Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Mikle Kolyada <zlogene@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: net-dns/bind/
Date: Wed, 23 Jan 2019 09:54:20
Message-Id: 1548237239.f1e9f56e179d4d622710affe07f35a1a5537c7a6.zlogene@gentoo
1 commit: f1e9f56e179d4d622710affe07f35a1a5537c7a6
2 Author: Mikle Kolyada <zlogene <AT> gentoo <DOT> org>
3 AuthorDate: Wed Jan 23 09:53:59 2019 +0000
4 Commit: Mikle Kolyada <zlogene <AT> gentoo <DOT> org>
5 CommitDate: Wed Jan 23 09:53:59 2019 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f1e9f56e
7
8 net-dns/bind: Drop some insecure versions
9
10 Signed-off-by: Mikle Kolyada <zlogene <AT> gentoo.org>
11 Package-Manager: Portage-2.3.51, Repoman-2.3.11
12
13 net-dns/bind/Manifest | 2 -
14 net-dns/bind/bind-9.12.1_p2-r1.ebuild | 400 ---------------------------------
15 net-dns/bind/bind-9.12.2_p1.ebuild | 401 ---------------------------------
16 net-dns/bind/bind-9.12.2_p2.ebuild | 407 ----------------------------------
17 4 files changed, 1210 deletions(-)
18
19 diff --git a/net-dns/bind/Manifest b/net-dns/bind/Manifest
20 index 1e233e6b5df..b31effa9c8f 100644
21 --- a/net-dns/bind/Manifest
22 +++ b/net-dns/bind/Manifest
23 @@ -1,7 +1,5 @@
24 DIST bind-9.11.2_p1.tar.gz 9783329 BLAKE2B 5a3bbd87112064231bd5e6b09ebb4014f9d5cf65cb601c03555ff540a22d87aec3990cd8e37ce5ff09e9a149bdf122d20ecb01f87731e6c79d80379a6926014f SHA512 168f27f580e3be2f7ada27afa2f72e715e750eec76831cf01bd32fabc1fa65dc29dab0eb7ed1682b076d3be99269897ddbc2c10551631a3911d9e5ae1aa40597
25 DIST bind-9.11.3.tar.gz 9523375 BLAKE2B 978986e02767b8ac9f015b52e87b3bc161a7ea72f59f343dcb23f50fbe8474528c4b27ee4fd54bdbe6bd825ce6e8b164e8ad145260b2cdcd004e8892bacd313b SHA512 1f0da13165d1ee872800fe10bb8b0f69c6c76515f9861c1528fb6005213bb71b21a1270906d2ea9ded3eaf6df1a1bac0f2c80aa511683b8d57dcff4f278d8c35
26 DIST bind-9.11.4_p2.tar.gz 9617963 BLAKE2B 409cad7e0976f2e46406d45e87241d61d4d4f00bf08442c4dddbad490ea3d6e42eaad5851fddb83c61a897689a8fdba0cd920aaa0d36329868d26100ba48f946 SHA512 6c01810526fc40485a6c0403d1ddc3b76d2e59b3426b5789436bd671f158d2fa0ea7c0aef2de81998ec715dabd06683fed7b17224d5c794c61e7100a69d4cb60
27 -DIST bind-9.12.1_p2.tar.gz 9305005 BLAKE2B 6be328e9e14a26d17c2f789aafc1f83a4690db0b0ae2aeac7dcc4b54a0e5d228692475a39160599fc5c6fd7ed8733d2f0bbac65a20c513f5fa7b6b49ad4b09ae SHA512 de47eef272c437316444c4f585a2f98ae9169fc118fd057464a5cd064bb9079ffc07145dabf388cd240f56a5ad6d3ad78cf8d98fc37609681eba5d87e18a4f9a
28 -DIST bind-9.12.2_p1.tar.gz 9429002 BLAKE2B 1460b4583a28df21490f71993c8cd595dd8f8ee76727cc8798ee34a6deb1f5a4d39706ec2833a42a7e63ce0dcad917ca975c7d725fc179e2dd0450d8d683ceb4 SHA512 22ce084179439518f7d82f0b80544db929bb4ec71d0e7bd7edad9ae915c903300837d6ead698c9fc23741796f0ba9ed3aa384b752ff65c3b9b20c8969d351cba
29 DIST bind-9.12.2_p2.tar.gz 9422128 BLAKE2B c7d56f025f381a0136aa67ccd49a3254fcfe566d5e3601410e5cada26ccab32a901fe6e14bc14e6e287fa2b3904a4eee8e3ef63329f9bc4cb11f204590ff3623 SHA512 458adf6b3d0df286e7d345a21c40b639efcb275e76f9e0bf4e40a5d76dcac875016324393e129f29397be326d1017367c506ec9cbb35871c98fad4281bc4e05a
