[gentoo-commits] repo/gentoo:master commit in: net-dns/bind/ - gentoo-commits

From:	"Robin H. Johnson" <robbat2@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: net-dns/bind/
Date:	Tue, 29 Sep 2020 20:26:04
Message-Id:	`1601411158.ac625d83618ff356fd4485e7bfd70eb0dbb7b3e8.robbat2@gentoo`

1

commit:     ac625d83618ff356fd4485e7bfd70eb0dbb7b3e8

2

Author:     Robin H. Johnson <robbat2 <AT> gentoo <DOT> org>

3

AuthorDate: Tue Sep 29 20:22:28 2020 +0000

4

Commit:     Robin H. Johnson <robbat2 <AT> gentoo <DOT> org>

5

CommitDate: Tue Sep 29 20:25:58 2020 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ac625d83

7

8

net-dns/bind: fix USE=geoip to provide GeoIP again!

9

10

Upstream dropped support for the older GeoIP library, forcing a move to

11

the new library (previously you could chose either one).

12

13

However, the ebuild was not updated to reflect that if you needed GeoIP

14

functionality still, you had to update your USE flags. Trim out old

15

parts of the ebuild, and force users to add USE=geoip2.

16

17

Signed-off-by: Robin H. Johnson <robbat2 <AT> gentoo.org>

18

19

 net-dns/bind/bind-9.16.6-r3.ebuild | 388 +++++++++++++++++++++++++++++++++++++

20

 1 file changed, 388 insertions(+)

21

22

diff --git a/net-dns/bind/bind-9.16.6-r3.ebuild b/net-dns/bind/bind-9.16.6-r3.ebuild

23

new file mode 100644

24

index 00000000000..ff2089ac70a

25

--- /dev/null

26

+++ b/net-dns/bind/bind-9.16.6-r3.ebuild

27

@@ -0,0 +1,388 @@

28

+# Copyright 1999-2020 Gentoo Authors

29

+# Distributed under the terms of the GNU General Public License v2

30

+

31

+# Re dlz/mysql and threads, needs to be verified..

32

+# MySQL uses thread local storage in its C api. Thus MySQL

33

+# requires that each thread of an application execute a MySQL

34

+# thread initialization to setup the thread local storage.

35

+# This is impossible to do safely while staying within the DLZ

36

+# driver API. This is a limitation caused by MySQL, and not the DLZ API.

37

+# Because of this BIND MUST only run with a single thread when

38

+# using the MySQL driver.

39

+

40

+EAPI=7

41

+

42

+PYTHON_COMPAT=( python3_{6..9} )

43

+

44

+inherit python-r1 eutils autotools toolchain-funcs flag-o-matic multilib db-use systemd

45

+

46

+MY_PV="${PV/_p/-P}"

47

+MY_PV="${MY_PV/_rc/rc}"

48

+MY_P="${PN}-${MY_PV}"

49

+

50

+SDB_LDAP_VER="1.1.0-fc14"

51

+

52

+RRL_PV="${MY_PV}"

53

+

54

+# SDB-LDAP: http://bind9-ldap.bayour.com/

55

+

56

+DESCRIPTION="Berkeley Internet Name Domain - Name Server"

57

+HOMEPAGE="https://www.isc.org/software/bind"

58

+SRC_URI="https://downloads.isc.org/isc/bind9/${PV}/${P}.tar.xz

59

+	doc? ( mirror://gentoo/dyndns-samples.tbz2 )"

60

+

61

+LICENSE="Apache-2.0 BSD BSD-2 GPL-2 HPND ISC MPL-2.0"

62

+SLOT="0"

63

+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux"

64

+# -berkdb by default re bug 602682

65

+IUSE="-berkdb +caps +dlz dnstap doc dnsrps fixed-rrset geoip geoip2 gssapi

66

+json ldap libressl lmdb mysql odbc postgres python selinux static-libs

67

+urandom xml +zlib"

68

+# sdb-ldap - patch broken

69

+# no PKCS11 currently as it requires OpenSSL to be patched, also see bug 409687

70

+

71

+# Upstream dropped the old geoip library, but the BIND configuration for using

72

+# GeoIP remained the same.

73

+REQUIRED_USE="

74

+	postgres? ( dlz )

75

+	berkdb? ( dlz )

76

+	mysql? ( dlz )

77

+	odbc? ( dlz )

78

+	ldap? ( dlz )

79

+	dnsrps? ( dlz )

80

+	python? ( ${PYTHON_REQUIRED_USE} )

81

+"

82

+

83

+DEPEND="

84

+	acct-group/named

85

+	acct-user/named

86

+	!libressl? ( dev-libs/openssl:=[-bindist] )

87

+	libressl? ( dev-libs/libressl:= )

88

+	mysql? ( dev-db/mysql-connector-c:0= )

89

+	odbc? ( >=dev-db/unixODBC-2.2.6 )

90

+	ldap? ( net-nds/openldap )

