diff --git a/baselibs.conf b/baselibs.conf index b972a16..fc1c5c4 100644 --- a/baselibs.conf +++ b/baselibs.conf @@ -1,7 +1,7 @@ libbind9-1600 -libdns1600 +libdns1601 libirs1600 -libisc1600 +libisc1601 obsoletes "bind-libs- = " provides "bind-libs- = " libisccc1600 @@ -9,8 +9,8 @@ libisccfg1600 bind-devel requires -bind- requires "libbind9-1600- = " - requires "libdns1600- = " + requires "libdns1601- = " requires "libirs1600- = " - requires "libisc1600- = " + requires "libisc1601- = " requires "libisccc1600- = " requires "libisccfg1600- = " diff --git a/bind-9.16.0.tar.xz b/bind-9.16.0.tar.xz deleted file mode 100644 index 1dcae82..0000000 --- a/bind-9.16.0.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:af4bd9bdaeb1aa7399429972f3a8aa01dd6886b7ae046d703ab8da45330f2e28 -size 4533976 diff --git a/bind-9.16.0.tar.xz.sha512.asc b/bind-9.16.0.tar.xz.sha512.asc deleted file mode 100644 index 796a6d0..0000000 --- a/bind-9.16.0.tar.xz.sha512.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCgAdFiEErj+seWcR7Fn8AHqkdLtrmky7PTgFAl5Gv1cACgkQdLtrmky7 -PThhYw/+IX80x6rs8e2bKjM1cpIgddoAIHDfGLEIwH3JFfdiSWnvRvR4oa64ehPP -DeSXT905Y+rBQW7Kky9JqiJpPq6QoiV8X/BlxlQjiHKeF0ysuLCKa3v7drWKyo+q -CPRKoO2Q+i99np7Y8K+Ze0GVSVRfixYWQD+3tg9NvpiOoCsE3Qx0NAbzHjSxH8Ad -P8upxu29pLu5yIB7gfzMxNoYyTAPbQcCmVxmA78G9VPZcMnPgHcILrYT/Y9ZYcHK -p+QEi5h2jdgcmkI5rAm3Z2BiOgvONUreUQenD8ZT8E9vV5IxLBGcv5Q/YWocFTft -2eAgizxXZ9K3yrc5++v2tWhd1xNuaHNZlzQ/CLBmMqnOpsUxfSgKrz3zuKU9J1Da -XrhtLrm/60DqocuyRfbHtzEWJtgHmnyClRIanFQcmQJ8yIz2C5uTPmexvScRKB7X -RC2xj4xNfnpUlMWWeb+SF5vGDTweVb01JLrA6ejuXijOYBWZl9rIkxxRdJ/Sv6Rp -hgzh8OO6UvaHY5P5IhwliIEyp8LaEAafOaLrvuDKJEhQw/7j6q3lQiLWnW0u/9rm -IIJzT+hqk6NaKWz4dH/ikqrFQHZn4t5wzGsw6I81hhPw3s+5cheR+VKmZMytbIGt -AETI6CudHsJr5ztyYsjbqbbzg01JG7pbwp0VlPCxM0UiWPZUxaY= -=IyuH ------END PGP SIGNATURE----- diff --git a/bind-9.16.1.tar.xz b/bind-9.16.1.tar.xz new file mode 100644 index 0000000..ff0128a --- /dev/null +++ b/bind-9.16.1.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:a913d7e78135b9123d233215b58102fa0f18130fb1e158465a1c2b6f3bd75e91 +size 4541768 diff --git a/bind-9.16.1.tar.xz.sha512.asc b/bind-9.16.1.tar.xz.sha512.asc new file mode 100644 index 0000000..be4bd3e --- /dev/null +++ b/bind-9.16.1.tar.xz.sha512.asc @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- +Comment: GPGTools - https://gpgtools.org + +iQIzBAABCgAdFiEEFWiQaF6g32oTce8gF8xdsfAIhAcFAl5rbyAACgkQF8xdsfAI +hAdEOg/+Kg1jrzoAZRJVARYYV2crDGqe1bVhO3hQDu60m+irokA2lgPSIDNBO6y0 +hhJqQ9ApX43bjqYAfBC86JQnbkCPhadOJ3YZTaKJTJD7ID023IPo+r/U5FBkgP2V +e0feFcR6+vjqpj0GXquMSepby464+07AMdX6AwtP/psQabnU5WAe2PxNSC0T7RMu +lvnqPHrGEBS0sjTsZOQdata9es/kKAweS+5m+qj97gvWVXPqevyoQgUT1JCBa/Xg +hxSpeDx5ZHSPDpg8IIfpfcGYKzSivE71tMUXR0syIZCW2phLnWDF2RA5muAlWYvZ +geZBP7Upu12oXaYvZnFslOvfauHOyBgnhVe7L/gkfC3MV1tMkqxfzBu2rxQFr8Sz +DI/582oLzGu0zSoBi613/dTcH9+plkjs+GcRQbQ1uKQzKu0lSa4h2Kfz0GKJY3Ls +xOxgE/sM9Xh7JtMWrhg24i74AbtrZIfwMNqr0EC4SZy1uwvygqESu99OOw+A805A +nwsgJR0q1dCYJkIUXg8BI+elvsLpmgZHuTRQlCxTfI/p7QKpjNgCAVwxCY9udULL +yqm1v9oT/ExMBzlC+e+xz+p4zQ+xbQ2i9RH4fhzqjl3+XB1CQfKlOWkc6DXbionp +YkAipYwDW/YRblAhhKvQykrrcheeoINB5LQ6fo2RAOWsKozTOtU= +=qsqC +-----END PGP SIGNATURE----- diff --git a/bind.changes b/bind.changes index 79cf52c..0e82b03 100644 --- a/bind.changes +++ b/bind.changes @@ -1,3 +1,27 @@ +------------------------------------------------------------------- +Sat Mar 21 08:56:28 UTC 2020 - Thorsten Kukuk + +- Use sysusers.d to create named user +- Have only one package creating the user + +------------------------------------------------------------------- +Fri Mar 20 09:00:07 UTC 2020 - Thorsten Kukuk + +- coreutils are not used in %post, remove Requires. +- Use systemd_ordering instead of hard requiring systemd + +------------------------------------------------------------------- +Fri Mar 20 08:04:19 UTC 2020 - Josef Möllers + +- Upgrade to version 9.16.1 + * UDP network ports used for listening can no longer simultaneously + be used for sending traffic. + * The system-provided POSIX Threads read-write lock implementation + is now used by default instead of the native BIND 9 implementation. + * Fixed re-signing issues with inline zones which resulted in records + being re-signed late or not at all. + [bind-9.16.1.tar.xz] + ------------------------------------------------------------------- Sat Feb 22 07:42:08 UTC 2020 - Tomáš Chvátal diff --git a/bind.spec b/bind.spec index 50c64e3..64e3bb9 100644 --- a/bind.spec +++ b/bind.spec @@ -20,19 +20,23 @@ # Note that the sonums are LIBINTERFACE - LIBAGE %define bind9_sonum 1600 %define libbind9 libbind9-%{bind9_sonum} -%define dns_sonum 1600 +%define dns_sonum 1601 %define libdns libdns%{dns_sonum} %define irs_sonum 1600 %define libirs libirs%{irs_sonum} -%define isc_sonum 1600 +%define isc_sonum 1601 %define libisc libisc%{isc_sonum} %define isccc_sonum 1600 %define libisccc libisccc%{isccc_sonum} %define isccfg_sonum 1600 %define libisccfg libisccfg%{isccfg_sonum} -%define libns_sonum 1600 +%define libns_sonum 1601 %define VENDOR SUSE +%if 0%{?suse_version} >= 1500 +%define with_systemd 1 +%else +%define with_systemd 0 # Defines for user and group add %define NAMED_UID 44 %define NAMED_UID_NAME named @@ -44,10 +48,6 @@ %define GROUPADD_NAMED getent group %{NAMED_GID_NAME} >/dev/null || %{_sbindir}/groupadd -g %{NAMED_GID} -o -r %{NAMED_GID_NAME} %define USERADD_NAMED getent passwd %{NAMED_UID_NAME} >/dev/null || %{_sbindir}/useradd -r -o -g %{NAMED_GID_NAME} -u %{NAMED_UID} -s %{NAMED_SHELL} -c "%{NAMED_COMMENT}" -d %{NAMED_HOMEDIR} %{NAMED_UID_NAME} %define USERMOD_NAMED getent passwd %{NAMED_UID_NAME} >/dev/null || %{_sbindir}/usermod -s %{NAMED_SHELL} -d %{NAMED_HOMEDIR} %{NAMED_UID_NAME} -%if 0%{?suse_version} >= 1500 -%define with_systemd 1 -%else -%define with_systemd 0 %endif %if 0%{?suse_version} < 1315 %define with_sfw2 1 @@ -60,7 +60,7 @@ %define _fillupdir %{_localstatedir}/adm/fillup-templates %endif Name: bind -Version: 9.16.0 +Version: 9.16.1 Release: 0 Summary: Domain Name System (DNS) Server (named) License: MPL-2.0 @@ -78,6 +78,7 @@ Source60: dlz-schema.txt # configuation files for systemd-tmpfiles Source70: bind.conf Source71: bind-chrootenv.conf +Source72: named.conf Patch1: Makefile.in.diff Patch51: pie_compile.diff Patch52: named-bootconf.diff @@ -102,8 +103,6 @@ Requires: %{name}-chrootenv Requires: %{name}-utils Requires(post): %fillup_prereq Requires(post): bind-utils -Requires(post): coreutils -Requires(pre): shadow Provides: bind8 = %{version} Provides: bind9 = %{version} Provides: dns_daemon @@ -111,11 +110,15 @@ Obsoletes: bind8 < %{version} Obsoletes: bind9 < %{version} %if %{with_systemd} BuildRequires: systemd-rpm-macros +BuildRequires: sysuser-shadow +BuildRequires: sysuser-tools BuildRequires: pkgconfig(libsystemd) BuildRequires: pkgconfig(systemd) -%{?systemd_requires} +%{?systemd_ordering} +%sysusers_requires %else Requires(post): %insserv_prereq +Requires(pre): shadow %endif %description @@ -204,8 +207,9 @@ This BIND library contains the configuration file parser. %package chrootenv Summary: Chroot environment for BIND named +# We need the named user and group, have only one authoritative place Group: Productivity/Networking/DNS/Servers -Requires(pre): shadow +Requires(pre): %{name} %description chrootenv This package contains all directories and files which are common to the @@ -331,6 +335,9 @@ sed -i ' s|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g ' libtool make %{?_smp_mflags} +%if %{with_systemd} +%sysusers_generate_pre %{SOURCE72} named +%endif %install mkdir -p \ @@ -355,6 +362,7 @@ mkdir -p %{buildroot}/%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services # install errno2result.h, some dynamic DB plugins could use it. install -m 0755 -d %{buildroot}%{_includedir}/isc/ install -m 0644 lib/isc/unix/errno2result.h %{buildroot}%{_includedir}/isc/ +install -m 0644 .clang-format.headers %{buildroot}/%{_defaultdocdir}/bind # remove useless .la files rm -f %{buildroot}/%{_libdir}/lib*.{la,a} @@ -416,14 +424,20 @@ for file in CHANGES COPYRIGHT README version contrib doc/{arm,misc} vendor-files done # --------------------------------------------------------------------------- install -m 0644 bind.keys %{buildroot}%{_localstatedir}/lib/named/named.root.key +%if %{with_systemd} +mkdir -p %{buildroot}%{_sysusersdir} +install -m 644 %{SOURCE72} %{buildroot}%{_sysusersdir}/ +%endif +%if %{with_systemd} +%pre -f named.pre +%service_add_pre named.service +%else %pre %{GROUPADD_NAMED} %{USERADD_NAMED} # Might be an update. %{USERMOD_NAMED} -%if %{with_systemd} -%service_add_pre named.service %endif %preun @@ -469,10 +483,6 @@ fi %postun -n %{libisccc} -p /sbin/ldconfig %post -n %{libisccfg} -p /sbin/ldconfig %postun -n %{libisccfg} -p /sbin/ldconfig -%pre chrootenv -%{GROUPADD_NAMED} -%{USERADD_NAMED} - %post chrootenv %{fillup_only -nsa named common} %{fillup_only -nsa syslog named} @@ -480,8 +490,6 @@ fi %tmpfiles_create bind-chrootenv.conf %endif -%post utils - %files %license LICENSE %attr(0644,root,named) %config(noreplace) /%{_sysconfdir}/named.conf @@ -492,6 +500,7 @@ fi %config %{_unitdir}/named.service %{_sbindir}/named.init %{_prefix}/lib/tmpfiles.d/bind.conf +%{_sysusersdir}/named.conf %{_datadir}/factory %else %config /%{_sysconfdir}/init.d/named @@ -626,6 +635,7 @@ fi %{_sbindir}/tsig-keygen %dir %doc %{_defaultdocdir}/bind %{_defaultdocdir}/bind/README.%{VENDOR} +%{_defaultdocdir}/bind/.clang-format.headers %{_mandir}/man1/arpaname.1%{ext_man} %{_mandir}/man1/delv.1%{ext_man} %{_mandir}/man1/dig.1%{ext_man} diff --git a/named.conf b/named.conf new file mode 100644 index 0000000..5463c1b --- /dev/null +++ b/named.conf @@ -0,0 +1,3 @@ +# Type Name ID GECOS [HOME] +g named 44 - - +u named 44 "Name server daemon" /var/lib/named