1 |
commit: dc6bda47f061079f2cf1eafdd19234168d7ce004 |
2 |
Author: Christian Ruppert <idl0r <AT> gentoo <DOT> org> |
3 |
AuthorDate: Mon Jun 19 12:02:44 2017 +0000 |
4 |
Commit: Christian Ruppert <idl0r <AT> gentoo <DOT> org> |
5 |
CommitDate: Mon Jun 19 12:05:49 2017 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=dc6bda47 |
7 |
|
8 |
net-dns/bind: Version bump |
9 |
|
10 |
Package-Manager: Portage-2.3.6, Repoman-2.3.2 |
11 |
|
12 |
net-dns/bind/Manifest | 1 + |
13 |
net-dns/bind/bind-9.11.1_p1.ebuild | 423 +++++++++++++++++++++++++++++++++++++ |
14 |
2 files changed, 424 insertions(+) |
15 |
|
16 |
diff --git a/net-dns/bind/Manifest b/net-dns/bind/Manifest |
17 |
index f0409efdc54..a53fa392e03 100644 |
18 |
--- a/net-dns/bind/Manifest |
19 |
+++ b/net-dns/bind/Manifest |
20 |
@@ -1,2 +1,3 @@ |
21 |
DIST bind-9.11.0-P5.tar.gz 9698446 SHA256 1e283f0567b484687dfd7b936e26c9af4f64043daf73cbd8f3eb1122c9fb71f5 SHA512 142407db35a7bba6e676f2b3dc726a3a6ece9df8a27722f108ec309e24c4614da097b6cd31675c4925e68ff147896bc0a16dd71aa74dd73753ba86a2dbd7d3bd WHIRLPOOL a2aba3a52ad3610891733a3c8d93c0f5b263f706e36178a6f642b18e607a665ad0b15bdf679b9a5d149e9262eb5f718e23a09e989b63a418ee8fdfcb7f435186 |
22 |
+DIST bind-9.11.1-P1.tar.gz 9745364 SHA256 6b1b3e88d51b8471bd6aee24a8cea70817e850a5901315dc506f9dde275ca638 SHA512 5683ae7be264e11b5b2a843d216e3ca4959b7de109863d5435090b2e033d6c405689e4ce57385ca787b1c948f4437aea39b8d5164a1d347c167f87337e9fc760 WHIRLPOOL a9dd3cabfe04f16a60ce9d55d3bfdd57d05bddd9fb86996e952756bf40b63dda78d269903d1ae951b499cea899e154e2936117ad2bc6de0e30c0937c8292e45b |
23 |
DIST dyndns-samples.tbz2 22866 SHA256 92fb06a92ca99cbbe96b90bcca229ef9c12397db57ae17e199dad9f1218fdbe8 SHA512 83b0bf99f8e9ff709e8e9336d8c5231b98a4b5f0c60c10792f34931e32cc638d261967dfa5a83151ec3740977d94ddd6e21e9ce91267b3e279b88affdbc18cac WHIRLPOOL 08d4e6a817f1d02597631e18152dbd55ea1bc4c82174be150cc77efc9e1f0f03b6471d1cefbe4229cd3161de752ef232a43ca274a07b78e9c974ceb04cfe99a2 |
24 |
|
25 |
diff --git a/net-dns/bind/bind-9.11.1_p1.ebuild b/net-dns/bind/bind-9.11.1_p1.ebuild |
26 |
new file mode 100644 |
27 |
index 00000000000..229272ae715 |
28 |
--- /dev/null |
29 |
+++ b/net-dns/bind/bind-9.11.1_p1.ebuild |
30 |
@@ -0,0 +1,423 @@ |
31 |
+# Copyright 1999-2017 Gentoo Foundation |
32 |
+# Distributed under the terms of the GNU General Public License v2 |
33 |
+ |
34 |
+# Re dlz/mysql and threads, needs to be verified.. |
35 |
+# MySQL uses thread local storage in its C api. Thus MySQL |
36 |
+# requires that each thread of an application execute a MySQL |
37 |
