Accepting request 435127 from home:adamm:branches:server:dns
- fix tmpfiles-nsd.conf to point to /run instead of /var/run - add nsd-rpmlintrc to not display some bogus errors - put log files into /var/log/nsd/ - put sample config in documentation directory - update to 4.1.13 - FEATURES - multi-master-check: yes can be used to check all masters for the last version, using the higher version from the configured masters - Support RR type OPENPGPKEY from RFC 7929. - Can config key algorithms with the digest name, eg. 'sha256'. - configure --disable-radix-tree for about 15% lower memory usage. - for type SRV add A/AAAA to the additional section (if possible), just like we already do for type MX. - more extensible edns option handling. - When tcp is more than half full, use short timeout for tcp session. - Patch for {max,min}-{refresh,retry}-time - Fix #790: size-limit-xfr can stop NSD from downloading infinite zone transfer data size, from Toshifumi Sakaguchi. Fixes CVE-2016-6173f - BUGFIXES - Fix compile warnings about unused result from write and strtol. and signcompare in minmax retrytime. - Fix #812: fix that make depend fails after distribution. - Fix #817: xfrd update failed loop. - Add robustness against unallocated data in nsec3 trees. - Fix README spelling error of BSD license - Fix multimaster for not tried full zone transfer for a OBS-URL: https://build.opensuse.org/request/show/435127 OBS-URL: https://build.opensuse.org/package/show/server:dns/nsd?expand=0&rev=27
This commit is contained in:
parent
e0e23724fb
commit
b9ec3da843
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:3a757014046752a0b0b11c1a2e22a36bb796f89f6939147ed3226556b4298727
|
||||
size 1075892
|
@ -1,17 +0,0 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
Version: GnuPG v1
|
||||
|
||||
iQIcBAABAgAGBQJXX/YJAAoJEJ9vHC1+BF+N4FsP/1P5FHe23x2USPNSgjRMfb+G
|
||||
dPr8xkngUzZ5NPAH3LjQmPODV5FyWDCCRPB0LQzjiDZm4rVq1z+o4oGxjOxfWBwl
|
||||
KZwWhxyoIfLBs3/Sz3PZ+jaOFWrIuYyOXeBXHc8vH6jfpvBd/ZtmMz3m9rK1M4WE
|
||||
TAHY9Y8R10AJbSLD9A+DGcrN87zT8z5s9DnI2utgTRS+0VJNr5daXVLI9IqAYRx1
|
||||
pe1sZs+1tLtu/KFW6ytkCuHoAuGnN0Y8eBYxde7kMGy0fDiRSk3Hwr3hDIsq83nR
|
||||
LgWNCofTq7GKLzag/4ULDzkctkOwAjGvvID3/rBBp0nZFex4uJ2p7XVqgVNNPIbh
|
||||
EXGDpz6K6M3QEqeetW8/9MJ1vAunTzqRp1phqY2+CYrSRKzSPKsl5Zi/gK4i74q4
|
||||
cg7KBiJAtm6x/Encf7WHIS0fuuKg0++cz0Jo+EEUmja0QJhFeI1ncIDF+7KEP9lN
|
||||
M0E6p59u6xr1h46teOC5n5HGmmt1TkEW4MSr0WvvBDJHC7rogLYrESwwcw/jGAin
|
||||
ZCMzPuKosE9hLEbWgSgy/IyfXSaU3JvgUN/J4HIRZt0h3okPnrS2McwdYx5sjRqr
|
||||
hkahA2tYGVinNj7n5HHYio6rUQirR7YrpaBqkiNmaW/PU0klYvV1cUQKl+vAL7s3
|
||||
xjrIAUNsLb24cSJbjGGf
|
||||
=E4/n
|
||||
-----END PGP SIGNATURE-----
|
3
nsd-4.1.13.tar.gz
Normal file
3
nsd-4.1.13.tar.gz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:c45cd4ba2101a027e133b2be44db9378e27602e05f09a5ef25019e1ae45291af
|
||||
size 1085701
|
16
nsd-4.1.13.tar.gz.asc
Normal file
16