91

+	postgres? ( dev-db/postgresql:= )

92

+	caps? ( >=sys-libs/libcap-2.1.0 )

93

+	xml? ( dev-libs/libxml2 )

94

+	geoip? ( dev-libs/libmaxminddb )

95

+	geoip2? ( dev-libs/libmaxminddb )

96

+	gssapi? ( virtual/krb5 )

97

+	json? ( dev-libs/json-c:= )

98

+	lmdb? ( dev-db/lmdb )

99

+	zlib? ( sys-libs/zlib )

100

+	dnstap? ( dev-libs/fstrm dev-libs/protobuf-c )

101

+	python? (

102

+		${PYTHON_DEPS}

103

+		dev-python/ply[${PYTHON_USEDEP}]

104

+	)

105

+	dev-libs/libuv:=

106

+"

107

+

108

+RDEPEND="${DEPEND}

109

+	selinux? ( sec-policy/selinux-bind )

110

+	sys-process/psmisc"

111

+

112

+S="${WORKDIR}/${MY_P}"

113

+

114

+PATCHES=(

115

+	# should fix https://bugs.gentoo.org/741162 taken from:

116

+	# https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/4073

117

+	"${FILESDIR}/bind-9.16.6-bug-741162.patch"

118

+

119

+	"${FILESDIR}/ldap-library-path-on-multilib-machines.patch"

120

+)

121

+

122

+# bug 479092, requires networking

123

+# bug 710840, cmocka fails LDFLAGS='-Wl,-O1'

124

+#RESTRICT="test"

125

+

126

+src_prepare() {

127

+	default

128

+

129

+	# should be installed by bind-tools

130

+	sed -i -r -e "s:(nsupdate|dig|delv) ::g" bin/Makefile.in || die

131

+

132

+	# Disable tests for now, bug 406399

133

+	sed -i '/^SUBDIRS/s:tests::' bin/Makefile.in lib/Makefile.in || die

134

+

135

+	# bug #220361

136

+	rm aclocal.m4 || die

137

+	rm -rf libtool.m4/ || die

138

+	eautoreconf

139

+

140

+	use python && python_copy_sources

141

+}

142

+

143

+src_configure() {

144

+	bind_configure --without-python

145

+	use python && python_foreach_impl python_configure

146

+}

147

+

148

+bind_configure() {

149

+	local myeconfargs=(

150

+		AR="$(type -P $(tc-getAR))"

151

+		--prefix="${EPREFIX}"/usr

152

+		--sysconfdir=/etc/bind

153

+		--localstatedir=/var

154

+		--with-libtool

155

+		--enable-full-report

156

+		--without-readline

157

+		--with-openssl="${EPREFIX}"/usr

158

+		--without-cmocka

159

+		$(use_enable caps linux-caps)

160

+		$(use_enable dnsrps)

161

+		$(use_enable dnstap)

162

+		$(use_enable fixed-rrset)

163

+		# $(use_enable static-libs static)

164

+		$(use_with berkdb dlz-bdb)

165

+		$(use_with dlz dlopen)

166

+		$(use_with dlz dlz-filesystem)

167

+		$(use_with dlz dlz-stub)

168

+		$(use_with gssapi)

169

+		$(use_with json json-c)

170

+		$(use_with ldap dlz-ldap)

171

+		$(use_with mysql dlz-mysql)

172

+		$(use_with odbc dlz-odbc)

173

+		$(use_with postgres dlz-postgres)

174

+		$(use_with lmdb)

175

+		$(use_with xml libxml2)

176

+		$(use_with zlib)

177

+		"${@}"

178

+	)

179

+	# This is for users to start to migrate back to USE=geoip, rather than

180

+	# USE=geoip2

181

+	if use geoip ; then

182

+		myeconfargs+=( $(use_with geoip maxminddb) )

183

+	elif use geoip2 ; then

184

+		myeconfargs+=( $(use_with geoip2 maxminddb) )

185

+	else

186

+		myeconfargs+=( --without-maxminddb )

187

+	fi

188

+

189

+	# bug #158664

190

+#	gcc-specs-ssp && replace-flags -O[23s] -O

191

+

192

+	# To include db.h from proper path

193

+	use berkdb && append-flags "-I$(db_includedir)"

194

+

195

+	export BUILD_CC=$(tc-getBUILD_CC)

196

+	econf "${myeconfargs[@]}"

197

+

198

+	# bug #151839

199

+	echo '#undef SO_BSDCOMPAT' >> config.h

200

+}

201

+

202

+python_configure() {

203

+	pushd "${BUILD_DIR}" >/dev/null || die

204

+	bind_configure --with-python

205

+	popd >/dev/null || die

206

+}

207

+

208

+src_compile() {

209

+	default

210

+	use python && python_foreach_impl python_compile

211

+}

212

+

213

+python_compile() {

214

+	pushd "${BUILD_DIR}"/bin/python >/dev/null || die

215

+	emake

216

+	popd >/dev/null || die

217

+}

218

+

219

+src_install() {

220

+	default

221

+

222

+	# don't create /var/run

223

+	rmdir "${ED}"/var/run || die

224

+

225

+	dodoc CHANGES README

226

+

227

+	if use doc; then

228

+		docinto misc

229

+		dodoc -r doc/misc/

230

+

231

+		# might a 'html' useflag make sense?

