[gentoo-commits] repo/gentoo:master commit in: net-dns/bind/ - gentoo-commits

From:	Christian Ruppert <idl0r@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: net-dns/bind/
Date:	Mon, 19 Jun 2017 12:06:00
Message-Id:	`1497873949.dc6bda47f061079f2cf1eafdd19234168d7ce004.idl0r@gentoo`

1

commit:     dc6bda47f061079f2cf1eafdd19234168d7ce004

2

Author:     Christian Ruppert <idl0r <AT> gentoo <DOT> org>

3

AuthorDate: Mon Jun 19 12:02:44 2017 +0000

4

Commit:     Christian Ruppert <idl0r <AT> gentoo <DOT> org>

5

CommitDate: Mon Jun 19 12:05:49 2017 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=dc6bda47

7

8

net-dns/bind: Version bump

9

10

Package-Manager: Portage-2.3.6, Repoman-2.3.2

11

12

 net-dns/bind/Manifest              |   1 +

13

 net-dns/bind/bind-9.11.1_p1.ebuild | 423 +++++++++++++++++++++++++++++++++++++

14

 2 files changed, 424 insertions(+)

15

16

diff --git a/net-dns/bind/Manifest b/net-dns/bind/Manifest

17

index f0409efdc54..a53fa392e03 100644

18

--- a/net-dns/bind/Manifest

19

+++ b/net-dns/bind/Manifest

20

@@ -1,2 +1,3 @@

21

 DIST bind-9.11.0-P5.tar.gz 9698446 SHA256 1e283f0567b484687dfd7b936e26c9af4f64043daf73cbd8f3eb1122c9fb71f5 SHA512 142407db35a7bba6e676f2b3dc726a3a6ece9df8a27722f108ec309e24c4614da097b6cd31675c4925e68ff147896bc0a16dd71aa74dd73753ba86a2dbd7d3bd WHIRLPOOL a2aba3a52ad3610891733a3c8d93c0f5b263f706e36178a6f642b18e607a665ad0b15bdf679b9a5d149e9262eb5f718e23a09e989b63a418ee8fdfcb7f435186

22

+DIST bind-9.11.1-P1.tar.gz 9745364 SHA256 6b1b3e88d51b8471bd6aee24a8cea70817e850a5901315dc506f9dde275ca638 SHA512 5683ae7be264e11b5b2a843d216e3ca4959b7de109863d5435090b2e033d6c405689e4ce57385ca787b1c948f4437aea39b8d5164a1d347c167f87337e9fc760 WHIRLPOOL a9dd3cabfe04f16a60ce9d55d3bfdd57d05bddd9fb86996e952756bf40b63dda78d269903d1ae951b499cea899e154e2936117ad2bc6de0e30c0937c8292e45b

23

 DIST dyndns-samples.tbz2 22866 SHA256 92fb06a92ca99cbbe96b90bcca229ef9c12397db57ae17e199dad9f1218fdbe8 SHA512 83b0bf99f8e9ff709e8e9336d8c5231b98a4b5f0c60c10792f34931e32cc638d261967dfa5a83151ec3740977d94ddd6e21e9ce91267b3e279b88affdbc18cac WHIRLPOOL 08d4e6a817f1d02597631e18152dbd55ea1bc4c82174be150cc77efc9e1f0f03b6471d1cefbe4229cd3161de752ef232a43ca274a07b78e9c974ceb04cfe99a2

24

25

diff --git a/net-dns/bind/bind-9.11.1_p1.ebuild b/net-dns/bind/bind-9.11.1_p1.ebuild

26

new file mode 100644

27

index 00000000000..229272ae715

28

--- /dev/null

29

+++ b/net-dns/bind/bind-9.11.1_p1.ebuild

30

@@ -0,0 +1,423 @@

31

+# Copyright 1999-2017 Gentoo Foundation

32

+# Distributed under the terms of the GNU General Public License v2

33

+

34

+# Re dlz/mysql and threads, needs to be verified..

35

+# MySQL uses thread local storage in its C api. Thus MySQL

36

+# requires that each thread of an application execute a MySQL

37

+# thread initialization to setup the thread local storage.

38

+# This is impossible to do safely while staying within the DLZ

39

+# driver API. This is a limitation caused by MySQL, and not the DLZ API.

40

+# Because of this BIND MUST only run with a single thread when

41

+# using the MySQL driver.

42

+

43

+EAPI="5"

44

+

45

+PYTHON_COMPAT=( python2_7 python3_{4,5,6} )

46

+

47

+inherit python-r1 eutils autotools toolchain-funcs flag-o-matic multilib db-use user systemd

48

+

49

+MY_PV="${PV/_p/-P}"

50

+MY_PV="${MY_PV/_rc/rc}"

51

+MY_P="${PN}-${MY_PV}"

52

+

53

+SDB_LDAP_VER="1.1.0-fc14"

54

+

55

+RRL_PV="${MY_PV}"

56

+

57

+NSLINT_DIR="contrib/nslint-3.0a2/"

58

+

59

+# SDB-LDAP: http://bind9-ldap.bayour.com/

60

+

61

+DESCRIPTION="BIND - Berkeley Internet Name Domain - Name Server"

62

+HOMEPAGE="http://www.isc.org/software/bind"

63

+SRC_URI="ftp://ftp.isc.org/isc/bind9/${MY_PV}/${MY_P}.tar.gz

64

+	doc? ( mirror://gentoo/dyndns-samples.tbz2 )"

65

+#	sdb-ldap? (

66

+#		http://ftp.disconnected-by-peer.at/pub/bind-sdb-ldap-${SDB_LDAP_VER}.patch.bz2

67

+#	)"

68

+

69

+LICENSE="Apache-2.0 BSD BSD-2 GPL-2 HPND ISC MPL-2.0"

70

+SLOT="0"

71

+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"

72

+# -berkdb by default re bug 602682

73

+IUSE="-berkdb +caps dlz dnstap doc filter-aaaa fixed-rrset geoip gost gssapi idn ipv6