+# thread initialization to setup the thread local storage. |
38 |
+# This is impossible to do safely while staying within the DLZ |
39 |
+# driver API. This is a limitation caused by MySQL, and not the DLZ API. |
40 |
+# Because of this BIND MUST only run with a single thread when |
41 |
+# using the MySQL driver. |
42 |
+ |
43 |
+EAPI="5" |
44 |
+ |
45 |
+PYTHON_COMPAT=( python2_7 python3_{4,5,6} ) |
46 |
+ |
47 |
+inherit python-r1 eutils autotools toolchain-funcs flag-o-matic multilib db-use user systemd |
48 |
+ |
49 |
+MY_PV="${PV/_p/-P}" |
50 |
+MY_PV="${MY_PV/_rc/rc}" |
51 |
+MY_P="${PN}-${MY_PV}" |
52 |
+ |
53 |
+SDB_LDAP_VER="1.1.0-fc14" |
54 |
+ |
55 |
+RRL_PV="${MY_PV}" |
56 |
+ |
57 |
+NSLINT_DIR="contrib/nslint-3.0a2/" |
58 |
+ |
59 |
+# SDB-LDAP: http://bind9-ldap.bayour.com/ |
60 |
+ |
61 |
+DESCRIPTION="BIND - Berkeley Internet Name Domain - Name Server" |
62 |
+HOMEPAGE="http://www.isc.org/software/bind" |
63 |
+SRC_URI="ftp://ftp.isc.org/isc/bind9/${MY_PV}/${MY_P}.tar.gz |
64 |
+ doc? ( mirror://gentoo/dyndns-samples.tbz2 )" |
65 |
+# sdb-ldap? ( |
66 |
+# http://ftp.disconnected-by-peer.at/pub/bind-sdb-ldap-${SDB_LDAP_VER}.patch.bz2 |
67 |
+# )" |
68 |
+ |
69 |
+LICENSE="Apache-2.0 BSD BSD-2 GPL-2 HPND ISC MPL-2.0" |
70 |
+SLOT="0" |
71 |
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" |
72 |
+# -berkdb by default re bug 602682 |
73 |
+IUSE="-berkdb +caps dlz dnstap doc filter-aaaa fixed-rrset geoip gost gssapi idn ipv6 |
74 |
+json ldap libressl lmdb mysql nslint odbc postgres python rpz seccomp selinux ssl static-libs |
75 |
++threads urandom xml +zlib" |
76 |
+# sdb-ldap - patch broken |
77 |
+# no PKCS11 currently as it requires OpenSSL to be patched, also see bug 409687 |
78 |
+ |
79 |
+REQUIRED_USE="postgres? ( dlz ) |
80 |
+ berkdb? ( dlz ) |
81 |
+ mysql? ( dlz !threads ) |
82 |
+ odbc? ( dlz ) |
83 |
+ ldap? ( dlz ) |
84 |
+ gost? ( !libressl ssl ) |
85 |
+ threads? ( caps ) |
86 |
+ dnstap? ( threads ) |
87 |
+ python? ( ${PYTHON_REQUIRED_USE} )" |
88 |
+# sdb-ldap? ( dlz ) |
89 |
+ |
90 |
+DEPEND=" |
91 |
+ ssl? ( |
92 |
+ !libressl? ( dev-libs/openssl:0[-bindist] ) |
93 |
+ libressl? ( dev-libs/libressl ) |
94 |
+ ) |
95 |
+ mysql? ( >=virtual/mysql-4.0 ) |
96 |
+ odbc? ( >=dev-db/unixODBC-2.2.6 ) |
97 |
+ ldap? ( net-nds/openldap ) |
98 |
+ idn? ( net-dns/idnkit ) |
99 |
+ postgres? ( dev-db/postgresql:= ) |
100 |
+ caps? ( >=sys-libs/libcap-2.1.0 ) |
101 |
+ xml? ( dev-libs/libxml2 ) |
102 |
+ geoip? ( >=dev-libs/geoip-1.4.6 ) |
103 |
+ gssapi? ( virtual/krb5 ) |
104 |
+ gost? ( >=dev-libs/openssl-1.0.0:0[-bindist] ) |
