[gentoo-commits] gentoo-x86 commit in net-dns/bind: bind-9.6.1_p1.ebuild ChangeLog bind-9.6.1.ebuild - gentoo-commits

From:	"Christian Ruppert (idl0r)" <idl0r@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] gentoo-x86 commit in net-dns/bind: bind-9.6.1_p1.ebuild ChangeLog bind-9.6.1.ebuild
Date:	Wed, 29 Jul 2009 19:40:49
Message-Id:	`E1MWF15-00048C-8S@stork.gentoo.org`

1

idl0r       09/07/29 19:40:47

2

3

  Modified:             ChangeLog

4

  Added:                bind-9.6.1_p1.ebuild

5

  Removed:              bind-9.6.1.ebuild

6

  Log:

7

  Version bump to 9.6.1_p1 due to CVE-2009-0696, bug 279508.

8

  (Portage version: 2.2_rc33/cvs/Linux x86_64)

9

10

Revision  Changes    Path

11

1.238                net-dns/bind/ChangeLog

12

13

file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-dns/bind/ChangeLog?rev=1.238&view=markup

14

plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-dns/bind/ChangeLog?rev=1.238&content-type=text/plain

15

diff : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-dns/bind/ChangeLog?r1=1.237&r2=1.238

16

17

Index: ChangeLog

18

===================================================================

19

RCS file: /var/cvsroot/gentoo-x86/net-dns/bind/ChangeLog,v

20

retrieving revision 1.237

21

retrieving revision 1.238

22

diff -u -r1.237 -r1.238

23

--- ChangeLog	29 Jul 2009 09:55:45 -0000	1.237

24

+++ ChangeLog	29 Jul 2009 19:40:47 -0000	1.238

25

@@ -1,6 +1,12 @@

26

 # ChangeLog for net-dns/bind

27

 # Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2

28

-# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/ChangeLog,v 1.237 2009/07/29 09:55:45 chainsaw Exp $

29

+# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/ChangeLog,v 1.238 2009/07/29 19:40:47 idl0r Exp $

30

+

31

+*bind-9.6.1_p1 (29 Jul 2009)

32

+

33

+  29 Jul 2009; Christian Ruppert <idl0r@g.o> -bind-9.6.1.ebuild,

34

+  +bind-9.6.1_p1.ebuild:

35

+  Version bump to 9.6.1_p1 due to CVE-2009-0696, bug 279508.

36

37

   29 Jul 2009; <chainsaw@g.o> bind-9.4.3_p3.ebuild:

38

   Marked stable on AMD64 as requested by Robert Buchholz <rbu@g.o> in

1.1                  net-dns/bind/bind-9.6.1_p1.ebuild

43

44

file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-dns/bind/bind-9.6.1_p1.ebuild?rev=1.1&view=markup

45

plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-dns/bind/bind-9.6.1_p1.ebuild?rev=1.1&content-type=text/plain

46

47

Index: bind-9.6.1_p1.ebuild

48

===================================================================

49

# Copyright 1999-2009 Gentoo Foundation

50

# Distributed under the terms of the GNU General Public License v2

51

# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/bind-9.6.1_p1.ebuild,v 1.1 2009/07/29 19:40:47 idl0r Exp $

52

53

EAPI="2"

54

55

inherit eutils autotools toolchain-funcs flag-o-matic

56

57

MY_PV="${PV/_p1/-P1}"

58

MY_P="${PN}-${MY_PV}"

59

60

SDB_LDAP_VER="1.1.0"

61

62

DESCRIPTION="BIND - Berkeley Internet Name Domain - Name Server"

63

HOMEPAGE="https://www.isc.org/software/bind"

64

SRC_URI="ftp://ftp.isc.org/isc/bind9/${MY_PV}/${MY_P}.tar.gz

65

	sdb-ldap? ( mirror://gentoo/bind-sdb-ldap-${SDB_LDAP_VER}.tar.bz2 )

66

	doc? ( mirror://gentoo/dyndns-samples.tbz2 )"

67

68

LICENSE="as-is"

69

SLOT="0"

70

KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"