74

+json ldap libressl lmdb mysql nslint odbc postgres python rpz seccomp selinux ssl static-libs

75

++threads urandom xml +zlib"

76

+# sdb-ldap - patch broken

77

+# no PKCS11 currently as it requires OpenSSL to be patched, also see bug 409687

78

+

79

+REQUIRED_USE="postgres? ( dlz )

80

+	berkdb? ( dlz )

81

+	mysql? ( dlz !threads )

82

+	odbc? ( dlz )

83

+	ldap? ( dlz )

84

+	gost? ( !libressl ssl )

85

+	threads? ( caps )

86

+	dnstap? ( threads )

87

+	python? ( ${PYTHON_REQUIRED_USE} )"

88

+# sdb-ldap? ( dlz )

89

+

90

+DEPEND="

91

+	ssl? (

92

+		!libressl? ( dev-libs/openssl:0[-bindist] )

93

+		libressl? ( dev-libs/libressl )

94

+	)

95

+	mysql? ( >=virtual/mysql-4.0 )

96

+	odbc? ( >=dev-db/unixODBC-2.2.6 )

97

+	ldap? ( net-nds/openldap )

98

+	idn? ( net-dns/idnkit )

99

+	postgres? ( dev-db/postgresql:= )

100

+	caps? ( >=sys-libs/libcap-2.1.0 )

101

+	xml? ( dev-libs/libxml2 )

102

+	geoip? ( >=dev-libs/geoip-1.4.6 )

103

+	gssapi? ( virtual/krb5 )

104

+	gost? ( >=dev-libs/openssl-1.0.0:0[-bindist] )

105

+	seccomp? ( sys-libs/libseccomp )

106

+	json? ( dev-libs/json-c )

107

+	lmdb? ( dev-db/lmdb )

108

+	zlib? ( sys-libs/zlib )

109

+	dnstap? ( dev-libs/fstrm dev-libs/protobuf-c )

110

+	python? (

111

+		${PYTHON_DEPS}

112

+		dev-python/ply[${PYTHON_USEDEP}]

113

+	)"

114

+#	sdb-ldap? ( net-nds/openldap )

115

+

116

+RDEPEND="${DEPEND}

117

+	selinux? ( sec-policy/selinux-bind )

118

+	|| ( sys-process/psmisc >=sys-freebsd/freebsd-ubin-9.0_rc sys-process/fuser-bsd )"

119

+

120

+S="${WORKDIR}/${MY_P}"

121

+

122

+# bug 479092, requires networking

123

+RESTRICT="test"

124

+

125

+pkg_setup() {

126

+	ebegin "Creating named group and user"

127

+	enewgroup named 40

128

+	enewuser named 40 -1 /etc/bind named

129

+	eend ${?}

130

+}

131

+

132

+src_prepare() {

133

+	# Adjusting PATHs in manpages

134

+	for i in bin/{named/named.8,check/named-checkconf.8,rndc/rndc.8} ; do

135

+		sed -i \

136

+			-e 's:/etc/named.conf:/etc/bind/named.conf:g' \

137

+			-e 's:/etc/rndc.conf:/etc/bind/rndc.conf:g' \

138

+			-e 's:/etc/rndc.key:/etc/bind/rndc.key:g' \

139

+			"${i}" || die "sed failed, ${i} doesn't exist"

140

+	done

141

+

142

+#	if use dlz; then

143

+#		# sdb-ldap patch as per  bug #160567

144

+#		# Upstream URL: http://bind9-ldap.bayour.com/

145

+#		# New patch take from bug 302735

146

+#		if use sdb-ldap; then

147

+#			epatch "${WORKDIR}"/${PN}-sdb-ldap-${SDB_LDAP_VER}.patch

148

+#			cp -fp contrib/sdb/ldap/ldapdb.[ch] bin/named/

149

+#			cp -fp contrib/sdb/ldap/{ldap2zone.1,ldap2zone.c} bin/tools/

150

+#			cp -fp contrib/sdb/ldap/{zone2ldap.1,zone2ldap.c} bin/tools/

151

+#		fi

152

+#	fi

153

+

154

+	# should be installed by bind-tools

155

+	sed -i -r -e "s:(nsupdate|dig|delv) ::g" bin/Makefile.in || die

156

+

157

+	# Disable tests for now, bug 406399

158

+	sed -i '/^SUBDIRS/s:tests::' bin/Makefile.in lib/Makefile.in || die

159

+

160

+	if use nslint; then

161

+		sed -i -e 's:/etc/named.conf:/etc/bind/named.conf:' ${NSLINT_DIR}/nslint.{c,8} || die

162

+	fi

163

+

164

+	# bug #220361

165

+	rm aclocal.m4

166

+	rm -rf libtool.m4/

167

+	eautoreconf

168

+}

169

+

170

+src_configure() {

171

+	local myconf=""

172

+

173

+	if use urandom; then

174

+		myconf="${myconf} --with-randomdev=/dev/urandom"

175

+	else

176

+		myconf="${myconf} --with-randomdev=/dev/random"

177

+	fi

178

+

179

+	use geoip && myconf="${myconf} --with-geoip"

180

+

181

+	# bug #158664

182

+#	gcc-specs-ssp && replace-flags -O[23s] -O

183

+

184

+	# To include db.h from proper path

185

+	use berkdb && append-flags "-I$(db_includedir)"

186

+

187

+	export BUILD_CC=$(tc-getBUILD_CC)

