1 |
commit: 6d546aa9b037c1f015ad6dcdce6da5eb79b5ef2c |
2 |
Author: Mikle Kolyada <zlogene <AT> gentoo <DOT> org> |
3 |
AuthorDate: Tue Apr 9 12:52:28 2019 +0000 |
4 |
Commit: Mikle Kolyada <zlogene <AT> gentoo <DOT> org> |
5 |
CommitDate: Tue Apr 9 12:52:39 2019 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6d546aa9 |
7 |
|
8 |
net-dns/bind: Security cleanup |
9 |
|
10 |
Signed-off-by: Mikle Kolyada <zlogene <AT> gentoo.org> |
11 |
Package-Manager: Portage-2.3.62, Repoman-2.3.11 |
12 |
|
13 |
net-dns/bind/Manifest | 2 - |
14 |
net-dns/bind/bind-9.12.2_p2-r1.ebuild | 415 ---------------------------------- |
15 |
net-dns/bind/bind-9.12.3_p1-r1.ebuild | 407 --------------------------------- |
16 |
net-dns/bind/metadata.xml | 1 - |
17 |
4 files changed, 825 deletions(-) |
18 |
|
19 |
diff --git a/net-dns/bind/Manifest b/net-dns/bind/Manifest |
20 |
index 93f9679e1ae..944da4ad7b7 100644 |
21 |
--- a/net-dns/bind/Manifest |
22 |
+++ b/net-dns/bind/Manifest |
23 |
@@ -1,4 +1,2 @@ |
24 |
-DIST bind-9.12.2_p2.tar.gz 9422128 BLAKE2B c7d56f025f381a0136aa67ccd49a3254fcfe566d5e3601410e5cada26ccab32a901fe6e14bc14e6e287fa2b3904a4eee8e3ef63329f9bc4cb11f204590ff3623 SHA512 458adf6b3d0df286e7d345a21c40b639efcb275e76f9e0bf4e40a5d76dcac875016324393e129f29397be326d1017367c506ec9cbb35871c98fad4281bc4e05a |
25 |
-DIST bind-9.12.3_p1.tar.gz 8625693 BLAKE2B 1899e04e409d3dafe63494fb7a0d8b813a6487754149bbfd01888cddc5e134ac675e9ac790684fb6fd8de4b1484e23ed7f1881c01234c9f16b27180c9a4594a9 SHA512 c1c91de88e4297e79b527775edd525c6fa948f169977563ab2e6ca93cac7317f8ca85863567f5cc151d4c6e3c081864ab1cf813bcfdd1165b52e9471b8317c28 |
26 |
DIST bind-9.12.3_p4.tar.gz 8627833 BLAKE2B f7f8b88d8179f2df92b3105a49f30f7de5ccfe78a4a51f6bfa08e732968bf8e4c35f298c4209d8d05bea4d71b8669fd360d4c17193574eda471ba4d7ad742092 SHA512 42c41f47a0282dc08ee875fe098ce84b26384dba5efbaf99b557d34c4271e0d6aac70126f280a3ee157e8604cce16901c8cd51fab791dec82f4a3d00c054f363 |
27 |
DIST dyndns-samples.tbz2 22866 BLAKE2B 409890653c6536cb9c0e3ba809d2bfde0e0ae73a2a101b4f229b46c01568466bc022bbbc37712171adbd08c572733e93630feab95a0fcd1ac50a7d37da1d1108 SHA512 83b0bf99f8e9ff709e8e9336d8c5231b98a4b5f0c60c10792f34931e32cc638d261967dfa5a83151ec3740977d94ddd6e21e9ce91267b3e279b88affdbc18cac |
28 |
|
29 |
diff --git a/net-dns/bind/bind-9.12.2_p2-r1.ebuild b/net-dns/bind/bind-9.12.2_p2-r1.ebuild |
30 |
deleted file mode 100644 |
31 |
index f6702e205b7..00000000000 |
32 |
--- a/net-dns/bind/bind-9.12.2_p2-r1.ebuild |
33 |
+++ /dev/null |
34 |
@@ -1,415 +0,0 @@ |
35 |
-# Copyright 1999-2019 Gentoo Authors |
36 |
-# Distributed under the terms of the GNU General Public License v2 |
37 |
- |
38 |
-# Re dlz/mysql and threads, needs to be verified.. |
39 |
-# MySQL uses thread local storage in its C api. Thus MySQL |
40 |
-# requires that each thread of an application execute a MySQL |
41 |
-# thread initialization to setup the thread local storage. |
42 |
-# This is impossible to do safely while staying within the DLZ |
43 |
-# driver API. This is a limitation caused by MySQL, and not the DLZ API. |
44 |
-# Because of this BIND MUST only run with a single thread when |
45 |
-# using the MySQL driver. |
46 |
- |
47 |
-EAPI=7 |
48 |
- |
49 |
-PYTHON_COMPAT=( python2_7 python3_{4,5,6,7} ) |
50 |
- |
51 |
-inherit python-r1 eutils autotools toolchain-funcs flag-o-matic multilib db-use user systemd |
52 |
- |
53 |
-MY_PV="${PV/_p/-P}" |
54 |
-MY_PV="${MY_PV/_rc/rc}" |
55 |
-MY_P="${PN}-${MY_PV}" |
56 |
- |
57 |
-SDB_LDAP_VER="1.1.0-fc14" |
58 |
- |
59 |
-RRL_PV="${MY_PV}" |
60 |
- |
61 |
-# SDB-LDAP: http://bind9-ldap.bayour.com/ |
62 |
- |
63 |
-DESCRIPTION="BIND - Berkeley Internet Name Domain - Name Server" |
64 |
-HOMEPAGE="http://www.isc.org/software/bind" |
65 |
-SRC_URI="https://www.isc.org/downloads/file/${MY_P}/?version=tar-gz -> ${P}.tar.gz |
66 |
- doc? ( mirror://gentoo/dyndns-samples.tbz2 )" |
67 |
-# sdb-ldap? ( |
68 |
-# http://ftp.disconnected-by-peer.at/pub/bind-sdb-ldap-${SDB_LDAP_VER}.patch.bz2 |
69 |
-# )" |
70 |
- |
71 |
-LICENSE="Apache-2.0 BSD BSD-2 GPL-2 HPND ISC MPL-2.0" |
72 |
-SLOT="0" |
73 |
-KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86 ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" |
74 |
-# -berkdb by default re bug 602682 |
75 |
-IUSE="-berkdb +caps dlz dnstap doc dnsrps fixed-rrset geoip gost gssapi idn ipv6 |
76 |