30 DIST dyndns-samples.tbz2 22866 BLAKE2B 409890653c6536cb9c0e3ba809d2bfde0e0ae73a2a101b4f229b46c01568466bc022bbbc37712171adbd08c572733e93630feab95a0fcd1ac50a7d37da1d1108 SHA512 83b0bf99f8e9ff709e8e9336d8c5231b98a4b5f0c60c10792f34931e32cc638d261967dfa5a83151ec3740977d94ddd6e21e9ce91267b3e279b88affdbc18cac
31
32 diff --git a/net-dns/bind/bind-9.12.1_p2-r1.ebuild b/net-dns/bind/bind-9.12.1_p2-r1.ebuild
33 deleted file mode 100644
34 index 3e1a46c7bf0..00000000000
35 --- a/net-dns/bind/bind-9.12.1_p2-r1.ebuild
36 +++ /dev/null
37 @@ -1,400 +0,0 @@
38 -# Copyright 1999-2018 Gentoo Foundation
39 -# Distributed under the terms of the GNU General Public License v2
40 -
41 -# Re dlz/mysql and threads, needs to be verified..
42 -# MySQL uses thread local storage in its C api. Thus MySQL
43 -# requires that each thread of an application execute a MySQL
44 -# thread initialization to setup the thread local storage.
45 -# This is impossible to do safely while staying within the DLZ
46 -# driver API. This is a limitation caused by MySQL, and not the DLZ API.
47 -# Because of this BIND MUST only run with a single thread when
48 -# using the MySQL driver.
49 -
50 -EAPI="5"
51 -
52 -PYTHON_COMPAT=( python2_7 python3_{4,5,6} )
53 -
54 -inherit python-r1 eutils autotools toolchain-funcs flag-o-matic multilib db-use user systemd
55 -
56 -MY_PV="${PV/_p/-P}"
57 -MY_PV="${MY_PV/_rc/rc}"
58 -MY_P="${PN}-${MY_PV}"
59 -
60 -SDB_LDAP_VER="1.1.0-fc14"
61 -
62 -RRL_PV="${MY_PV}"
63 -
64 -# SDB-LDAP: http://bind9-ldap.bayour.com/
65 -
66 -DESCRIPTION="BIND - Berkeley Internet Name Domain - Name Server"
67 -HOMEPAGE="http://www.isc.org/software/bind"
68 -SRC_URI="https://www.isc.org/downloads/file/${MY_P}/?version=tar-gz -> ${P}.tar.gz
69 - doc? ( mirror://gentoo/dyndns-samples.tbz2 )"
70 -# sdb-ldap? (
71 -# http://ftp.disconnected-by-peer.at/pub/bind-sdb-ldap-${SDB_LDAP_VER}.patch.bz2
72 -# )"
73 -
74 -LICENSE="Apache-2.0 BSD BSD-2 GPL-2 HPND ISC MPL-2.0"
75 -SLOT="0"
76 -KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
77 -# -berkdb by default re bug 602682
78 -IUSE="-berkdb +caps dlz dnstap doc dnsrps fixed-rrset geoip gost gssapi idn ipv6
79 -json ldap libressl lmdb mysql odbc postgres python rpz seccomp selinux ssl static-libs
80 -+threads urandom xml +zlib"
81 -# sdb-ldap - patch broken
82 -# no PKCS11 currently as it requires OpenSSL to be patched, also see bug 409687
83 -
84 -REQUIRED_USE="postgres? ( dlz )
85 - berkdb? ( dlz )
86 - mysql? ( dlz !threads )
87 - odbc? ( dlz )
88 - ldap? ( dlz )
89 - gost? ( !libressl ssl )
90 - threads? ( caps )
91 - dnstap? ( threads )
92 - python? ( ${PYTHON_REQUIRED_USE} )"
93 -# sdb-ldap? ( dlz )
94 -
95 -DEPEND="
96 - ssl? (
97 - !libressl? ( dev-libs/openssl:0[-bindist] )
98 - libressl? ( dev-libs/libressl )
99 - )
100 - mysql? ( >=virtual/mysql-4.0 )
101 - odbc? ( >=dev-db/unixODBC-2.2.6 )
102 - ldap? ( net-nds/openldap )
103 - idn? ( <net-dns/idnkit-2:= )