71

IUSE="ssl ipv6 doc dlz postgres berkdb mysql odbc ldap selinux idn threads

72

	resolvconf urandom sdb-ldap xml"

73

74

DEPEND="ssl? ( >=dev-libs/openssl-0.9.6g )

75

	mysql? ( >=virtual/mysql-4.0 )

76

	odbc? ( >=dev-db/unixODBC-2.2.6 )

77

	ldap? ( net-nds/openldap )

78

	idn? ( net-dns/idnkit )

79

	postgres? ( virtual/postgresql-base )

80

	threads? ( >=sys-libs/libcap-2.1.0 )

81

	xml? ( dev-libs/libxml2 )"

82

83

RDEPEND="${DEPEND}

84

	selinux? ( sec-policy/selinux-bind )

85

	resolvconf? ( net-dns/openresolv )"

86

87

S="${WORKDIR}/${MY_P}"

88

89

pkg_setup() {

90

	use threads && {

91

		ewarn

92

		ewarn "If you're in vserver enviroment, you're probably want to"

93

		ewarn "disable threads support because of linux capabilities dependency"

94

		ewarn

95

}

96

97

	ebegin "Creating named group and user"

98

	enewgroup named 40

99

	enewuser named 40 -1 /etc/bind named

100

	eend ${?}

101

}

102

103

src_prepare() {

104

	# bug 278364 (workaround)

105

	epatch "${FILESDIR}/${P}-parallel.patch"

106

107

	# Adjusting PATHs in manpages

108

	for i in bin/{named/named.8,check/named-checkconf.8,rndc/rndc.8} ; do

109

		sed -i \

110

			-e 's:/etc/named.conf:/etc/bind/named.conf:g' \

111

			-e 's:/etc/rndc.conf:/etc/bind/rndc.conf:g' \

112

			-e 's:/etc/rndc.key:/etc/bind/rndc.key:g' \

113

			"${i}" || die "sed failed, ${i} doesn't exist"

114

	done

115

116

	use dlz && epatch "${FILESDIR}"/${PN}-9.4.0-dlzbdb-close_cursor.patch

117

118

	# bind fails to reconnect to MySQL5 databases, bug #180720, patch by Nicolas Brousse

119

	# (http://www.shell-tips.com/2007/09/04/bind-950-patch-dlz-mysql-5-for-auto-reconnect/)

120

	use dlz && use mysql && has_version ">=dev-db/mysql-5" && epatch "${FILESDIR}"/bind-dlzmysql5-reconnect.patch

121

122

	# should be installed by bind-tools

123

	sed -i -e "s:nsupdate ::g" bin/Makefile.in || die

124

125

	# sdb-ldap patch as per  bug #160567

126

	# Upstream URL: http://bind9-ldap.bayour.com/

127

	use sdb-ldap && epatch "${WORKDIR}"/sdb-ldap/${PN}-sdb-ldap-${SDB_LDAP_VER}.patch

128

129

	# bug #220361

130

	rm {aclocal,libtool}.m4

131

	WANT_AUTOCONF=2.5 AT_NO_RECURSIVE=1 eautoreconf

132

133

	# bug #151839

134

	sed -i -e \

135

		's:struct isc_socket {:#undef SO_BSDCOMPAT\n\nstruct isc_socket {:' \

136

		lib/isc/unix/socket.c || die

137

138

	# remove useless c++ checks

139

	epunt_cxx

140

}

141

142

src_configure() {

143

	local myconf=""

144

145

	use dlz && {

146

		myconf="${myconf} --with-dlz-filesystem --with-dlz-stub"

147

		use postgres && myconf="${myconf} --with-dlz-postgres"

148

		use mysql && myconf="${myconf} --with-dlz-mysql"

149

		use berkdb && myconf="${myconf} --with-dlz-bdb"

150

		use ldap  && myconf="${myconf} --with-dlz-ldap"

151

		use odbc  && myconf="${myconf} --with-dlz-odbc"

152

}

153

154

	if use threads; then

155

		if use dlz && use mysql; then

156

			ewarn

157

			ewarn "MySQL uses thread local storage in its C api. Thus MySQL"

158

			ewarn "requires that each thread of an application execute a MySQL"

159

			ewarn "\"thread initialization\" to setup the thread local storage."