-json ldap libidn2 libressl lmdb mysql odbc postgres python rpz seccomp selinux ssl static-libs |
77 |
-+threads urandom xml +zlib" |
78 |
-# sdb-ldap - patch broken |
79 |
-# no PKCS11 currently as it requires OpenSSL to be patched, also see bug 409687 |
80 |
- |
81 |
-REQUIRED_USE="idn? ( !libidn2 ) |
82 |
- libidn2? ( !idn ) |
83 |
- postgres? ( dlz ) |
84 |
- berkdb? ( dlz ) |
85 |
- mysql? ( dlz !threads ) |
86 |
- odbc? ( dlz ) |
87 |
- ldap? ( dlz ) |
88 |
- gost? ( !libressl ssl ) |
89 |
- threads? ( caps ) |
90 |
- dnstap? ( threads ) |
91 |
- python? ( ${PYTHON_REQUIRED_USE} )" |
92 |
-# sdb-ldap? ( dlz ) |
93 |
- |
94 |
-DEPEND=" |
95 |
- ssl? ( |
96 |
- !libressl? ( dev-libs/openssl:0[-bindist] ) |
97 |
- libressl? ( dev-libs/libressl ) |
98 |
- ) |
99 |
- mysql? ( >=virtual/mysql-4.0 ) |
100 |
- odbc? ( >=dev-db/unixODBC-2.2.6 ) |
101 |
- ldap? ( net-nds/openldap ) |
102 |
- idn? ( <net-dns/idnkit-2:= ) |
103 |
- libidn2? ( net-dns/libidn2 ) |
104 |
- postgres? ( dev-db/postgresql:= ) |
105 |
- caps? ( >=sys-libs/libcap-2.1.0 ) |
106 |
- xml? ( dev-libs/libxml2 ) |
107 |
- geoip? ( >=dev-libs/geoip-1.4.6 ) |
108 |
- gssapi? ( virtual/krb5 ) |
109 |
- gost? ( |
110 |
- || ( |
111 |
- =dev-libs/openssl-1.0*[-bindist] |
112 |
- ( |
113 |
- >=dev-libs/openssl-1.1 |
114 |
- dev-libs/gost-engine |
115 |
- ) |
116 |
- ) |
117 |
- ) |
118 |
- seccomp? ( sys-libs/libseccomp ) |
119 |
- json? ( dev-libs/json-c:= ) |
120 |
- lmdb? ( dev-db/lmdb ) |
121 |
- zlib? ( sys-libs/zlib ) |
122 |
- dnstap? ( dev-libs/fstrm dev-libs/protobuf-c ) |
123 |
- python? ( |
124 |
- ${PYTHON_DEPS} |
125 |
- dev-python/ply[${PYTHON_USEDEP}] |
126 |
- )" |
127 |
-# sdb-ldap? ( net-nds/openldap ) |
128 |
- |
129 |
-RDEPEND="${DEPEND} |
130 |
- selinux? ( sec-policy/selinux-bind ) |
131 |
- || ( sys-process/psmisc >=sys-freebsd/freebsd-ubin-9.0_rc sys-process/fuser-bsd )" |
132 |
- |
133 |
-S="${WORKDIR}/${MY_P}" |
134 |
- |
135 |
-# bug 479092, requires networking |
136 |
-RESTRICT="test" |
137 |
- |
138 |
-pkg_setup() { |
139 |
- ebegin "Creating named group and user" |
140 |
- enewgroup named 40 |
141 |
- enewuser named 40 -1 /etc/bind named |
142 |
- eend ${?} |
143 |
-} |
144 |
- |
145 |
-src_prepare() { |
146 |
- default |
147 |
- |
148 |
- # Adjusting PATHs in manpages |
149 |
- for i in bin/{named/named.8,check/named-checkconf.8,rndc/rndc.8} ; do |
150 |
- sed -i \ |
151 |
- -e 's:/etc/named.conf:/etc/bind/named.conf:g' \ |
152 |
- -e 's:/etc/rndc.conf:/etc/bind/rndc.conf:g' \ |
153 |
- -e 's:/etc/rndc.key:/etc/bind/rndc.key:g' \ |
154 |
- "${i}" || die "sed failed, ${i} doesn't exist" |
155 |
- done |
156 |
- |
157 |
-# if use dlz; then |
158 |
-# # sdb-ldap patch as per bug #160567 |
159 |
-# # Upstream URL: http://bind9-ldap.bayour.com/ |
160 |
-# # New patch take from bug 302735 |
161 |
-# if use sdb-ldap; then |
162 |
-# epatch "${WORKDIR}"/${PN}-sdb-ldap-${SDB_LDAP_VER}.patch |
163 |
-# cp -fp contrib/sdb/ldap/ldapdb.[ch] bin/named/ |
164 |
-# cp -fp contrib/sdb/ldap/{ldap2zone.1,ldap2zone.c} bin/tools/ |
165 |
-# cp -fp contrib/sdb/ldap/{zone2ldap.1,zone2ldap.c} bin/tools/ |
166 |
-# fi |
167 |
-# fi |
168 |
- |
169 |
- # should be installed by bind-tools |
170 |
- sed -i -r -e "s:(nsupdate|dig|delv) ::g" bin/Makefile.in || die |
171 |
- |
172 |
- # Disable tests for now, bug 406399 |
173 |
- sed -i '/^SUBDIRS/s:tests::' bin/Makefile.in lib/Makefile.in || die |
174 |
- |
175 |
- # bug #220361 |
176 |
- rm aclocal.m4 |
177 |
- rm -rf libtool.m4/ |
178 |
- eautoreconf |
179 |
-} |
180 |
- |
181 |
-src_configure() { |
182 |
- local myeconfargs=( |
183 |
- --sysconfdir=/etc/bind |
184 |
- --localstatedir=/var |
185 |
- --with-libtool |
186 |
- --enable-full-report |
187 |
- --without-readline |
188 |
- $(use_enable caps linux-caps) |
189 |
- $(use_enable dnsrps) |
190 |
- $(use_enable fixed-rrset) |
191 |
- $(use_enable ipv6) |
192 |
- $(use_enable rpz rpz-nsdname) |
193 |
- $(use_enable rpz rpz-nsip) |
194 |
- $(use_enable seccomp) |
195 |
- # $(use_enable static-libs static) |
196 |
- $(use_enable threads) |
197 |
- $(use_with berkdb dlz-bdb) |
198 |
- $(use_with dlz dlopen) |
199 |
- $(use_with dlz dlz-filesystem) |
200 |
- $(use_with dlz dlz-stub) |
201 |
- $(use_with gost) |
202 |
- $(use_with gssapi) |
203 |
- $(use_with idn idnkit) |
204 |
- $(use_with libidn2) |
205 |
- $(use_with json libjson) |
