-makekeyset and dnssec-signkey activated in Makefile of bin/dnssec/ * Wed Oct 13 2004 - lmuelle@suse.de - Add condrestart to the named init script and use same code as in skeleton to restart. - Enhance check if named or lwresd are still running if the init script is called with stop. * Mon Sep 27 2004 - lmuelle@suse.de - Update to version 9.2.4. - Use defines for named user and group settings. - Add PreReq groupadd and useradd to the chrootenv and lwresd package, [#46050]. - Ensure to remove temp sysconfig file in %%post. - Remove warning from createNamedConfInclude script if a file is already included in /etc/named.conf as we take care of such include statements in the named init script anyway. - Remove NAMED_CONF_INCLUDE_FILES fillup from include statements of /etc/named.conf in the %%post of the bind package by the same reason. * Sat Sep 18 2004 - lmuelle@suse.de - Add all filenames from include statements of named.conf to NAMED_CONF_INCLUDE_FILES in the named init script, [#40610]. * Thu Sep 16 2004 - lmuelle@suse.de - Add $remote_fs to Required-Start and Required-Stop of lwresd init script. - Add Provides: dns_daemon to the lwresd package. - Remove $time from Should-Start and Should-Stop, [#45433]. * Wed Sep 15 2004 - lmuelle@suse.de - Remove conflicts from bind and bind-lwrewsd package, [#45335]. - Use rndc in lwresd init script if rndc is available. * Thu Sep 09 2004 - lmuelle@suse.de - Create /etc/rndc.key if bind-lwresd is installed and we install bind-utils or if bind-utils is installed and we install bind-lwresd. - Use 0644 instead of 0640 for the named.conf file. - Split bind-doc from bind-utils. - Use one sysconfig file for lwresd and named. - Split common named and lwresd sysconfig settings from them unique to named. - Rename lwres to bind-lwresd and lwres-devel to bind-libs. - Ensure to create user and group 'named' in the %%pre of bind-lwresd and bind-chrootenv. * Tue Sep 07 2004 - lmuelle@suse.de - Remove %%run_ldconfig from %%post of the bind package. - Move vendor files to an own tar ball. - Create new sub packages lwres, lwres-devel, and bind-chrootenv, [#44711]. - Use new update message mechanism, [#44344]. * Sun Jun 20 2004 - lmuelle@suse.de - Quote definition of NOM_PATH_FILE in configure.in. * Mon May 31 2004 - lmuelle@suse.de - Add BIND.desktop file for SuSEhelp. * Wed May 19 2004 - lmuelle@suse.de - Add -d, directroy option to genDDNSkey [#40786]. - Update ldapdump to version 1.1. This Version has better keyfile checks and throws an error message if a keyfile can't be found, instead of just barfing perl errors. * Wed May 12 2004 - lmuelle@suse.de - Update ldapdump; don't use .zone suffix for zone files. * Wed Apr 28 2004 - lmuelle@suse.de - Add /etc/openldap/schema/dnszone.schema to the bind-utils package. - Add /usr/share/bind/ldapdump to the bind package. - Add idnkit programs and libraries. - Add idn patches for dig, host, and nslookup. - Ensure to call functions initializeNamed, checkAndCopyConfigFiles, and namedCheckConf in the named init script only one time. Let namedCheckConf check the configuration inside the chroot. - Check all configuration files in named init script while called with probe. - Add NAMED_INITIALIZE_SCRIPTS to sysconfig.named. This allows to call arbitrary scripts before named is started, restarted, or reloaded. Therewith it's also possible to disable createNamedConfInclude entirely. - createNamedConfInclude always overwrite .SuSEconfig file [#33768]. - Rename SuSEconfig.named to createNamedConfInclude and move it to /usr/share/bind. * Sat Mar 13 2004 - schwab@suse.de - Fix path to docs in sample named.conf. * Tue Feb 24 2004 - poeml@suse.de - add genDDNSkey to bind-utils (formerly in dhcp-server package) - allow --keyfile and --keyname to be used with genDDNSkey, and allow using /dev/urandom to avoid blocking - in the init script, use rndc (if possible) in order to shut down, so named will flush pending changes to dynamical zones - when restarting named, make sure it is stopped before trying to start it again [#34937] - update root zone (dated Jan 29, 2004) * Thu Feb 12 2004 - kukuk@suse.de - Fix group of named.conf.include in filelist - Build with -fno-strict-aliasing * Wed Oct 15 2003 - lmuelle@suse.de - update to version 9.2.3; includes the new zone type "delegation-only" to foil Verisign's sitefinder games - move root.hint to an extra source file, named.root - use /etc/named.d and /var/lib/named/master directory in the example configuration from the sample-config directory - supress superfluous warning in SuSEconfig.named if /etc/named.conf.include is empty - create /etc/rndc.key in the init script if it's missing - call namedCheckConf after checkAndCopyConfigFiles to allow us to start named after checkAndCopyConfigFiles fixed a problem - call SuSEconfig -module named not direct in the init script - add norootforbuild to the spec file - set owner of /etc/named.d and /etc/named.d/rndc-access.conf to root: - add additional x while testing strings in the init script - always include /etc/rndc.key in rndc-access.conf - remove absolet stdtime.diff - remove ip6rev.diff, as one part is included upstream and the other isn't possible any longer * Wed Oct 08 2003 - schwab@suse.de - Fix typo in last change. * Mon Sep 29 2003 - kukuk@suse.de - Create named.conf.include if it does not exist [Bug #31683] - Don't add rndc-access.conf at update [Bug #31696] * Fri Sep 19 2003 - kukuk@suse.de - Fix all useradd calls * Mon Sep 15 2003 - kukuk@suse.de - Fix Requires and Provides [Bug #30717] * Fri Aug 29 2003 - kukuk@suse.de - Call useradd with -r for system accounts [Bug #29611] * Thu Aug 28 2003 - lmuelle@suse.de - call sbin/SuSEconfig --module named and not directly the script in the %%post section - check if rndc is accessible in the init script * Tue Aug 26 2003 - lmuelle@suse.de - add Config: syslog-ng to sysconfig.syslog-named * Sat Aug 23 2003 - lmuelle@suse.de - add NAMED_ARGS to sysconfig.named - use -r /dev/urandom while calling rndc-confgen in the post section * Thu Aug 21 2003 - lmuelle@suse.de - rename package from bind9 to bind - add stop_on_removal and restart_on_update macros to preun and postun section fix bug #29048 - add default /etc/named.d/rndc-access.conf - add SuSEconfig.named - add all included files to NAMED_CONF_INCLUDE_FILES of /etc/sysconfig/named while update if NAMED_CONF_INCLUDE_FILES is empty - add additional sysconfig meta data - remove -u from the copy in prepare_chroot() of the init script due to the rist of a wrong system time - unify init scripts; add one space at the end to all echos - document new features in the README.{SuSE,UnitedLinux} - fix bug #28585 * Mon May 26 2003 - lmuelle@suse.de - add -u to copy in prepare_chroot() of the init script, #25687 - fix output format in init script * Fri Apr 11 2003 - mludvig@suse.cz - Make nibble queries instead of bitstring ones for IPv6 addresses. - Differentiate between 6bone (3ffe::/16, .ip6.int) and other addresses (!3ffe::/16, ip6.arpa). * Wed Mar 12 2003 - lmuelle@suse.de - fix try-restart part of init skript - set PATH to "/sbin:/usr/sbin:/bin:/usr/bin", #21295 * Mon Mar 10 2003 - lmuelle@suse.de - remove %%ghost from /var/lib/named/var/log * Mon Mar 10 2003 - lmuelle@suse.de - add null logging for lame-servers to logging example in named.conf - fix file section - change /var/run/named to a sym link pointing to /var/lib/named/var/run/named, [#24768] * Wed Mar 05 2003 - lmuelle@suse.de - remove empty.zone due to possibility of CIDR addressing - remove rndc.conf; rndc also uses rndc.key, fix bug #17751 - create rndc.key with 512bit sized key in %%post - remove %%pre of utils package - create additional sub directories log, dyn and master in /var/lib/named - add a non active logging example to named.conf * Tue Mar 04 2003 - lmuelle@suse.de - update to version 9.2.2; maintenance/ bugfix release * Sat Mar 01 2003 - ro@suse.de - also create named user/group in utils preinstall * Thu Feb 27 2003 - ro@suse.de - create named user/group in preinstall and install * Thu Feb 27 2003 - lmuelle@suse.de - set /etc/named.conf to root:named and 0640 - add an example to additional info mail for dynamic updates - add more information to the README - add sysconfig file for chroot jail; default is yes - add chroot features to init script for start and reload * Mon Feb 24 2003 - lmuelle@suse.de - add separate binaries to PreReq - add --localstatedir=/var to configure call - add and autocreate /etc/rndc.