rpm/nsd
SHA256
1
0
Fork 0
forked from pool/nsd
Code Pull Requests Activity

Accepting request 573085 from home:adamm:branches:server:dns

Browse Source 
- drop insserv requires on SLE12+ and openSUSE
- nsd-lintrpmrc: drop most overrides
- don't install config file as sample
- switch to using user/group names _nsd to match expected names
  as per recent rpmlint changes as not to conflict with admin
  created names.
- update and change current owner during upgrade

OBS-URL: https://build.opensuse.org/request/show/573085
OBS-URL: https://build.opensuse.org/package/show/server:dns/nsd?expand=0&rev=34
This commit is contained in:
Marguerite Su 2018-02-10 01:08:20 +00:00 committed by Git OBS Bridge
parent 6bdae24a72
commit ab97dbe788
4 changed files with 100 additions and 79 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
nsd-rpmlintrc
View File

@ -1,22 +1,3 @@
# failed check. chroot immediately follows chdir # failed check. chroot immediately follows chdir
addFilter("W: missing-call-to-chdir-with-chroot /usr/sbin/nsd") addFilter("W: missing-call-to-chdir-with-chroot /usr/sbin/nsd")
# We create our group/user
addFilter("W: non-standard-uid /var/lib/nsd/nsd.db nsd")
addFilter("W: non-standard-uid /var/log/nsd nsd")
addFilter("W: non-standard-uid /var/log/nsd/nsd.log nsd")
addFilter("W: non-standard-uid /var/lib/nsd/xfrd.state nsd")
addFilter("W: non-standard-uid /var/lib/nsd nsd")
addFilter("W: non-standard-uid /var/lib/nsd/ixfr.db nsd")
addFilter("W: non-standard-gid /var/lib/nsd/nsd.db nsd")
addFilter("W: non-standard-gid /var/log/nsd nsd")
addFilter("W: non-standard-gid /etc/nsd nsd")
addFilter("W: non-standard-gid /var/log/nsd/nsd.log nsd")
addFilter("W: non-standard-gid /etc/nsd/nsd.conf.sample nsd")
addFilter("W: non-standard-gid /etc/nsd/nsd.conf nsd")
addFilter("W: non-standard-gid /var/lib/nsd/xfrd.state nsd")
addFilter("W: non-standard-gid /var/lib/nsd nsd")
addFilter("W: non-standard-gid /var/lib/nsd/ixfr.db nsd")
addFilter("W: non-standard-gid /run/nsd nsd")
addFilter("W: non-standard-uid /run/nsd nsd")

11
nsd.changes
View File

@ -1,3 +1,14 @@
-------------------------------------------------------------------
Mon Feb 5 10:26:02 UTC 2018 - adam.majer@suse.de
- drop insserv requires on SLE12+ and openSUSE
- nsd-lintrpmrc: drop most overrides
- don't install config file as sample
- switch to using user/group names _nsd to match expected names
as per recent rpmlint changes as not to conflict with admin
created names.
- update and change current owner during upgrade
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Jan 2 11:18:40 UTC 2018 - michael@stroeder.com Tue Jan 2 11:18:40 UTC 2018 - michael@stroeder.com