206 |
- $(use_with ldap dlz-ldap) |
207 |
- $(use_with mysql dlz-mysql) |
208 |
- $(use_with odbc dlz-odbc) |
209 |
- $(use_with postgres dlz-postgres) |
210 |
- $(use_with lmdb) |
211 |
- $(use_with python) |
212 |
- $(use_with ssl ecdsa) |
213 |
- $(use_with ssl openssl "${EPREFIX}"/usr) |
214 |
- $(use_with xml libxml2) |
215 |
- $(use_with zlib) |
216 |
- ) |
217 |
- |
218 |
- if use urandom; then |
219 |
- myeconfargs+=( --with-randomdev=/dev/urandom ) |
220 |
- else |
221 |
- myeconfargs+=( --with-randomdev=/dev/random ) |
222 |
- fi |
223 |
- |
224 |
- use geoip && myeconfargs+=( --with-geoip ) |
225 |
- |
226 |
- # bug #158664 |
227 |
-# gcc-specs-ssp && replace-flags -O[23s] -O |
228 |
- |
229 |
- # To include db.h from proper path |
230 |
- use berkdb && append-flags "-I$(db_includedir)" |
231 |
- |
232 |
- export BUILD_CC=$(tc-getBUILD_CC) |
233 |
- econf "${myeconfargs[@]}" |
234 |
- |
235 |
- # bug #151839 |
236 |
- echo '#undef SO_BSDCOMPAT' >> config.h |
237 |
-} |
238 |
- |
239 |
-src_install() { |
240 |
- emake DESTDIR="${D}" install |
241 |
- |
242 |
- dodoc CHANGES README |
243 |
- |
244 |
- if use idn; then |
245 |
- dodoc contrib/idn/README.idnkit |
246 |
- fi |
247 |
- |
248 |
- if use doc; then |
249 |
- dodoc doc/arm/Bv9ARM.pdf |
250 |
- |
251 |
- docinto misc |
252 |
- dodoc doc/misc/* |
253 |
- |
254 |
- # might a 'html' useflag make sense? |
255 |
- docinto html |
256 |
- dodoc -r doc/arm/* |
257 |
- |
258 |
- docinto contrib |
259 |
- dodoc contrib/scripts/{nanny.pl,named-bootconf.sh} |
260 |
- |
261 |
- # some handy-dandy dynamic dns examples |
262 |
- pushd "${ED%/}"/usr/share/doc/${PF} 1>/dev/null || die |
263 |
- tar xf "${DISTDIR}"/dyndns-samples.tbz2 || die |
264 |
- popd 1>/dev/null || die |
265 |
- fi |
266 |
- |
267 |
- insinto /etc/bind |
268 |
- newins "${FILESDIR}"/named.conf-r8 named.conf |
269 |
- |
270 |
- # ftp://ftp.rs.internic.net/domain/named.cache: |
271 |
- insinto /var/bind |
272 |
- newins "${FILESDIR}"/named.cache-r3 named.cache |
273 |
- |
274 |
- insinto /var/bind/pri |
275 |
- newins "${FILESDIR}"/localhost.zone-r3 localhost.zone |
276 |
- |
277 |
- newinitd "${FILESDIR}"/named.init-r13 named |
278 |
- newconfd "${FILESDIR}"/named.confd-r7 named |
279 |
- |
280 |
- if use gost; then |
281 |
- sed -e 's/^OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-0}$/OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-1}/' \ |
282 |
- -i "${ED%/}/etc/init.d/named" || die |
283 |
- else |
284 |
- sed -e 's/^OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-1}$/OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-0}/' \ |
285 |
- -i "${ED%/}/etc/init.d/named" || die |
286 |
- fi |
287 |
- |
288 |
- newenvd "${FILESDIR}"/10bind.env 10bind |
289 |
- |
290 |
- # Let's get rid of those tools and their manpages since they're provided by bind-tools |
291 |
- rm -f "${ED%/}"/usr/share/man/man1/{dig,host,nslookup}.1* |
292 |
- rm -f "${ED%/}"/usr/share/man/man8/nsupdate.8* |
293 |
- rm -f "${ED%/}"/usr/bin/{dig,host,nslookup,nsupdate} |
294 |
- rm -f "${ED%/}"/usr/sbin/{dig,host,nslookup,nsupdate} |
295 |
- for tool in dsfromkey importkey keyfromlabel keygen \ |
296 |
- revoke settime signzone verify; do |
297 |
- rm -f "${ED%/}"/usr/{,s}bin/dnssec-"${tool}" |
298 |
- rm -f "${ED%/}"/usr/share/man/man8/dnssec-"${tool}".8* |
299 |
- done |
300 |
- |
301 |
- # bug 405251, library archives aren't properly handled by --enable/disable-static |
302 |
- if ! use static-libs; then |
303 |
- find "${ED}" -type f -name '*.a' -delete || die |
304 |
- fi |
305 |
- |
306 |
- # bug 405251 |
307 |
- find "${ED}" -type f -name '*.la' -delete || die |
308 |
- |
309 |
- if use python; then |
310 |
- install_python_tools() { |
311 |
- dosbin bin/python/dnssec-{checkds,coverage} |
312 |
- } |
313 |
- python_foreach_impl install_python_tools |
314 |
- |
315 |
- python_replicate_script "${ED%/}/usr/sbin/dnssec-checkds" |
316 |
- python_replicate_script "${ED%/}/usr/sbin/dnssec-coverage" |
317 |
- fi |
318 |
- |
319 |
- # bug 450406 |
320 |
- dosym named.cache /var/bind/root.cache |
321 |
- |
322 |
- dosym /var/bind/pri /etc/bind/pri |
323 |
- dosym /var/bind/sec /etc/bind/sec |
324 |
- dosym /var/bind/dyn /etc/bind/dyn |
325 |
- keepdir /var/bind/{pri,sec,dyn} |
326 |
- |
327 |
- dodir /var/log/named |
328 |
- |
329 |