188

+	econf \

189

+		--sysconfdir=/etc/bind \

190

+		--localstatedir=/var \

191

+		--with-libtool \

192

+		--enable-full-report \

193

+		--without-readline \

194

+		$(use_enable caps linux-caps) \

195

+		$(use_enable filter-aaaa) \

196

+		$(use_enable fixed-rrset) \

197

+		$(use_enable ipv6) \

198

+		$(use_enable rpz rpz-nsdname) \

199

+		$(use_enable rpz rpz-nsip) \

200

+		$(use_enable seccomp) \

201

+		$(use_enable threads) \

202

+		$(use_with berkdb dlz-bdb) \

203

+		$(use_with dlz dlopen) \

204

+		$(use_with dlz dlz-filesystem) \

205

+		$(use_with dlz dlz-stub) \

206

+		$(use_with gost) \

207

+		$(use_with gssapi) \

208

+		$(use_with idn) \

209

+		$(use_with json libjson) \

210

+		$(use_with ldap dlz-ldap) \

211

+		$(use_with mysql dlz-mysql) \

212

+		$(use_with odbc dlz-odbc) \

213

+		$(use_with postgres dlz-postgres) \

214

+		$(use_with lmdb) \

215

+		$(use_with python) \

216

+		$(use_with ssl ecdsa) \

217

+		$(use_with ssl openssl "${EPREFIX}"/usr) \

218

+		$(use_with xml libxml2) \

219

+		$(use_with zlib) \

220

+		${myconf}

221

+

222

+	# $(use_enable static-libs static) \

223

+

224

+	# bug #151839

225

+	echo '#undef SO_BSDCOMPAT' >> config.h

226

+

227

+	if use nslint; then

228

+		cd $NSLINT_DIR

229

+		econf

230

+	fi

231

+}

232

+

233

+src_compile() {

234

+	emake

235

+

236

+	if use nslint; then

237

+		emake -C $NSLINT_DIR CCOPT="${CFLAGS}"

238

+	fi

239

+}

240

+

241

+src_install() {

242

+	emake DESTDIR="${D}" install

243

+

244

+	if use nslint; then

245

+		cd $NSLINT_DIR

246

+		dobin nslint

247

+		doman nslint.8

248

+		cd "${S}"

249

+	fi

250

+

251

+	dodoc CHANGES FAQ README

252

+

253

+	if use idn; then

254

+		dodoc contrib/idn/README.idnkit

255

+	fi

256

+

257

+	if use doc; then

258

+		dodoc doc/arm/Bv9ARM.pdf

259

+

260

+		docinto misc

261

+		dodoc doc/misc/*

262

+

263

+		# might a 'html' useflag make sense?

264

+		docinto html

265

+		dohtml -r doc/arm/*

266

+

267

+		docinto contrib

268

+		dodoc contrib/scripts/{nanny.pl,named-bootconf.sh}

269

+

270

+		# some handy-dandy dynamic dns examples

271

+		pushd "${D}"/usr/share/doc/${PF} 1>/dev/null

272

+		tar xf "${DISTDIR}"/dyndns-samples.tbz2 || die

273

+		popd 1>/dev/null

274

+	fi

275

+

276

+	insinto /etc/bind

277

+	newins "${FILESDIR}"/named.conf-r8 named.conf

278

+

279

+	# ftp://ftp.rs.internic.net/domain/named.cache:

280

+	insinto /var/bind

281

+	newins "${FILESDIR}"/named.cache-r3 named.cache

282

+

283

+	insinto /var/bind/pri

284

+	newins "${FILESDIR}"/localhost.zone-r3 localhost.zone

285

+

286

+	newinitd "${FILESDIR}"/named.init-r13 named

287

+	newconfd "${FILESDIR}"/named.confd-r7 named

288

+

289

+	if use gost; then

290

+		sed -i -e 's/^OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-0}$/OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-1}/' "${D}/etc/init.d/named" || die

291

+	else

292

+		sed -i -e 's/^OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-1}$/OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-0}/' "${D}/etc/init.d/named" || die

293

+	fi

294

+

295

+	newenvd "${FILESDIR}"/10bind.env 10bind

296

+

297

+	# Let's get rid of those tools and their manpages since they're provided by bind-tools

298

+	rm -f "${D}"/usr/share/man/man1/{dig,host,nslookup}.1*

299

+	rm -f "${D}"/usr/share/man/man8/nsupdate.8*

300

+	rm -f "${D}"/usr/bin/{dig,host,nslookup,nsupdate}

301

+	rm -f "${D}"/usr/sbin/{dig,host,nslookup,nsupdate}

302

+	for tool in dsfromkey importkey keyfromlabel keygen \

303

+	  revoke settime signzone verify; do

304

+		rm -f "${D}"/usr/{,s}bin/dnssec-"${tool}"

305

+		rm -f "${D}"/usr/share/man/man8/dnssec-"${tool}".8*

306

+	done

307

+

308

+	# bug 405251, library archives aren't properly handled by --enable/disable-static

309

+	if ! use static-libs; then

310

+		find "${D}" -type f -name '*.a' -delete || die

311

+	fi

312

+

313

+	# bug 405251

314

+	find "${D}" -type f -name '*.la' -delete || die

315

+

316

+	if use python; then

317

+		install_python_tools() {

318

+			dosbin bin/python/dnssec-{checkds,coverage}

319

+		}

320

+		python_foreach_impl install_python_tools

321

+

322

+		python_replicate_script "${D}usr/sbin/dnssec-checkds"

323

+		python_replicate_script "${D}usr/sbin/dnssec-coverage"

324

+	fi

325

+

326

+	# bug 450406

327

+	dosym named.cache /var/bind/root.cache

328

+

329

+	dosym /var/bind/pri /etc/bind/pri

330

+	dosym /var/bind/sec /etc/bind/sec

331

+	dosym /var/bind/dyn /etc/bind/dyn

332

+	keepdir /var/bind/{pri,sec,dyn}

333

+

334

+	dodir /var/log/named

335

+

336

+	fowners root:named /{etc,var}/bind /var/log/named /var/bind/{sec,pri,dyn}

337

+	fowners root:named /var/bind/named.cache /var/bind/pri/localhost.zone /etc/bind/{bind.keys,named.conf}

338

+	fperms 0640 /var/bind/named.cache /var/bind/pri/localhost.zone /etc/bind/{bind.keys,named.conf}

