# # spec file for package bind # # Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # # Don't forget to update the package names also in baselibs.conf %define bind9_sonum 160 %define libbind9 libbind9-%{bind9_sonum} %define dns_sonum 169 %define libdns libdns%{dns_sonum} %define irs_sonum 160 %define libirs libirs%{irs_sonum} %define isc_sonum 166 %define libisc libisc%{isc_sonum} %define isccc_sonum 160 %define libisccc libisccc%{isccc_sonum} %define isccfg_sonum 160 %define libisccfg libisccfg%{isccfg_sonum} %define lwres_sonum 160 %define liblwres liblwres%{lwres_sonum} %define VENDOR SUSE # Defines for user and group add %define NAMED_UID 44 %define NAMED_UID_NAME named %define NAMED_GID 44 %define NAMED_GID_NAME named %define NAMED_COMMENT Name server daemon %define NAMED_HOMEDIR %{_localstatedir}/lib/named %define NAMED_SHELL /bin/false %define GROUPADD_NAMED %{_sbindir}/groupadd -g %{NAMED_GID} -o -r %{NAMED_GID_NAME} 2> /dev/null || : %define USERADD_NAMED %{_sbindir}/useradd -r -o -g %{NAMED_GID_NAME} -u %{NAMED_UID} -s %{NAMED_SHELL} -c "%{NAMED_COMMENT}" -d %{NAMED_HOMEDIR} %{NAMED_UID_NAME} 2> /dev/null || : %define USERMOD_NAMED %{_sbindir}/usermod -s %{NAMED_SHELL} -d %{NAMED_HOMEDIR} %{NAMED_UID_NAME} 2>/dev/null || : %define with_systemd 0 #Compat macro for new _fillupdir macro introduced in Nov 2017 %if ! %{defined _fillupdir} %define _fillupdir %{_localstatedir}/adm/fillup-templates %endif Name: bind Version: 9.11.2 Release: 0 Summary: Domain Name System (DNS) Server (named) License: MPL-2.0 Group: Productivity/Networking/DNS/Servers Url: http://isc.org/sw/bind/ Source: ftp://ftp.isc.org/isc/bind9/%{version}/bind-%{version}.tar.gz Source1: vendor-files.tar.bz2 Source2: baselibs.conf Source3: ftp://ftp.isc.org/isc/bind9/%{version}/bind-%{version}.tar.gz.asc # from http://www.isc.org/about/openpgp/ ... changes yearly apparently. Source4: %{name}.keyring Source9: ftp://ftp.internic.net/domain/named.root # url http://www.venaas.no/ldap/bind-sdb/dnszone-schema.txt no longer exists... Source40: dnszone-schema.txt Source60: dlz-schema.txt Patch0: configure.in.diff Patch1: Makefile.in.diff Patch2: bind-99-libidn.patch Patch4: perl-path.diff Patch51: pie_compile.diff Patch52: named-bootconf.diff Patch53: bind-sdb-ldap.patch BuildRequires: libcap-devel BuildRequires: libmysqlclient-devel BuildRequires: libopenssl-devel BuildRequires: libtool BuildRequires: openldap2-devel BuildRequires: openssl BuildRequires: pkgconfig BuildRequires: python3 BuildRequires: python3-ply BuildRequires: update-desktop-files BuildRequires: pkgconfig(geoip) BuildRequires: pkgconfig(json) BuildRequires: pkgconfig(krb5) BuildRequires: pkgconfig(libidn) BuildRequires: pkgconfig(libxml-2.0) Requires: %{name}-chrootenv Requires: %{name}-utils Requires(post): %fillup_prereq Requires(post): bind-utils Requires(post): coreutils Requires(pre): shadow Provides: bind8 Provides: bind9 Provides: dns_daemon Obsoletes: bind8 < %{version} Obsoletes: bind9 < %{version} %{?systemd_requires} %if %{with_systemd} BuildRequires: systemd-rpm-macros %else Requires(post): %insserv_prereq %endif %description Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols and provides an openly redistributable reference implementation of the major components of the Domain Name System. This package includes the components to operate a DNS server. %package -n %{libbind9} Summary: BIND9 shared library used by BIND Group: System/Libraries %description -n %{libbind9} This library contains a few utility functions used by the BIND server and utilities. %package -n %{libdns} Summary: DNS library used by BIND Group: System/Libraries %description -n %{libdns} This subpackage contains the "DNS client" module. This is a higher level API that provides an interface to name resolution, single DNS transaction with a particular server, and dynamic update. Regarding name resolution, it supports advanced features such as DNSSEC validation and caching. This module supports both synchronous and asynchronous mode. It also contains the Advanced Database (ADB) and Simple Database (SDB) APIs. ADB allows user-written routines to replace BIND’s internal database function for both nominated and all zones. SDB allows a user-written driver to supply zone data either from alternate data sources (for instance, a relational database) or using specialized algorithms (for instance, for load-balancing). [Book links for SDB: "Pro DNS and BIND 10", R. Aitchison, Apress] %package -n %{libirs} Summary: The BIND Information Retrieval System library Group: System/Libraries %description -n %{libirs} libirs provides an interface to parse the traditional resolv.conf file and an "advanced" configuration file related to the DNS library for configuration parameters that would be beyond the capability of the resolv.conf file. Specifically, it is intended to provide DNSSEC related configuration parameters. By default, the path to this configuration file is %{_sysconfdir}/dns.conf. %package -n libirs-devel Summary: Development files for IRS Group: Development/Libraries/C and C++ Requires: %{libirs} = %{version} %description -n libirs-devel libirs provides an interface to parse the traditional resolv.conf file and an "advanced" configuration file related to the DNS library for configuration parameters that would be beyond the capability of the resolv.conf file. This subpackage contains the header files needed for building programs with it. %package -n %{libisc} Summary: ISC shared library used by BIND Group: System/Libraries Provides: bind-libs = %{version}-%{release} Obsoletes: bind-libs < %{version}-%{release} %description -n %{libisc} This library contains miscellaneous utility function used by the BIND server and utilities. It includes functions for assertion handling, balanced binary (AVL) trees, bit masks comparison, event based programs, heap-based priority queues, memory handling, and program logging. %package -n %{libisccc} Summary: Command Channel Library used by BIND Group: System/Libraries %description -n %{libisccc} This library is used for communicating with BIND servers' administrative command channel (port 953 by default). %package -n %{libisccfg} Summary: Exported ISC configuration shared library Group: System/Libraries %description -n %{libisccfg} This BIND library contains the configuration file parser. %package -n %{liblwres} Summary: Lightweight Resolver API library Group: System/Libraries %description -n %{liblwres} The BIND 9 lightweight resolver library is a name service independent stub resolver library. It provides hostname-to-address and address-to-hostname lookup services to applications by transmitting lookup requests to a resolver daemon, lwresd, running on the local host. The resover daemon performs the lookup using the DNS or possibly other name service protocols, and returns the results to the application through the library. The library and resolver daemon communicate using a UDP-based protocol. %package chrootenv Summary: Chroot environment for BIND named and lwresd Group: Productivity/Networking/DNS/Servers Requires(pre): shadow %description chrootenv This package contains all directories and files which are common to