- fowners root:named /{etc,var}/bind /var/log/named /var/bind/{sec,pri,dyn} |
330 |
- fowners root:named /var/bind/named.cache /var/bind/pri/localhost.zone /etc/bind/{bind.keys,named.conf} |
331 |
- fperms 0640 /var/bind/named.cache /var/bind/pri/localhost.zone /etc/bind/{bind.keys,named.conf} |
332 |
- fperms 0750 /etc/bind /var/bind/pri |
333 |
- fperms 0770 /var/log/named /var/bind/{,sec,dyn} |
334 |
- |
335 |
- systemd_newunit "${FILESDIR}/named.service-r1" named.service |
336 |
- systemd_dotmpfilesd "${FILESDIR}"/named.conf |
337 |
- exeinto /usr/libexec |
338 |
- doexe "${FILESDIR}/generate-rndc-key.sh" |
339 |
-} |
340 |
- |
341 |
-pkg_postinst() { |
342 |
- if [ ! -f '/etc/bind/rndc.key' ]; then |
343 |
- if use urandom; then |
344 |
- einfo "Using /dev/urandom for generating rndc.key" |
345 |
- /usr/sbin/rndc-confgen -r /dev/urandom -a |
346 |
- echo |
347 |
- else |
348 |
- einfo "Using /dev/random for generating rndc.key" |
349 |
- /usr/sbin/rndc-confgen -a |
350 |
- echo |
351 |
- fi |
352 |
- chown root:named /etc/bind/rndc.key || die |
353 |
- chmod 0640 /etc/bind/rndc.key || die |
354 |
- fi |
355 |
- |
356 |
- einfo |
357 |
- einfo "You can edit /etc/conf.d/named to customize named settings" |
358 |
- einfo |
359 |
- use mysql || use postgres || use ldap && { |
360 |
- elog "If your named depends on MySQL/PostgreSQL or LDAP," |
361 |
- elog "uncomment the specified rc_named_* lines in your" |
362 |
- elog "/etc/conf.d/named config to ensure they'll start before bind" |
363 |
- einfo |
364 |
- } |
365 |
- einfo "If you'd like to run bind in a chroot AND this is a new" |
366 |
- einfo "install OR your bind doesn't already run in a chroot:" |
367 |
- einfo "1) Uncomment and set the CHROOT variable in /etc/conf.d/named." |
368 |
- einfo "2) Run \`emerge --config '=${CATEGORY}/${PF}'\`" |
369 |
- einfo |
370 |
- |
371 |
- CHROOT=$(source /etc/conf.d/named 2>/dev/null; echo ${CHROOT}) |
372 |
- if [[ -n ${CHROOT} ]]; then |
373 |
- elog "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!" |
374 |
- elog "To enable the old behaviour (without using mount) uncomment the" |
375 |
- elog "CHROOT_NOMOUNT option in your /etc/conf.d/named config." |
376 |
- elog "If you decide to use the new/default method, ensure to make backup" |
377 |
- elog "first and merge your existing configs/zones to /etc/bind and" |
378 |
- elog "/var/bind because bind will now mount the needed directories into" |
379 |
- elog "the chroot dir." |
380 |
- fi |
381 |
-} |
382 |
- |
383 |
-pkg_config() { |
384 |
- CHROOT=$(source /etc/conf.d/named; echo ${CHROOT}) |
385 |
- CHROOT_NOMOUNT=$(source /etc/conf.d/named; echo ${CHROOT_NOMOUNT}) |
386 |
- CHROOT_GEOIP=$(source /etc/conf.d/named; echo ${CHROOT_GEOIP}) |
387 |
- |
388 |
- if [[ -z "${CHROOT}" ]]; then |
389 |
- eerror "This config script is designed to automate setting up" |
390 |
- eerror "a chrooted bind/named. To do so, please first uncomment" |
391 |
- eerror "and set the CHROOT variable in '/etc/conf.d/named'." |
392 |
- die "Unset CHROOT" |
393 |
- fi |
394 |
- if [[ -d "${CHROOT}" ]]; then |
395 |
- ewarn "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!" |
396 |
- ewarn "To enable the old behaviour (without using mount) uncomment the" |
397 |
- ewarn "CHROOT_NOMOUNT option in your /etc/conf.d/named config." |
398 |
- ewarn |
399 |
- ewarn "${CHROOT} already exists... some things might become overridden" |
400 |
- ewarn "press CTRL+C if you don't want to continue" |
401 |
- sleep 10 |
402 |
- fi |
403 |
- |
404 |
- echo; einfo "Setting up the chroot directory..." |
405 |
- |
406 |
- mkdir -m 0750 -p ${CHROOT} || die |
407 |
- mkdir -m 0755 -p ${CHROOT}/{dev,etc,var/log,run} || die |
408 |
- mkdir -m 0750 -p ${CHROOT}/etc/bind || die |
409 |
- mkdir -m 0770 -p ${CHROOT}/var/{bind,log/named} ${CHROOT}/run/named/ || die |
410 |
- # As of bind 9.8.0 |
411 |
- if has_version net-dns/bind[gost]; then |
412 |
- mkdir -m 0755 -p ${CHROOT}/usr/$(get_libdir)/engines || die |
413 |
- if [ "$(get_libdir)" = "lib64" ]; then |
414 |
- ln -s lib64 ${CHROOT}/usr/lib || die |
415 |
- fi |
416 |
- fi |
417 |
- chown root:named \ |
418 |
- ${CHROOT} \ |
419 |
- ${CHROOT}/var/{bind,log/named} \ |
420 |
- ${CHROOT}/run/named/ \ |
421 |
- ${CHROOT}/etc/bind \ |
422 |
- || die |
423 |
- |
424 |
- mknod ${CHROOT}/dev/null c 1 3 || die |
425 |
- chmod 0666 ${CHROOT}/dev/null || die |
426 |
