Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Christian Ruppert (idl0r)" <idl0r@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] gentoo-x86 commit in net-dns/bind: ChangeLog bind-9.4.3_p5.ebuild bind-9.6.1_p3.ebuild bind-9.4.3_p3.ebuild bind-9.6.1_p2.ebuild
Date: Tue, 26 Jan 2010 19:28:05
Message-Id: E1NZqXy-0005dg-4y@stork.gentoo.org
1 idl0r 10/01/26 18:53:54
2
3 Modified: ChangeLog
4 Added: bind-9.4.3_p5.ebuild bind-9.6.1_p3.ebuild
5 Removed: bind-9.4.3_p3.ebuild bind-9.6.1_p2.ebuild
6 Log:
7 Version bump, bug 301548. Clean up.
8 (Portage version: 2.2_rc61/cvs/Linux x86_64)
9
10 Revision Changes Path
11 1.256 net-dns/bind/ChangeLog
12
13 file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-dns/bind/ChangeLog?rev=1.256&view=markup
14 plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-dns/bind/ChangeLog?rev=1.256&content-type=text/plain
15 diff : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-dns/bind/ChangeLog?r1=1.255&r2=1.256
16
17 Index: ChangeLog
18 ===================================================================
19 RCS file: /var/cvsroot/gentoo-x86/net-dns/bind/ChangeLog,v
20 retrieving revision 1.255
21 retrieving revision 1.256
22 diff -u -r1.255 -r1.256
23 --- ChangeLog 9 Dec 2009 18:51:32 -0000 1.255
24 +++ ChangeLog 26 Jan 2010 18:53:53 -0000 1.256
25 @@ -1,6 +1,13 @@
26 # ChangeLog for net-dns/bind
27 -# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
28 -# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/ChangeLog,v 1.255 2009/12/09 18:51:32 armin76 Exp $
29 +# Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
30 +# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/ChangeLog,v 1.256 2010/01/26 18:53:53 idl0r Exp $
31 +
32 +*bind-9.6.1_p3 (26 Jan 2010)
33 +*bind-9.4.3_p5 (26 Jan 2010)
34 +
35 + 26 Jan 2010; Christian Ruppert <idl0r@g.o> -bind-9.4.3_p3.ebuild,
36 + +bind-9.4.3_p5.ebuild, -bind-9.6.1_p2.ebuild, +bind-9.6.1_p3.ebuild:
37 + Version bump, bug 301548. Clean up.
38
39 09 Dec 2009; Raúl Porcel <armin76@g.o> bind-9.4.3_p4.ebuild:
40 alpha/ia64/s390/sh/sparc stable wrt #294497
41
42
43
44 1.1 net-dns/bind/bind-9.4.3_p5.ebuild
45
46 file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-dns/bind/bind-9.4.3_p5.ebuild?rev=1.1&view=markup
47 plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-dns/bind/bind-9.4.3_p5.ebuild?rev=1.1&content-type=text/plain
48
49 Index: bind-9.4.3_p5.ebuild
50 ===================================================================
51 # Copyright 1999-2010 Gentoo Foundation
52 # Distributed under the terms of the GNU General Public License v2
53 # $Header: /var/cvsroot/gentoo-x86/net-dns/bind/bind-9.4.3_p5.ebuild,v 1.1 2010/01/26 18:53:53 idl0r Exp $
54
55 inherit eutils libtool autotools toolchain-funcs flag-o-matic
56
57 DLZ_VERSION="9.3.3"
58 MY_PV="${PV/_p/-P}"
59
60 DESCRIPTION="BIND - Berkeley Internet Name Domain - Name Server"
61 HOMEPAGE="http://www.isc.org/software/bind"
62 SRC_URI="ftp://ftp.isc.org/isc/bind9/${MY_PV}/${PN}-${MY_PV}.tar.gz
63 doc? ( mirror://gentoo/dyndns-samples.tbz2 )"