339

+	fperms 0750 /etc/bind /var/bind/pri

340

+	fperms 0770 /var/log/named /var/bind/{,sec,dyn}

341

+

342

+	systemd_newunit "${FILESDIR}/named.service-r1" named.service

343

+	systemd_dotmpfilesd "${FILESDIR}"/named.conf

344

+	exeinto /usr/libexec

345

+	doexe "${FILESDIR}/generate-rndc-key.sh"

346

+}

347

+

348

+pkg_postinst() {

349

+	if [ ! -f '/etc/bind/rndc.key' ]; then

350

+		if use urandom; then

351

+			einfo "Using /dev/urandom for generating rndc.key"

352

+			/usr/sbin/rndc-confgen -r /dev/urandom -a

353

+			echo

354

+		else

355

+			einfo "Using /dev/random for generating rndc.key"

356

+			/usr/sbin/rndc-confgen -a

357

+			echo

358

+		fi

359

+		chown root:named /etc/bind/rndc.key

360

+		chmod 0640 /etc/bind/rndc.key

361

+	fi

362

+

363

+	einfo

364

+	einfo "You can edit /etc/conf.d/named to customize named settings"

365

+	einfo

366

+	use mysql || use postgres || use ldap && {

367

+		elog "If your named depends on MySQL/PostgreSQL or LDAP,"

368

+		elog "uncomment the specified rc_named_* lines in your"

369

+		elog "/etc/conf.d/named config to ensure they'll start before bind"

370

+		einfo

371

+	}

372

+	einfo "If you'd like to run bind in a chroot AND this is a new"

373

+	einfo "install OR your bind doesn't already run in a chroot:"

374

+	einfo "1) Uncomment and set the CHROOT variable in /etc/conf.d/named."

375

+	einfo "2) Run \`emerge --config '=${CATEGORY}/${PF}'\`"

376

+	einfo

377

+

378

+	CHROOT=$(source /etc/conf.d/named 2>/dev/null; echo ${CHROOT})

379

+	if [[ -n ${CHROOT} ]]; then

380

+		elog "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!"

381

+		elog "To enable the old behaviour (without using mount) uncomment the"

382

+		elog "CHROOT_NOMOUNT option in your /etc/conf.d/named config."

383

+		elog "If you decide to use the new/default method, ensure to make backup"

384

+		elog "first and merge your existing configs/zones to /etc/bind and"

385

+		elog "/var/bind because bind will now mount the needed directories into"

386

+		elog "the chroot dir."

387

+	fi

388

+}

389

+

390

+pkg_config() {

391

+	CHROOT=$(source /etc/conf.d/named; echo ${CHROOT})

392

+	CHROOT_NOMOUNT=$(source /etc/conf.d/named; echo ${CHROOT_NOMOUNT})

393

+	CHROOT_GEOIP=$(source /etc/conf.d/named; echo ${CHROOT_GEOIP})

394

+

395

+	if [[ -z "${CHROOT}" ]]; then

396

+		eerror "This config script is designed to automate setting up"

397

+		eerror "a chrooted bind/named. To do so, please first uncomment"

398

+		eerror "and set the CHROOT variable in '/etc/conf.d/named'."

399

+		die "Unset CHROOT"

400

+	fi

401

+	if [[ -d "${CHROOT}" ]]; then

402

+		ewarn "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!"

403

+		ewarn "To enable the old behaviour (without using mount) uncomment the"

404

+		ewarn "CHROOT_NOMOUNT option in your /etc/conf.d/named config."

405

+		ewarn

406

+		ewarn "${CHROOT} already exists... some things might become overridden"

407

+		ewarn "press CTRL+C if you don't want to continue"

408

+		sleep 10

409

+	fi

410

+

411

+	echo; einfo "Setting up the chroot directory..."

412

+

413

+	mkdir -m 0750 -p ${CHROOT}

414

+	mkdir -m 0755 -p ${CHROOT}/{dev,etc,var/log,run}

415

+	mkdir -m 0750 -p ${CHROOT}/etc/bind

416

+	mkdir -m 0770 -p ${CHROOT}/var/{bind,log/named} ${CHROOT}/run/named/

417

+	# As of bind 9.8.0

418

+	if has_version net-dns/bind[gost]; then

419

+		if [ "$(get_libdir)" = "lib64" ]; then

420

+			mkdir -m 0755 -p ${CHROOT}/usr/lib64/engines

421

+			ln -s lib64 ${CHROOT}/usr/lib

422

+		else

423

+			mkdir -m 0755 -p ${CHROOT}/usr/lib/engines

424

+		fi

425

+	fi

426

+	chown root:named ${CHROOT} ${CHROOT}/var/{bind,log/named} ${CHROOT}/run/named/ ${CHROOT}/etc/bind

427

+

428

+	mknod ${CHROOT}/dev/null c 1 3

429

+	chmod 0666 ${CHROOT}/dev/null

430

+

431

+	mknod ${CHROOT}/dev/zero c 1 5

432

+	chmod 0666 ${CHROOT}/dev/zero

433

+

434

+	if use urandom; then

435

+		mknod ${CHROOT}/dev/urandom c 1 9

436

+		chmod 0666 ${CHROOT}/dev/urandom

437

+	else

438

+		mknod ${CHROOT}/dev/random c 1 8

439

+		chmod 0666 ${CHROOT}/dev/random

440

+	fi

441

+

442

+	if [ "${CHROOT_NOMOUNT:-0}" -ne 0 ]; then

443

+		cp -a /etc/bind ${CHROOT}/etc/

444

+		cp -a /var/bind ${CHROOT}/var/

445

+	fi

446

+

447

+	if [ "${CHROOT_GEOIP:-0}" -eq 1 ]; then

448

+		mkdir -m 0755 -p ${CHROOT}/usr/share/GeoIP

449

+	fi

450

+

451

+	elog "You may need to add the following line to your syslog-ng.conf:"