232

+		docinto html

233

+		dodoc -r doc/arm/

234

+

235

+		docinto contrib

236

+		dodoc contrib/scripts/{nanny.pl,named-bootconf.sh}

237

+

238

+		# some handy-dandy dynamic dns examples

239

+		pushd "${ED}"/usr/share/doc/${PF} 1>/dev/null || die

240

+		tar xf "${DISTDIR}"/dyndns-samples.tbz2 || die

241

+		popd 1>/dev/null || die

242

+	fi

243

+

244

+	insinto /etc/bind

245

+	newins "${FILESDIR}"/named.conf-r8 named.conf

246

+

247

+	# ftp://ftp.rs.internic.net/domain/named.cache:

248

+	insinto /var/bind

249

+	newins "${FILESDIR}"/named.cache-r3 named.cache

250

+

251

+	insinto /var/bind/pri

252

+	newins "${FILESDIR}"/localhost.zone-r3 localhost.zone

253

+

254

+	newinitd "${FILESDIR}"/named.init-r13 named

255

+	newconfd "${FILESDIR}"/named.confd-r7 named

256

+

257

+	newenvd "${FILESDIR}"/10bind.env 10bind

258

+

259

+	# Let's get rid of those tools and their manpages since they're provided by bind-tools

260

+	rm -f "${ED}"/usr/share/man/man1/{dig,host,nslookup,delv,nsupdate}.1* || die

261

+	rm -f "${ED}"/usr/share/man/man8/nsupdate.8* || die

262

+	rm -f "${ED}"/usr/bin/{dig,host,nslookup,nsupdate} || die

263

+	rm -f "${ED}"/usr/sbin/{dig,host,nslookup,nsupdate} || die

264

+	for tool in dsfromkey importkey keyfromlabel keygen \

265

+	revoke settime signzone verify; do

266

+		rm -f "${ED}"/usr/{,s}bin/dnssec-"${tool}" || die

267

+		rm -f "${ED}"/usr/share/man/man8/dnssec-"${tool}".8* || die

268

+	done

269

+

270

+	# bug 405251, library archives aren't properly handled by --enable/disable-static

271

+	if ! use static-libs; then

272

+		find "${ED}" -type f -name '*.a' -delete || die

273

+	fi

274

+

275

+	# bug 405251

276

+	find "${ED}" -type f -name '*.la' -delete || die

277

+

278

+	use python && python_foreach_impl python_install

279

+

280

+	# bug 450406

281

+	dosym named.cache /var/bind/root.cache

282

+

283

+	dosym ../../var/bind/pri /etc/bind/pri

284

+	dosym ../../var/bind/sec /etc/bind/sec

285

+	dosym ../../var/bind/dyn /etc/bind/dyn

286

+	keepdir /var/bind/{pri,sec,dyn} /var/log/named

287

+

288

+	fowners root:named /{etc,var}/bind /var/log/named /var/bind/{sec,pri,dyn}

289

+	fowners root:named /var/bind/named.cache /var/bind/pri/localhost.zone /etc/bind/{bind.keys,named.conf}

290

+	fperms 0640 /var/bind/named.cache /var/bind/pri/localhost.zone /etc/bind/{bind.keys,named.conf}

291

+	fperms 0750 /etc/bind /var/bind/pri

292

+	fperms 0770 /var/log/named /var/bind/{,sec,dyn}

293

+

294

+	systemd_newunit "${FILESDIR}/named.service-r1" named.service

295

+	systemd_dotmpfilesd "${FILESDIR}"/named.conf

296

+	exeinto /usr/libexec

297

+	doexe "${FILESDIR}/generate-rndc-key.sh"

298

+}

299

+

300

+python_install() {

301

+	pushd "${BUILD_DIR}"/bin/python >/dev/null || die

302

+	emake DESTDIR="${D}" install

303

+	python_scriptinto /usr/sbin

304

+	python_doscript dnssec-{checkds,coverage}

305

+	python_optimize

306

+	popd >/dev/null || die

307

+}

308

+

309

+pkg_postinst() {

310

+	if [ ! -f '/etc/bind/rndc.key' ]; then

311

+		if use urandom; then

312

+			einfo "Using /dev/urandom for generating rndc.key"

313

+			/usr/sbin/rndc-confgen -r /dev/urandom -a

314

+			echo

315

+		else

316

+			einfo "Using /dev/random for generating rndc.key"