160

			ewarn "This is impossible to do safely while staying within the DLZ"

161

			ewarn "driver API. This is a limitation caused by MySQL, and not"

162

			ewarn "the DLZ API."

163

			ewarn "Because of this BIND MUST only run with a single thread when"

164

			ewarn "using the MySQL driver."

165

			ewarn

166

			myconf="${myconf} --disable-linux-caps --disable-threads"

167

			ewarn "Threading support disabled"

168

			epause 10

169

		else

170

			myconf="${myconf} --enable-linux-caps --enable-threads"

171

			einfo "Threading support enabled"

172

fi

173

	else

174

		myconf="${myconf} --disable-linux-caps --disable-threads"

175

fi

176

177

	if use urandom; then

178

		myconf="${myconf} --with-randomdev=/dev/urandom"

179

	else

180

		myconf="${myconf} --with-randomdev=/dev/random"

181

fi

182

183

	# bug #158664

184

	gcc-specs-ssp && replace-flags -O[23s] -O

185

	export BUILD_CC="${CBUILD}-gcc"

186

	econf \

187

		--sysconfdir=/etc/bind \

188

		--localstatedir=/var \

189

		--with-libtool \

190

		$(use_with ssl openssl) \

191

		$(use_with idn) \

192

		$(use_enable ipv6) \

193

		$(use_with xml libxml2) \

194

		${myconf}

195

}

196

197

src_install() {

198

	emake DESTDIR="${D}" install || die

199

200

	dodoc CHANGES FAQ KNOWN-DEFECTS README || die

201

202

	if use idn; then

203

		dodoc README.idnkit || die

204

fi

205

206

	if use doc; then

207

		dodoc doc/arm/Bv9ARM.pdf || die

208

209

		docinto misc

210

		dodoc doc/misc/* || die

211

212

		# might a 'html' useflag make sense?

213

		docinto html

214

		dohtml -r doc/arm/* || die

215

216

		docinto	draft

217

		dodoc doc/draft/* || die

218

219

		docinto rfc

220

		dodoc doc/rfc/* || die

221

222

		docinto contrib

223

		dodoc contrib/named-bootconf/named-bootconf.sh \

224

			contrib/nanny/nanny.pl || die

225

226

		# some handy-dandy dynamic dns examples

227

		cd "${D}"/usr/share/doc/${PF}

228

		tar xf "${DISTDIR}"/dyndns-samples.tbz2 || die

229

fi

230

231

	newenvd "${FILESDIR}"/10bind.env 10bind || die

232

233

	keepdir /var/bind/sec

234

235

	insinto /etc/bind

236

	newins "${FILESDIR}"/named.conf-r3 named.conf || die

237

238

	# ftp://ftp.rs.internic.net/domain/named.ca:

239

	insinto /var/bind

240

	doins "${FILESDIR}"/named.ca || die

241

242

	insinto /var/bind/pri

243

	newins "${FILESDIR}"/127.zone-r1 127.zone || die

244

	newins "${FILESDIR}"/localhost.zone-r3 localhost.zone || die

245

246

	newinitd "${FILESDIR}"/named.init-r6 named || die

247

	newconfd "${FILESDIR}"/named.confd-r2 named || die

248

249

	dosym /var/bind/named.ca /var/bind/root.cache

250

	dosym /var/bind/pri /etc/bind/pri

251

	dosym /var/bind/sec /etc/bind/sec

252

253

	# Let's get rid of those tools and their manpages since they're provided by bind-tools

254

	rm -f "${D}"/usr/share/man/man1/{dig,host,nslookup}.1

255

	rm -f "${D}"/usr/share/man/man8/{dnssec-keygen,nsupdate}.8

256

	rm -f "${D}"/usr/bin/{dig,host,nslookup,dnssec-keygen,nsupdate}

257

}

258

259

pkg_postinst() {

260

	if [ ! -f '/etc/bind/rndc.key' ]; then

261

		if [ -c /dev/urandom ]; then

262

			einfo "Using /dev/urandom for generating rndc.key"