the chroot environment of BIND named and lwresd. Most is part of the structure below %{_localstatedir}/lib/named. %package devel Summary: Development Libraries and Header Files of BIND Group: Development/Libraries/C and C++ Requires: %{libbind9} = %{version} Requires: %{libdns} = %{version} Requires: %{libirs} = %{version} Requires: %{libisccc} = %{version} Requires: %{libisccfg} = %{version} Requires: %{libisc} = %{version} Requires: %{liblwres} = %{version} Provides: bind8-devel Provides: bind9-devel Obsoletes: bind8-devel < %{version} Obsoletes: bind9-devel < %{version} %description devel This package contains the header files, libraries, and documentation for building programs using the libraries of the Berkeley Internet Name Domain (BIND) Domain Name System implementation of the Domain Name System (DNS) protocols. %package doc Summary: BIND documentation Group: Documentation/Other BuildArch: noarch %description doc Documentation of the Berkeley Internet Name Domain (BIND) Domain Name System implementation of the Domain Name System (DNS) protocols. This includes also the BIND Administrator Reference Manual (ARM). %package lwresd Summary: Lightweight Resolver Daemon Group: Productivity/Networking/DNS/Utilities Requires: %{name}-chrootenv Requires(pre): shadow Requires(pre): sysvinit(network) Requires(pre): sysvinit(syslog) Provides: dns_daemon %if !%{with_systemd} Requires(post): %insserv_prereq %endif %description lwresd Bind-lwresd provides resolution services to local clients using a combination of the lightweight resolver library liblwres and the resolver daemon process lwresd running on the local host. These communicate using a simple UDP-based protocol, the "lightweight resolver protocol" that is distinct from and simpler than the full DNS protocol. %package utils Summary: Utilities to query and test DNS # Needed for dnssec parts Group: Productivity/Networking/DNS/Utilities Requires: python3-bind = %{version} Provides: bind9-utils Provides: bindutil Provides: dns_utils Obsoletes: bind9-utils < %{version} Obsoletes: bindutil < %{version} %description utils This package includes the utilities "host", "dig", and "nslookup" used to test and query the Domain Name System (DNS). The Berkeley Internet Name Domain (BIND) DNS server is found in the package named bind. %package -n python3-bind Summary: A module allowing rndc commands to be sent from Python programs Group: Development/Languages/Python Requires: python3 Requires: python3-ply BuildArch: noarch %description -n python3-bind This package provides a module which allows commands to be sent to rndc directly from Python programs. %prep %setup -q -a1 %patch0 -p1 %patch1 -p1 %patch2 -p1 %patch4 %patch51 %patch52 %patch53 # use the year from source gzip header instead of current one to make reproducible rpms year=$(perl -e 'sysread(STDIN, $h, 8); print (1900+(gmtime(unpack("l",substr($h,4))))[5])' < %{SOURCE0}) sed -i "s/stdout, copyright, year/stdout, copyright, \"-$year\"/" lib/dns/gen.c # modify settings of some files regarding to OS version and vendor function replaceStrings() { file="$1" sed -e "s@__NSD__@/lib@g" \ -e "s@__BIND_PACKAGE_NAME__@%{name}@g" \ -e "s@__VENDOR__@%{VENDOR}@g" \ -e "s@___lib__@%{_lib}@g" \ -e "s@__openssl__@$(pkg-config --variable=enginesdir libcrypto)@g" \ -i "${file}" } pushd vendor-files for file in docu/README tools/createNamedConfInclude config/{README,named.conf} init/{named,lwresd} sysconfig/{named-common,named-named,syslog-named}; do replaceStrings ${file} done popd cp contrib/sdb/ldap/ldapdb.c bin/named/ cp contrib/sdb/ldap/ldapdb.h