104 - postgres? ( dev-db/postgresql:= )
105 - caps? ( >=sys-libs/libcap-2.1.0 )
106 - xml? ( dev-libs/libxml2 )
107 - geoip? ( >=dev-libs/geoip-1.4.6 )
108 - gssapi? ( virtual/krb5 )
109 - gost? ( >=dev-libs/openssl-1.0.0:0[-bindist] )
110 - seccomp? ( sys-libs/libseccomp )
111 - json? ( dev-libs/json-c:= )
112 - lmdb? ( dev-db/lmdb )
113 - zlib? ( sys-libs/zlib )
114 - dnstap? ( dev-libs/fstrm dev-libs/protobuf-c )
115 - python? (
116 - ${PYTHON_DEPS}
117 - dev-python/ply[${PYTHON_USEDEP}]
118 - )"
119 -# sdb-ldap? ( net-nds/openldap )
120 -
121 -RDEPEND="${DEPEND}
122 - selinux? ( sec-policy/selinux-bind )
123 - || ( sys-process/psmisc >=sys-freebsd/freebsd-ubin-9.0_rc sys-process/fuser-bsd )"
124 -
125 -S="${WORKDIR}/${MY_P}"
126 -
127 -# bug 479092, requires networking
128 -RESTRICT="test"
129 -
130 -pkg_setup() {
131 - ebegin "Creating named group and user"
132 - enewgroup named 40
133 - enewuser named 40 -1 /etc/bind named
134 - eend ${?}
135 -}
136 -
137 -src_prepare() {
138 - # Adjusting PATHs in manpages
139 - for i in bin/{named/named.8,check/named-checkconf.8,rndc/rndc.8} ; do
140 - sed -i \
141 - -e 's:/etc/named.conf:/etc/bind/named.conf:g' \
142 - -e 's:/etc/rndc.conf:/etc/bind/rndc.conf:g' \
143 - -e 's:/etc/rndc.key:/etc/bind/rndc.key:g' \
144 - "${i}" || die "sed failed, ${i} doesn't exist"
145 - done
146 -
147 - # bug 657654 / CVE-2018-5738
148 - epatch "${FILESDIR}/${P}-CVE-2018-5738.patch"
149 -
150 -# if use dlz; then
151 -# # sdb-ldap patch as per bug #160567
152 -# # Upstream URL: http://bind9-ldap.bayour.com/
153 -# # New patch take from bug 302735
154 -# if use sdb-ldap; then
155 -# epatch "${WORKDIR}"/${PN}-sdb-ldap-${SDB_LDAP_VER}.patch
156 -# cp -fp contrib/sdb/ldap/ldapdb.[ch] bin/named/
157 -# cp -fp contrib/sdb/ldap/{ldap2zone.1,ldap2zone.c} bin/tools/
158 -# cp -fp contrib/sdb/ldap/{zone2ldap.1,zone2ldap.c} bin/tools/
159 -# fi
160 -# fi
161 -
162 - # should be installed by bind-tools
163 - sed -i -r -e "s:(nsupdate|dig|delv) ::g" bin/Makefile.in || die
164 -
165 - # Disable tests for now, bug 406399
166 - sed -i '/^SUBDIRS/s:tests::' bin/Makefile.in lib/Makefile.in || die
167 -
168 - # bug #220361
169 - rm aclocal.m4
170 - rm -rf libtool.m4/
171 - eautoreconf
172 -}
173 -
174 -src_configure() {
175 - local myconf=""
176 -
177 - if use urandom; then
178 - myconf="${myconf} --with-randomdev=/dev/urandom"
179 - else
180 - myconf="${myconf} --with-randomdev=/dev/random"
181 - fi
182 -
183 - use geoip && myconf="${myconf} --with-geoip"
184 -
185 - # bug #158664
186 -# gcc-specs-ssp && replace-flags -O[23s] -O
187 -
188 - # To include db.h from proper path
189 - use berkdb && append-flags "-I$(db_includedir)"
190 -
191 - export BUILD_CC=$(tc-getBUILD_CC)
192 - econf \
193 - --sysconfdir=/etc/bind \
194 - --localstatedir=/var \
195 - --with-libtool \
196 - --enable-full-report \
197 - --without-readline \
198 - $(use_enable caps linux-caps) \
199 - $(use_enable dnsrps) \
200 - $(use_enable fixed-rrset) \
201 - $(use_enable ipv6) \
