Dirk Mueller
067293717f
- Update to 2.81: * Improve cache behaviour for TCP connections * Remove the NO_FORK compile-time option, and support for uclinux * Fix line-counting when reading /etc/hosts and friends * Fix bug in DNS non-terminal code, added in 2.80, which could sometimes cause a NODATA rather than an NXDOMAIN reply. * Support TCP-fastopen (RFC-7413) on both incoming and outgoing TCP connections, if supported and enabled in the OS. * Improve kernel-capability manipulation code under Linux * Add --shared-network config. This enables allocation of addresses by the DHCP server in subnets where the server (or relay) does not have an interface on the network in that subnet. Many thanks to kamp.de for sponsoring this feature. * Fix broken contrib/lease_tools/dhcp_lease_time.c. A packet validation check got borked in commit 2b38e382 and release 2.80. Thanks to Tomasz Szajner for spotting this. * Fix compilation against nettle version 3.5 and later. * Fix spurious DNSSEC validation failures when the auth section of a reply contains unsigned RRs from a signed zone, with the exception that NSEC and NSEC3 RRs must always be signed. Thanks to Tore Anderson for spotting and diagnosing the bug. * Add --dhcp-ignore-clid. This disables reading of DHCP client identifier option (option 61), so clients are only identified by MAC addresses. * Fix a bug which stopped --dhcp-name-match from working when a hostname is supplied in --dhcp-host. Thanks to James Feeney for spotting this. * Fix bug which caused very rarely caused zero-length DHCPv6 packets. Thanks to Dereck Higgins for spotting this. * Add --tftp-single-port option. * Enhance --conf-dir to load files in a deterministic order * Add filtering by tag of --dhcp-host directives * Remove DSA signature verification from DNSSEC, as specified in RFC 8624 * Add --script-on-renewal option. - Remove Fix-build-with-libnettle-3.5.patch - Remove 0001-fix-build-after-y2038-changes-in-glibc.patch - Remove dnsmasq-CVE-2019-14834.patch OBS-URL: https://build.opensuse.org/request/show/800348 OBS-URL: https://build.opensuse.org/package/show/network/dnsmasq?expand=0&rev=122
206 lines
7.1 KiB
RPMSpec
206 lines
7.1 KiB
RPMSpec
#
|
|
# spec file for package dnsmasq
|
|
#
|
|
# Copyright (c) 2020 SUSE LLC
|
|
#
|
|
# All modifications and additions to the file contributed by third parties
|
|
# remain the property of their copyright owners, unless otherwise agreed
|
|
# upon. The license for this file, and modifications and additions to the
|
|
# file, is the same license as for the pristine package itself (unless the
|
|
# license for the pristine package is not an Open Source License, in which
|
|
# case the license is the MIT License). An "Open Source License" is a
|
|
# license that conforms to the Open Source Definition (Version 1.9)
|
|
# published by the Open Source Initiative.
|
|
|
|
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
|
#
|
|
|
|
|
|
%if 0%{?suse_version} < 1550
|
|
%bcond_with tftp_user_package
|
|
%else
|
|
%bcond_without tftp_user_package
|
|
%endif
|
|
|
|
Name: dnsmasq
|
|
Summary: DNS Forwarder and DHCP Server
|
|
License: GPL-2.0-only OR GPL-3.0-only
|
|
Group: Productivity/Networking/DNS/Servers
|
|
Version: 2.81
|
|
Release: 0
|
|
Provides: dns_daemon
|
|
URL: http://www.thekelleys.org.uk/dnsmasq/
|
|
Source0: http://www.thekelleys.org.uk/%{name}/%{name}-%{version}.tar.xz
|
|
Source1: http://www.thekelleys.org.uk/%{name}/%{name}-%{version}.tar.xz.asc
|
|
Source2: %{name}.keyring
|
|
Source3: dnsmasq.reg
|
|
Source4: dnsmasq.service
|
|
Source5: rc.dnsmasq-suse
|
|
Source8: %{name}-rpmlintrc
|
|
Patch0: dnsmasq-groups.patch
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
|
BuildRequires: dbus-1-devel
|
|
BuildRequires: dos2unix
|
|
BuildRequires: libidn2-devel
|
|
BuildRequires: libnettle-devel
|
|
BuildRequires: lua-devel
|
|
BuildRequires: pkg-config
|
|
BuildRequires: pkgconfig(libnetfilter_conntrack)
|
|
BuildRequires: pkgconfig(systemd)
|
|
Requires(pre): group(nogroup)
|
|
%if %{with tftp_user_package}
|
|
Requires(pre): user(tftp)
|
|
%else
|
|
Requires(pre): /usr/sbin/useradd
|
|
%endif
|
|
|
|
%description
|
|
Dnsmasq provides network infrastructure for small networks: DNS,
|
|
DHCP, router advertisement and network boot.