317

+			/usr/sbin/rndc-confgen -a

318

+			echo

319

+		fi

320

+		chown root:named /etc/bind/rndc.key || die

321

+		chmod 0640 /etc/bind/rndc.key || die

322

+	fi

323

+

324

+	einfo

325

+	einfo "You can edit /etc/conf.d/named to customize named settings"

326

+	einfo

327

+	use mysql || use postgres || use ldap && {

328

+		elog "If your named depends on MySQL/PostgreSQL or LDAP,"

329

+		elog "uncomment the specified rc_named_* lines in your"

330

+		elog "/etc/conf.d/named config to ensure they'll start before bind"

331

+		einfo

332

+	}

333

+	einfo "If you'd like to run bind in a chroot AND this is a new"

334

+	einfo "install OR your bind doesn't already run in a chroot:"

335

+	einfo "1) Uncomment and set the CHROOT variable in /etc/conf.d/named."

336

+	einfo "2) Run \`emerge --config '=${CATEGORY}/${PF}'\`"

337

+	einfo

338

+

339

+	CHROOT=$(source /etc/conf.d/named 2>/dev/null; echo ${CHROOT})

340

+	if [[ -n ${CHROOT} ]]; then

341

+		elog "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!"

342

+		elog "To enable the old behaviour (without using mount) uncomment the"

343

+		elog "CHROOT_NOMOUNT option in your /etc/conf.d/named config."

344

+		elog "If you decide to use the new/default method, ensure to make backup"

345

+		elog "first and merge your existing configs/zones to /etc/bind and"

346

+		elog "/var/bind because bind will now mount the needed directories into"

347

+		elog "the chroot dir."

348

+	fi

349

+}

350

+

351

+pkg_config() {

352

+	CHROOT=$(source /etc/conf.d/named; echo ${CHROOT})

353

+	CHROOT_NOMOUNT=$(source /etc/conf.d/named; echo ${CHROOT_NOMOUNT})

354

+	CHROOT_GEOIP=$(source /etc/conf.d/named; echo ${CHROOT_GEOIP})

355

+

356

+	if [[ -z "${CHROOT}" ]]; then

357

+		eerror "This config script is designed to automate setting up"

358

+		eerror "a chrooted bind/named. To do so, please first uncomment"

359

+		eerror "and set the CHROOT variable in '/etc/conf.d/named'."

360

+		die "Unset CHROOT"

361

+	fi

362

+	if [[ -d "${CHROOT}" ]]; then

363

+		ewarn "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!"

364

+		ewarn "To enable the old behaviour (without using mount) uncomment the"

365

+		ewarn "CHROOT_NOMOUNT option in your /etc/conf.d/named config."

366

+		ewarn

367

+		ewarn "${CHROOT} already exists... some things might become overridden"

368

+		ewarn "press CTRL+C if you don't want to continue"

369

+		sleep 10

370

+	fi

371

+

372

+	echo; einfo "Setting up the chroot directory..."

373

+

374

+	mkdir -m 0750 -p ${CHROOT} || die

375

+	mkdir -m 0755 -p ${CHROOT}/{dev,etc,var/log,run} || die

376

+	mkdir -m 0750 -p ${CHROOT}/etc/bind || die

377

+	mkdir -m 0770 -p ${CHROOT}/var/{bind,log/named} ${CHROOT}/run/named/ || die

378

+

379

+	chown root:named \

380

+		${CHROOT} \

381

+		${CHROOT}/var/{bind,log/named} \

382

+		${CHROOT}/run/named/ \

383

+		${CHROOT}/etc/bind \

384

+		|| die

385

+

386

+	mknod ${CHROOT}/dev/null c 1 3 || die

387

+	chmod 0666 ${CHROOT}/dev/null || die

388

+

389

+	mknod ${CHROOT}/dev/zero c 1 5 || die

390

+	chmod 0666 ${CHROOT}/dev/zero || die

391

+

392

+	if use urandom; then

393

+		mknod ${CHROOT}/dev/urandom c 1 9 || die

394

+		chmod 0666 ${CHROOT}/dev/urandom || die

395

+	else

396

+		mknod ${CHROOT}/dev/random c 1 8 || die

397

+		chmod 0666 ${CHROOT}/dev/random || die

398

+	fi

399

+

400

+	if [ "${CHROOT_NOMOUNT:-0}" -ne 0 ]; then

401

+		cp -a /etc/bind ${CHROOT}/etc/ || die

402

+		cp -a /var/bind ${CHROOT}/var/ || die

403

+	fi

404

+

405

+	if [ "${CHROOT_GEOIP:-0}" -eq 1 ]; then

406

+		if use geoip; then

407

+			mkdir -m 0755 -p ${CHROOT}/usr/share/GeoIP || die

408

+		elif use geoip2; then

409

+			mkdir -m 0755 -p ${CHROOT}/usr/share/GeoIP2 || die

410

+		fi

411

+	fi

412

+

413

+	elog "You may need to add the following line to your syslog-ng.conf:"

414

+	elog "source jail { unix-stream(\"${CHROOT}/dev/log\"); };"