202 - $(use_enable rpz rpz-nsdname) \
203 - $(use_enable rpz rpz-nsip) \
204 - $(use_enable seccomp) \
205 - $(use_enable threads) \
206 - $(use_with berkdb dlz-bdb) \
207 - $(use_with dlz dlopen) \
208 - $(use_with dlz dlz-filesystem) \
209 - $(use_with dlz dlz-stub) \
210 - $(use_with gost) \
211 - $(use_with gssapi) \
212 - $(use_with idn) \
213 - $(use_with json libjson) \
214 - $(use_with ldap dlz-ldap) \
215 - $(use_with mysql dlz-mysql) \
216 - $(use_with odbc dlz-odbc) \
217 - $(use_with postgres dlz-postgres) \
218 - $(use_with lmdb) \
219 - $(use_with python) \
220 - $(use_with ssl ecdsa) \
221 - $(use_with ssl openssl "${EPREFIX}"/usr) \
222 - $(use_with xml libxml2) \
223 - $(use_with zlib) \
224 - ${myconf}
225 -
226 - # $(use_enable static-libs static) \
227 -
228 - # bug #151839
229 - echo '#undef SO_BSDCOMPAT' >> config.h
230 -}
231 -
232 -src_install() {
233 - emake DESTDIR="${D}" install
234 -
235 - dodoc CHANGES README
236 -
237 - if use idn; then
238 - dodoc contrib/idn/README.idnkit
239 - fi
240 -
241 - if use doc; then
242 - dodoc doc/arm/Bv9ARM.pdf
243 -
244 - docinto misc
245 - dodoc doc/misc/*
246 -
247 - # might a 'html' useflag make sense?
248 - docinto html
249 - dohtml -r doc/arm/*
250 -
251 - docinto contrib
252 - dodoc contrib/scripts/{nanny.pl,named-bootconf.sh}
253 -
254 - # some handy-dandy dynamic dns examples
255 - pushd "${D}"/usr/share/doc/${PF} 1>/dev/null
256 - tar xf "${DISTDIR}"/dyndns-samples.tbz2 || die
257 - popd 1>/dev/null
258 - fi
259 -
260 - insinto /etc/bind
261 - newins "${FILESDIR}"/named.conf-r8 named.conf
262 -
263 - # ftp://ftp.rs.internic.net/domain/named.cache:
264 - insinto /var/bind
265 - newins "${FILESDIR}"/named.cache-r3 named.cache
266 -
267 - insinto /var/bind/pri
268 - newins "${FILESDIR}"/localhost.zone-r3 localhost.zone
269 -
270 - newinitd "${FILESDIR}"/named.init-r13 named
271 - newconfd "${FILESDIR}"/named.confd-r7 named
272 -
273 - if use gost; then
274 - sed -i -e 's/^OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-0}$/OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-1}/' "${D}/etc/init.d/named" || die
275 - else
276 - sed -i -e 's/^OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-1}$/OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-0}/' "${D}/etc/init.d/named" || die
277 - fi
278 -
279 - newenvd "${FILESDIR}"/10bind.env 10bind
280 -
281 - # Let's get rid of those tools and their manpages since they're provided by bind-tools
282 - rm -f "${D}"/usr/share/man/man1/{dig,host,nslookup}.1*
283 - rm -f "${D}"/usr/share/man/man8/nsupdate.8*
284 - rm -f "${D}"/usr/bin/{dig,host,nslookup,nsupdate}
285 - rm -f "${D}"/usr/sbin/{dig,host,nslookup,nsupdate}
286 - for tool in dsfromkey importkey keyfromlabel keygen \
287 - revoke settime signzone verify; do
288 - rm -f "${D}"/usr/{,s}bin/dnssec-"${tool}"
289 - rm -f "${D}"/usr/share/man/man8/dnssec-"${tool}".8*
290 - done
291 -
292 - # bug 405251, library archives aren't properly handled by --enable/disable-static