147
nsd.spec
View File

@ -1,82 +1,91 @@
# #
# spec file for package nsd # spec file for package nsd
# #
# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. # Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
# This file and all modifications and additions to the pristine
# package are under the same license as the package itself.
# #
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/ # Please submit bugfixes or comments via http://bugs.opensuse.org/
# #
# norootforbuild
%if 0%{?suse_version} >= 1230
%bcond_without systemd
%define _rundir /run
%else
%bcond_with systemd
%define _rundir /var/run
%endif
# only needed for < 1310
%{!?_tmpfilesdir:%global _tmpfilesdir /usr/lib/tmpfiles.d}
%define home %{_localstatedir}/lib/%{name}
%define configdir %{_sysconfdir}/%{name}
%define configfile %{configdir}/nsdc.conf
%define zonesfile %{configdir}/nsd.zones
%define zonesdir %{configdir}/zones
%define pidfile %{_rundir}/nsd/nsd.pid
%if 0%{?suse_version} >= 1230
%define _rundir /run
%bcond_without systemd
%else
%define _rundir %{_localstatedir}/run
%bcond_with systemd
%endif
Name: nsd Name: nsd
Version: 4.1.19 Version: 4.1.19
Release: 0 Release: 0
# #
Summary: An authoritative only domain name server
#
License: BSD-3-Clause License: BSD-3-Clause
Group: Productivity/Networking/DNS/Servers Group: Productivity/Networking/DNS/Servers
# #
BuildRoot: %{_tmppath}/%{name}-%{version}-build URL: http://open.nlnetlabs.nl/nsd/
Source: http://open.nlnetlabs.nl/downloads/nsd/nsd-%{version}.tar.gz
Source1: nsd.service
Source2: tmpfiles-nsd.conf
Source3: nsd.init
Source4: nsd.keyring
Source5: https://www.nlnetlabs.nl/downloads/nsd/nsd-%{version}.tar.gz.asc
Source10: nsd-rpmlintrc
#
BuildRequires: libevent-devel BuildRequires: libevent-devel
BuildRequires: openssl-devel BuildRequires: openssl-devel
BuildRequires: pkgconfig BuildRequires: pkgconfig
BuildRequires: pwdutils BuildRequires: pwdutils
BuildRequires: tcpd-devel BuildRequires: tcpd-devel
Requires: %fillup_prereq
Requires: pwdutils
Requires(post): coreutils
Requires(post): findutils
Requires(post): shadow
Requires(pre): shadow
%if %{with systemd} %if %{with systemd}
BuildRequires: systemd-devel BuildRequires: systemd-devel
%{?systemd_requires} %{?systemd_requires}
%else
# FIXME: use proper Requires(pre/post/preun/...)
PreReq: %insserv_prereq
%endif %endif
PreReq: %insserv_prereq %fillup_prereq pwdutils
#
%define home %{_var}/lib/%{name}
%define configdir %{_sysconfdir}/%{name}
%define configfile %{configdir}/nsdc.conf
%define zonesfile %{configdir}/nsd.zones
%define zonesdir %{configdir}/
%define dbfile %{zonesdir}/nsd.db
%define pidfile %{_rundir}/nsd/nsd.pid
#
Url: http://open.nlnetlabs.nl/nsd/
Source: http://open.nlnetlabs.nl/downloads/nsd/nsd-%{version}.tar.gz
Source5: https://www.nlnetlabs.nl/downloads/nsd/nsd-%{version}.tar.gz.asc
Source4: nsd.keyring
Source1: nsd.service
Source2: tmpfiles-nsd.conf
Source3: nsd.init
#
Summary: An authoritative only, high performance domain name server
%description %description
NSD is a complete implementation of an authoritative domain name server developed NSD is a complete implementation of an authoritative domain name server developed
by NLnet Labs with the purpose of creating more diversity in the DNS landscape. by NLnet Labs with the purpose of creating more diversity in the DNS landscape.
%prep %prep
%setup %setup -q
%build %build
export CFLAGS="${RPM_OPT_FLAGS} ${CFLAGS} -fPIE -Wformat-nonliteral -Wformat-security"
export LDFLAGS="${LDFLAGS} -pie -Wl,-z,relro,-z,now"
%configure \ %configure \
--with-configdir=%{configdir} \ --with-configdir=%{configdir} \
--with-zonesdir=%{configdir} \ --with-zonesdir=%{zonesdir} \
--with-dbfile=%{home}/nsd.db \ --with-dbfile=%{home}/nsd.db \
--with-xfrdfile=%{home}/xfrd.state \ --with-xfrdfile=%{home}/xfrd.state \
--with-pidfile=%{pidfile} \ --with-pidfile=%{_rundir}/nsd/nsd.pid \
--with-logfile=/var/log/nsd/nsd.log \ --with-logfile=/%{_localstatedir}/log/nsd/nsd.log \
--enable-root-server \ --enable-root-server \
--enable-bind8-stats \ --enable-bind8-stats \
--enable-zone-stats \ --enable-zone-stats \
--enable-mmap \ --enable-mmap \
--with-user=%{name} \ --with-user=_nsd \
--enable-ratelimit --enable-ratelimit
make %{?_smp_mflags} make %{?_smp_mflags}
iconv -f iso8859-1 -t utf-8 doc/RELNOTES > doc/RELNOTES.utf8 iconv -f iso8859-1 -t utf-8 doc/RELNOTES > doc/RELNOTES.utf8
@ -85,22 +94,21 @@ mv -f doc/RELNOTES.utf8 doc/RELNOTES
mv -f doc/CREDITS.utf8 doc/CREDITS mv -f doc/CREDITS.utf8 doc/CREDITS
%install %install
make install DESTDIR="%{buildroot}" %make_install