452

+	elog "source jail { unix-stream(\"${CHROOT}/dev/log\"); };"

453

+}

1	commit: dc6bda47f061079f2cf1eafdd19234168d7ce004
2	Author: Christian Ruppert <idl0r <AT> gentoo <DOT> org>
3	AuthorDate: Mon Jun 19 12:02:44 2017 +0000
4	Commit: Christian Ruppert <idl0r <AT> gentoo <DOT> org>
5	CommitDate: Mon Jun 19 12:05:49 2017 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=dc6bda47
7
8	net-dns/bind: Version bump
9
10	Package-Manager: Portage-2.3.6, Repoman-2.3.2
11
12	net-dns/bind/Manifest \| 1 +
13	net-dns/bind/bind-9.11.1_p1.ebuild \| 423 +++++++++++++++++++++++++++++++++++++
14	2 files changed, 424 insertions(+)
15
16	diff --git a/net-dns/bind/Manifest b/net-dns/bind/Manifest
17	index f0409efdc54..a53fa392e03 100644
18	--- a/net-dns/bind/Manifest
19	+++ b/net-dns/bind/Manifest
20	@@ -1,2 +1,3 @@
21	DIST bind-9.11.0-P5.tar.gz 9698446 SHA256 1e283f0567b484687dfd7b936e26c9af4f64043daf73cbd8f3eb1122c9fb71f5 SHA512 142407db35a7bba6e676f2b3dc726a3a6ece9df8a27722f108ec309e24c4614da097b6cd31675c4925e68ff147896bc0a16dd71aa74dd73753ba86a2dbd7d3bd WHIRLPOOL a2aba3a52ad3610891733a3c8d93c0f5b263f706e36178a6f642b18e607a665ad0b15bdf679b9a5d149e9262eb5f718e23a09e989b63a418ee8fdfcb7f435186
22	+DIST bind-9.11.1-P1.tar.gz 9745364 SHA256 6b1b3e88d51b8471bd6aee24a8cea70817e850a5901315dc506f9dde275ca638 SHA512 5683ae7be264e11b5b2a843d216e3ca4959b7de109863d5435090b2e033d6c405689e4ce57385ca787b1c948f4437aea39b8d5164a1d347c167f87337e9fc760 WHIRLPOOL a9dd3cabfe04f16a60ce9d55d3bfdd57d05bddd9fb86996e952756bf40b63dda78d269903d1ae951b499cea899e154e2936117ad2bc6de0e30c0937c8292e45b
23	DIST dyndns-samples.tbz2 22866 SHA256 92fb06a92ca99cbbe96b90bcca229ef9c12397db57ae17e199dad9f1218fdbe8 SHA512 83b0bf99f8e9ff709e8e9336d8c5231b98a4b5f0c60c10792f34931e32cc638d261967dfa5a83151ec3740977d94ddd6e21e9ce91267b3e279b88affdbc18cac WHIRLPOOL 08d4e6a817f1d02597631e18152dbd55ea1bc4c82174be150cc77efc9e1f0f03b6471d1cefbe4229cd3161de752ef232a43ca274a07b78e9c974ceb04cfe99a2
24
25	diff --git a/net-dns/bind/bind-9.11.1_p1.ebuild b/net-dns/bind/bind-9.11.1_p1.ebuild
26	new file mode 100644
27	index 00000000000..229272ae715
28	--- /dev/null
29	+++ b/net-dns/bind/bind-9.11.1_p1.ebuild
30	@@ -0,0 +1,423 @@
31	+# Copyright 1999-2017 Gentoo Foundation
32	+# Distributed under the terms of the GNU General Public License v2
33	+
34	+# Re dlz/mysql and threads, needs to be verified..
35	+# MySQL uses thread local storage in its C api. Thus MySQL
36	+# requires that each thread of an application execute a MySQL
37	+# thread initialization to setup the thread local storage.
38	+# This is impossible to do safely while staying within the DLZ
39	+# driver API. This is a limitation caused by MySQL, and not the DLZ API.
40	+# Because of this BIND MUST only run with a single thread when
41	+# using the MySQL driver.
42	+
43	+EAPI="5"
44	+
45	+PYTHON_COMPAT=( python2_7 python3_{4,5,6} )
46	+
47	+inherit python-r1 eutils autotools toolchain-funcs flag-o-matic multilib db-use user systemd
48	+
49	+MY_PV="${PV/_p/-P}"
50	+MY_PV="${MY_PV/_rc/rc}"
51	+MY_P="${PN}-${MY_PV}"
52	+
53	+SDB_LDAP_VER="1.1.0-fc14"
54	+
55	+RRL_PV="${MY_PV}"
56	+
57	+NSLINT_DIR="contrib/nslint-3.0a2/"
58	+
59	+# SDB-LDAP: http://bind9-ldap.bayour.com/
60	+
61	+DESCRIPTION="BIND - Berkeley Internet Name Domain - Name Server"
62	+HOMEPAGE="http://www.isc.org/software/bind"
63	+SRC_URI="ftp://ftp.isc.org/isc/bind9/${MY_PV}/${MY_P}.tar.gz
64	+ doc? ( mirror://gentoo/dyndns-samples.tbz2 )"
65	+# sdb-ldap? (
66	+# http://ftp.disconnected-by-peer.at/pub/bind-sdb-ldap-${SDB_LDAP_VER}.patch.bz2
67	+# )"
68	+
69	+LICENSE="Apache-2.0 BSD BSD-2 GPL-2 HPND ISC MPL-2.0"
70	+SLOT="0"
71	+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
72	+# -berkdb by default re bug 602682
73	+IUSE="-berkdb +caps dlz dnstap doc filter-aaaa fixed-rrset geoip gost gssapi idn ipv6
74	+json ldap libressl lmdb mysql nslint odbc postgres python rpz seccomp selinux ssl static-libs
75	++threads urandom xml +zlib"
76	+# sdb-ldap - patch broken
77	+# no PKCS11 currently as it requires OpenSSL to be patched, also see bug 409687
78	+
79	+REQUIRED_USE="postgres? ( dlz )