- |
427 |
- mknod ${CHROOT}/dev/zero c 1 5 || die |
428 |
- chmod 0666 ${CHROOT}/dev/zero || die |
429 |
- |
430 |
- if use urandom; then |
431 |
- mknod ${CHROOT}/dev/urandom c 1 9 || die |
432 |
- chmod 0666 ${CHROOT}/dev/urandom || die |
433 |
- else |
434 |
- mknod ${CHROOT}/dev/random c 1 8 || die |
435 |
- chmod 0666 ${CHROOT}/dev/random || die |
436 |
- fi |
437 |
- |
438 |
- if [ "${CHROOT_NOMOUNT:-0}" -ne 0 ]; then |
439 |
- cp -a /etc/bind ${CHROOT}/etc/ || die |
440 |
- cp -a /var/bind ${CHROOT}/var/ || die |
441 |
- fi |
442 |
- |
443 |
- if [ "${CHROOT_GEOIP:-0}" -eq 1 ]; then |
444 |
- mkdir -m 0755 -p ${CHROOT}/usr/share/GeoIP || die |
445 |
- fi |
446 |
- |
447 |
- elog "You may need to add the following line to your syslog-ng.conf:" |
448 |
- elog "source jail { unix-stream(\"${CHROOT}/dev/log\"); };" |
449 |
-} |
450 |
|
451 |
diff --git a/net-dns/bind/bind-9.12.3_p1-r1.ebuild b/net-dns/bind/bind-9.12.3_p1-r1.ebuild |
452 |
deleted file mode 100644 |
453 |
index 21445040753..00000000000 |
454 |
--- a/net-dns/bind/bind-9.12.3_p1-r1.ebuild |
455 |
+++ /dev/null |
456 |
@@ -1,407 +0,0 @@ |
457 |
-# Copyright 1999-2019 Gentoo Authors |
458 |
-# Distributed under the terms of the GNU General Public License v2 |
459 |
- |
460 |
-# Re dlz/mysql and threads, needs to be verified.. |
461 |
-# MySQL uses thread local storage in its C api. Thus MySQL |
462 |
-# requires that each thread of an application execute a MySQL |
463 |
-# thread initialization to setup the thread local storage. |
464 |
-# This is impossible to do safely while staying within the DLZ |
465 |
-# driver API. This is a limitation caused by MySQL, and not the DLZ API. |
466 |
-# Because of this BIND MUST only run with a single thread when |
467 |
-# using the MySQL driver. |
468 |
- |
469 |
-EAPI=7 |
470 |
- |
471 |
-PYTHON_COMPAT=( python2_7 python3_{4,5,6,7} ) |
472 |
- |
473 |
-inherit python-r1 eutils autotools toolchain-funcs flag-o-matic multilib db-use user systemd |
474 |
- |
475 |
-MY_PV="${PV/_p/-P}" |
476 |
-MY_PV="${MY_PV/_rc/rc}" |
477 |
-MY_P="${PN}-${MY_PV}" |
478 |
- |
479 |
-SDB_LDAP_VER="1.1.0-fc14" |
480 |
- |
481 |
-RRL_PV="${MY_PV}" |
482 |
- |
483 |
-# SDB-LDAP: http://bind9-ldap.bayour.com/ |
484 |
- |
485 |
-DESCRIPTION="BIND - Berkeley Internet Name Domain - Name Server" |
486 |
-HOMEPAGE="http://www.isc.org/software/bind" |
487 |
-SRC_URI="https://www.isc.org/downloads/file/${MY_P}/?version=tar-gz -> ${P}.tar.gz |
488 |
- doc? ( mirror://gentoo/dyndns-samples.tbz2 )" |
489 |
-# sdb-ldap? ( |
490 |
-# http://ftp.disconnected-by-peer.at/pub/bind-sdb-ldap-${SDB_LDAP_VER}.patch.bz2 |
491 |
-# )" |
492 |
- |
493 |
-LICENSE="Apache-2.0 BSD BSD-2 GPL-2 HPND ISC MPL-2.0" |
494 |
-SLOT="0" |
495 |
-KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" |
496 |
-# -berkdb by default re bug 602682 |
497 |
-IUSE="-berkdb +caps dlz dnstap doc dnsrps fixed-rrset geoip gost gssapi ipv6 |
498 |
-json ldap libressl lmdb mysql odbc postgres python rpz seccomp selinux ssl static-libs |
499 |
-+threads urandom xml +zlib" |
500 |
-# sdb-ldap - patch broken |
501 |
-# no PKCS11 currently as it requires OpenSSL to be patched, also see bug 409687 |
502 |
- |
503 |
-REQUIRED_USE=" |
504 |
- postgres? ( dlz ) |
505 |
- berkdb? ( dlz ) |
506 |
- mysql? ( dlz !threads ) |
507 |
- odbc? ( dlz ) |
508 |
- ldap? ( dlz ) |
509 |
- gost? ( !libressl ssl ) |
510 |
- threads? ( caps ) |
511 |
- dnstap? ( threads ) |
512 |
- python? ( ${PYTHON_REQUIRED_USE} )" |
513 |
-# sdb-ldap? ( dlz ) |
514 |
- |
515 |
-DEPEND=" |
516 |
- ssl? ( |
517 |
- !libressl? ( dev-libs/openssl:0[-bindist] ) |
518 |
- libressl? ( dev-libs/libressl ) |
519 |
- ) |
520 |
- mysql? ( dev-db/mysql-connector-c:0= ) |
521 |
- odbc? ( >=dev-db/unixODBC-2.2.6 ) |
522 |
- ldap? ( net-nds/openldap ) |
523 |
- postgres? ( dev-db/postgresql:= ) |
524 |
- caps? ( >=sys-libs/libcap-2.1.0 ) |
525 |
- xml? ( dev-libs/libxml2 ) |
526 |
- geoip? ( >=dev-libs/geoip-1.4.6 ) |
527 |
- gssapi? ( virtual/krb5 ) |
528 |
- gost? ( |
529 |
- || ( |
530 |
- =dev-libs/openssl-1.0*[-bindist] |
531 |
- ( |
532 |
- >=dev-libs/openssl-1.1 |
533 |
- dev-libs/gost-engine |
534 |
- ) |
535 |
- ) |
536 |
- ) |
537 |
- seccomp? ( sys-libs/libseccomp ) |
538 |
- json? ( dev-libs/json-c:= ) |
539 |
- lmdb? ( dev-db/lmdb ) |
540 |
- zlib? ( sys-libs/zlib ) |
541 |