|
|
|
|
The DNS subsystem supprots forwarding of all query types, and caching
|
|
of common record types, DNSSEC included. The DHCP subsystem supports
|
|
DHCPv4, DHCPv6, BOOTP and PXE. RA can be used stand-alone or in
|
|
conjunction with DHCPv6.
|
|
|
|
%package utils
|
|
Summary: Utilities for manipulating DHCP server leases
|
|
Group: Productivity/Networking/DNS/Servers
|
|
|
|
%description utils
|
|
Utilities that use the standard DHCP protocol to query/remove a DHCP
|
|
server's leases.
|
|
|
|
%prep
|
|
%setup -q
|
|
%patch0
|
|
|
|
# Remove the executable bit from python example files to
|
|
# avoid unwanted automatic dependencies
|
|
find contrib -name *.py -exec chmod a-x '{}' +
|
|
|
|
# Some docs have the DOS line ends
|
|
dos2unix contrib/systemd/dbus_activation
|
|
|
|
# SED-FIX-UPSTREAM -- Fix paths
|
|
sed -i -e 's|\(PREFIX *= *\)/usr/local|\1/usr|;
|
|
s|$(LDFLAGS)|$(CFLAGS) $(LDFLAGS)|' \
|
|
Makefile
|
|
|
|
# use lua5.3 instead of lua5.2
|
|
sed -i -e 's|lua5.2|lua5.3|' Makefile
|
|
|
|
# SED-FIX-UPSTREAM -- Fix man page
|
|
sed -i -e 's|The default is "dip",|The default is "nogroup",|' \
|
|
man/dnsmasq.8
|
|
|
|
# SED-FIX-UPSTREAM -- Fix cachesize, group and user
|
|
sed -i -e 's|CACHESIZ 150|CACHESIZ 2000|;
|
|
s|CHUSER "nobody"|CHUSER "dnsmasq"|;
|
|
s|CHGRP "dip"|CHGRP "nogroup"|' \
|
|
src/config.h
|
|
|
|
# Fix trust-anchor.conf location and include /etc/dnsmasq.d/*.conf by default
|
|
sed -i -e '/trust-anchors.conf/c\#conf-file=/etc/dnsmasq.d/trust-anchors.conf' \
|
|
-e '/conf-dir=.*conf/s/^\#//' \
|
|
dnsmasq.conf.example
|
|
|
|
%build
|
|
mv po/no.po po/nb.po
|
|
export CFLAGS="%optflags -std=gnu99 -fPIC -DPIC -fpie"
|
|
export LDFLAGS="-Wl,-z,relro,-z,now -pie"
|
|
# the dnsmasq make system hashes the configuration flags, so we have to supply the
|
|
# same flags for make and make install, else everything gets recompiled
|
|
%define _copts "-DHAVE_DBUS -DHAVE_CONNTRACK -DHAVE_LIBIDN2 -DHAVE_DNSSEC -DHAVE_LUASCRIPT"
|
|
make %{?_smp_mflags} AWK=gawk all-i18n CFLAGS="$CFLAGS" LDFLAGS="$LDFLAGS" COPTS=%{_copts}
|
|
|
|
%pre
|
|
%if %{without tftp_user_package}
|
|
if ! /usr/bin/getent group tftp >/dev/null; then
|
|
%{_sbindir}/groupadd -r tftp
|
|
fi
|
|
if ! /usr/bin/getent passwd tftp >/dev/null; then
|
|
%{_sbindir}/useradd -c "TFTP account" -d /srv/tftpboot -G tftp -g tftp \
|
|
-r -s /bin/false tftp
|
|
fi
|
|
%endif
|
|
if ! /usr/bin/getent passwd dnsmasq >/dev/null; then
|
|
/usr/sbin/useradd -r -d /var/lib/empty -s /bin/false -c "dnsmasq" -g nogroup -G tftp dnsmasq
|
|
fi
|
|
|
|
%service_add_pre %{name}.service
|
|
|
|
%post
|
|
%service_add_post %{name}.service
|
|
# reload dbus after install or upgrade to apply new policies
|
|
if [ -z "${TRANSACTIONAL_UPDATE}" -a -x /usr/bin/systemctl ]; then
|
|
/usr/bin/systemctl reload dbus.service 2>/dev/null || :
|
|
fi
|
|
|
|