80	+ berkdb? ( dlz )
81	+ mysql? ( dlz !threads )
82	+ odbc? ( dlz )
83	+ ldap? ( dlz )
84	+ gost? ( !libressl ssl )
85	+ threads? ( caps )
86	+ dnstap? ( threads )
87	+ python? ( ${PYTHON_REQUIRED_USE} )"
88	+# sdb-ldap? ( dlz )
89	+
90	+DEPEND="
91	+ ssl? (
92	+ !libressl? ( dev-libs/openssl:0[-bindist] )
93	+ libressl? ( dev-libs/libressl )
94	+ )
95	+ mysql? ( >=virtual/mysql-4.0 )
96	+ odbc? ( >=dev-db/unixODBC-2.2.6 )
97	+ ldap? ( net-nds/openldap )
98	+ idn? ( net-dns/idnkit )
99	+ postgres? ( dev-db/postgresql:= )
100	+ caps? ( >=sys-libs/libcap-2.1.0 )
101	+ xml? ( dev-libs/libxml2 )
102	+ geoip? ( >=dev-libs/geoip-1.4.6 )
103	+ gssapi? ( virtual/krb5 )
104	+ gost? ( >=dev-libs/openssl-1.0.0:0[-bindist] )
105	+ seccomp? ( sys-libs/libseccomp )
106	+ json? ( dev-libs/json-c )
107	+ lmdb? ( dev-db/lmdb )
108	+ zlib? ( sys-libs/zlib )
109	+ dnstap? ( dev-libs/fstrm dev-libs/protobuf-c )
110	+ python? (
111	+ ${PYTHON_DEPS}
112	+ dev-python/ply[${PYTHON_USEDEP}]
113	+ )"
114	+# sdb-ldap? ( net-nds/openldap )
115	+
116	+RDEPEND="${DEPEND}
117	+ selinux? ( sec-policy/selinux-bind )
118	+ \|\| ( sys-process/psmisc >=sys-freebsd/freebsd-ubin-9.0_rc sys-process/fuser-bsd )"
119	+
120	+S="${WORKDIR}/${MY_P}"
121	+
122	+# bug 479092, requires networking
123	+RESTRICT="test"
124	+
125	+pkg_setup() {
126	+ ebegin "Creating named group and user"
127	+ enewgroup named 40
128	+ enewuser named 40 -1 /etc/bind named
129	+ eend ${?}
130	+}
131	+
132	+src_prepare() {
133	+ # Adjusting PATHs in manpages
134	+ for i in bin/{named/named.8,check/named-checkconf.8,rndc/rndc.8} ; do
135	+ sed -i \
136	+ -e 's:/etc/named.conf:/etc/bind/named.conf:g' \
137	+ -e 's:/etc/rndc.conf:/etc/bind/rndc.conf:g' \
138	+ -e 's:/etc/rndc.key:/etc/bind/rndc.key:g' \
139	+ "${i}" \|\| die "sed failed, ${i} doesn't exist"
140	+ done
141	+
142	+# if use dlz; then
143	+# # sdb-ldap patch as per bug #160567
144	+# # Upstream URL: http://bind9-ldap.bayour.com/
145	+# # New patch take from bug 302735
146	+# if use sdb-ldap; then
147	+# epatch "${WORKDIR}"/${PN}-sdb-ldap-${SDB_LDAP_VER}.patch
148	+# cp -fp contrib/sdb/ldap/ldapdb.[ch] bin/named/
149	+# cp -fp contrib/sdb/ldap/{ldap2zone.1,ldap2zone.c} bin/tools/
150	+# cp -fp contrib/sdb/ldap/{zone2ldap.1,zone2ldap.c} bin/tools/
151	+# fi
152	+# fi
153	+
154	+ # should be installed by bind-tools
155	+ sed -i -r -e "s:(nsupdate\|dig\|delv) ::g" bin/Makefile.in \|\| die
156	+
157	+ # Disable tests for now, bug 406399
158	+ sed -i '/^SUBDIRS/s:tests::' bin/Makefile.in lib/Makefile.in \|\| die
159	+
160	+ if use nslint; then
161	+ sed -i -e 's:/etc/named.conf:/etc/bind/named.conf:' ${NSLINT_DIR}/nslint.{c,8} \|\| die
162	+ fi
163	+
164	+ # bug #220361
165	+ rm aclocal.m4
166	+ rm -rf libtool.m4/
167	+ eautoreconf
168	+}
169	+
170	+src_configure() {
171	+ local myconf=""
172	+
173	+ if use urandom; then
174	+ myconf="${myconf} --with-randomdev=/dev/urandom"
175	+ else
176	+ myconf="${myconf} --with-randomdev=/dev/random"
177	+ fi
178	+
179	+ use geoip && myconf="${myconf} --with-geoip"
180	+
181	+ # bug #158664
182	+# gcc-specs-ssp && replace-flags -O[23s] -O
183	+
184	+ # To include db.h from proper path
185	+ use berkdb && append-flags "-I$(db_includedir)"
186	+
187	+ export BUILD_CC=$(tc-getBUILD_CC)
188	+ econf \
189	+ --sysconfdir=/etc/bind \
190	+ --localstatedir=/var \
191	+ --with-libtool \
192	+ --enable-full-report \
193	+ --without-readline \
194	+ $(use_enable caps linux-caps) \
195	+ $(use_enable filter-aaaa) \
196	+ $(use_enable fixed-rrset) \
197	+ $(use_enable ipv6) \
198	+ $(use_enable rpz rpz-nsdname) \
199	+ $(use_enable rpz rpz-nsip) \
200	+ $(use_enable seccomp) \
201	+ $(use_enable threads) \
202	+ $(use_with berkdb dlz-bdb) \
203	+ $(use_with dlz dlopen) \
204	+ $(use_with dlz dlz-filesystem) \
205	+ $(use_with dlz dlz-stub) \
206	+ $(use_with gost) \
207	+ $(use_with gssapi) \
208	+ $(use_with idn) \
209	+ $(use_with json libjson) \
210	+ $(use_with ldap dlz-ldap) \
211	+ $(use_with mysql dlz-mysql) \
212	+ $(use_with odbc dlz-odbc) \
213	+ $(use_with postgres dlz-postgres) \
214	+ $(use_with lmdb) \