64
65 LICENSE="as-is"
66 SLOT="0"
67 KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
68 IUSE="ssl ipv6 doc dlz postgres berkdb mysql odbc ldap selinux idn threads resolvconf urandom"
69
70 DEPEND="ssl? ( >=dev-libs/openssl-0.9.6g )
71 mysql? ( >=virtual/mysql-4.0 )
72 odbc? ( >=dev-db/unixODBC-2.2.6 )
73 ldap? ( net-nds/openldap )
74 idn? ( net-dns/idnkit )"
75
76 RDEPEND="${DEPEND}
77 selinux? ( sec-policy/selinux-bind )
78 resolvconf? ( net-dns/openresolv )"
79
80 S="${WORKDIR}/${PN}-${MY_PV}"
81
82 pkg_setup() {
83 use threads && {
84 echo
85 ewarn "If you're in vserver enviroment, you're probably want to"
86 ewarn "disable threads support because of linux capabilities dependency"
87 echo
88 }
89
90 ebegin "Creating named group and user"
91 enewgroup named 40
92 enewuser named 40 -1 /etc/bind named
93 eend ${?}
94 }
95
96 src_unpack() {
97 unpack ${A}
98 cd "${S}"
99
100 # Adjusting PATHs in manpages
101 for i in bin/{named/named.8,check/named-checkconf.8,rndc/rndc.8} ; do
102 sed -i \
103 -e 's:/etc/named.conf:/etc/bind/named.conf:g' \
104 -e 's:/etc/rndc.conf:/etc/bind/rndc.conf:g' \
105 -e 's:/etc/rndc.key:/etc/bind/rndc.key:g' \
106 "${i}"
107 done
108
109 use dlz && epatch "${FILESDIR}"/${PN}-9.4.0-dlzbdb-close_cursor.patch
110
111 # bind fails to reconnect to MySQL5 databases, bug #180720, patch by Nicolas Brousse
112 # (http://www.shell-tips.com/2007/09/04/bind-950-patch-dlz-mysql-5-for-auto-reconnect/)
113 use dlz && use mysql && epatch "${FILESDIR}"/bind-dlzmysql5-reconnect.patch
114
115 # should be installed by bind-tools
116 sed -e "s:nsupdate ::g" -i "${S}"/bin/Makefile.in
117
118 # bug #220361
119 rm "${S}"/aclocal.m4 "${S}"/libtool.m4
120 WANT_AUTOCONF=2.5 AT_NO_RECURSIVE=1 eautoreconf
121
122 # bug #151839
123 sed -e \
124 's:struct isc_socket {:#undef SO_BSDCOMPAT\n\nstruct isc_socket {:' \
125 -i lib/isc/unix/socket.c
126
127 # remove useless c++ checks
128 epunt_cxx
129 }
130
131 src_compile() {
132 local myconf=""
133
134 use ssl && myconf="${myconf} --with-openssl"
135 use idn && myconf="${myconf} --with-idn"
136
137 use dlz && {
138 myconf="${myconf} --with-dlz-filesystem --with-dlz-stub"
139 use postgres && myconf="${myconf} --with-dlz-postgres"
140 use mysql && myconf="${myconf} --with-dlz-mysql"
141 use berkdb && myconf="${myconf} --with-dlz-bdb"
142 use ldap && myconf="${myconf} --with-dlz-ldap"
143 use odbc && myconf="${myconf} --with-dlz-odbc"
144 }
145
146 if use threads; then
147 if use dlz && use mysql; then
148 echo
149 ewarn
150 ewarn "MySQL uses thread local storage in its C api. Thus MySQL"
151 ewarn "requires that each thread of an application execute a MySQL"
152 ewarn "\"thread initialization\" to setup the thread local storage."
153 ewarn "This is impossible to do safely while staying within the DLZ"
154 ewarn "driver API. This is a limitation caused by MySQL, and not"
155 ewarn "the DLZ API."
156 ewarn "Because of this BIND MUST only run with a single thread when"
157 ewarn "using the MySQL driver."