263

			/usr/sbin/rndc-confgen -r /dev/urandom -a -u named

264

			echo

265

		else

266

			einfo "Using /dev/random for generating rndc.key"

267

			/usr/sbin/rndc-confgen -a -u named

268

			echo

269

fi

270

fi

271

272

	install -d -o named -g named "${ROOT}"/var/run/named \

273

		"${ROOT}"/var/bind/{pri,sec} "${ROOT}"/var/log/named

274

	chown -R named:named "${ROOT}"/var/bind

275

276

	elog "The default zone files are now installed as *.zone,"

277

	elog "be careful merging config files if you have modified"

278

	elog "/var/bind/pri/127 or /var/bind/pri/localhost"

279

	elog

280

	elog "You can edit /etc/conf.d/named to customize named settings"

281

	elog

282

	elog "The BIND ebuild now includes chroot support."

283

	elog "If you like to run bind in chroot AND this is a new install OR"

284

	elog "your bind doesn't already run in chroot, simply run:"

285

	elog "\`emerge --config '=${CATEGORY}/${PF}'\`"

286

	elog "Before running the above command you might want to change the chroot"

287

	elog "dir in /etc/conf.d/named. Otherwise /chroot/dns will be used."

288

	elog

289

	elog "Recently verisign added a wildcard A record to the .COM and .NET TLD"

290

	elog "zones making all .com and .net domains appear to be registered"

291

	elog "This causes many problems such as breaking important anti-spam checks"

292

	elog "which verify source domains exist. ISC released a patch for BIND which"

293

	elog "adds 'delegation-only' zones to allow admins to return the .com and .net"

294

	elog "domain resolution to their normal function."

295

	elog

296

	elog "There is no need to create a com or net data file. Just the"

297

	elog "entries to the named.conf file is enough."

298

	elog

299

	elog "	zone "com" IN { type delegation-only; };"

300

	elog "	zone "net" IN { type delegation-only; };"

301

302

	ewarn

303

	ewarn "BIND >=9.2.5 makes the priority argument to MX records mandatory"

304

	ewarn "when it was previously optional.  If the priority is missing, BIND"

305

	ewarn "won't load the zone file at all."

306

	ewarn

307

308

	ewarn "NOTE: as of 'bind-9.6.1' the chroot part of the init-script got some major changes."

309

}

310

311

pkg_config() {

312

	CHROOT=`sed -n 's/^[[:blank:]]\?CHROOT="\([^"]\+\)"/\1/p' /etc/conf.d/named 2>/dev/null`

313

	EXISTS="no"

314

315

	if [ -z "${CHROOT}" -a ! -d "/chroot/dns" ]; then

316

		CHROOT="/chroot/dns"

317

	elif [ -d ${CHROOT} ]; then

318

		eerror; eerror "${CHROOT:-/chroot/dns} already exists. Quitting."; eerror; EXISTS="yes"

319

fi

320

321

	if [ ! "$EXISTS" = yes ]; then

322

		einfo ; einfon "Setting up the chroot directory..."

323

324

		mkdir -m 750 -p ${CHROOT}

325

		mkdir -p ${CHROOT}/{dev,proc,etc/bind,var/{run,log}/named,var/bind}

326

		chown -R named:named ${CHROOT}

327

		chown root:named ${CHROOT}

328

329

		cp /etc/localtime ${CHROOT}/etc/localtime

330

331

		mknod ${CHROOT}/dev/zero c 1 5

332

		chmod 666 ${CHROOT}/dev/zero

333

334

		if use urandom; then

335

			mknod ${CHROOT}/dev/urandom c 1 9

336

			chmod 666 ${CHROOT}/dev/urandom

337

		else

338

			mknod ${CHROOT}/dev/random c 1 8

339

			chmod 666 ${CHROOT}/dev/random

340

fi

341

342

		if [ -f '/etc/syslog-ng/syslog-ng.conf' ]; then

343

			echo "source jail { unix-stream(\"${CHROOT}/dev/log\"); };" >>/etc/syslog-ng/syslog-ng.conf

344

fi

345

346

		grep -q "^#[[:blank:]]\?CHROOT" /etc/conf.d/named ; RETVAL=$?