- dnstap? ( dev-libs/fstrm dev-libs/protobuf-c ) |
542 |
- python? ( |
543 |
- ${PYTHON_DEPS} |
544 |
- dev-python/ply[${PYTHON_USEDEP}] |
545 |
- )" |
546 |
-# sdb-ldap? ( net-nds/openldap ) |
547 |
- |
548 |
-RDEPEND="${DEPEND} |
549 |
- selinux? ( sec-policy/selinux-bind ) |
550 |
- || ( sys-process/psmisc >=sys-freebsd/freebsd-ubin-9.0_rc sys-process/fuser-bsd )" |
551 |
- |
552 |
-S="${WORKDIR}/${MY_P}" |
553 |
- |
554 |
-# bug 479092, requires networking |
555 |
-RESTRICT="test" |
556 |
- |
557 |
-pkg_setup() { |
558 |
- ebegin "Creating named group and user" |
559 |
- enewgroup named 40 |
560 |
- enewuser named 40 -1 /etc/bind named |
561 |
- eend ${?} |
562 |
-} |
563 |
- |
564 |
-src_prepare() { |
565 |
- default |
566 |
- |
567 |
- # Adjusting PATHs in manpages |
568 |
- for i in bin/{named/named.8,check/named-checkconf.8,rndc/rndc.8} ; do |
569 |
- sed -i \ |
570 |
- -e 's:/etc/named.conf:/etc/bind/named.conf:g' \ |
571 |
- -e 's:/etc/rndc.conf:/etc/bind/rndc.conf:g' \ |
572 |
- -e 's:/etc/rndc.key:/etc/bind/rndc.key:g' \ |
573 |
- "${i}" || die "sed failed, ${i} doesn't exist" |
574 |
- done |
575 |
- |
576 |
-# if use dlz; then |
577 |
-# # sdb-ldap patch as per bug #160567 |
578 |
-# # Upstream URL: http://bind9-ldap.bayour.com/ |
579 |
-# # New patch take from bug 302735 |
580 |
-# if use sdb-ldap; then |
581 |
-# epatch "${WORKDIR}"/${PN}-sdb-ldap-${SDB_LDAP_VER}.patch |
582 |
-# cp -fp contrib/sdb/ldap/ldapdb.[ch] bin/named/ |
583 |
-# cp -fp contrib/sdb/ldap/{ldap2zone.1,ldap2zone.c} bin/tools/ |
584 |
-# cp -fp contrib/sdb/ldap/{zone2ldap.1,zone2ldap.c} bin/tools/ |
585 |
-# fi |
586 |
-# fi |
587 |
- |
588 |
- # should be installed by bind-tools |
589 |
- sed -i -r -e "s:(nsupdate|dig|delv) ::g" bin/Makefile.in || die |
590 |
- |
591 |
- # Disable tests for now, bug 406399 |
592 |
- sed -i '/^SUBDIRS/s:tests::' bin/Makefile.in lib/Makefile.in || die |
593 |
- |
594 |
- # bug #220361 |
595 |
- rm aclocal.m4 |
596 |
- rm -rf libtool.m4/ |
597 |
- eautoreconf |
598 |
-} |
599 |
- |
600 |
-src_configure() { |
601 |
- local myeconfargs=( |
602 |
- --sysconfdir=/etc/bind |
603 |
- --localstatedir=/var |
604 |
- --with-libtool |
605 |
- --enable-full-report |
606 |
- --without-readline |
607 |
- $(use_enable caps linux-caps) |
608 |
- $(use_enable dnsrps) |
609 |
- $(use_enable dnstap) |
610 |
- $(use_enable fixed-rrset) |
611 |
- $(use_enable ipv6) |
612 |
- $(use_enable rpz rpz-nsdname) |
613 |
- $(use_enable rpz rpz-nsip) |
614 |
- $(use_enable seccomp) |
615 |
- # $(use_enable static-libs static) |
616 |
- $(use_enable threads) |
617 |
- $(use_with berkdb dlz-bdb) |
618 |
- $(use_with dlz dlopen) |
619 |
- $(use_with dlz dlz-filesystem) |
620 |
- $(use_with dlz dlz-stub) |
621 |
- $(use_with gost) |
622 |
- $(use_with gssapi) |
623 |
- $(use_with json libjson) |
624 |
- $(use_with ldap dlz-ldap) |
625 |
- $(use_with mysql dlz-mysql) |
626 |
- $(use_with odbc dlz-odbc) |
627 |
- $(use_with postgres dlz-postgres) |
628 |
- $(use_with lmdb) |
629 |
- $(use_with python) |
630 |
- $(use_with ssl ecdsa) |
631 |
- $(use_with ssl openssl "${EPREFIX}"/usr) |
632 |
- $(use_with xml libxml2) |
633 |
- $(use_with zlib) |
634 |
- ) |
635 |
- |
636 |
- if use urandom; then |
637 |
- myeconfargs+=( --with-randomdev=/dev/urandom ) |
638 |
- else |
639 |
- myeconfargs+=( --with-randomdev=/dev/random ) |
640 |
- fi |
641 |
- |
642 |
- use geoip && myeconfargs+=( --with-geoip ) |
643 |
- |
644 |
- # bug #158664 |
645 |
-# gcc-specs-ssp && replace-flags -O[23s] -O |
646 |
- |
647 |
- # To include db.h from proper path |
648 |
- use berkdb && append-flags "-I$(db_includedir)" |
649 |
- |
650 |
- export BUILD_CC=$(tc-getBUILD_CC) |
651 |
- econf "${myeconfargs[@]}" |
652 |
- |
653 |
- # bug #151839 |
654 |
- echo '#undef SO_BSDCOMPAT' >> config.h |
655 |
-} |
656 |
- |
657 |
-src_install() { |
658 |
- emake DESTDIR="${D}" install |
659 |
- |
660 |
- dodoc CHANGES README |
661 |
- |
662 |
- if use doc; then |
663 |
- dodoc doc/arm/Bv9ARM.pdf |
664 |
- |
665 |
- docinto misc |
666 |
- dodoc doc/misc/* |
667 |
- |
668 |
- # might a 'html' useflag make sense? |
669 |
- docinto html |
670 |
- dodoc -r doc/arm/* |
671 |
- |
672 |
- docinto contrib |
673 |
- dodoc contrib/scripts/{nanny.pl,named-bootconf.sh} |
674 |
- |
675 |
- # some handy-dandy dynamic dns examples |
676 |
- pushd "${ED%/}"/usr/share/doc/${PF} 1>/dev/null || die |