158 ewarn
159 myconf="${myconf} --disable-linux-caps --disable-threads"
160 ewarn "Threading support disabled"
161 epause 10
162 else
163 myconf="${myconf} --enable-linux-caps --enable-threads"
164 einfo "Threading support enabled"
165 fi
166 else
167 myconf="${myconf} --disable-linux-caps --disable-threads"
168 fi
169
170 if use urandom; then
171 myconf="${myconf} --with-randomdev=/dev/urandom"
172 else
173 myconf="${myconf} --with-randomdev=/dev/random"
174 fi
175
176 # bug #158664
177 gcc-specs-ssp && replace-flags -O[23s] -O
178 export BUILD_CC="${CBUILD}-gcc"
179 econf \
180 --sysconfdir=/etc/bind \
181 --localstatedir=/var \
182 --with-libtool \
183 `use_enable ipv6` \
184 ${myconf} || die "econf failed"
185
186 emake -j1 || die "failed to compile bind"
187 }
188
189 src_install() {
190 einstall || die "failed to install bind"
191
192 dodoc CHANGES COPYRIGHT FAQ README
193
194 use doc && {
195 docinto misc
196 dodoc doc/misc/*
197
198 docinto html
199 dohtml doc/arm/*
200
201 docinto draft
202 dodoc doc/draft/*
203
204 docinto rfc
205 dodoc doc/rfc/*
206
207 docinto contrib
208 dodoc contrib/named-bootconf/named-bootconf.sh \
209 contrib/nanny/nanny.pl
210
211 # some handy-dandy dynamic dns examples
212 cd "${D}"/usr/share/doc/${PF}
213 tar pjxf ${DISTFILES}/dyndns-samples.tbz2
214 }
215
216 newenvd "${FILESDIR}"/10bind.env 10bind
217
218 dodir /etc/bind /var/bind/{pri,sec}
219 keepdir /var/bind/sec
220
221 insinto /etc/bind ; newins "${FILESDIR}"/named.conf-r3 named.conf
222
223 # ftp://ftp.rs.internic.net/domain/named.ca:
224 insinto /var/bind ; doins "${FILESDIR}"/named.ca
225
226 insinto /var/bind/pri
227 newins "${FILESDIR}"/127.zone-r1 127.zone
228 newins "${FILESDIR}"/localhost.zone-r3 localhost.zone
229
230 newinitd "${FILESDIR}"/named.init-r5 named
231 newconfd "${FILESDIR}"/named.confd-r2 named
232
233 dosym ../../var/bind/named.ca /var/bind/root.cache
234 dosym ../../var/bind/pri /etc/bind/pri
235 dosym ../../var/bind/sec /etc/bind/sec
236
237 # Let's get rid of those tools and their manpages since they're provided by bind-tools
238 rm -f "${D}"/usr/share/man/man1/{dig.1,host.1,nslookup.1,nsupdate.1}
239 rm -f "${D}"/usr/share/man/man8/dnssec-keygen.8
240 rm -f "${D}"/usr/bin/{dig,host,nslookup,dnssec-keygen,nsupdate}
241 }
242
243 pkg_postinst() {
244 if [ ! -f '/etc/bind/rndc.key' ]; then
245 if [ -c /dev/urandom ]; then
246 einfo "Using /dev/urandom for generating rndc.key"
247 /usr/sbin/rndc-confgen -r /dev/urandom -a -u named
248 echo
249 else
250 einfo "Using /dev/random for generating rndc.key"
251 /usr/sbin/rndc-confgen -a -u named
252 echo
253 fi
254 fi
255
256 install -d -o named -g named "${ROOT}"/var/run/named \
257 "${ROOT}"/var/bind/pri "${ROOT}"/var/bind/sec
258 chown -R named:named "${ROOT}"/var/bind
259
260 elog "The default zone files are now installed as *.zone,"
261 elog "be careful merging config files if you have modified"
262 elog "/var/bind/pri/127 or /var/bind/pri/localhost"
263 elog
264 elog "You can edit /etc/conf.d/named to customize named settings"
265 elog
266 elog "The BIND ebuild now includes chroot support."
267 elog "If you like to run bind in chroot AND this is a new install OR"
268 elog "your bind doesn't already run in chroot, simply run:"
269 elog "\`emerge --config '=${CATEGORY}/${PF}'\`"
270 elog "Before running the above command you might want to change the chroot"
271 elog "dir in /etc/conf.d/named. Otherwise /chroot/dns will be used."
272 elog
273 elog "Recently verisign added a wildcard A record to the .COM and .NET TLD"
274 elog "zones making all .com and .net domains appear to be registered"
275 elog "This causes many problems such as breaking important anti-spam checks"
276 elog "which verify source domains exist. ISC released a patch for BIND which"
277 elog "adds 'delegation-only' zones to allow admins to return the .com and .net"
278 elog "domain resolution to their normal function."
279 elog
280 elog "There is no need to create a com or net data file. Just the"
281 elog "entries to the named.conf file is enough."