nsd-4.1.13.tar.gz.asc
Normal file
@ -0,0 +1,16 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIcBAABAgAGBQJX6ieOAAoJEJ9vHC1+BF+N0fwQALDKHw6BmJ4NcPSoPDIurzEC
|
||||
4y3oOdUMXZN1/0qw7UUh3/0y4eQkmRd6MRqlkU9DdJAaZGFy119GVj5b5aaxG/hT
|
||||
Qs3wgh6F5KCJyL64+EYAwtvViLRzFCM5QCpWCOPZUjvCEhj3C1wLNjEodmBX76iR
|
||||
L5kcbW1RwBUgyVv+H1DS92vsB3gNz27vncw+7ZxDKflr0KxYjR6Xw8lGBFmZb/O+
|
||||
uaVWvFRhQzw5dvC5ldorb9mKpPekAuFACaH0X+3SUFHRTagzBSnMCg8bBKqLz+nX
|
||||
KgA7D4DOKYFMWN/g+wlsf14LDmhbxfNnAHg6gyrG9CjkP8T0VPdDreIDlZSfC6v3
|
||||
4zq5Fau6cDCvat65OhCHMSenRI0rpryAXeKA3+2NnCQFaqg8kvq/UdZDq6HT/+bM
|
||||
TTnGuJp8qoOu0piuTI1IHiHqfwY0jSIwQWUn5ofesWNjn5TDGIEx1NQ6ROsr03tx
|
||||
lJnW02h7A8OO8oREvgv1u5XX1IbUPTwyyf0STspxCTQxUKkVSjXa6pmEjhnZiAIB
|
||||
qZIX7YhAlSO3XS5BI701cPvRbc+Y71VayN8ZBhtUFx7rrjU9ZSTFTx4UuQ8xEP37
|
||||
+Lob8QtPFZeI6lsCmTCZ//ILMgbyQsbgsSz/4bcnJB9CA21sPTSpEGJMeyOpWVsL
|
||||
lHotrAEv8pqgPeWFXObg
|
||||
=goPn
|
||||
-----END PGP SIGNATURE-----
|
22
nsd-rpmlintrc
Normal file
22
nsd-rpmlintrc
Normal file
@ -0,0 +1,22 @@
|
||||
# failed check. chroot immediately follows chdir
|
||||
addFilter("W: missing-call-to-chdir-with-chroot /usr/sbin/nsd")
|
||||
|
||||
# We create our group/user
|
||||
addFilter("W: non-standard-uid /var/lib/nsd/nsd.db nsd")
|
||||
addFilter("W: non-standard-uid /var/log/nsd nsd")
|
||||
addFilter("W: non-standard-uid /var/log/nsd/nsd.log nsd")
|
||||
addFilter("W: non-standard-uid /var/lib/nsd/xfrd.state nsd")
|
||||
addFilter("W: non-standard-uid /var/lib/nsd nsd")
|
||||
addFilter("W: non-standard-uid /var/lib/nsd/ixfr.db nsd")
|
||||
addFilter("W: non-standard-gid /var/lib/nsd/nsd.db nsd")
|
||||
addFilter("W: non-standard-gid /var/log/nsd nsd")
|
||||
addFilter("W: non-standard-gid /etc/nsd nsd")
|
||||
addFilter("W: non-standard-gid /var/log/nsd/nsd.log nsd")
|
||||
addFilter("W: non-standard-gid /etc/nsd/nsd.conf.sample nsd")
|
||||
addFilter("W: non-standard-gid /etc/nsd/nsd.conf nsd")
|
||||
addFilter("W: non-standard-gid /var/lib/nsd/xfrd.state nsd")
|
||||
addFilter("W: non-standard-gid /var/lib/nsd nsd")
|
||||
addFilter("W: non-standard-gid /var/lib/nsd/ixfr.db nsd")
|
||||
|
||||
addFilter("W: non-standard-gid /run/nsd nsd")
|
||||
addFilter("W: non-standard-uid /run/nsd nsd")
|
44
nsd.changes
44
nsd.changes
@ -1,3 +1,47 @@
|
||||
-------------------------------------------------------------------
|
||||
Tue Oct 11 11:36:47 UTC 2016 - adam.majer@suse.de
|
||||
|
||||
- fix tmpfiles-nsd.conf to point to /run instead of /var/run
|
||||
- add nsd-rpmlintrc to not display some bogus errors
|
||||
- put log files into /var/log/nsd/
|
||||
- put sample config in documentation directory
|
||||
- update to 4.1.13
|
||||
- FEATURES
|
||||
- multi-master-check: yes can be used to check all masters for
|
||||
the last version, using the higher version from the
|
||||
configured masters
|
||||
- Support RR type OPENPGPKEY from RFC 7929.