347

		if [ $RETVAL = 0 ]; then

348

			sed -i 's/^# \?\(CHROOT.*\)$/\1/' /etc/conf.d/named 2>/dev/null

349

fi

350

	else

351

		ewarn "NOTE: as of 'bind-9.6.1' the chroot part of the init-script got some major changes."

352

fi

353

}

1	idl0r 09/07/29 19:40:47
2
3	Modified: ChangeLog
4	Added: bind-9.6.1_p1.ebuild
5	Removed: bind-9.6.1.ebuild
6	Log:
7	Version bump to 9.6.1_p1 due to CVE-2009-0696, bug 279508.
8	(Portage version: 2.2_rc33/cvs/Linux x86_64)
9
10	Revision Changes Path
11	1.238 net-dns/bind/ChangeLog
12
13	file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-dns/bind/ChangeLog?rev=1.238&view=markup
14	plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-dns/bind/ChangeLog?rev=1.238&content-type=text/plain
15	diff : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-dns/bind/ChangeLog?r1=1.237&r2=1.238
16
17	Index: ChangeLog
18	===================================================================
19	RCS file: /var/cvsroot/gentoo-x86/net-dns/bind/ChangeLog,v
20	retrieving revision 1.237
21	retrieving revision 1.238
22	diff -u -r1.237 -r1.238
23	--- ChangeLog 29 Jul 2009 09:55:45 -0000 1.237
24	+++ ChangeLog 29 Jul 2009 19:40:47 -0000 1.238
25	@@ -1,6 +1,12 @@
26	# ChangeLog for net-dns/bind
27	# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
28	-# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/ChangeLog,v 1.237 2009/07/29 09:55:45 chainsaw Exp $
29	+# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/ChangeLog,v 1.238 2009/07/29 19:40:47 idl0r Exp $
30	+
31	+*bind-9.6.1_p1 (29 Jul 2009)
32	+
33	+ 29 Jul 2009; Christian Ruppert <idl0r@g.o> -bind-9.6.1.ebuild,
34	+ +bind-9.6.1_p1.ebuild:
35	+ Version bump to 9.6.1_p1 due to CVE-2009-0696, bug 279508.
36
37	29 Jul 2009; <chainsaw@g.o> bind-9.4.3_p3.ebuild:
38	Marked stable on AMD64 as requested by Robert Buchholz <rbu@g.o> in
39
40
41
42	1.1 net-dns/bind/bind-9.6.1_p1.ebuild
43
44	file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-dns/bind/bind-9.6.1_p1.ebuild?rev=1.1&view=markup
45	plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-dns/bind/bind-9.6.1_p1.ebuild?rev=1.1&content-type=text/plain
46
47	Index: bind-9.6.1_p1.ebuild
48	===================================================================
49	# Copyright 1999-2009 Gentoo Foundation
50	# Distributed under the terms of the GNU General Public License v2
51	# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/bind-9.6.1_p1.ebuild,v 1.1 2009/07/29 19:40:47 idl0r Exp $
52
53	EAPI="2"
54
55	inherit eutils autotools toolchain-funcs flag-o-matic
56
57	MY_PV="${PV/_p1/-P1}"
58	MY_P="${PN}-${MY_PV}"
59
60	SDB_LDAP_VER="1.1.0"
61
62	DESCRIPTION="BIND - Berkeley Internet Name Domain - Name Server"
63	HOMEPAGE="https://www.isc.org/software/bind"
64	SRC_URI="ftp://ftp.isc.org/isc/bind9/${MY_PV}/${MY_P}.tar.gz
65	sdb-ldap? ( mirror://gentoo/bind-sdb-ldap-${SDB_LDAP_VER}.tar.bz2 )
66	doc? ( mirror://gentoo/dyndns-samples.tbz2 )"
67
68	LICENSE="as-is"
69	SLOT="0"
70	KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
71	IUSE="ssl ipv6 doc dlz postgres berkdb mysql odbc ldap selinux idn threads