282 elog
283 elog " zone "com" IN { type delegation-only; };"
284 elog " zone "net" IN { type delegation-only; };"
285
286 echo
287 ewarn "BIND >=9.2.5 makes the priority argument to MX records mandatory"
288 ewarn "when it was previously optional. If the priority is missing, BIND"
289 ewarn "won't load the zone file at all."
290 echo
291 }
292
293 pkg_config() {
294 CHROOT=`sed -n 's/^[[:blank:]]\?CHROOT="\([^"]\+\)"/\1/p' /etc/conf.d/named 2>/dev/null`
295 EXISTS="no"
296
297 if [ -z "${CHROOT}" -a ! -d "/chroot/dns" ]; then
298 CHROOT="/chroot/dns"
299 elif [ -d ${CHROOT} ]; then
300 eerror; eerror "${CHROOT:-/chroot/dns} already exists. Quitting."; eerror; EXISTS="yes"
301 fi
302
303 if [ ! "$EXISTS" = yes ]; then
304 einfo ; einfon "Setting up the chroot directory..."
305 mkdir -m 700 -p ${CHROOT}
306 mkdir -p ${CHROOT}/{dev,etc,var/run/named}
307 chown -R named:named ${CHROOT}/var/run/named
308 cp -R /etc/bind ${CHROOT}/etc/
309 cp /etc/localtime ${CHROOT}/etc/localtime
310 chown named:named ${CHROOT}/etc/bind/rndc.key
311 cp -R /var/bind ${CHROOT}/var/
312 chown -R named:named ${CHROOT}/var/
313 mknod ${CHROOT}/dev/zero c 1 5
314 chmod 666 ${CHROOT}/dev/zero
315 if use urandom; then
316 mknod ${CHROOT}/dev/urandom c 1 9
317 chmod 666 ${CHROOT}/dev/urandom
318 else
319 mknod ${CHROOT}/dev/random c 1 8
320 chmod 666 ${CHROOT}/dev/random
321 fi
322 echo "none ${CHROOT}/proc proc defaults 0 0" >>/etc/fstab
323 mkdir ${CHROOT}/proc
324 mount -t proc none ${CHROOT}/proc
325 if [ -f '/etc/syslog-ng/syslog-ng.conf' ]; then
326 echo "source jail { unix-stream(\"${CHROOT}/dev/log\"); };" >>/etc/syslog-ng/syslog-ng.conf
327 fi
328 chown root:named ${CHROOT}
329 chmod 0750 ${CHROOT}
330
331 grep -q "^#[[:blank:]]\?CHROOT" /etc/conf.d/named ; RETVAL=$?
332 if [ $RETVAL = 0 ]; then
333 sed 's/^# \?\(CHROOT.*\)$/\1/' /etc/conf.d/named > /etc/conf.d/named.orig 2>/dev/null
334 mv --force /etc/conf.d/named.orig /etc/conf.d/named
335 fi
336
337 sleep 1; echo " Done."; sleep 1
338 einfo
339 einfo "Add the following to your root .bashrc or .bash_profile: "
340 einfo " alias rndc='rndc -k ${CHROOT}/etc/bind/rndc.key'"
341 einfo "Then do the following: "
342 einfo " source /root/.bashrc or .bash_profile"
343 einfo
344 fi
345 }
346
347
348
349 1.1 net-dns/bind/bind-9.6.1_p3.ebuild
350
351 file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-dns/bind/bind-9.6.1_p3.ebuild?rev=1.1&view=markup
352 plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-dns/bind/bind-9.6.1_p3.ebuild?rev=1.1&content-type=text/plain
353
354 Index: bind-9.6.1_p3.ebuild
355 ===================================================================
356 # Copyright 1999-2010 Gentoo Foundation
357 # Distributed under the terms of the GNU General Public License v2
358 # $Header: /var/cvsroot/gentoo-x86/net-dns/bind/bind-9.6.1_p3.ebuild,v 1.1 2010/01/26 18:53:53 idl0r Exp $
359
360 EAPI="2"
361
362 inherit eutils autotools toolchain-funcs flag-o-matic
363
364 MY_PV="${PV/_p/-P}"
365 MY_P="${PN}-${MY_PV}"
366
367 SDB_LDAP_VER="1.1.0"
368
369 DESCRIPTION="BIND - Berkeley Internet Name Domain - Name Server"
370 HOMEPAGE="http://www.isc.org/software/bind"
371 SRC_URI="ftp://ftp.isc.org/isc/bind9/${MY_PV}/${MY_P}.tar.gz