677 |
- tar xf "${DISTDIR}"/dyndns-samples.tbz2 || die |
678 |
- popd 1>/dev/null || die |
679 |
- fi |
680 |
- |
681 |
- insinto /etc/bind |
682 |
- newins "${FILESDIR}"/named.conf-r8 named.conf |
683 |
- |
684 |
- # ftp://ftp.rs.internic.net/domain/named.cache: |
685 |
- insinto /var/bind |
686 |
- newins "${FILESDIR}"/named.cache-r3 named.cache |
687 |
- |
688 |
- insinto /var/bind/pri |
689 |
- newins "${FILESDIR}"/localhost.zone-r3 localhost.zone |
690 |
- |
691 |
- newinitd "${FILESDIR}"/named.init-r13 named |
692 |
- newconfd "${FILESDIR}"/named.confd-r7 named |
693 |
- |
694 |
- if use gost; then |
695 |
- sed -e 's/^OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-0}$/OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-1}/' \ |
696 |
- -i "${ED%/}/etc/init.d/named" || die |
697 |
- else |
698 |
- sed -e 's/^OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-1}$/OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-0}/' \ |
699 |
- -i "${ED%/}/etc/init.d/named" || die |
700 |
- fi |
701 |
- |
702 |
- newenvd "${FILESDIR}"/10bind.env 10bind |
703 |
- |
704 |
- # Let's get rid of those tools and their manpages since they're provided by bind-tools |
705 |
- rm -f "${ED%/}"/usr/share/man/man1/{dig,host,nslookup}.1* |
706 |
- rm -f "${ED%/}"/usr/share/man/man8/nsupdate.8* |
707 |
- rm -f "${ED%/}"/usr/bin/{dig,host,nslookup,nsupdate} |
708 |
- rm -f "${ED%/}"/usr/sbin/{dig,host,nslookup,nsupdate} |
709 |
- for tool in dsfromkey importkey keyfromlabel keygen \ |
710 |
- revoke settime signzone verify; do |
711 |
- rm -f "${ED%/}"/usr/{,s}bin/dnssec-"${tool}" |
712 |
- rm -f "${ED%/}"/usr/share/man/man8/dnssec-"${tool}".8* |
713 |
- done |
714 |
- |
715 |
- # bug 405251, library archives aren't properly handled by --enable/disable-static |
716 |
- if ! use static-libs; then |
717 |
- find "${ED}" -type f -name '*.a' -delete || die |
718 |
- fi |
719 |
- |
720 |
- # bug 405251 |
721 |
- find "${ED}" -type f -name '*.la' -delete || die |
722 |
- |
723 |
- if use python; then |
724 |
- install_python_tools() { |
725 |
- dosbin bin/python/dnssec-{checkds,coverage} |
726 |
- } |
727 |
- python_foreach_impl install_python_tools |
728 |
- |
729 |
- python_replicate_script "${ED%/}/usr/sbin/dnssec-checkds" |
730 |
- python_replicate_script "${ED%/}/usr/sbin/dnssec-coverage" |
731 |
- fi |
732 |
- |
733 |
- # bug 450406 |
734 |
- dosym named.cache /var/bind/root.cache |
735 |
- |
736 |
- dosym /var/bind/pri /etc/bind/pri |
737 |
- dosym /var/bind/sec /etc/bind/sec |
738 |
- dosym /var/bind/dyn /etc/bind/dyn |
739 |
- keepdir /var/bind/{pri,sec,dyn} |
740 |
- |
741 |
- dodir /var/log/named |
742 |
- |
743 |
- fowners root:named /{etc,var}/bind /var/log/named /var/bind/{sec,pri,dyn} |
744 |
- fowners root:named /var/bind/named.cache /var/bind/pri/localhost.zone /etc/bind/{bind.keys,named.conf} |
745 |
- fperms 0640 /var/bind/named.cache /var/bind/pri/localhost.zone /etc/bind/{bind.keys,named.conf} |
746 |
- fperms 0750 /etc/bind /var/bind/pri |
747 |
- fperms 0770 /var/log/named /var/bind/{,sec,dyn} |
748 |
- |
749 |
- systemd_newunit "${FILESDIR}/named.service-r1" named.service |
750 |
- systemd_dotmpfilesd "${FILESDIR}"/named.conf |
751 |
- exeinto /usr/libexec |
752 |
- doexe "${FILESDIR}/generate-rndc-key.sh" |
753 |
-} |
754 |
- |
755 |
-pkg_postinst() { |
756 |
- if [ ! -f '/etc/bind/rndc.key' ]; then |
757 |
- if use urandom; then |
758 |
- einfo "Using /dev/urandom for generating rndc.key" |
759 |
- /usr/sbin/rndc-confgen -r /dev/urandom -a |
760 |
- echo |
761 |
- else |
762 |
- einfo "Using /dev/random for generating rndc.key" |
763 |
- /usr/sbin/rndc-confgen -a |
764 |
- echo |
765 |
- fi |
766 |
- chown root:named /etc/bind/rndc.key || die |
767 |
- chmod 0640 /etc/bind/rndc.key || die |
768 |
- fi |
769 |
- |
770 |
- einfo |
771 |
- einfo "You can edit /etc/conf.d/named to customize named settings" |
772 |
- einfo |
773 |
- use mysql || use postgres || use ldap && { |
774 |
- elog "If your named depends on MySQL/PostgreSQL or LDAP," |
775 |
- elog "uncomment the specified rc_named_* lines in your" |
776 |
- elog "/etc/conf.d/named config to ensure they'll start before bind" |
777 |
- einfo |
778 |
- } |
779 |
- einfo "If you'd like to run bind in a chroot AND this is a new" |
780 |
- einfo "install OR your bind doesn't already run in a chroot:" |