72	resolvconf urandom sdb-ldap xml"
73
74	DEPEND="ssl? ( >=dev-libs/openssl-0.9.6g )
75	mysql? ( >=virtual/mysql-4.0 )
76	odbc? ( >=dev-db/unixODBC-2.2.6 )
77	ldap? ( net-nds/openldap )
78	idn? ( net-dns/idnkit )
79	postgres? ( virtual/postgresql-base )
80	threads? ( >=sys-libs/libcap-2.1.0 )
81	xml? ( dev-libs/libxml2 )"
82
83	RDEPEND="${DEPEND}
84	selinux? ( sec-policy/selinux-bind )
85	resolvconf? ( net-dns/openresolv )"
86
87	S="${WORKDIR}/${MY_P}"
88
89	pkg_setup() {
90	use threads && {
91	ewarn
92	ewarn "If you're in vserver enviroment, you're probably want to"
93	ewarn "disable threads support because of linux capabilities dependency"
94	ewarn
95	}
96
97	ebegin "Creating named group and user"
98	enewgroup named 40
99	enewuser named 40 -1 /etc/bind named
100	eend ${?}
101	}
102
103	src_prepare() {
104	# bug 278364 (workaround)
105	epatch "${FILESDIR}/${P}-parallel.patch"
106
107	# Adjusting PATHs in manpages
108	for i in bin/{named/named.8,check/named-checkconf.8,rndc/rndc.8} ; do
109	sed -i \
110	-e 's:/etc/named.conf:/etc/bind/named.conf:g' \
111	-e 's:/etc/rndc.conf:/etc/bind/rndc.conf:g' \
112	-e 's:/etc/rndc.key:/etc/bind/rndc.key:g' \
113	"${i}" \|\| die "sed failed, ${i} doesn't exist"
114	done
115
116	use dlz && epatch "${FILESDIR}"/${PN}-9.4.0-dlzbdb-close_cursor.patch
117
118	# bind fails to reconnect to MySQL5 databases, bug #180720, patch by Nicolas Brousse
119	# (http://www.shell-tips.com/2007/09/04/bind-950-patch-dlz-mysql-5-for-auto-reconnect/)
120	use dlz && use mysql && has_version ">=dev-db/mysql-5" && epatch "${FILESDIR}"/bind-dlzmysql5-reconnect.patch
121
122	# should be installed by bind-tools
123	sed -i -e "s:nsupdate ::g" bin/Makefile.in \|\| die
124
125	# sdb-ldap patch as per bug #160567
126	# Upstream URL: http://bind9-ldap.bayour.com/
127	use sdb-ldap && epatch "${WORKDIR}"/sdb-ldap/${PN}-sdb-ldap-${SDB_LDAP_VER}.patch
128
129	# bug #220361
130	rm {aclocal,libtool}.m4
131	WANT_AUTOCONF=2.5 AT_NO_RECURSIVE=1 eautoreconf
132
133	# bug #151839
134	sed -i -e \
135	's:struct isc_socket {:#undef SO_BSDCOMPAT\n\nstruct isc_socket {:' \
136	lib/isc/unix/socket.c \|\| die
137
138	# remove useless c++ checks
139	epunt_cxx
140	}
141
142	src_configure() {
143	local myconf=""
144
145	use dlz && {
146	myconf="${myconf} --with-dlz-filesystem --with-dlz-stub"
147	use postgres && myconf="${myconf} --with-dlz-postgres"
148	use mysql && myconf="${myconf} --with-dlz-mysql"
149	use berkdb && myconf="${myconf} --with-dlz-bdb"
150	use ldap && myconf="${myconf} --with-dlz-ldap"
151	use odbc && myconf="${myconf} --with-dlz-odbc"
152	}
153
154	if use threads; then
155	if use dlz && use mysql; then
156	ewarn
157	ewarn "MySQL uses thread local storage in its C api. Thus MySQL"
158	ewarn "requires that each thread of an application execute a MySQL"
159	ewarn "\"thread initialization\" to setup the thread local storage."
160	ewarn "This is impossible to do safely while staying within the DLZ"
161	ewarn "driver API. This is a limitation caused by MySQL, and not"
162	ewarn "the DLZ API."
163	ewarn "Because of this BIND MUST only run with a single thread when"