bin/named/include/ %build autoreconf -fvi export CFLAGS="%{optflags}" %configure \ --with-python=%{_bindir}/python3 \ --includedir=%{_includedir}/bind \ --disable-static \ --with-openssl \ --enable-threads \ --with-libtool \ --with-libxml2 \ --with-libjson \ --with-dlz-mysql \ --with-dlz-ldap \ --with-randomdev=/dev/urandom \ --enable-ipv6 \ --with-pic \ --disable-openssl-version-check \ --with-tuning=large \ --with-geoip \ --with-dlopen \ --with-gssapi=yes \ --disable-isc-spnego \ --enable-fixed-rrset \ --enable-full-report # disable rpath sed -i ' s|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g s|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g ' libtool make %{?_smp_mflags} %install mkdir -p \ %{buildroot}/%{_sysconfdir}/init.d \ %{buildroot}/%{_sysconfdir}/named.d \ %{buildroot}/%{_sysconfdir}/openldap/schema \ %{buildroot}/%{_sysconfdir}/slp.reg.d \ %{buildroot}%{_prefix}/{bin,%{_lib},sbin,include} \ %{buildroot}/%{_datadir}/bind \ %{buildroot}/%{_datadir}/susehelp/meta/Administration/System \ %{buildroot}/%{_defaultdocdir}/bind \ %{buildroot}%{_localstatedir}/lib/named/{etc/named.d,dev,dyn,log,master,slave,var/{lib,run/{lwresd,named}}} \ %{buildroot}%{_mandir}/{man1,man3,man5,man8} \ %{buildroot}%{_fillupdir} \ %{buildroot}/%{_rundir} \ %{buildroot}/%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services \ %{buildroot}%{_includedir}/bind/dns \ %{buildroot}%{_libexecdir}/bind %make_install # install errno2result.h, some dynamic DB plugins could use it. install -m 0755 -d %{buildroot}%{_includedir}/isc/ install -m 0644 lib/isc/unix/errno2result.h %{buildroot}%{_includedir}/isc/ # remove useless .la files rm -f %{buildroot}/%{_libdir}/lib*.{la,a} mv vendor-files/config/named.conf %{buildroot}/%{_sysconfdir} mv vendor-files/config/bind.reg %{buildroot}/%{_sysconfdir}/slp.reg.d mv vendor-files/config/rndc-access.conf %{buildroot}/%{_sysconfdir}/named.d for file in lwresd.conf named.conf.include rndc.key; do touch %{buildroot}/%{_sysconfdir}/${file} done for file in lwresd named; do install -m 0754 vendor-files/init/${file} %{buildroot}%{_initddir}/${file} ln -sf %{_initddir}/${file} %{buildroot}%{_sbindir}/rc${file} done install -m 0644 ${RPM_SOURCE_DIR}/named.root %{buildroot}%{_localstatedir}/lib/named/root.hint mv vendor-files/config/{127.0.0,localhost}.zone %{buildroot}%{_localstatedir}/lib/named install -m 0754 vendor-files/tools/createNamedConfInclude %{buildroot}/%{_datadir}/bind install -m 0755 vendor-files/tools/bind.genDDNSkey %{buildroot}/%{_bindir}/genDDNSkey cp -a vendor-files/docu/BIND.desktop %{buildroot}/%{_datadir}/susehelp/meta/Administration/System cp -p ${RPM_SOURCE_DIR}/dnszone-schema.txt %{buildroot}/%{_sysconfdir}/openldap/schema/dnszone.schema cp -p "%{SOURCE60}" "%{buildroot}/%{_sysconfdir}/openldap/schema/dlz.schema" install -m 0754 vendor-files/tools/ldapdump %{buildroot}/%{_datadir}/bind find %{buildroot}/%{_libdir} -type f -name '*.so*' -print0 | xargs -0 chmod 0755 touch %{buildroot}%{_localstatedir}/lib/named%{_sysconfdir}/{localtime,named.conf.include,named.d/rndc.access.conf} touch %{buildroot}%{_localstatedir}/lib/named/dev/log ln -s ../.. %{buildroot}%{_localstatedir}/lib/named%{_localstatedir}/lib/named ln -s ../log %{buildroot}%{_localstatedir}/lib/named%{_localstatedir} ln -s ..%{_localstatedir}/lib/named%{_localstatedir}/run/lwresd %{buildroot}/run ln -s ..%{_localstatedir}/lib/named%{_localstatedir}/run/named %{buildroot}/run for file in named-common named-named syslog-named; do install -m 0644 vendor-files/sysconfig/${file} %{buildroot}%{_fillupdir}/sysconfig.