105 |
+ seccomp? ( sys-libs/libseccomp ) |
106 |
+ json? ( dev-libs/json-c ) |
107 |
+ lmdb? ( dev-db/lmdb ) |
108 |
+ zlib? ( sys-libs/zlib ) |
109 |
+ dnstap? ( dev-libs/fstrm dev-libs/protobuf-c ) |
110 |
+ python? ( |
111 |
+ ${PYTHON_DEPS} |
112 |
+ dev-python/ply[${PYTHON_USEDEP}] |
113 |
+ )" |
114 |
+# sdb-ldap? ( net-nds/openldap ) |
115 |
+ |
116 |
+RDEPEND="${DEPEND} |
117 |
+ selinux? ( sec-policy/selinux-bind ) |
118 |
+ || ( sys-process/psmisc >=sys-freebsd/freebsd-ubin-9.0_rc sys-process/fuser-bsd )" |
119 |
+ |
120 |
+S="${WORKDIR}/${MY_P}" |
121 |
+ |
122 |
+# bug 479092, requires networking |
123 |
+RESTRICT="test" |
124 |
+ |
125 |
+pkg_setup() { |
126 |
+ ebegin "Creating named group and user" |
127 |
+ enewgroup named 40 |
128 |
+ enewuser named 40 -1 /etc/bind named |
129 |
+ eend ${?} |
130 |
+} |
131 |
+ |
132 |
+src_prepare() { |
133 |
+ # Adjusting PATHs in manpages |
134 |
+ for i in bin/{named/named.8,check/named-checkconf.8,rndc/rndc.8} ; do |
135 |
+ sed -i \ |
136 |
+ -e 's:/etc/named.conf:/etc/bind/named.conf:g' \ |
137 |
+ -e 's:/etc/rndc.conf:/etc/bind/rndc.conf:g' \ |
138 |
+ -e 's:/etc/rndc.key:/etc/bind/rndc.key:g' \ |
139 |
+ "${i}" || die "sed failed, ${i} doesn't exist" |
140 |
+ done |
141 |
+ |
142 |
+# if use dlz; then |
143 |
+# # sdb-ldap patch as per bug #160567 |
144 |
+# # Upstream URL: http://bind9-ldap.bayour.com/ |
145 |
+# # New patch take from bug 302735 |
146 |
+# if use sdb-ldap; then |
147 |
+# epatch "${WORKDIR}"/${PN}-sdb-ldap-${SDB_LDAP_VER}.patch |
148 |
+# cp -fp contrib/sdb/ldap/ldapdb.[ch] bin/named/ |
149 |
+# cp -fp contrib/sdb/ldap/{ldap2zone.1,ldap2zone.c} bin/tools/ |
150 |
+# cp -fp contrib/sdb/ldap/{zone2ldap.1,zone2ldap.c} bin/tools/ |
151 |
+# fi |
152 |
+# fi |
153 |
+ |
154 |
+ # should be installed by bind-tools |
155 |
+ sed -i -r -e "s:(nsupdate|dig|delv) ::g" bin/Makefile.in || die |
156 |
+ |
157 |
+ # Disable tests for now, bug 406399 |
158 |
+ sed -i '/^SUBDIRS/s:tests::' bin/Makefile.in lib/Makefile.in || die |
159 |
+ |
160 |
+ if use nslint; then |
161 |
+ sed -i -e 's:/etc/named.conf:/etc/bind/named.conf:' ${NSLINT_DIR}/nslint.{c,8} || die |
162 |
+ fi |
163 |
+ |
164 |
+ # bug #220361 |
165 |
+ rm aclocal.m4 |
166 |
+ rm -rf libtool.m4/ |
167 |
+ eautoreconf |
168 |
+} |
169 |
+ |
170 |
+src_configure() { |
171 |
+ local myconf="" |
172 |
+ |
173 |
+ if use urandom; then |
174 |
+ myconf="${myconf} --with-randomdev=/dev/urandom" |
175 |
+ else |
176 |
+ myconf="${myconf} --with-randomdev=/dev/random" |
177 |
+ fi |
178 |
+ |
179 |