372 sdb-ldap? ( mirror://gentoo/bind-sdb-ldap-${SDB_LDAP_VER}.tar.bz2 )
373 doc? ( mirror://gentoo/dyndns-samples.tbz2 )"
374
375 LICENSE="as-is"
376 SLOT="0"
377 KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
378 IUSE="ssl ipv6 doc dlz postgres berkdb mysql odbc ldap selinux idn threads
379 resolvconf urandom sdb-ldap xml"
380
381 DEPEND="ssl? ( >=dev-libs/openssl-0.9.6g )
382 mysql? ( >=virtual/mysql-4.0 )
383 odbc? ( >=dev-db/unixODBC-2.2.6 )
384 ldap? ( net-nds/openldap )
385 idn? ( net-dns/idnkit )
386 postgres? ( virtual/postgresql-base )
387 threads? ( >=sys-libs/libcap-2.1.0 )
388 xml? ( dev-libs/libxml2 )"
389
390 RDEPEND="${DEPEND}
391 selinux? ( sec-policy/selinux-bind )
392 resolvconf? ( net-dns/openresolv )"
393
394 S="${WORKDIR}/${MY_P}"
395
396 pkg_setup() {
397 use threads && {
398 ewarn
399 ewarn "If you're in vserver enviroment, you're probably want to"
400 ewarn "disable threads support because of linux capabilities dependency"
401 ewarn
402 }
403
404 ebegin "Creating named group and user"
405 enewgroup named 40
406 enewuser named 40 -1 /etc/bind named
407 eend ${?}
408 }
409
410 src_prepare() {
411 # bug 278364 (workaround)
412 epatch "${FILESDIR}/${PN}-9.6.1-parallel.patch"
413
414 # Adjusting PATHs in manpages
415 for i in bin/{named/named.8,check/named-checkconf.8,rndc/rndc.8} ; do
416 sed -i \
417 -e 's:/etc/named.conf:/etc/bind/named.conf:g' \
418 -e 's:/etc/rndc.conf:/etc/bind/rndc.conf:g' \
419 -e 's:/etc/rndc.key:/etc/bind/rndc.key:g' \
420 "${i}" || die "sed failed, ${i} doesn't exist"
421 done
422
423 use dlz && epatch "${FILESDIR}"/${PN}-9.4.0-dlzbdb-close_cursor.patch
424
425 # bind fails to reconnect to MySQL5 databases, bug #180720, patch by Nicolas Brousse
426 # (http://www.shell-tips.com/2007/09/04/bind-950-patch-dlz-mysql-5-for-auto-reconnect/)
427 use dlz && use mysql && has_version ">=dev-db/mysql-5" && epatch "${FILESDIR}"/bind-dlzmysql5-reconnect.patch
428
429 # should be installed by bind-tools
430 sed -i -e "s:nsupdate ::g" bin/Makefile.in || die
431
432 # sdb-ldap patch as per bug #160567
433 # Upstream URL: http://bind9-ldap.bayour.com/
434 use sdb-ldap && epatch "${WORKDIR}"/sdb-ldap/${PN}-sdb-ldap-${SDB_LDAP_VER}.patch
435
436 # bug #220361
437 rm {aclocal,libtool}.m4
438 WANT_AUTOCONF=2.5 AT_NO_RECURSIVE=1 eautoreconf
439
440 # bug #151839
441 sed -i -e \
442 's:struct isc_socket {:#undef SO_BSDCOMPAT\n\nstruct isc_socket {:' \
443 lib/isc/unix/socket.c || die
444
445 # remove useless c++ checks
446 epunt_cxx
447 }
448
449 src_configure() {
450 local myconf=""
451
452 use dlz && {
453 myconf="${myconf} --with-dlz-filesystem --with-dlz-stub"
454 use postgres && myconf="${myconf} --with-dlz-postgres"
455 use mysql && myconf="${myconf} --with-dlz-mysql"
456 use berkdb && myconf="${myconf} --with-dlz-bdb"
457 use ldap && myconf="${myconf} --with-dlz-ldap"
458 use odbc && myconf="${myconf} --with-dlz-odbc"
459 }
460
461 if use threads; then
462 if use dlz && use mysql; then
463 ewarn
464 ewarn "MySQL uses thread local storage in its C api. Thus MySQL"
465 ewarn "requires that each thread of an application execute a MySQL"
466 ewarn "\"thread initialization\" to setup the thread local storage."