|
||||
- Can config key algorithms with the digest name, eg. 'sha256'.
|
||||
- configure --disable-radix-tree for about 15% lower memory
|
||||
usage.
|
||||
- for type SRV add A/AAAA to the additional section (if
|
||||
possible), just like we already do for type MX.
|
||||
- more extensible edns option handling.
|
||||
- When tcp is more than half full, use short timeout for tcp
|
||||
session.
|
||||
- Patch for {max,min}-{refresh,retry}-time
|
||||
- Fix #790: size-limit-xfr can stop NSD from downloading
|
||||
infinite zone transfer data size, from Toshifumi Sakaguchi.
|
||||
Fixes CVE-2016-6173f
|
||||
|
||||
- BUGFIXES
|
||||
- Fix compile warnings about unused result from write and
|
||||
strtol. and signcompare in minmax retrytime.
|
||||
- Fix #812: fix that make depend fails after distribution.
|
||||
- Fix #817: xfrd update failed loop.
|
||||
- Add robustness against unallocated data in nsec3 trees.
|
||||
- Fix README spelling error of BSD license
|
||||
- Fix multimaster for not tried full zone transfer for a
|
||||
expired zone.
|
||||
- Fix #827: fix compile with openssl 1.1.0 with api=1.1.0.
|
||||
- Fix malformed edns query assertion failure
|
||||
- Fix build without IPv6, patch from Zdenek Kaspar.
|
||||
- Fix #783: Trying to run a root server without having
|
||||
configured it silently gives wrong answers.
|
||||
- Fix #782: Serve DS record but parent zone has no NS record.
|
||||
- Fix nsec3 missing for nsec3 signed parent and child for DS at
|
||||
zonecut.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Aug 8 13:10:49 UTC 2016 - adam.majer@suse.de
|
||||
|
||||
|
29
nsd.spec
29
nsd.spec
@ -20,7 +20,7 @@
|
||||
%{!?_tmpfilesdir:%global _tmpfilesdir /usr/lib/tmpfiles.d}
|
||||
|
||||
Name: nsd
|
||||
Version: 4.1.10
|
||||
Version: 4.1.13
|
||||
Release: 0
|
||||
#
|
||||
License: BSD-3-Clause
|
||||
@ -71,7 +71,7 @@ export LDFLAGS="${LDFLAGS} -pie -Wl,-z,relro,-z,now"
|
||||
--with-dbfile=%{home}/nsd.db \
|
||||
--with-xfrdfile=%{home}/xfrd.state \
|
||||
--with-pidfile=%{pidfile} \
|
||||
--with-logfile=/var/log/nsd.log \
|
||||
--with-logfile=/var/log/nsd/nsd.log \
|
||||
--enable-root-server \
|
||||
--enable-bind8-stats \
|
||||
--enable-zone-stats \
|
||||
@ -86,24 +86,21 @@ mv -f doc/CREDITS.utf8 doc/CREDITS
|
||||
|
||||
%install
|
||||
make install DESTDIR="%{buildroot}"
|
||||
for i in %{buildroot}%{configdir}/*.sample ; do
|
||||
cp -v $i ${i%%.sample}
|
||||
done
|
||||
|
||||
cp -v %{buildroot}%{configdir}/nsd.conf.sample %{buildroot}%{configdir}/nsd.conf
|
||||
chmod -Rv o= %{buildroot}%{configdir}/
|
||||
#
|
||||