+ use geoip && myconf="${myconf} --with-geoip" |
180 |
+ |
181 |
+ # bug #158664 |
182 |
+# gcc-specs-ssp && replace-flags -O[23s] -O |
183 |
+ |
184 |
+ # To include db.h from proper path |
185 |
+ use berkdb && append-flags "-I$(db_includedir)" |
186 |
+ |
187 |
+ export BUILD_CC=$(tc-getBUILD_CC) |
188 |
+ econf \ |
189 |
+ --sysconfdir=/etc/bind \ |
190 |
+ --localstatedir=/var \ |
191 |
+ --with-libtool \ |
192 |
+ --enable-full-report \ |
193 |
+ --without-readline \ |
194 |
+ $(use_enable caps linux-caps) \ |
195 |
+ $(use_enable filter-aaaa) \ |
196 |
+ $(use_enable fixed-rrset) \ |
197 |
+ $(use_enable ipv6) \ |
198 |
+ $(use_enable rpz rpz-nsdname) \ |
199 |
+ $(use_enable rpz rpz-nsip) \ |
200 |
+ $(use_enable seccomp) \ |
201 |
+ $(use_enable threads) \ |
202 |
+ $(use_with berkdb dlz-bdb) \ |
203 |
+ $(use_with dlz dlopen) \ |
204 |
+ $(use_with dlz dlz-filesystem) \ |
205 |
+ $(use_with dlz dlz-stub) \ |
206 |
+ $(use_with gost) \ |
207 |
+ $(use_with gssapi) \ |
208 |
+ $(use_with idn) \ |
209 |
+ $(use_with json libjson) \ |
210 |
+ $(use_with ldap dlz-ldap) \ |
211 |
+ $(use_with mysql dlz-mysql) \ |
212 |
+ $(use_with odbc dlz-odbc) \ |
213 |
+ $(use_with postgres dlz-postgres) \ |
214 |
+ $(use_with lmdb) \ |
215 |
+ $(use_with python) \ |
216 |
+ $(use_with ssl ecdsa) \ |
217 |
+ $(use_with ssl openssl "${EPREFIX}"/usr) \ |
218 |
+ $(use_with xml libxml2) \ |
219 |
+ $(use_with zlib) \ |
220 |
+ ${myconf} |
221 |
+ |
222 |
+ # $(use_enable static-libs static) \ |
223 |
+ |
224 |
+ # bug #151839 |
225 |
+ echo '#undef SO_BSDCOMPAT' >> config.h |
226 |
+ |
227 |
+ if use nslint; then |
228 |
+ cd $NSLINT_DIR |
229 |
+ econf |
230 |
+ fi |
231 |
+} |
232 |
+ |
233 |
+src_compile() { |
234 |
+ emake |
235 |
+ |
236 |
+ if use nslint; then |
237 |
+ emake -C $NSLINT_DIR CCOPT="${CFLAGS}" |
238 |
+ fi |
239 |
+} |
240 |
+ |
241 |
+src_install() { |
242 |
+ emake DESTDIR="${D}" install |
243 |
+ |
244 |
+ if use nslint; then |
245 |
+ cd $NSLINT_DIR |
246 |
+ dobin nslint |
247 |
+ doman nslint.8 |
248 |
+ cd "${S}" |
249 |
+ fi |
250 |
+ |
251 |
+ dodoc CHANGES FAQ README |
252 |
+ |
253 |
+ if use idn; then |
254 |
+ dodoc contrib/idn/README.idnkit |
255 |
+ fi |
256 |
+ |
257 |
+ if use doc; then |
258 |
+ dodoc doc/arm/Bv9ARM.pdf |
259 |
+ |
260 |
+ docinto misc |
261 |
+ dodoc doc/misc/* |
262 |
+ |
263 |
+ # might a 'html' useflag make sense? |
264 |
+ docinto html |
265 |
+ dohtml -r doc/arm/* |
266 |
+ |
267 |
+ docinto contrib |
268 |
+ dodoc contrib/scripts/{nanny.pl,named-bootconf.sh} |
269 |
+ |
270 |
+ # some handy-dandy dynamic dns examples |