{conf,key} - move rndc binaries and man pages to utils package - fix %%post in case of update - set ownership of /var/lib/named to root: - add a README - fix init script to return correspondig message to checkproc return code - remove umlauts from %%post mail - add additional info mail about ownership of /var/lib/named if journal files are used * Mon Feb 17 2003 - lmuelle@suse.de - update bind9 to version 9.2.1 - move /var/named to /var/lib/named - remove obsolete patches (bison, ltconfig_ppc64, manpages, security) * Wed Nov 13 2002 - ro@suse.de - fix build with current bison (end all rules with ";") * Sat Sep 07 2002 - kukuk@suse.de - Fix running bind9 as user named [Bug #18417] * Mon Aug 19 2002 - ro@suse.de - added prereqs (#17807) * Mon Aug 19 2002 - okir@suse.de - Added patch to make named run as non-root user - added "-u named" option to init script invocation of named * Sun Jul 28 2002 - kukuk@suse.de - Remove yacc from neededforbuild * Sat Jul 27 2002 - adrian@suse.de - add %%run_ldconfig * Mon Jul 22 2002 - kukuk@suse.de - Move .so symlinks to devel package - Move liblwres shared library to utils package - make lib64 clean * Wed Jul 10 2002 - olh@suse.de - hack ltconfig for ppc64 to build shared libs * Wed Jul 10 2002 - draht@suse.de - move /usr/bin/nsupdate to bindutil (#16944) * Mon Jun 03 2002 - okir@suse.de - Applied security fix for remote DoS (CERT VU#739123) * Fri Dec 14 2001 - ro@suse.de - removed START_NAMED * Wed Sep 05 2001 - pthomas@suse.de - Fix incorrect .so references in lwres manpages. * Sun Aug 12 2001 - kukuk@suse.de - Fix path to perl interpreter * Wed Jul 04 2001 - bodammer@suse.de - Update to bind-9.1.3 (release) - Config-files moved away from bind-9.1.3.dif * Mon Jul 02 2001 - bodammer@suse.de - update to bind-9.1.3rc3 - "Implicit declaration of function time" in context.c fixed * Mon Jun 25 2001 - bodammer@suse.de - update to bind-9.1.3rc2 * Tue May 29 2001 - bodammer@suse.de - update to bind-9.1.3rc1 * Thu May 10 2001 - bodammer@suse.de - initscript fix: don't start bind in runlevel 2 [bug #7956] * Tue May 08 2001 - mfabian@suse.de - bzip2 sources * Tue May 08 2001 - bodammer@suse.de - install a new named.conf with comments * Mon May 07 2001 - bodammer@suse.de - update to bind-9.1.2 (release) * Tue Apr 24 2001 - bodammer@suse.de - little modification to named.conf * Thu Mar 29 2001 - bodammer@suse.de - update to bind-9.1.1 (release) * Tue Mar 27 2001 - bodammer@suse.de - update to bind-9.1.1rc7 * Fri Mar 23 2001 - bodammer@suse.de - update to bind-9.1.1rc6 * Thu Mar 15 2001 - bodammer@suse.de - update to bind-9.1.1rc5 - new initscript more LSB conform * Mon Mar 12 2001 - bodammer@suse.de - update to bind-9.1.1rc4 * Tue Feb 27 2001 - bodammer@suse.de - initscript fix: now checks for a running named * Tue Feb 27 2001 - bodammer@suse.de - update to bind-9.1.1rc3 * Thu Feb 15 2001 - sf@suse.de - added suse_update_config * Wed Feb 14 2001 - bodammer@suse.de - update to bind-9.1.1rc2 * Mon Feb 12 2001 - bodammer@suse.de - subpackages bind9-util and bind9-devel created * Thu Feb 08 2001 - bodammer@suse.de - update to bind-9.1.1rc1 - missing headerfile included in stdtime.c * Thu Jan 18 2001 - bodammer@suse.de - update to bind-9.1.0 * Tue Nov 28 2000 - bodammer@suse.de - Fix location of rcscript * Thu Nov 23 2000 - ro@suse.de - added insserv calls * Thu Nov 23 2000 - bodammer@suse.de - rcscript update * Mon Nov 13 2000 - bodammer@suse.de - update to bind-9.0.1 * Fri Oct 06 2000 - kukuk@suse.de - change group tag * Mon Sep 18 2000 - bodammer@suse.de - update to bind-9.0.0 ( first release version ) * Wed Aug 30 2000 - bodammer@suse.de - update to bind-9.0.0rc5 * Wed Aug 16 2000 - bodammer@suse.de - update to bind-9.0.0rc3 * Thu Aug 10 2000 - bodammer@suse.de - update to bind-9.0.0rc2 - nslookup renamed to nslookup9 * Thu Jul 13 2000 - bodammer@suse.de - update to bind-9.0.0rc1 (release candidate) * Mon Jul 03 2000 - bodammer@suse.de - update to bind-9.0.0b5 - host renamed to host9 * Fri Jun 16 2000 - bodammer@suse.de - update to bind-9.0.0b4 * Thu May 25 2000 - bodammer@suse.de - dig renamed to dig9 to avoid conflicts with dig from bindutil - libtool-fix added - option -f added to suse_update_config-macro * Wed May 24 2000 - bodammer@suse.de - update to bind-9.0.0b3 - configure option added to build shared libraries * Mon May 15 2000 - schwab@suse.de - Update config files. - Fix 64-bit bug. * Fri May 12 2000 - bodammer@suse.de - update to bind9-snap-20000510 * Tue May 02 2000 - bodammer@suse.de - update to bind9-snap-20000427a * Wed Apr 19 2000 - bodammer@suse.de - update to bind9-snap-20000414 * Tue Mar 28 2000 - bodammer@suse.de - update to bind-9.0.0b2 * Mon Feb 07 2000 - bodammer@suse.de - first public beta version bind-9.0.0b1