215	+ $(use_with python) \
216	+ $(use_with ssl ecdsa) \
217	+ $(use_with ssl openssl "${EPREFIX}"/usr) \
218	+ $(use_with xml libxml2) \
219	+ $(use_with zlib) \
220	+ ${myconf}
221	+
222	+ # $(use_enable static-libs static) \
223	+
224	+ # bug #151839
225	+ echo '#undef SO_BSDCOMPAT' >> config.h
226	+
227	+ if use nslint; then
228	+ cd $NSLINT_DIR
229	+ econf
230	+ fi
231	+}
232	+
233	+src_compile() {
234	+ emake
235	+
236	+ if use nslint; then
237	+ emake -C $NSLINT_DIR CCOPT="${CFLAGS}"
238	+ fi
239	+}
240	+
241	+src_install() {
242	+ emake DESTDIR="${D}" install
243	+
244	+ if use nslint; then
245	+ cd $NSLINT_DIR
246	+ dobin nslint
247	+ doman nslint.8
248	+ cd "${S}"
249	+ fi
250	+
251	+ dodoc CHANGES FAQ README
252	+
253	+ if use idn; then
254	+ dodoc contrib/idn/README.idnkit
255	+ fi
256	+
257	+ if use doc; then
258	+ dodoc doc/arm/Bv9ARM.pdf
259	+
260	+ docinto misc
261	+ dodoc doc/misc/*
262	+
263	+ # might a 'html' useflag make sense?
264	+ docinto html
265	+ dohtml -r doc/arm/*
266	+
267	+ docinto contrib
268	+ dodoc contrib/scripts/{nanny.pl,named-bootconf.sh}
269	+
270	+ # some handy-dandy dynamic dns examples
271	+ pushd "${D}"/usr/share/doc/${PF} 1>/dev/null
272	+ tar xf "${DISTDIR}"/dyndns-samples.tbz2 \|\| die
273	+ popd 1>/dev/null
274	+ fi
275	+
276	+ insinto /etc/bind
277	+ newins "${FILESDIR}"/named.conf-r8 named.conf
278	+
279	+ # ftp://ftp.rs.internic.net/domain/named.cache:
280	+ insinto /var/bind
281	+ newins "${FILESDIR}"/named.cache-r3 named.cache
282	+
283	+ insinto /var/bind/pri
284	+ newins "${FILESDIR}"/localhost.zone-r3 localhost.zone
285	+
286	+ newinitd "${FILESDIR}"/named.init-r13 named
287	+ newconfd "${FILESDIR}"/named.confd-r7 named
288	+
289	+ if use gost; then
290	+ sed -i -e 's/^OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-0}$/OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-1}/' "${D}/etc/init.d/named" \|\| die
291	+ else
292	+ sed -i -e 's/^OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-1}$/OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-0}/' "${D}/etc/init.d/named" \|\| die
293	+ fi
294	+
295	+ newenvd "${FILESDIR}"/10bind.env 10bind
296	+
297	+ # Let's get rid of those tools and their manpages since they're provided by bind-tools
298	+ rm -f "${D}"/usr/share/man/man1/{dig,host,nslookup}.1*
299	+ rm -f "${D}"/usr/share/man/man8/nsupdate.8*
300	+ rm -f "${D}"/usr/bin/{dig,host,nslookup,nsupdate}
301	+ rm -f "${D}"/usr/sbin/{dig,host,nslookup,nsupdate}
302	+ for tool in dsfromkey importkey keyfromlabel keygen \
303	+ revoke settime signzone verify; do
304	+ rm -f "${D}"/usr/{,s}bin/dnssec-"${tool}"
305	+ rm -f "${D}"/usr/share/man/man8/dnssec-"${tool}".8*
306	+ done
307	+
308	+ # bug 405251, library archives aren't properly handled by --enable/disable-static
309	+ if ! use static-libs; then
310	+ find "${D}" -type f -name '*.a' -delete \|\| die
311	+ fi
312	+
313	+ # bug 405251
314	+ find "${D}" -type f -name '*.la' -delete \|\| die
315	+
316	+ if use python; then
317	+ install_python_tools() {
318	+ dosbin bin/python/dnssec-{checkds,coverage}
319	+ }
320	+ python_foreach_impl install_python_tools
321	+
322	+ python_replicate_script "${D}usr/sbin/dnssec-checkds"
323	+ python_replicate_script "${D}usr/sbin/dnssec-coverage"
324	+ fi
325	+
326	+ # bug 450406
327	+ dosym named.cache /var/bind/root.cache
328	+
329	+ dosym /var/bind/pri /etc/bind/pri
330	+ dosym /var/bind/sec /etc/bind/sec
331	+ dosym /var/bind/dyn /etc/bind/dyn
332	+ keepdir /var/bind/{pri,sec,dyn}
333	+
334	+ dodir /var/log/named
335	+
336	+ fowners root:named /{etc,var}/bind /var/log/named /var/bind/{sec,pri,dyn}
337	+ fowners root:named /var/bind/named.cache /var/bind/pri/localhost.zone /etc/bind/{bind.keys,named.conf}
338	+ fperms 0640 /var/bind/named.cache /var/bind/pri/localhost.zone /etc/bind/{bind.keys,named.conf}
339	+ fperms 0750 /etc/bind /var/bind/pri
340	+ fperms 0770 /var/log/named /var/bind/{,sec,dyn}
341	+
342	+ systemd_newunit "${FILESDIR}/named.service-r1" named.service
343	+ systemd_dotmpfilesd "${FILESDIR}"/named.conf
344	+ exeinto /usr/libexec
345	+ doexe "${FILESDIR}/generate-rndc-key.sh"