271 |
+ pushd "${D}"/usr/share/doc/${PF} 1>/dev/null |
272 |
+ tar xf "${DISTDIR}"/dyndns-samples.tbz2 || die |
273 |
+ popd 1>/dev/null |
274 |
+ fi |
275 |
+ |
276 |
+ insinto /etc/bind |
277 |
+ newins "${FILESDIR}"/named.conf-r8 named.conf |
278 |
+ |
279 |
+ # ftp://ftp.rs.internic.net/domain/named.cache: |
280 |
+ insinto /var/bind |
281 |
+ newins "${FILESDIR}"/named.cache-r3 named.cache |
282 |
+ |
283 |
+ insinto /var/bind/pri |
284 |
+ newins "${FILESDIR}"/localhost.zone-r3 localhost.zone |
285 |
+ |
286 |
+ newinitd "${FILESDIR}"/named.init-r13 named |
287 |
+ newconfd "${FILESDIR}"/named.confd-r7 named |
288 |
+ |
289 |
+ if use gost; then |
290 |
+ sed -i -e 's/^OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-0}$/OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-1}/' "${D}/etc/init.d/named" || die |
291 |
+ else |
292 |
+ sed -i -e 's/^OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-1}$/OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-0}/' "${D}/etc/init.d/named" || die |
293 |
+ fi |
294 |
+ |
295 |
+ newenvd "${FILESDIR}"/10bind.env 10bind |
296 |
+ |
297 |
+ # Let's get rid of those tools and their manpages since they're provided by bind-tools |
298 |
+ rm -f "${D}"/usr/share/man/man1/{dig,host,nslookup}.1* |
299 |
+ rm -f "${D}"/usr/share/man/man8/nsupdate.8* |
300 |
+ rm -f "${D}"/usr/bin/{dig,host,nslookup,nsupdate} |
301 |
+ rm -f "${D}"/usr/sbin/{dig,host,nslookup,nsupdate} |
302 |
+ for tool in dsfromkey importkey keyfromlabel keygen \ |
303 |
+ revoke settime signzone verify; do |
304 |
+ rm -f "${D}"/usr/{,s}bin/dnssec-"${tool}" |
305 |
+ rm -f "${D}"/usr/share/man/man8/dnssec-"${tool}".8* |
306 |
+ done |
307 |
+ |
308 |
+ # bug 405251, library archives aren't properly handled by --enable/disable-static |
309 |
+ if ! use static-libs; then |
310 |
+ find "${D}" -type f -name '*.a' -delete || die |
311 |
+ fi |
312 |
+ |
313 |
+ # bug 405251 |
314 |
+ find "${D}" -type f -name '*.la' -delete || die |
315 |
+ |
316 |
+ if use python; then |
317 |
+ install_python_tools() { |
318 |
+ dosbin bin/python/dnssec-{checkds,coverage} |
319 |
+ } |
320 |
+ python_foreach_impl install_python_tools |
321 |
+ |
322 |
+ python_replicate_script "${D}usr/sbin/dnssec-checkds" |
323 |
+ python_replicate_script "${D}usr/sbin/dnssec-coverage" |
324 |
+ fi |
325 |
+ |
326 |
+ # bug 450406 |
327 |
+ dosym named.cache /var/bind/root.cache |
328 |
+ |
329 |
+ dosym /var/bind/pri /etc/bind/pri |
330 |
+ dosym /var/bind/sec /etc/bind/sec |
331 |
+ dosym /var/bind/dyn /etc/bind/dyn |
332 |
+ keepdir /var/bind/{pri,sec,dyn} |