415

+}

1	commit: ac625d83618ff356fd4485e7bfd70eb0dbb7b3e8
2	Author: Robin H. Johnson <robbat2 <AT> gentoo <DOT> org>
3	AuthorDate: Tue Sep 29 20:22:28 2020 +0000
4	Commit: Robin H. Johnson <robbat2 <AT> gentoo <DOT> org>
5	CommitDate: Tue Sep 29 20:25:58 2020 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ac625d83
7
8	net-dns/bind: fix USE=geoip to provide GeoIP again!
9
10	Upstream dropped support for the older GeoIP library, forcing a move to
11	the new library (previously you could chose either one).
12
13	However, the ebuild was not updated to reflect that if you needed GeoIP
14	functionality still, you had to update your USE flags. Trim out old
15	parts of the ebuild, and force users to add USE=geoip2.
16
17	Signed-off-by: Robin H. Johnson <robbat2 <AT> gentoo.org>
18
19	net-dns/bind/bind-9.16.6-r3.ebuild \| 388 +++++++++++++++++++++++++++++++++++++
20	1 file changed, 388 insertions(+)
21
22	diff --git a/net-dns/bind/bind-9.16.6-r3.ebuild b/net-dns/bind/bind-9.16.6-r3.ebuild
23	new file mode 100644
24	index 00000000000..ff2089ac70a
25	--- /dev/null
26	+++ b/net-dns/bind/bind-9.16.6-r3.ebuild
27	@@ -0,0 +1,388 @@
28	+# Copyright 1999-2020 Gentoo Authors
29	+# Distributed under the terms of the GNU General Public License v2
30	+
31	+# Re dlz/mysql and threads, needs to be verified..
32	+# MySQL uses thread local storage in its C api. Thus MySQL
33	+# requires that each thread of an application execute a MySQL
34	+# thread initialization to setup the thread local storage.
35	+# This is impossible to do safely while staying within the DLZ
36	+# driver API. This is a limitation caused by MySQL, and not the DLZ API.
37	+# Because of this BIND MUST only run with a single thread when
38	+# using the MySQL driver.
39	+
40	+EAPI=7
41	+
42	+PYTHON_COMPAT=( python3_{6..9} )
43	+
44	+inherit python-r1 eutils autotools toolchain-funcs flag-o-matic multilib db-use systemd
45	+
46	+MY_PV="${PV/_p/-P}"
47	+MY_PV="${MY_PV/_rc/rc}"
48	+MY_P="${PN}-${MY_PV}"
49	+
50	+SDB_LDAP_VER="1.1.0-fc14"
51	+
52	+RRL_PV="${MY_PV}"
53	+
54	+# SDB-LDAP: http://bind9-ldap.bayour.com/
55	+
56	+DESCRIPTION="Berkeley Internet Name Domain - Name Server"
57	+HOMEPAGE="https://www.isc.org/software/bind"
58	+SRC_URI="https://downloads.isc.org/isc/bind9/${PV}/${P}.tar.xz
59	+ doc? ( mirror://gentoo/dyndns-samples.tbz2 )"
60	+
61	+LICENSE="Apache-2.0 BSD BSD-2 GPL-2 HPND ISC MPL-2.0"
62	+SLOT="0"
63	+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux"
64	+# -berkdb by default re bug 602682
65	+IUSE="-berkdb +caps +dlz dnstap doc dnsrps fixed-rrset geoip geoip2 gssapi
66	+json ldap libressl lmdb mysql odbc postgres python selinux static-libs
67	+urandom xml +zlib"
68	+# sdb-ldap - patch broken
69	+# no PKCS11 currently as it requires OpenSSL to be patched, also see bug 409687
70	+
71	+# Upstream dropped the old geoip library, but the BIND configuration for using
72	+# GeoIP remained the same.
73	+REQUIRED_USE="
74	+ postgres? ( dlz )
75	+ berkdb? ( dlz )
76	+ mysql? ( dlz )
77	+ odbc? ( dlz )
78	+ ldap? ( dlz )
79	+ dnsrps? ( dlz )
80	+ python? ( ${PYTHON_REQUIRED_USE} )
81	+"
82	+
83	+DEPEND="
84	+ acct-group/named
85	+ acct-user/named
86	+ !libressl? ( dev-libs/openssl:=[-bindist] )
87	+ libressl? ( dev-libs/libressl:= )
88	+ mysql? ( dev-db/mysql-connector-c:0= )
89	+ odbc? ( >=dev-db/unixODBC-2.2.6 )
90	+ ldap? ( net-nds/openldap )
91	+ postgres? ( dev-db/postgresql:= )
92	+ caps? ( >=sys-libs/libcap-2.1.0 )
93	+ xml? ( dev-libs/libxml2 )
94	+ geoip? ( dev-libs/libmaxminddb )
95	+ geoip2? ( dev-libs/libmaxminddb )