467 ewarn "This is impossible to do safely while staying within the DLZ"
468 ewarn "driver API. This is a limitation caused by MySQL, and not"
469 ewarn "the DLZ API."
470 ewarn "Because of this BIND MUST only run with a single thread when"
471 ewarn "using the MySQL driver."
472 ewarn
473 myconf="${myconf} --disable-linux-caps --disable-threads"
474 ewarn "Threading support disabled"
475 epause 10
476 else
477 myconf="${myconf} --enable-linux-caps --enable-threads"
478 einfo "Threading support enabled"
479 fi
480 else
481 myconf="${myconf} --disable-linux-caps --disable-threads"
482 fi
483
484 if use urandom; then
485 myconf="${myconf} --with-randomdev=/dev/urandom"
486 else
487 myconf="${myconf} --with-randomdev=/dev/random"
488 fi
489
490 # bug #158664
491 gcc-specs-ssp && replace-flags -O[23s] -O
492 export BUILD_CC="${CBUILD}-gcc"
493 econf \
494 --sysconfdir=/etc/bind \
495 --localstatedir=/var \
496 --with-libtool \
497 $(use_with ssl openssl) \
498 $(use_with idn) \
499 $(use_enable ipv6) \
500 $(use_with xml libxml2) \
501 ${myconf}
502 }
503
504 src_install() {
505 emake DESTDIR="${D}" install || die
506
507 dodoc CHANGES FAQ KNOWN-DEFECTS README || die
508
509 if use idn; then
510 dodoc README.idnkit || die
511 fi
512
513 if use doc; then
514 dodoc doc/arm/Bv9ARM.pdf || die
515
516 docinto misc
517 dodoc doc/misc/* || die
518
519 # might a 'html' useflag make sense?
520 docinto html
521 dohtml -r doc/arm/* || die
522
523 docinto draft
524 dodoc doc/draft/* || die
525
526 docinto rfc
527 dodoc doc/rfc/* || die
528
529 docinto contrib
530 dodoc contrib/named-bootconf/named-bootconf.sh \
531 contrib/nanny/nanny.pl || die
532
533 # some handy-dandy dynamic dns examples
534 cd "${D}"/usr/share/doc/${PF}
535 tar xf "${DISTDIR}"/dyndns-samples.tbz2 || die
536 fi
537
538 newenvd "${FILESDIR}"/10bind.env 10bind || die
539
540 keepdir /var/bind/sec
541
542 insinto /etc/bind
543 newins "${FILESDIR}"/named.conf-r3 named.conf || die
544
545 # ftp://ftp.rs.internic.net/domain/named.ca:
546 insinto /var/bind
547 doins "${FILESDIR}"/named.ca || die
548
549 insinto /var/bind/pri
550 newins "${FILESDIR}"/127.zone-r1 127.zone || die
551 newins "${FILESDIR}"/localhost.zone-r3 localhost.zone || die
552
553 newinitd "${FILESDIR}"/named.init-r7 named || die
554 newconfd "${FILESDIR}"/named.confd-r3 named || die
555
556 dosym /var/bind/named.ca /var/bind/root.cache
557 dosym /var/bind/pri /etc/bind/pri
558 dosym /var/bind/sec /etc/bind/sec
559
560 # Let's get rid of those tools and their manpages since they're provided by bind-tools
561 rm -f "${D}"/usr/share/man/man1/{dig,host,nslookup}.1*
562 rm -f "${D}"/usr/share/man/man8/{dnssec-keygen,nsupdate}.8*
563 rm -f "${D}"/usr/bin/{dig,host,nslookup,dnssec-keygen,nsupdate}
564 rm -f "${D}"/usr/sbin/{dig,host,nslookup,dnssec-keygen,nsupdate}
565 }
566
567 pkg_postinst() {
568 if [ ! -f '/etc/bind/rndc.key' ]; then
569 if [ -c /dev/urandom ]; then
570 einfo "Using /dev/urandom for generating rndc.key"
571 /usr/sbin/rndc-confgen -r /dev/urandom -a -u named
572 echo
573 else
574 einfo "Using /dev/random for generating rndc.key"
575 /usr/sbin/rndc-confgen -a -u named
576 echo
577 fi
578 fi
579
580 install -d -o named -g named "${ROOT}"/var/run/named \
581 "${ROOT}"/var/bind/{pri,sec} "${ROOT}"/var/log/named
582 chown -R named:named "${ROOT}"/var/bind
583
584 einfo "The default zone files are now installed as *.zone,"
585 einfo "be careful merging config files if you have modified"
586 einfo "/var/bind/pri/127 or /var/bind/pri/localhost"
587 einfo
588 einfo "You can edit /etc/conf.d/named to customize named settings"
589 einfo
590 einfo "The BIND ebuild now includes chroot support."