${file} done install -m 644 vendor-files/sysconfig/SuSEFirewall.named %{buildroot}/%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/bind # Cleanup doc rm doc/misc/Makefile* find doc/arm -type f ! -name '*.html' -print0 | xargs -0 rm -f # Create doc as we want it in bind and not bind-doc cp -a vendor-files/docu/README %{buildroot}/%{_defaultdocdir}/bind/README.%{VENDOR} cp -a vendor-files/docu/dnszonehowto.html contrib/sdb/ldap/ mkdir -p vendor-files/config/ISC-examples cp -a bin/tests/*.conf* vendor-files/config/ISC-examples for file in CHANGES COPYRIGHT README version contrib doc/{arm,misc} vendor-files/config contrib/sdb/ldap/INSTALL.ldap; do basename=$( basename ${file}) cp -a ${file} %{buildroot}/%{_defaultdocdir}/bind/${basename} echo "%doc %{_defaultdocdir}/bind/${basename}" >>filelist-bind-doc done # --------------------------------------------------------------------------- install -m 0644 bind.keys %{buildroot}%{_localstatedir}/lib/named/named.root.key %pre # Are we updating from a package named bind9? if test -d usr/share/doc/packages/bind9 && sbin/chkconfig -c named; then NAMED_ACTIVE_FILE="var/adm/named.was.active" test -f ${NAMED_ACTIVE_FILE} && old ${NAMED_ACTIVE_FILE} ACTIVE_DIR=$( dirname ${NAMED_ACTIVE_FILE}) test -d ${ACTIVE_DIR} || mkdir -p ${ACTIVE_DIR} touch ${NAMED_ACTIVE_FILE} fi %{GROUPADD_NAMED} %{USERADD_NAMED} # Might be an update. %{USERMOD_NAMED} # var/run/named is now a sym link pointing to the chroot jail test -L var/run/named || rm -rf var/run/named test -f etc/sysconfig/named && \ . etc/sysconfig/named # Store NAMED_RUN_CHROOTED setting to a temp file. TEMP_SYSCONFIG_FILE="var/adm/named-chroot" TEMP_DIR=$( dirname ${TEMP_SYSCONFIG_FILE}) test -d ${TEMP_DIR} || \ mkdir -p ${TEMP_DIR} test -e ${TEMP_SYSCONFIG_FILE} && \ old ${TEMP_SYSCONFIG_FILE} echo "NAMED_RUN_CHROOTED=\"${NAMED_RUN_CHROOTED}\"" >${TEMP_SYSCONFIG_FILE} %if %{with_systemd} %service_add_pre named.service %endif %preun %if %{with_systemd} %service_del_preun named.service %else %stop_on_removal named %endif %post %if !%{with_systemd} %{fillup_and_insserv -nf named} %endif %{fillup_only -nsa named named} if [ ! -f etc/rndc.key ]; then usr/sbin/rndc-confgen -a -b 512 -r dev/urandom chmod 0640 etc/rndc.key chown root:named etc/rndc.key fi TEMP_SYSCONFIG_FILE="var/adm/named-chroot" # Are we in update mode? if [ ${FIRST_ARG:-0} -gt 1 ]; then # Is named.conf an old, /var/named configuration? if [ -f etc/named.conf ] && grep -qi '^[[:space:]]*directory[[:space:]]*"%{_localstatedir}/named"[[:space:]]*;' etc/named.conf; then test -d var/log || \ mkdir -p var/log CONVLOG="%{_localstatedir}/log/named-move-to-var-lib" # move zone files to new location echo "Moving zone files to new location %{_localstatedir}/lib/named" | tee ${CONVLOG} IFS=" " for dir in var/named var/named/slave; do for source in $( find ${dir} -maxdepth 1 ); do case "${source#var/named/}" in localhost.zone|127.0.0.zone|root.hint|slave|var/named) continue ;; esac sourcedir=$( echo "${source%/*}") destdir=$( echo "${sourcedir#var/named}") if [ -e "var/lib/named/${destdir}/${source##*/}" ]; then echo "Warning: %{_localstatedir}/lib/named${destdir}/${source##*/} already exists; skipped." | tee -a ${CONVLOG} else echo "${source#var/named/}" | tee -a ${CONVLOG} mv "${source}" "var/lib/named/${destdir}" fi done done # updating named.conf echo -n "Backup old %{_sysconfdir}/named.conf to " | tee -a ${CONVLOG} oldconfig=$( old etc/named.conf) 2>/dev/null oldconfig=${oldconfig##*/} echo -n "%{_sysconfdir}/${oldconfig}. Conversion " | tee -a ${CONVLOG} sed -e "s@\"%{_localstatedir}/named\"@\"%{_localstatedir}/lib/named\"@" "etc/${oldconfig}" > etc/named.conf 2>/dev/null conv_rc=$? if [ ${conv_rc} -eq 0 ]; then echo "succeded." | tee -a ${CONVLOG} chmod --reference="etc/${oldconfig}" etc/named.conf chown --reference="etc/${oldconfig}" etc/named.conf else echo "failed." | tee -a ${CONVLOG} fi if [ ${conv_rc} -eq 0 ]; then cat << EOF >>${CONVLOG} Result: named.conf conversion succeded. For details check the following diff of the the old and new configuration. EOF diff -u etc/${oldconfig} etc/named.conf >>${CONVLOG} else cat << EOF >>${CONVLOG} Result: Conversion failed. You must check your %{_sysconfdir}/named.conf EOF fi else rm -f var/lib/update-messages/bind.1 fi # End of 'Is named.conf an old, %{_localstatedir}/named configuration?'. # Add include files to NAMED_CONF_INCLUDE_FILES if we have already a include # file (SL Standard Server 8) and NAMED_RUN_CHROOTED from the # TEMP_SYSCONFIG_FILE is empty. if [ -f ${TEMP_SYSCONFIG_FILE} ]; then . ${TEMP_SYSCONFIG_FILE} fi if [ -s etc/named.conf.include -a -z "${NAMED_RUN_CHROOTED}" ]; then test -f etc/sysconfig/named && . etc/sysconfig/named if [ "${NAMED_INITIALIZE_SCRIPTS}" = "createNamedConfInclude" -a \ -z "${NAMED_CONF_INCLUDE_FILES}" ]; then # Get the included files from an existing meta include file. INCLUDE_LINES=$( grep -e '^[[:space:]]*include' etc/named.conf.include | cut -f 2 -d '"') if [ "${INCLUDE_LINES}" -a -z "${NAMED_CONF_INCLUDE_FILES}" ]; then for file in ${INCLUDE_LINES}; do # don't add a file a second time echo "${INCLUDE_FILES}" | grep -qe "\<${file#%{_sysconfdir}/named.d/}\>" && continue # don't add the meta include file as the init script copy it anyway # to the chroot jail test "${file}" = "%{_sysconfdir}/named.conf.include" && continue test "${INCLUDE_FILES}" && INCLUDE_FILES="${INCLUDE_FILES} " # strip off any leading %{_sysconfdir}/named.d/ as the init script takes care # of relative file names INCLUDE_FILES="${INCLUDE_FILES}${file#%{_sysconfdir}/named.d/}" done TMPFILE=$( mktemp %{_localstatedir}/tmp/named.sysconfig.XXXXXX) if [ $? -ne 0 ]; then echo "Can't create temp file. Please add your included files from %{_sysconfdir}/named.conf to" echo "NAMED_CONF_INCLUDE_FILES of %{_sysconfdir}/sysconfig/named manually." return fi chmod --reference=etc/sysconfig/named ${TMPFILE} if sed "s+^NAMED_CONF_INCLUDE_FILES.*$+NAMED_CONF_INCLUDE_FILES=\"${INCLUDE_FILES}\"+" etc/sysconfig/named > "${TMPFILE}"; then mv "${TMPFILE}" etc/sysconfig/named else echo "Can't set NAMED_CONF_INCLUDE_FILES of %{_sysconfdir}/sysconfig/named to \"${INCLUDE_FILES}\"." fi fi fi else rm -f touch var/lib/update-messages/bind.3 fi # End of 'Add include files to NAMED_CONF_INCLUDE_FILES' fi # End of 'Are we in update mode?' # Remove TEMP_SYSCONFIG_FILE in any case. rm -f ${TEMP_SYSCONFIG_FILE} %if %{with_systemd} %service_add_post named.service %else NAMED_ACTIVE_FILE="var/adm/named.was.active" if [ -f ${NAMED_ACTIVE_FILE} ]; then sbin/insserv named test ! -s ${NAMED_ACTIVE_FILE} && rm -f ${NAMED_ACTIVE_FILE} fi if [ -x %{_bindir}/systemctl ]; then # make sure systemctl knows about the service even though it's not a systemd service # Without this, systemctl status named would return # Unit named.service could not be found. # until systemctl daemon-reload has been executed %{_bindir}/systemctl daemon-reload || : fi %endif %postun %if %{with_systemd} %service_del_postun named.service %else %restart_on_update named %insserv_cleanup %endif %post -n %{libbind9} -p /sbin/ldconfig %postun -n %{libbind9} -p /sbin/ldconfig %post -n %{libdns} -p /sbin/ldconfig %postun -n %{libdns} -p /sbin/ldconfig %post -n %{libirs} -p /sbin/ldconfig %postun -n %{libirs} -p /sbin/ldconfig %post -n %{libisc} -p /sbin/ldconfig %postun -n %{libisc} -p /sbin/ldconfig %post -n %{libisccc} -p /sbin/ldconfig %postun -n %{libisccc} -p /sbin/ldconfig %post -n %{libisccfg} -p /sbin/ldconfig %postun -n %{libisccfg} -p /sbin/ldconfig %post -n %{liblwres} -p /sbin/ldconfig %postun -n %{liblwres} -p /sbin/ldconfig %pre chrootenv %{GROUPADD_NAMED} %{USERADD_NAMED} %post chrootenv %{fillup_only -nsa named common} %{fillup_only -nsa syslog named} %pre lwresd %{GROUPADD_NAMED} %{USERADD_NAMED} %if %{with_systemd} %service_add_pre lwresd.service %endif %post lwresd # Create a key if usr/sbin/rndc-confgen is installed. if [ -x usr/sbin/rndc-confgen -a ! -f etc/rndc.key ]; then usr/sbin/rndc-confgen -a -b 512 -r dev/urandom chmod 0640 etc/rndc.key chown root:named etc/rndc.key fi # delete an emtpy lwresd.conf file if [ ! -s etc/lwresd.conf ]; then rm -f etc/lwresd.conf fi %if %{with_systemd} %service_add_post lwresd.service %else if [ $1 -le 1 ]; then %{fillup_and_insserv -fy lwresd} fi %endif %preun lwresd %stop_on_removal lwresd %if %{with_systemd} %service_del_preun lwresd.service %else %stop_on_removal lwresd %endif %postun lwresd %if %{with_systemd} %service_del_postun lwresd.service %else %restart_on_update lwresd %insserv_cleanup %endif %post utils # Create a key if lwresd is installed. if [ -x %{_sbindir}/lwresd -a ! -f %{_sysconfdir}/rndc.key ]; then %{_sbindir}/rndc-confgen -a -b 512 -r dev/urandom chmod 0640 %{_sysconfdir}/rndc.key chown root:named %{_sysconfdir}/rndc.key fi %files %attr(0644,root,named) %config(noreplace) /%{_sysconfdir}/named.conf %dir %{_sysconfdir}/slp.reg.d %attr(0644,root,root) /%{_sysconfdir}/slp.reg.d/bind.reg %attr(0644,root,named) %ghost /%{_sysconfdir}/named.conf.include %attr(0640,root,named) %ghost %config(noreplace) /%{_sysconfdir}/rndc.key %config /%{_sysconfdir}/init.d/named %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/bind %{_bindir}/bind9-config %{_bindir}/named-rrchecker %{_sbindir}/rcnamed %{_sbindir}/named %{_sbindir}/named-checkconf %{_sbindir}/named-checkzone %{_sbindir}/named-compilezone %{_mandir}/man1/bind9-config.1%{ext_man} %{_mandir}/man1/named-rrchecker.1%{ext_man} %{_mandir}/man5/named.conf.5%{ext_man} %{_mandir}/man8/named-checkconf.8%{ext_man} %{_mandir}/man8/named-checkzone.8%{ext_man} %{_mandir}/man8/named.8%{ext_man} %{_mandir}/man8/named-compilezone.8%{ext_man} %dir %{_datadir}/bind %{_datadir}/bind/createNamedConfInclude %{_datadir}/bind/ldapdump %ghost %{_rundir}/named %{_fillupdir}/sysconfig.named-named %dir %{_var}/lib/named/master %attr(-,named,named) %dir %{_var}/lib/named/dyn %attr(-,named,named) %dir %{_var}/lib/named/slave %config %{_var}/lib/named/root.hint %config %{_var}/lib/named/127.0.0.zone %config %{_var}/lib/named/localhost.zone %config %{_var}/lib/named/named.root.key %ghost %{_var}/lib/named%{_sysconfdir}/localtime %attr(0644,root,named) %ghost %{_var}/lib/named%{_sysconfdir}/named.conf.include %attr(-,named,named) %dir %{_var}/lib/named%{_localstatedir}/run/named %dir %{_libexecdir}/bind %files -n %{libbind9} %{_libdir}/libbind9.so.%{bind9_sonum}* %files -n %{libdns} %{_libdir}/libdns.so.%{dns_sonum}* %files -n %{libirs} %{_libdir}/libirs.so.%{irs_sonum}* %files -n libirs-devel %{_libdir}/libirs.so %files -n %{libisc} %{_libdir}/libisc.so.%{isc_sonum}* %files -n %{libisccc} %{_libdir}/libisccc.so.%{isccc_sonum}* %files -n %{libisccfg} %{_libdir}/libisccfg.so.%{isccfg_sonum}* %files -n %{liblwres} %{_libdir}/liblwres.so.