346	+}
347	+
348	+pkg_postinst() {
349	+ if [ ! -f '/etc/bind/rndc.key' ]; then
350	+ if use urandom; then
351	+ einfo "Using /dev/urandom for generating rndc.key"
352	+ /usr/sbin/rndc-confgen -r /dev/urandom -a
353	+ echo
354	+ else
355	+ einfo "Using /dev/random for generating rndc.key"
356	+ /usr/sbin/rndc-confgen -a
357	+ echo
358	+ fi
359	+ chown root:named /etc/bind/rndc.key
360	+ chmod 0640 /etc/bind/rndc.key
361	+ fi
362	+
363	+ einfo
364	+ einfo "You can edit /etc/conf.d/named to customize named settings"
365	+ einfo
366	+ use mysql \|\| use postgres \|\| use ldap && {
367	+ elog "If your named depends on MySQL/PostgreSQL or LDAP,"
368	+ elog "uncomment the specified rc_named_* lines in your"
369	+ elog "/etc/conf.d/named config to ensure they'll start before bind"
370	+ einfo
371	+ }
372	+ einfo "If you'd like to run bind in a chroot AND this is a new"
373	+ einfo "install OR your bind doesn't already run in a chroot:"
374	+ einfo "1) Uncomment and set the CHROOT variable in /etc/conf.d/named."
375	+ einfo "2) Run \`emerge --config '=${CATEGORY}/${PF}'\`"
376	+ einfo
377	+
378	+ CHROOT=$(source /etc/conf.d/named 2>/dev/null; echo ${CHROOT})
379	+ if [[ -n ${CHROOT} ]]; then
380	+ elog "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!"
381	+ elog "To enable the old behaviour (without using mount) uncomment the"
382	+ elog "CHROOT_NOMOUNT option in your /etc/conf.d/named config."
383	+ elog "If you decide to use the new/default method, ensure to make backup"
384	+ elog "first and merge your existing configs/zones to /etc/bind and"
385	+ elog "/var/bind because bind will now mount the needed directories into"
386	+ elog "the chroot dir."
387	+ fi
388	+}
389	+
390	+pkg_config() {
391	+ CHROOT=$(source /etc/conf.d/named; echo ${CHROOT})
392	+ CHROOT_NOMOUNT=$(source /etc/conf.d/named; echo ${CHROOT_NOMOUNT})
393	+ CHROOT_GEOIP=$(source /etc/conf.d/named; echo ${CHROOT_GEOIP})
394	+
395	+ if [[ -z "${CHROOT}" ]]; then
396	+ eerror "This config script is designed to automate setting up"
397	+ eerror "a chrooted bind/named. To do so, please first uncomment"
398	+ eerror "and set the CHROOT variable in '/etc/conf.d/named'."
399	+ die "Unset CHROOT"
400	+ fi
401	+ if [[ -d "${CHROOT}" ]]; then
402	+ ewarn "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!"
403	+ ewarn "To enable the old behaviour (without using mount) uncomment the"
404	+ ewarn "CHROOT_NOMOUNT option in your /etc/conf.d/named config."
405	+ ewarn
406	+ ewarn "${CHROOT} already exists... some things might become overridden"
407	+ ewarn "press CTRL+C if you don't want to continue"
408	+ sleep 10
409	+ fi
410	+
411	+ echo; einfo "Setting up the chroot directory..."
412	+
413	+ mkdir -m 0750 -p ${CHROOT}
414	+ mkdir -m 0755 -p ${CHROOT}/{dev,etc,var/log,run}
415	+ mkdir -m 0750 -p ${CHROOT}/etc/bind
416	+ mkdir -m 0770 -p ${CHROOT}/var/{bind,log/named} ${CHROOT}/run/named/
417	+ # As of bind 9.8.0
418	+ if has_version net-dns/bind[gost]; then
419	+ if [ "$(get_libdir)" = "lib64" ]; then
420	+ mkdir -m 0755 -p ${CHROOT}/usr/lib64/engines
421	+ ln -s lib64 ${CHROOT}/usr/lib
422	+ else
423	+ mkdir -m 0755 -p ${CHROOT}/usr/lib/engines
424	+ fi
425	+ fi
426	+ chown root:named ${CHROOT} ${CHROOT}/var/{bind,log/named} ${CHROOT}/run/named/ ${CHROOT}/etc/bind
427	+
428	+ mknod ${CHROOT}/dev/null c 1 3
429	+ chmod 0666 ${CHROOT}/dev/null
430	+
431	+ mknod ${CHROOT}/dev/zero c 1 5
432	+ chmod 0666 ${CHROOT}/dev/zero
433	+
434	+ if use urandom; then
435	+ mknod ${CHROOT}/dev/urandom c 1 9
436	+ chmod 0666 ${CHROOT}/dev/urandom
437	+ else
438	+ mknod ${CHROOT}/dev/random c 1 8
439	+ chmod 0666 ${CHROOT}/dev/random
440	+ fi
441	+
442	+ if [ "${CHROOT_NOMOUNT:-0}" -ne 0 ]; then
443	+ cp -a /etc/bind ${CHROOT}/etc/
444	+ cp -a /var/bind ${CHROOT}/var/
445	+ fi
446	+
447	+ if [ "${CHROOT_GEOIP:-0}" -eq 1 ]; then
448	+ mkdir -m 0755 -p ${CHROOT}/usr/share/GeoIP
449	+ fi
450	+
451	+ elog "You may need to add the following line to your syslog-ng.conf:"
452	+ elog "source jail { unix-stream(\"${CHROOT}/dev/log\"); };"
453	+}

Gentoo Archives: gentoo-commits