781 |
- einfo "1) Uncomment and set the CHROOT variable in /etc/conf.d/named." |
782 |
- einfo "2) Run \`emerge --config '=${CATEGORY}/${PF}'\`" |
783 |
- einfo |
784 |
- |
785 |
- CHROOT=$(source /etc/conf.d/named 2>/dev/null; echo ${CHROOT}) |
786 |
- if [[ -n ${CHROOT} ]]; then |
787 |
- elog "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!" |
788 |
- elog "To enable the old behaviour (without using mount) uncomment the" |
789 |
- elog "CHROOT_NOMOUNT option in your /etc/conf.d/named config." |
790 |
- elog "If you decide to use the new/default method, ensure to make backup" |
791 |
- elog "first and merge your existing configs/zones to /etc/bind and" |
792 |
- elog "/var/bind because bind will now mount the needed directories into" |
793 |
- elog "the chroot dir." |
794 |
- fi |
795 |
-} |
796 |
- |
797 |
-pkg_config() { |
798 |
- CHROOT=$(source /etc/conf.d/named; echo ${CHROOT}) |
799 |
- CHROOT_NOMOUNT=$(source /etc/conf.d/named; echo ${CHROOT_NOMOUNT}) |
800 |
- CHROOT_GEOIP=$(source /etc/conf.d/named; echo ${CHROOT_GEOIP}) |
801 |
- |
802 |
- if [[ -z "${CHROOT}" ]]; then |
803 |
- eerror "This config script is designed to automate setting up" |
804 |
- eerror "a chrooted bind/named. To do so, please first uncomment" |
805 |
- eerror "and set the CHROOT variable in '/etc/conf.d/named'." |
806 |
- die "Unset CHROOT" |
807 |
- fi |
808 |
- if [[ -d "${CHROOT}" ]]; then |
809 |
- ewarn "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!" |
810 |
- ewarn "To enable the old behaviour (without using mount) uncomment the" |
811 |
- ewarn "CHROOT_NOMOUNT option in your /etc/conf.d/named config." |
812 |
- ewarn |
813 |
- ewarn "${CHROOT} already exists... some things might become overridden" |
814 |
- ewarn "press CTRL+C if you don't want to continue" |
815 |
- sleep 10 |
816 |
- fi |
817 |
- |
818 |
- echo; einfo "Setting up the chroot directory..." |
819 |
- |
820 |
- mkdir -m 0750 -p ${CHROOT} || die |
821 |
- mkdir -m 0755 -p ${CHROOT}/{dev,etc,var/log,run} || die |
822 |
- mkdir -m 0750 -p ${CHROOT}/etc/bind || die |
823 |
- mkdir -m 0770 -p ${CHROOT}/var/{bind,log/named} ${CHROOT}/run/named/ || die |
824 |
- # As of bind 9.8.0 |
825 |
- if has_version net-dns/bind[gost]; then |
826 |
- mkdir -m 0755 -p ${CHROOT}/usr/$(get_libdir)/engines || die |
827 |
- if [ "$(get_libdir)" = "lib64" ]; then |
828 |
- ln -s lib64 ${CHROOT}/usr/lib || die |
829 |
- fi |
830 |
- fi |
831 |
- chown root:named \ |
832 |
- ${CHROOT} \ |
833 |
- ${CHROOT}/var/{bind,log/named} \ |
834 |
- ${CHROOT}/run/named/ \ |
835 |
- ${CHROOT}/etc/bind \ |
836 |
- || die |
837 |
- |
838 |
- mknod ${CHROOT}/dev/null c 1 3 || die |
839 |
- chmod 0666 ${CHROOT}/dev/null || die |
840 |
- |
841 |
- mknod ${CHROOT}/dev/zero c 1 5 || die |
842 |
- chmod 0666 ${CHROOT}/dev/zero || die |
843 |
- |
844 |
- if use urandom; then |
845 |
- mknod ${CHROOT}/dev/urandom c 1 9 || die |
846 |
- chmod 0666 ${CHROOT}/dev/urandom || die |
847 |
- else |
848 |
- mknod ${CHROOT}/dev/random c 1 8 || die |
849 |
- chmod 0666 ${CHROOT}/dev/random || die |
850 |
- fi |
851 |
- |
852 |
- if [ "${CHROOT_NOMOUNT:-0}" -ne 0 ]; then |
853 |
- cp -a /etc/bind ${CHROOT}/etc/ || die |
854 |
- cp -a /var/bind ${CHROOT}/var/ || die |
855 |
- fi |
856 |
- |
857 |
- if [ "${CHROOT_GEOIP:-0}" -eq 1 ]; then |
858 |
- mkdir -m 0755 -p ${CHROOT}/usr/share/GeoIP || die |
859 |
- fi |
860 |
- |
861 |
- elog "You may need to add the following line to your syslog-ng.conf:" |
862 |
- elog "source jail { unix-stream(\"${CHROOT}/dev/log\"); };" |
863 |
-} |
864 |
|
865 |
diff --git a/net-dns/bind/metadata.xml b/net-dns/bind/metadata.xml |
866 |
index 9db4d957126..258ec322368 100644 |
867 |
--- a/net-dns/bind/metadata.xml |
868 |
+++ b/net-dns/bind/metadata.xml |
869 |
@@ -14,7 +14,6 @@ |
870 |
<flag name="gost">Enables gost OpenSSL engine support</flag> |
871 |
<flag name="gssapi">Enable gssapi support</flag> |
872 |
<flag name="json">Enable JSON statistics channel</flag> |
873 |
- <flag name="libidn2">Enables IDN support using <pkg>net-dns/libidn2</pkg> rather than using <pkg>net-dns/idnkit</pkg></flag> |
874 |
<flag name="lmdb">Enable LMDB support to store configuration for 'addzone' zones</flag> |
875 |
<flag name="rpz">Enable response policy rewriting (rpz)</flag> |
876 |
<flag name="urandom">Use /dev/urandom instead of /dev/random</flag> |