591 einfo "If you like to run bind in chroot AND this is a new install OR"
592 einfo "your bind doesn't already run in chroot, simply run:"
593 einfo "\`emerge --config '=${CATEGORY}/${PF}'\`"
594 einfo "Before running the above command you might want to change the chroot"
595 einfo "dir in /etc/conf.d/named. Otherwise /chroot/dns will be used."
596 einfo
597 einfo "Recently verisign added a wildcard A record to the .COM and .NET TLD"
598 einfo "zones making all .com and .net domains appear to be registered"
599 einfo "This causes many problems such as breaking important anti-spam checks"
600 einfo "which verify source domains exist. ISC released a patch for BIND which"
601 einfo "adds 'delegation-only' zones to allow admins to return the .com and .net"
602 einfo "domain resolution to their normal function."
603 einfo
604 einfo "There is no need to create a com or net data file. Just the"
605 einfo "entries to the named.conf file is enough."
606 einfo
607 einfo " zone "com" IN { type delegation-only; };"
608 einfo " zone "net" IN { type delegation-only; };"
609
610 ewarn "NOTE: as of 'bind-9.6.1' the chroot part of the init-script got some major changes."
611 }
612
613 pkg_config() {
614 CHROOT=`sed -n 's/^[[:blank:]]\?CHROOT="\([^"]\+\)"/\1/p' /etc/conf.d/named 2>/dev/null`
615 EXISTS="no"
616
617 if [ -z "${CHROOT}" -a ! -d "/chroot/dns" ]; then
618 CHROOT="/chroot/dns"
619 elif [ -d ${CHROOT} ]; then
620 eerror; eerror "${CHROOT:-/chroot/dns} already exists. Quitting."; eerror; EXISTS="yes"
621 fi
622
623 if [ ! "$EXISTS" = yes ]; then
624 einfo ; einfon "Setting up the chroot directory..."
625
626 mkdir -m 750 -p ${CHROOT}
627 mkdir -p ${CHROOT}/{dev,proc,etc/bind,var/{run,log}/named,var/bind}
628 chown -R named:named ${CHROOT}
629 chown root:named ${CHROOT}
630
631 cp /etc/localtime ${CHROOT}/etc/localtime
632
633 mknod ${CHROOT}/dev/zero c 1 5
634 chmod 666 ${CHROOT}/dev/zero
635
636 if use urandom; then
637 mknod ${CHROOT}/dev/urandom c 1 9
638 chmod 666 ${CHROOT}/dev/urandom
639 else
640 mknod ${CHROOT}/dev/random c 1 8
641 chmod 666 ${CHROOT}/dev/random
642 fi
643
644 if [ -f '/etc/syslog-ng/syslog-ng.conf' ]; then
645 echo "source jail { unix-stream(\"${CHROOT}/dev/log\"); };" >>/etc/syslog-ng/syslog-ng.conf
646 fi
647
648 grep -q "^#[[:blank:]]\?CHROOT" /etc/conf.d/named ; RETVAL=$?
649 if [ $RETVAL = 0 ]; then
650 sed -i 's/^# \?\(CHROOT.*\)$/\1/' /etc/conf.d/named 2>/dev/null
651 fi
652 else
653 ewarn "NOTE: as of 'bind-9.6.1' the chroot part of the init-script got some major changes."
654 fi
655 }
Report Message
Find on MARC Find on Google Groups