%preun
|
|
%service_del_preun %{name}.service
|
|
|
|
%postun
|
|
%service_del_postun %{name}.service
|
|
# reload dbus after uninstall, our policies are gone again
|
|
if [ $1 -eq 0 -a -z "${TRANSACTIONAL_UPDATE}" \
|
|
-a -x /usr/bin/systemctl ]; then
|
|
/usr/bin/systemctl reload dbus.service 2>/dev/null || :
|
|
fi
|
|
|
|
%install
|
|
make install-i18n DESTDIR=%{buildroot} PREFIX=/usr AWK=gawk COPTS=%{_copts}
|
|
install -d -m 755 %{buildroot}/%{_sysconfdir}/slp.reg.d
|
|
install -m 644 dnsmasq.conf.example %{buildroot}/%{_sysconfdir}/dnsmasq.conf
|
|
install -m 644 %SOURCE3 %{buildroot}/%{_sysconfdir}/slp.reg.d/
|
|
install -d 755 %{buildroot}/etc/dbus-1/system.d/
|
|
install -m 644 dbus/dnsmasq.conf %{buildroot}/etc/dbus-1/system.d/dnsmasq.conf
|
|
install -D -m 0644 %SOURCE4 %{buildroot}%{_unitdir}/dnsmasq.service
|
|
%if %{without tftp_user_package}
|
|
install -d -m 0755 %{buildroot}/srv/tftpboot
|
|
%endif
|
|
ln -sf %{_sbindir}/service %{buildroot}/usr/sbin/rcdnsmasq
|
|
install -d -m 755 %{buildroot}/%{_sysconfdir}/dnsmasq.d
|
|
install -m 644 trust-anchors.conf %{buildroot}/%{_sysconfdir}/dnsmasq.d/trust-anchors.conf
|
|
|
|
# utils subpackage
|
|
mkdir -p %{buildroot}/%{_bindir} %{buildroot}/%{_mandir}/man1
|
|
make -C contrib/lease-tools %{?_smp_mflags}
|
|
install -m 755 contrib/lease-tools/dhcp_release %{buildroot}/%{_bindir}/dhcp_release
|
|
install -m 644 contrib/lease-tools/dhcp_release.1 %{buildroot}/%{_mandir}/man1/dhcp_release.1
|
|
install -m 755 contrib/lease-tools/dhcp_release6 %{buildroot}/%{_bindir}/dhcp_release6
|
|
install -m 644 contrib/lease-tools/dhcp_release6.1 %{buildroot}/%{_mandir}/man1/dhcp_release6.1
|
|
install -m 755 contrib/lease-tools/dhcp_lease_time %{buildroot}/%{_bindir}/dhcp_lease_time
|
|
install -m 644 contrib/lease-tools/dhcp_lease_time.1 %{buildroot}/%{_mandir}/man1/dhcp_lease_time.1
|
|
make -C contrib/lease-tools clean
|
|
rm -rf contrib/Suse
|
|
rm -rf contrib/Solaris10
|
|
rm -rf contrib/dnsmasq_MacOSX-pre10.4
|
|
rm -rf contrib/slackware-dnsmasq
|
|
rm -rf contrib/MacOSX-launchd
|
|
|
|
%find_lang %{name} --with-man
|
|
|
|
%files -f %{name}.lang
|
|
%license COPYING COPYING-v3
|
|
%doc CHANGELOG FAQ doc.html setup.html dnsmasq.conf.example contrib dbus
|
|
%config(noreplace) %{_sysconfdir}/dnsmasq.conf
|
|
%{_sbindir}/dnsmasq
|
|
%{_sbindir}/rcdnsmasq
|
|
%dir %{_sysconfdir}/slp.reg.d/
|
|
%config %attr(0644,root,root) /%{_sysconfdir}/slp.reg.d/dnsmasq.reg
|
|
%{_mandir}/man8/dnsmasq.8.gz
|
|
%config(noreplace) /etc/dbus-1/system.d/dnsmasq.conf
|
|
%{_unitdir}/dnsmasq.service
|
|
%dir %{_sysconfdir}/dnsmasq.d
|
|
%config(noreplace) %{_sysconfdir}/dnsmasq.d/trust-anchors.conf
|
|
%if %{without tftp_user_package}
|
|
%dir %attr(0755,tftp,tftp) /srv/tftpboot
|
|
%endif
|
|
|
|
%files utils
|
|
%{_bindir}/dhcp_*
|
|
%{_mandir}/man1/dhcp_*
|
|
|
|
%changelog
|