293 - if ! use static-libs; then
294 - find "${D}" -type f -name '*.a' -delete || die
295 - fi
296 -
297 - # bug 405251
298 - find "${D}" -type f -name '*.la' -delete || die
299 -
300 - if use python; then
301 - install_python_tools() {
302 - dosbin bin/python/dnssec-{checkds,coverage}
303 - }
304 - python_foreach_impl install_python_tools
305 -
306 - python_replicate_script "${D}usr/sbin/dnssec-checkds"
307 - python_replicate_script "${D}usr/sbin/dnssec-coverage"
308 - fi
309 -
310 - # bug 450406
311 - dosym named.cache /var/bind/root.cache
312 -
313 - dosym /var/bind/pri /etc/bind/pri
314 - dosym /var/bind/sec /etc/bind/sec
315 - dosym /var/bind/dyn /etc/bind/dyn
316 - keepdir /var/bind/{pri,sec,dyn}
317 -
318 - dodir /var/log/named
319 -
320 - fowners root:named /{etc,var}/bind /var/log/named /var/bind/{sec,pri,dyn}
321 - fowners root:named /var/bind/named.cache /var/bind/pri/localhost.zone /etc/bind/{bind.keys,named.conf}
322 - fperms 0640 /var/bind/named.cache /var/bind/pri/localhost.zone /etc/bind/{bind.keys,named.conf}
323 - fperms 0750 /etc/bind /var/bind/pri
324 - fperms 0770 /var/log/named /var/bind/{,sec,dyn}
325 -
326 - systemd_newunit "${FILESDIR}/named.service-r1" named.service
327 - systemd_dotmpfilesd "${FILESDIR}"/named.conf
328 - exeinto /usr/libexec
329 - doexe "${FILESDIR}/generate-rndc-key.sh"
330 -}
331 -
332 -pkg_postinst() {
333 - if [ ! -f '/etc/bind/rndc.key' ]; then
334 - if use urandom; then
335 - einfo "Using /dev/urandom for generating rndc.key"
336 - /usr/sbin/rndc-confgen -r /dev/urandom -a
337 - echo
338 - else
339 - einfo "Using /dev/random for generating rndc.key"
340 - /usr/sbin/rndc-confgen -a
341 - echo
342 - fi
343 - chown root:named /etc/bind/rndc.key
344 - chmod 0640 /etc/bind/rndc.key
345 - fi
346 -
347 - einfo
348 - einfo "You can edit /etc/conf.d/named to customize named settings"
349 - einfo
350 - use mysql || use postgres || use ldap && {
351 - elog "If your named depends on MySQL/PostgreSQL or LDAP,"
352 - elog "uncomment the specified rc_named_* lines in your"
353 - elog "/etc/conf.d/named config to ensure they'll start before bind"
354 - einfo
355 - }
356 - einfo "If you'd like to run bind in a chroot AND this is a new"
357 - einfo "install OR your bind doesn't already run in a chroot:"
358 - einfo "1) Uncomment and set the CHROOT variable in /etc/conf.d/named."
359 - einfo "2) Run \`emerge --config '=${CATEGORY}/${PF}'\`"
360 - einfo
361 -
362 - CHROOT=$(source /etc/conf.d/named 2>/dev/null; echo ${CHROOT})
363 - if [[ -n ${CHROOT} ]]; then
364 - elog "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!"
365 - elog "To enable the old behaviour (without using mount) uncomment the"
366 - elog "CHROOT_NOMOUNT option in your /etc/conf.d/named config."
367 - elog "If you decide to use the new/default method, ensure to make backup"
368 - elog "first and merge your existing configs/zones to /etc/bind and"
369 - elog "/var/bind because bind will now mount the needed directories into"
370 - elog "the chroot dir."