164	ewarn "using the MySQL driver."
165	ewarn
166	myconf="${myconf} --disable-linux-caps --disable-threads"
167	ewarn "Threading support disabled"
168	epause 10
169	else
170	myconf="${myconf} --enable-linux-caps --enable-threads"
171	einfo "Threading support enabled"
172	fi
173	else
174	myconf="${myconf} --disable-linux-caps --disable-threads"
175	fi
176
177	if use urandom; then
178	myconf="${myconf} --with-randomdev=/dev/urandom"
179	else
180	myconf="${myconf} --with-randomdev=/dev/random"
181	fi
182
183	# bug #158664
184	gcc-specs-ssp && replace-flags -O[23s] -O
185	export BUILD_CC="${CBUILD}-gcc"
186	econf \
187	--sysconfdir=/etc/bind \
188	--localstatedir=/var \
189	--with-libtool \
190	$(use_with ssl openssl) \
191	$(use_with idn) \
192	$(use_enable ipv6) \
193	$(use_with xml libxml2) \
194	${myconf}
195	}
196
197	src_install() {
198	emake DESTDIR="${D}" install \|\| die
199
200	dodoc CHANGES FAQ KNOWN-DEFECTS README \|\| die
201
202	if use idn; then
203	dodoc README.idnkit \|\| die
204	fi
205
206	if use doc; then
207	dodoc doc/arm/Bv9ARM.pdf \|\| die
208
209	docinto misc
210	dodoc doc/misc/* \|\| die
211
212	# might a 'html' useflag make sense?
213	docinto html
214	dohtml -r doc/arm/* \|\| die
215
216	docinto draft
217	dodoc doc/draft/* \|\| die
218
219	docinto rfc
220	dodoc doc/rfc/* \|\| die
221
222	docinto contrib
223	dodoc contrib/named-bootconf/named-bootconf.sh \
224	contrib/nanny/nanny.pl \|\| die
225
226	# some handy-dandy dynamic dns examples
227	cd "${D}"/usr/share/doc/${PF}
228	tar xf "${DISTDIR}"/dyndns-samples.tbz2 \|\| die
229	fi
230
231	newenvd "${FILESDIR}"/10bind.env 10bind \|\| die
232
233	keepdir /var/bind/sec
234
235	insinto /etc/bind
236	newins "${FILESDIR}"/named.conf-r3 named.conf \|\| die
237
238	# ftp://ftp.rs.internic.net/domain/named.ca:
239	insinto /var/bind
240	doins "${FILESDIR}"/named.ca \|\| die
241
242	insinto /var/bind/pri
243	newins "${FILESDIR}"/127.zone-r1 127.zone \|\| die
244	newins "${FILESDIR}"/localhost.zone-r3 localhost.zone \|\| die
245
246	newinitd "${FILESDIR}"/named.init-r6 named \|\| die
247	newconfd "${FILESDIR}"/named.confd-r2 named \|\| die
248
249	dosym /var/bind/named.ca /var/bind/root.cache
250	dosym /var/bind/pri /etc/bind/pri
251	dosym /var/bind/sec /etc/bind/sec
252
253	# Let's get rid of those tools and their manpages since they're provided by bind-tools
254	rm -f "${D}"/usr/share/man/man1/{dig,host,nslookup}.1
255	rm -f "${D}"/usr/share/man/man8/{dnssec-keygen,nsupdate}.8
256	rm -f "${D}"/usr/bin/{dig,host,nslookup,dnssec-keygen,nsupdate}
257	}
258
259	pkg_postinst() {
260	if [ ! -f '/etc/bind/rndc.key' ]; then
261	if [ -c /dev/urandom ]; then
262	einfo "Using /dev/urandom for generating rndc.key"
263	/usr/sbin/rndc-confgen -r /dev/urandom -a -u named
264	echo
265	else
266	einfo "Using /dev/random for generating rndc.key"
267	/usr/sbin/rndc-confgen -a -u named
268	echo
269	fi
270	fi
271
272	install -d -o named -g named "${ROOT}"/var/run/named \
273	"${ROOT}"/var/bind/{pri,sec} "${ROOT}"/var/log/named
274	chown -R named:named "${ROOT}"/var/bind
275