96	+ gssapi? ( virtual/krb5 )
97	+ json? ( dev-libs/json-c:= )
98	+ lmdb? ( dev-db/lmdb )
99	+ zlib? ( sys-libs/zlib )
100	+ dnstap? ( dev-libs/fstrm dev-libs/protobuf-c )
101	+ python? (
102	+ ${PYTHON_DEPS}
103	+ dev-python/ply[${PYTHON_USEDEP}]
104	+ )
105	+ dev-libs/libuv:=
106	+"
107	+
108	+RDEPEND="${DEPEND}
109	+ selinux? ( sec-policy/selinux-bind )
110	+ sys-process/psmisc"
111	+
112	+S="${WORKDIR}/${MY_P}"
113	+
114	+PATCHES=(
115	+ # should fix https://bugs.gentoo.org/741162 taken from:
116	+ # https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/4073
117	+ "${FILESDIR}/bind-9.16.6-bug-741162.patch"
118	+
119	+ "${FILESDIR}/ldap-library-path-on-multilib-machines.patch"
120	+)
121	+
122	+# bug 479092, requires networking
123	+# bug 710840, cmocka fails LDFLAGS='-Wl,-O1'
124	+#RESTRICT="test"
125	+
126	+src_prepare() {
127	+ default
128	+
129	+ # should be installed by bind-tools
130	+ sed -i -r -e "s:(nsupdate\|dig\|delv) ::g" bin/Makefile.in \|\| die
131	+
132	+ # Disable tests for now, bug 406399
133	+ sed -i '/^SUBDIRS/s:tests::' bin/Makefile.in lib/Makefile.in \|\| die
134	+
135	+ # bug #220361
136	+ rm aclocal.m4 \|\| die
137	+ rm -rf libtool.m4/ \|\| die
138	+ eautoreconf
139	+
140	+ use python && python_copy_sources
141	+}
142	+
143	+src_configure() {
144	+ bind_configure --without-python
145	+ use python && python_foreach_impl python_configure
146	+}
147	+
148	+bind_configure() {
149	+ local myeconfargs=(
150	+ AR="$(type -P $(tc-getAR))"
151	+ --prefix="${EPREFIX}"/usr
152	+ --sysconfdir=/etc/bind
153	+ --localstatedir=/var
154	+ --with-libtool
155	+ --enable-full-report
156	+ --without-readline
157	+ --with-openssl="${EPREFIX}"/usr
158	+ --without-cmocka
159	+ $(use_enable caps linux-caps)
160	+ $(use_enable dnsrps)
161	+ $(use_enable dnstap)
162	+ $(use_enable fixed-rrset)
163	+ # $(use_enable static-libs static)
164	+ $(use_with berkdb dlz-bdb)
165	+ $(use_with dlz dlopen)
166	+ $(use_with dlz dlz-filesystem)
167	+ $(use_with dlz dlz-stub)
168	+ $(use_with gssapi)
169	+ $(use_with json json-c)
170	+ $(use_with ldap dlz-ldap)
171	+ $(use_with mysql dlz-mysql)
172	+ $(use_with odbc dlz-odbc)
173	+ $(use_with postgres dlz-postgres)
174	+ $(use_with lmdb)
175	+ $(use_with xml libxml2)
176	+ $(use_with zlib)
177	+ "${@}"
178	+ )
179	+ # This is for users to start to migrate back to USE=geoip, rather than
180	+ # USE=geoip2
181	+ if use geoip ; then
182	+ myeconfargs+=( $(use_with geoip maxminddb) )
183	+ elif use geoip2 ; then
184	+ myeconfargs+=( $(use_with geoip2 maxminddb) )
185	+ else
186	+ myeconfargs+=( --without-maxminddb )
187	+ fi
188	+
189	+ # bug #158664
190	+# gcc-specs-ssp && replace-flags -O[23s] -O
191	+
192	+ # To include db.h from proper path
193	+ use berkdb && append-flags "-I$(db_includedir)"
194	+
195	+ export BUILD_CC=$(tc-getBUILD_CC)
196	+ econf "${myeconfargs[@]}"
197	+
198	+ # bug #151839
199	+ echo '#undef SO_BSDCOMPAT' >> config.h
200	+}
201	+
202	+python_configure() {
203	+ pushd "${BUILD_DIR}" >/dev/null \|\| die
204	+ bind_configure --with-python
205	+ popd >/dev/null \|\| die
206	+}
207	+
208	+src_compile() {
209	+ default
210	+ use python && python_foreach_impl python_compile
211	+}
212	+
213	+python_compile() {
214	+ pushd "${BUILD_DIR}"/bin/python >/dev/null \|\| die
215	+ emake
216	+ popd >/dev/null \|\| die
217	+}
218	+
219	+src_install() {
220	+ default
221	+
222	+ # don't create /var/run
223	+ rmdir "${ED}"/var/run \|\| die
224	+
225	+ dodoc CHANGES README
226	+
227	+ if use doc; then
228	+ docinto misc