333 |
+ |
334 |
+ dodir /var/log/named |
335 |
+ |
336 |
+ fowners root:named /{etc,var}/bind /var/log/named /var/bind/{sec,pri,dyn} |
337 |
+ fowners root:named /var/bind/named.cache /var/bind/pri/localhost.zone /etc/bind/{bind.keys,named.conf} |
338 |
+ fperms 0640 /var/bind/named.cache /var/bind/pri/localhost.zone /etc/bind/{bind.keys,named.conf} |
339 |
+ fperms 0750 /etc/bind /var/bind/pri |
340 |
+ fperms 0770 /var/log/named /var/bind/{,sec,dyn} |
341 |
+ |
342 |
+ systemd_newunit "${FILESDIR}/named.service-r1" named.service |
343 |
+ systemd_dotmpfilesd "${FILESDIR}"/named.conf |
344 |
+ exeinto /usr/libexec |
345 |
+ doexe "${FILESDIR}/generate-rndc-key.sh" |
346 |
+} |
347 |
+ |
348 |
+pkg_postinst() { |
349 |
+ if [ ! -f '/etc/bind/rndc.key' ]; then |
350 |
+ if use urandom; then |
351 |
+ einfo "Using /dev/urandom for generating rndc.key" |
352 |
+ /usr/sbin/rndc-confgen -r /dev/urandom -a |
353 |
+ echo |
354 |
+ else |
355 |
+ einfo "Using /dev/random for generating rndc.key" |
356 |
+ /usr/sbin/rndc-confgen -a |
357 |
+ echo |
358 |
+ fi |
359 |
+ chown root:named /etc/bind/rndc.key |
360 |
+ chmod 0640 /etc/bind/rndc.key |
361 |
+ fi |
362 |
+ |
363 |
+ einfo |
364 |
+ einfo "You can edit /etc/conf.d/named to customize named settings" |
365 |
+ einfo |
366 |
+ use mysql || use postgres || use ldap && { |
367 |
+ elog "If your named depends on MySQL/PostgreSQL or LDAP," |
368 |
+ elog "uncomment the specified rc_named_* lines in your" |
369 |
+ elog "/etc/conf.d/named config to ensure they'll start before bind" |
370 |
+ einfo |
371 |
+ } |
372 |
+ einfo "If you'd like to run bind in a chroot AND this is a new" |
373 |
+ einfo "install OR your bind doesn't already run in a chroot:" |
374 |
+ einfo "1) Uncomment and set the CHROOT variable in /etc/conf.d/named." |
375 |
+ einfo "2) Run \`emerge --config '=${CATEGORY}/${PF}'\`" |
376 |
+ einfo |
377 |
+ |
378 |
+ CHROOT=$(source /etc/conf.d/named 2>/dev/null; echo ${CHROOT}) |
379 |
+ if [[ -n ${CHROOT} ]]; then |
380 |
+ elog "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!" |
381 |
+ elog "To enable the old behaviour (without using mount) uncomment the" |
382 |
+ elog "CHROOT_NOMOUNT option in your /etc/conf.d/named config." |
383 |
+ elog "If you decide to use the new/default method, ensure to make backup" |
384 |
+ elog "first and merge your existing configs/zones to /etc/bind and" |
385 |
+ elog "/var/bind because bind will now mount the needed directories into" |
386 |
+ elog "the chroot dir." |
387 |
+ fi |
388 |
+} |
389 |
+ |
390 |
+pkg_config() { |