cp -v %{buildroot}%{configdir}/nsd.conf.sample %{buildroot}%{configdir}/nsd.conf
chmod -Rv o= %{buildroot}%{configdir}/ chmod -Rv o= %{buildroot}%{configdir}/
# #
install -d -m 0700 %{buildroot}%{home} \ install -d -m 0700 %{buildroot}%{home} \
%{buildroot}%{_rundir}/%{name} %{buildroot}%{_rundir}/%{name}
# #
install -d -m 0755 %{buildroot}/var/log/nsd/ install -d -m 0755 %{buildroot}/%{_localstatedir}/log/nsd/
touch %{buildroot}%{home}/{nsd.db,ixfr.db,xfrd.state} %{buildroot}/var/log/nsd/nsd.log touch %{buildroot}%{home}/{nsd.db,ixfr.db,xfrd.state} %{buildroot}/%{_localstatedir}/log/nsd/nsd.log
%if %{with systemd} %if %{with systemd}
install -D -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/nsd.service install -D -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/nsd.service
install -D -m 0644 %{SOURCE2} %{buildroot}%{_tmpfilesdir}/nsd.conf install -D -m 0644 %{SOURCE2} %{buildroot}%{_tmpfilesdir}/nsd.conf
ln -s -f /usr/sbin/service %{buildroot}%{_sbindir}/rc%{name} ln -s -f %{_sbindir}/service %{buildroot}%{_sbindir}/rc%{name}
%else %else
install -D -m 0755 %{S:3} %{buildroot}%{_sysconfdir}/init.d/%{name} install -D -m 0755 %{SOURCE3} %{buildroot}%{_sysconfdir}/init.d/%{name}
ln -s -f %{_sysconfdir}/init.d/%{name} %{buildroot}%{_sbindir}/rc%{name} ln -s -f %{_sysconfdir}/init.d/%{name} %{buildroot}%{_sbindir}/rc%{name}
%endif %endif
@ -108,8 +116,8 @@ ln -s -f %{_sysconfdir}/init.d/%{name} %{buildroot}%{_sbindir}/rc%{name}
# #
# e.g. adding user # e.g. adding user
# #
%{_sbindir}/groupadd -r %{name} &>/dev/null ||: %{_sbindir}/groupadd -r _nsd &>/dev/null ||:
%{_sbindir}/useradd -g %{name} -s /bin/false -r -c "user for %{name}" -d %{home} %{name} &>/dev/null ||: %{_sbindir}/useradd -g _nsd -s /bin/false -r -c "user for %{name}" -d %{home} _nsd &>/dev/null ||:
%if %{with systemd} %if %{with systemd}
%service_add_pre %{name}.service %service_add_pre %{name}.service
%endif %endif
@ -121,6 +129,28 @@ systemd-tmpfiles --create %{_tmpfilesdir}/%{name}.conf || :
%service_add_post %{name}.service %service_add_post %{name}.service
%endif %endif
# On upgrade, we migrate from old "nsd" user to new "_nsd" user for
# config, home and default logging directories
#
# This is only used for special case of upgrading server:dns/nsd users
# as 'nsd' user was never part of openSUSE:Factory
if [ "x"$1 = "x2" ] && [ "x"`stat -c '%%G' %{home}/nsd.db` = 'xnsd' ]; then
echo "Changing legacy group from user/group nsd:nsd to _nsd:_nsd"
%{_bindir}/find %{_localstatedir}/log/nsd %{home} %{_rundir}/nsd -exec %{_bindir}/chown -v _nsd:_nsd {} \+
%{_bindir}/find %{configdir} -exec %{_bindir}/chgrp -v _nsd {} \+
# force restart because we need to remove users here
%if %{with systemd}
%{_bindir}/systemctl try-restart %{name}.service ||:
%else
%{_sbindir}/rcnsd restart ||:
%endif
# remove old username/group
%{_sbindir}/userdel nsd || :
%{_sbindir}/groupdel nsd || :
fi
%preun %preun
%if %{with systemd} %if %{with systemd}
%service_del_preun %{name}.service %service_del_preun %{name}.service
@ -133,11 +163,10 @@ systemd-tmpfiles --create %{_tmpfilesdir}/%{name}.conf || :
%service_del_postun %{name}.service %service_del_postun %{name}.service
%else %else
%restart_on_update %{name} %restart_on_update %{name}
%{insserv_cleanup} %insserv_cleanup
%endif %endif
%files %files
%defattr(-,root,root)
%doc doc/* %doc doc/*
%{configdir}/nsd.conf.sample %{configdir}/nsd.conf.sample
%config %config
@ -161,16 +190,16 @@ systemd-tmpfiles --create %{_tmpfilesdir}/%{name}.conf || :
%{_mandir}/man8/nsd.8* %{_mandir}/man8/nsd.8*
%{_mandir}/man8/nsd-control.8* %{_mandir}/man8/nsd-control.8*
# #
%config(noreplace) %attr(-,root,%{name}) %{configdir} %config(noreplace) %attr(-,root,_nsd) %{configdir}
%ghost %config %attr(640,_nsd,_nsd) %{configdir}/nsd.conf
# #
%dir %attr(750,%{name},%{name}) %{home} %dir %attr(750,_nsd,_nsd) %{home}
%ghost %config %attr(640,%{name},%{name}) %{home}/nsd.db %ghost %config %attr(640,_nsd,_nsd) %{home}/nsd.db
%ghost %config %attr(640,%{name},%{name}) %{home}/ixfr.db %ghost %config %attr(640,_nsd,_nsd) %{home}/ixfr.db
%ghost %config %attr(640,%{name},%{name}) %{home}/xfrd.state %ghost %config %attr(640,_nsd,_nsd) %{home}/xfrd.state
# #
%dir %attr(750,%{name},%{name}) /var/log/nsd %dir %attr(750,_nsd,_nsd) /%{_localstatedir}/log/nsd
%ghost %attr(640,%{name},%{name}) /var/log/nsd/nsd.log %ghost %attr(640,_nsd,_nsd) /%{_localstatedir}/log/nsd/nsd.log
%ghost %attr(750,%{name},%{name}) %{_rundir}/%{name} %ghost %attr(750,_nsd,_nsd) %{_rundir}/%{name}
%changelog %changelog

2
tmpfiles-nsd.conf
View File

@ -1 +1 @@
D /run/nsd 0755 nsd nsd - D /run/nsd 0755 _nsd _nsd -