install -d -m 0700 %{buildroot}%{home} \
|
||||
%{buildroot}%{_rundir}/%{name}
|
||||
#
|
||||
install -d -m 0755 %{buildroot}/var/log/
|
||||
touch %{buildroot}%{home}/{nsd.db,ixfr.db,xfrd.state} %{buildroot}/var/log/nsd.log
|
||||
install -d -m 0755 %{buildroot}/var/log/nsd/
|
||||
touch %{buildroot}%{home}/{nsd.db,ixfr.db,xfrd.state} %{buildroot}/var/log/nsd/nsd.log
|
||||
|
||||
%if %{with systemd}
|
||||
install -D -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/nsd.service
|
||||
install -D -m 0644 %{SOURCE2} %{buildroot}%{_tmpfilesdir}/nsd.conf
|
||||
ln -s -f /usr/sbin/service %{buildroot}%{_sbindir}/rc%{name}
|
||||
%else
|
||||
install -D -m 0755 %{S:3} %{buildroot}%{_sysconfdir}/init.d/%{name}
|
||||
install -D -m 0755 %{S:3} %{buildroot}%{_sysconfdir}/init.d/%{name}
|
||||
ln -s -f %{_sysconfdir}/init.d/%{name} %{buildroot}%{_sbindir}/rc%{name}
|
||||
%endif
|
||||
|
||||
@ -114,19 +111,19 @@ ln -s -f %{_sysconfdir}/init.d/%{name} %{buildroot}%{_sbindir}/rc%{name}
|
||||
%{_sbindir}/groupadd -r %{name} &>/dev/null ||:
|
||||
%{_sbindir}/useradd -g %{name} -s /bin/false -r -c "user for %{name}" -d %{home} %{name} &>/dev/null ||:
|
||||
%if %{with systemd}
|
||||
%service_add_pre %{name}.service
|
||||
%service_add_pre %{name}.service
|
||||
%endif
|
||||
|
||||
%post
|
||||
%fillup_only %{name}
|
||||
%if %{with systemd}
|
||||
systemd-tmpfiles --create %{_tmpfilesdir}/%{name}.conf || :
|
||||
%service_add_post %{name}.service
|
||||
%service_add_post %{name}.service
|
||||
%endif
|
||||
|
||||
%preun
|
||||
%if %{with systemd}
|
||||
%service_del_preun %{name}.service
|
||||
%service_del_preun %{name}.service
|
||||
%else
|
||||
%stop_on_removal %{name}
|
||||
%endif
|
||||
@ -142,6 +139,8 @@ systemd-tmpfiles --create %{_tmpfilesdir}/%{name}.conf || :
|
||||
%files
|
||||
%defattr(-,root,root)
|
||||
%doc doc/*
|
||||
%{configdir}/nsd.conf.sample
|
||||
%config
|
||||
%doc contrib/
|
||||
%if %{with systemd}
|
||||
%{_unitdir}/nsd.service
|
||||
@ -169,7 +168,9 @@ systemd-tmpfiles --create %{_tmpfilesdir}/%{name}.conf || :
|
||||
%ghost %config %attr(640,%{name},%{name}) %{home}/ixfr.db
|
||||
%ghost %config %attr(640,%{name},%{name}) %{home}/xfrd.state
|
||||
#
|
||||
%ghost %attr(640,%{name},%{name}) /var/log/nsd.log
|
||||
#
|
||||
%dir %attr(750,%{name},%{name}) /var/log/nsd
|
||||
%ghost %attr(640,%{name},%{name}) /var/log/nsd/nsd.log
|
||||
%ghost %attr(750,%{name},%{name}) %{_rundir}/%{name}
|
||||
|
||||
|
||||
%changelog
|
||||
|
@ -1 +1 @@
|
||||
D /var/run/nsd 0755 nsd nsd -
|
||||
D /run/nsd 0755 nsd nsd -
|
||||
|
Loading…
x
Reference in New Issue
Block a user