391 |
+ CHROOT=$(source /etc/conf.d/named; echo ${CHROOT}) |
392 |
+ CHROOT_NOMOUNT=$(source /etc/conf.d/named; echo ${CHROOT_NOMOUNT}) |
393 |
+ CHROOT_GEOIP=$(source /etc/conf.d/named; echo ${CHROOT_GEOIP}) |
394 |
+ |
395 |
+ if [[ -z "${CHROOT}" ]]; then |
396 |
+ eerror "This config script is designed to automate setting up" |
397 |
+ eerror "a chrooted bind/named. To do so, please first uncomment" |
398 |
+ eerror "and set the CHROOT variable in '/etc/conf.d/named'." |
399 |
+ die "Unset CHROOT" |
400 |
+ fi |
401 |
+ if [[ -d "${CHROOT}" ]]; then |
402 |
+ ewarn "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!" |
403 |
+ ewarn "To enable the old behaviour (without using mount) uncomment the" |
404 |
+ ewarn "CHROOT_NOMOUNT option in your /etc/conf.d/named config." |
405 |
+ ewarn |
406 |
+ ewarn "${CHROOT} already exists... some things might become overridden" |
407 |
+ ewarn "press CTRL+C if you don't want to continue" |
408 |
+ sleep 10 |
409 |
+ fi |
410 |
+ |
411 |
+ echo; einfo "Setting up the chroot directory..." |
412 |
+ |
413 |
+ mkdir -m 0750 -p ${CHROOT} |
414 |
+ mkdir -m 0755 -p ${CHROOT}/{dev,etc,var/log,run} |
415 |
+ mkdir -m 0750 -p ${CHROOT}/etc/bind |
416 |
+ mkdir -m 0770 -p ${CHROOT}/var/{bind,log/named} ${CHROOT}/run/named/ |
417 |
+ # As of bind 9.8.0 |
418 |
+ if has_version net-dns/bind[gost]; then |
419 |
+ if [ "$(get_libdir)" = "lib64" ]; then |
420 |
+ mkdir -m 0755 -p ${CHROOT}/usr/lib64/engines |
421 |
+ ln -s lib64 ${CHROOT}/usr/lib |
422 |
+ else |
423 |
+ mkdir -m 0755 -p ${CHROOT}/usr/lib/engines |
424 |
+ fi |
425 |
+ fi |
426 |
+ chown root:named ${CHROOT} ${CHROOT}/var/{bind,log/named} ${CHROOT}/run/named/ ${CHROOT}/etc/bind |
427 |
+ |
428 |
+ mknod ${CHROOT}/dev/null c 1 3 |
429 |
+ chmod 0666 ${CHROOT}/dev/null |
430 |
+ |
431 |
+ mknod ${CHROOT}/dev/zero c 1 5 |
432 |
+ chmod 0666 ${CHROOT}/dev/zero |
433 |
+ |
434 |
+ if use urandom; then |
435 |
+ mknod ${CHROOT}/dev/urandom c 1 9 |
436 |
+ chmod 0666 ${CHROOT}/dev/urandom |
437 |
+ else |
438 |
+ mknod ${CHROOT}/dev/random c 1 8 |
439 |
+ chmod 0666 ${CHROOT}/dev/random |
440 |
+ fi |
441 |
+ |
442 |
+ if [ "${CHROOT_NOMOUNT:-0}" -ne 0 ]; then |
443 |
+ cp -a /etc/bind ${CHROOT}/etc/ |
444 |
+ cp -a /var/bind ${CHROOT}/var/ |
445 |
+ fi |
446 |
+ |
447 |
+ if [ "${CHROOT_GEOIP:-0}" -eq 1 ]; then |
448 |
+ mkdir -m 0755 -p ${CHROOT}/usr/share/GeoIP |
449 |
+ fi |
450 |
+ |
451 |
+ elog "You may need to add the following line to your syslog-ng.conf:" |
452 |
+ elog "source jail { unix-stream(\"${CHROOT}/dev/log\"); };" |
453 |
+} |