%{lwres_sonum}* %files chrootenv %attr(-,named,named) %dir %{_var}/lib/named %dir %{_var}/lib/named%{_sysconfdir} %dir %{_var}/lib/named%{_sysconfdir}/named.d %dir %{_var}/lib/named/dev %dir %{_var}/lib/named%{_localstatedir} %dir %{_var}/lib/named%{_localstatedir}/lib %dir %{_var}/lib/named%{_localstatedir}/run %attr(-,named,named) %dir %{_var}/lib/named/log %ghost %{_var}/lib/named%{_sysconfdir}/named.d/rndc.access.conf %ghost %{_var}/lib/named/dev/log %attr(0666, root, root) %dev(c, 1, 3) %{_var}/lib/named/dev/null %attr(0666, root, root) %dev(c, 1, 8) %{_var}/lib/named/dev/random %{_var}/lib/named%{_localstatedir}/lib/named %{_var}/lib/named%{_localstatedir}/log %{_fillupdir}/sysconfig.named-common %{_fillupdir}/sysconfig.syslog-named %files devel %dir %{_includedir}/isc %{_includedir}/isc/errno2result.h %{_bindir}/isc-config.sh %{_libdir}/libbind9.so %{_libdir}/libdns.so %{_libdir}/libisc*.so %{_libdir}/liblwres.so %{_includedir}/bind %{_mandir}/man3/lwres*.3* %files doc -f filelist-bind-doc %dir %doc %{_defaultdocdir}/bind %doc %{_datadir}/susehelp %files lwresd %ghost %attr(0644,root,named) %config(noreplace) /%{_sysconfdir}/lwresd.conf %config %{_initddir}/lwresd %{_sbindir}/rclwresd %{_sbindir}/lwresd %{_mandir}/man8/lwresd.8%{ext_man} %ghost %{_rundir}/lwresd %attr(-,named,named) %dir %{_var}/lib/named%{_localstatedir}/run/lwresd %files utils %dir %{_sysconfdir}/named.d %config(noreplace) %{_sysconfdir}/named.d/rndc-access.conf %config(noreplace) %{_sysconfdir}/bind.keys %dir %{_sysconfdir}/openldap %dir %{_sysconfdir}/openldap/schema %attr(0444,root,root) %config %{_sysconfdir}/openldap/schema/dnszone.schema %attr(0444,root,root) %config %{_sysconfdir}/openldap/schema/dlz.schema %{_bindir}/delv %{_bindir}/dig %{_bindir}/host %{_bindir}/mdig %{_bindir}/nslookup %{_bindir}/nsupdate %{_bindir}/genDDNSkey %{_bindir}/arpaname %{_sbindir}/ddns-confgen %{_sbindir}/dnssec-dsfromkey %{_sbindir}/dnssec-importkey %{_sbindir}/dnssec-keyfromlabel %{_sbindir}/dnssec-keygen %{_sbindir}/dnssec-revoke %{_sbindir}/dnssec-settime %{_sbindir}/dnssec-signzone %{_sbindir}/dnssec-verify %{_sbindir}/dnssec-checkds %{_sbindir}/dnssec-coverage %{_sbindir}/dnssec-keymgr %{_sbindir}/genrandom %{_sbindir}/isc-hmac-fixup %{_sbindir}/named-journalprint %{_sbindir}/nsec3hash %{_sbindir}/rndc %{_sbindir}/rndc-confgen %{_sbindir}/tsig-keygen %dir %doc %{_defaultdocdir}/bind %{_defaultdocdir}/bind/README.%{VENDOR} %{_mandir}/man1/arpaname.1%{ext_man} %{_mandir}/man1/delv.1%{ext_man} %{_mandir}/man1/dig.1%{ext_man} %{_mandir}/man1/host.1%{ext_man} %{_mandir}/man1/isc-config.sh.1%{ext_man} %{_mandir}/man1/mdig.1%{ext_man} %{_mandir}/man1/nslookup.1%{ext_man} %{_mandir}/man1/nsupdate.1%{ext_man} %{_mandir}/man5/rndc.conf.5%{ext_man} %{_mandir}/man8/ddns-confgen.8%{ext_man} %{_mandir}/man8/dnssec-dsfromkey.8%{ext_man} %{_mandir}/man8/dnssec-importkey.8%{ext_man} %{_mandir}/man8/dnssec-keyfromlabel.8%{ext_man} %{_mandir}/man8/dnssec-keygen.8%{ext_man} %{_mandir}/man8/dnssec-revoke.8%{ext_man} %{_mandir}/man8/dnssec-settime.8%{ext_man} %{_mandir}/man8/dnssec-signzone.8%{ext_man} %{_mandir}/man8/dnssec-verify.8%{ext_man} %{_mandir}/man8/dnssec-checkds.8%{ext_man} %{_mandir}/man8/dnssec-coverage.8%{ext_man} %{_mandir}/man8/dnssec-keymgr.8%{ext_man} %{_mandir}/man8/genrandom.8%{ext_man} %{_mandir}/man8/isc-hmac-fixup.8%{ext_man} %{_mandir}/man8/named-journalprint.8%{ext_man} %{_mandir}/man8/nsec3hash.8%{ext_man} %{_mandir}/man8/rndc.8%{ext_man} %{_mandir}/man8/rndc-confgen.8%{ext_man} %{_mandir}/man8/tsig-keygen.8%{ext_man} %files -n python3-bind %{python3_sitelib}/isc %{python3_sitelib}/isc-*.egg-info %changelog