276	elog "The default zone files are now installed as *.zone,"
277	elog "be careful merging config files if you have modified"
278	elog "/var/bind/pri/127 or /var/bind/pri/localhost"
279	elog
280	elog "You can edit /etc/conf.d/named to customize named settings"
281	elog
282	elog "The BIND ebuild now includes chroot support."
283	elog "If you like to run bind in chroot AND this is a new install OR"
284	elog "your bind doesn't already run in chroot, simply run:"
285	elog "\`emerge --config '=${CATEGORY}/${PF}'\`"
286	elog "Before running the above command you might want to change the chroot"
287	elog "dir in /etc/conf.d/named. Otherwise /chroot/dns will be used."
288	elog
289	elog "Recently verisign added a wildcard A record to the .COM and .NET TLD"
290	elog "zones making all .com and .net domains appear to be registered"
291	elog "This causes many problems such as breaking important anti-spam checks"
292	elog "which verify source domains exist. ISC released a patch for BIND which"
293	elog "adds 'delegation-only' zones to allow admins to return the .com and .net"
294	elog "domain resolution to their normal function."
295	elog
296	elog "There is no need to create a com or net data file. Just the"
297	elog "entries to the named.conf file is enough."
298	elog
299	elog " zone "com" IN { type delegation-only; };"
300	elog " zone "net" IN { type delegation-only; };"
301
302	ewarn
303	ewarn "BIND >=9.2.5 makes the priority argument to MX records mandatory"
304	ewarn "when it was previously optional. If the priority is missing, BIND"
305	ewarn "won't load the zone file at all."
306	ewarn
307
308	ewarn "NOTE: as of 'bind-9.6.1' the chroot part of the init-script got some major changes."
309	}
310
311	pkg_config() {
312	CHROOT=`sed -n 's/^[[:blank:]]\?CHROOT="\([^"]\+\)"/\1/p' /etc/conf.d/named 2>/dev/null`
313	EXISTS="no"
314
315	if [ -z "${CHROOT}" -a ! -d "/chroot/dns" ]; then
316	CHROOT="/chroot/dns"
317	elif [ -d ${CHROOT} ]; then
318	eerror; eerror "${CHROOT:-/chroot/dns} already exists. Quitting."; eerror; EXISTS="yes"
319	fi
320
321	if [ ! "$EXISTS" = yes ]; then
322	einfo ; einfon "Setting up the chroot directory..."
323
324	mkdir -m 750 -p ${CHROOT}
325	mkdir -p ${CHROOT}/{dev,proc,etc/bind,var/{run,log}/named,var/bind}
326	chown -R named:named ${CHROOT}
327	chown root:named ${CHROOT}
328
329	cp /etc/localtime ${CHROOT}/etc/localtime
330
331	mknod ${CHROOT}/dev/zero c 1 5
332	chmod 666 ${CHROOT}/dev/zero
333
334	if use urandom; then
335	mknod ${CHROOT}/dev/urandom c 1 9
336	chmod 666 ${CHROOT}/dev/urandom
337	else
338	mknod ${CHROOT}/dev/random c 1 8
339	chmod 666 ${CHROOT}/dev/random
340	fi
341
342	if [ -f '/etc/syslog-ng/syslog-ng.conf' ]; then
343	echo "source jail { unix-stream(\"${CHROOT}/dev/log\"); };" >>/etc/syslog-ng/syslog-ng.conf
344	fi
345
346	grep -q "^#[[:blank:]]\?CHROOT" /etc/conf.d/named ; RETVAL=$?
347	if [ $RETVAL = 0 ]; then
348	sed -i 's/^# \?\(CHROOT.*\)$/\1/' /etc/conf.d/named 2>/dev/null
349	fi
350	else
351	ewarn "NOTE: as of 'bind-9.6.1' the chroot part of the init-script got some major changes."
352	fi
353	}

Gentoo Archives: gentoo-commits