229	+ dodoc -r doc/misc/
230	+
231	+ # might a 'html' useflag make sense?
232	+ docinto html
233	+ dodoc -r doc/arm/
234	+
235	+ docinto contrib
236	+ dodoc contrib/scripts/{nanny.pl,named-bootconf.sh}
237	+
238	+ # some handy-dandy dynamic dns examples
239	+ pushd "${ED}"/usr/share/doc/${PF} 1>/dev/null \|\| die
240	+ tar xf "${DISTDIR}"/dyndns-samples.tbz2 \|\| die
241	+ popd 1>/dev/null \|\| die
242	+ fi
243	+
244	+ insinto /etc/bind
245	+ newins "${FILESDIR}"/named.conf-r8 named.conf
246	+
247	+ # ftp://ftp.rs.internic.net/domain/named.cache:
248	+ insinto /var/bind
249	+ newins "${FILESDIR}"/named.cache-r3 named.cache
250	+
251	+ insinto /var/bind/pri
252	+ newins "${FILESDIR}"/localhost.zone-r3 localhost.zone
253	+
254	+ newinitd "${FILESDIR}"/named.init-r13 named
255	+ newconfd "${FILESDIR}"/named.confd-r7 named
256	+
257	+ newenvd "${FILESDIR}"/10bind.env 10bind
258	+
259	+ # Let's get rid of those tools and their manpages since they're provided by bind-tools
260	+ rm -f "${ED}"/usr/share/man/man1/{dig,host,nslookup,delv,nsupdate}.1* \|\| die
261	+ rm -f "${ED}"/usr/share/man/man8/nsupdate.8* \|\| die
262	+ rm -f "${ED}"/usr/bin/{dig,host,nslookup,nsupdate} \|\| die
263	+ rm -f "${ED}"/usr/sbin/{dig,host,nslookup,nsupdate} \|\| die
264	+ for tool in dsfromkey importkey keyfromlabel keygen \
265	+ revoke settime signzone verify; do
266	+ rm -f "${ED}"/usr/{,s}bin/dnssec-"${tool}" \|\| die
267	+ rm -f "${ED}"/usr/share/man/man8/dnssec-"${tool}".8* \|\| die
268	+ done
269	+
270	+ # bug 405251, library archives aren't properly handled by --enable/disable-static
271	+ if ! use static-libs; then
272	+ find "${ED}" -type f -name '*.a' -delete \|\| die
273	+ fi
274	+
275	+ # bug 405251
276	+ find "${ED}" -type f -name '*.la' -delete \|\| die
277	+
278	+ use python && python_foreach_impl python_install
279	+
280	+ # bug 450406
281	+ dosym named.cache /var/bind/root.cache
282	+
283	+ dosym ../../var/bind/pri /etc/bind/pri
284	+ dosym ../../var/bind/sec /etc/bind/sec
285	+ dosym ../../var/bind/dyn /etc/bind/dyn
286	+ keepdir /var/bind/{pri,sec,dyn} /var/log/named
287	+
288	+ fowners root:named /{etc,var}/bind /var/log/named /var/bind/{sec,pri,dyn}
289	+ fowners root:named /var/bind/named.cache /var/bind/pri/localhost.zone /etc/bind/{bind.keys,named.conf}
290	+ fperms 0640 /var/bind/named.cache /var/bind/pri/localhost.zone /etc/bind/{bind.keys,named.conf}
291	+ fperms 0750 /etc/bind /var/bind/pri
292	+ fperms 0770 /var/log/named /var/bind/{,sec,dyn}
293	+
294	+ systemd_newunit "${FILESDIR}/named.service-r1" named.service
295	+ systemd_dotmpfilesd "${FILESDIR}"/named.conf
296	+ exeinto /usr/libexec
297	+ doexe "${FILESDIR}/generate-rndc-key.sh"
298	+}
299	+
300	+python_install() {
301	+ pushd "${BUILD_DIR}"/bin/python >/dev/null \|\| die
302	+ emake DESTDIR="${D}" install
303	+ python_scriptinto /usr/sbin
304	+ python_doscript dnssec-{checkds,coverage}
305	+ python_optimize
306	+ popd >/dev/null \|\| die
307	+}
308	+
309	+pkg_postinst() {
310	+ if [ ! -f '/etc/bind/rndc.key' ]; then
311	+ if use urandom; then
312	+ einfo "Using /dev/urandom for generating rndc.key"
313	+ /usr/sbin/rndc-confgen -r /dev/urandom -a
314	+ echo
315	+ else
316	+ einfo "Using /dev/random for generating rndc.key"
317	+ /usr/sbin/rndc-confgen -a
318	+ echo
319	+ fi
320	+ chown root:named /etc/bind/rndc.key \|\| die
321	+ chmod 0640 /etc/bind/rndc.key \|\| die
322	+ fi
323	+
324	+ einfo
325	+ einfo "You can edit /etc/conf.d/named to customize named settings"
326	+ einfo
327	+ use mysql \|\| use postgres \|\| use ldap && {
328	+ elog "If your named depends on MySQL/PostgreSQL or LDAP,"
329	+ elog "uncomment the specified rc_named_* lines in your"
330	+ elog "/etc/conf.d/named config to ensure they'll start before bind"
331	+ einfo
332	+ }
333	+ einfo "If you'd like to run bind in a chroot AND this is a new"
334	+ einfo "install OR your bind doesn't already run in a chroot:"
335	+ einfo "1) Uncomment and set the CHROOT variable in /etc/conf.d/named."
336	+ einfo "2) Run \`emerge --config '=${CATEGORY}/${PF}'\`"
337	+ einfo
338	+
339	+ CHROOT=$(source /etc/conf.d/named 2>/dev/null; echo ${CHROOT})
340	+ if [[ -n ${CHROOT} ]]; then
341	+ elog "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!"
342	+ elog "To enable the old behaviour (without using mount) uncomment the"
343	+ elog "CHROOT_NOMOUNT option in your /etc/conf.d/named config."
344	+ elog "If you decide to use the new/default method, ensure to make backup"
345	+ elog "first and merge your existing configs/zones to /etc/bind and"
346	+ elog "/var/bind because bind will now mount the needed directories into"
347	+ elog "the chroot dir."
348	+ fi
349	+}
350	+
351	+pkg_config() {
352	+ CHROOT=$(source /etc/conf.d/named; echo ${CHROOT})
353	+ CHROOT_NOMOUNT=$(source /etc/conf.d/named; echo ${CHROOT_NOMOUNT})
354	+ CHROOT_GEOIP=$(source /etc/conf.d/named; echo ${CHROOT_GEOIP})
355	+
356	+ if [[ -z "${CHROOT}" ]]; then
357	+ eerror "This config script is designed to automate setting up"
358	+ eerror "a chrooted bind/named. To do so, please first uncomment"
359	+ eerror "and set the CHROOT variable in '/etc/conf.d/named'."
360	+ die "Unset CHROOT"
361	+ fi
362	+ if [[ -d "${CHROOT}" ]]; then
363	+ ewarn "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!"
364	+ ewarn "To enable the old behaviour (without using mount) uncomment the"
365	+ ewarn "CHROOT_NOMOUNT option in your /etc/conf.d/named config."
366	+ ewarn
367	+ ewarn "${CHROOT} already exists... some things might become overridden"
368	+ ewarn "press CTRL+C if you don't want to continue"
369	+ sleep 10
370	+ fi
371	+
372	+ echo; einfo "Setting up the chroot directory..."
373	+
374	+ mkdir -m 0750 -p ${CHROOT} \|\| die
375	+ mkdir -m 0755 -p ${CHROOT}/{dev,etc,var/log,run} \|\| die
376	+ mkdir -m 0750 -p ${CHROOT}/etc/bind \|\| die
377	+ mkdir -m 0770 -p ${CHROOT}/var/{bind,log/named} ${CHROOT}/run/named/ \|\| die
378	+
379	+ chown root:named \
380	+ ${CHROOT} \
381	+ ${CHROOT}/var/{bind,log/named} \
382	+ ${CHROOT}/run/named/ \
383	+ ${CHROOT}/etc/bind \
384	+ \|\| die
385	+
386	+ mknod ${CHROOT}/dev/null c 1 3 \|\| die
387	+ chmod 0666 ${CHROOT}/dev/null \|\| die
388	+
389	+ mknod ${CHROOT}/dev/zero c 1 5 \|\| die
390	+ chmod 0666 ${CHROOT}/dev/zero \|\| die
391	+
392	+ if use urandom; then
393	+ mknod ${CHROOT}/dev/urandom c 1 9 \|\| die
394	+ chmod 0666 ${CHROOT}/dev/urandom \|\| die
395	+ else
396	+ mknod ${CHROOT}/dev/random c 1 8 \|\| die
397	+ chmod 0666 ${CHROOT}/dev/random \|\| die
398	+ fi
399	+
400	+ if [ "${CHROOT_NOMOUNT:-0}" -ne 0 ]; then
401	+ cp -a /etc/bind ${CHROOT}/etc/ \|\| die
402	+ cp -a /var/bind ${CHROOT}/var/ \|\| die
403	+ fi
404	+
405	+ if [ "${CHROOT_GEOIP:-0}" -eq 1 ]; then
406	+ if use geoip; then
407	+ mkdir -m 0755 -p ${CHROOT}/usr/share/GeoIP \|\| die
408	+ elif use geoip2; then
409	+ mkdir -m 0755 -p ${CHROOT}/usr/share/GeoIP2 \|\| die
410	+ fi
411	+ fi
412	+
413	+ elog "You may need to add the following line to your syslog-ng.conf:"
414	+ elog "source jail { unix-stream(\"${CHROOT}/dev/log\"); };"
415	+}

Gentoo Archives: gentoo-commits