371 - fi
372 -}
373 -
374 -pkg_config() {
375 - CHROOT=$(source /etc/conf.d/named; echo ${CHROOT})
376 - CHROOT_NOMOUNT=$(source /etc/conf.d/named; echo ${CHROOT_NOMOUNT})
377 - CHROOT_GEOIP=$(source /etc/conf.d/named; echo ${CHROOT_GEOIP})
378 -
379 - if [[ -z "${CHROOT}" ]]; then
380 - eerror "This config script is designed to automate setting up"
381 - eerror "a chrooted bind/named. To do so, please first uncomment"
382 - eerror "and set the CHROOT variable in '/etc/conf.d/named'."
383 - die "Unset CHROOT"
384 - fi
385 - if [[ -d "${CHROOT}" ]]; then
386 - ewarn "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!"
387 - ewarn "To enable the old behaviour (without using mount) uncomment the"
388 - ewarn "CHROOT_NOMOUNT option in your /etc/conf.d/named config."
389 - ewarn
390 - ewarn "${CHROOT} already exists... some things might become overridden"
391 - ewarn "press CTRL+C if you don't want to continue"
392 - sleep 10
393 - fi
394 -
395 - echo; einfo "Setting up the chroot directory..."
396 -
397 - mkdir -m 0750 -p ${CHROOT}
398 - mkdir -m 0755 -p ${CHROOT}/{dev,etc,var/log,run}
399 - mkdir -m 0750 -p ${CHROOT}/etc/bind
400 - mkdir -m 0770 -p ${CHROOT}/var/{bind,log/named} ${CHROOT}/run/named/
401 - # As of bind 9.8.0
402 - if has_version net-dns/bind[gost]; then
403 - if [ "$(get_libdir)" = "lib64" ]; then
404 - mkdir -m 0755 -p ${CHROOT}/usr/lib64/engines
405 - ln -s lib64 ${CHROOT}/usr/lib
406 - else
407 - mkdir -m 0755 -p ${CHROOT}/usr/lib/engines
408 - fi
409 - fi
410 - chown root:named ${CHROOT} ${CHROOT}/var/{bind,log/named} ${CHROOT}/run/named/ ${CHROOT}/etc/bind
411 -
412 - mknod ${CHROOT}/dev/null c 1 3
413 - chmod 0666 ${CHROOT}/dev/null
414 -
415 - mknod ${CHROOT}/dev/zero c 1 5
416 - chmod 0666 ${CHROOT}/dev/zero
417 -
418 - if use urandom; then
419 - mknod ${CHROOT}/dev/urandom c 1 9
420 - chmod 0666 ${CHROOT}/dev/urandom
421 - else
422 - mknod ${CHROOT}/dev/random c 1 8
423 - chmod 0666 ${CHROOT}/dev/random
424 - fi
425 -
426 - if [ "${CHROOT_NOMOUNT:-0}" -ne 0 ]; then
427 - cp -a /etc/bind ${CHROOT}/etc/
428 - cp -a /var/bind ${CHROOT}/var/
429 - fi
430 -
431 - if [ "${CHROOT_GEOIP:-0}" -eq 1 ]; then
432 - mkdir -m 0755 -p ${CHROOT}/usr/share/GeoIP
433 - fi
434 -
435 - elog "You may need to add the following line to your syslog-ng.conf:"
436 - elog "source jail { unix-stream(\"${CHROOT}/dev/log\"); };"
437 -}
438
439 diff --git a/net-dns/bind/bind-9.12.2_p1.ebuild b/net-dns/bind/bind-9.12.2_p1.ebuild
440 deleted file mode 100644
441 index 1d4cd915c43..00000000000
442 --- a/net-dns/bind/bind-9.12.2_p1.ebuild
443 +++ /dev/null
444 @@ -1,401 +0,0 @@
445 -# Copyright 1999-2018 Gentoo Foundation
446 -# Distributed under the terms of the GNU General Public License v2
447 -
448 -# Re dlz/mysql and threads, needs to be verified..
449 -# MySQL uses thread local storage in its C api. Thus MySQL
450 -# requires that each thread of an application execute a MySQL
451 -# thread initialization to setup the thread local storage.
452 -# This is impossible to do safely while staying within the DLZ
453 -# driver API. This is a limitation caused by MySQL, and not the DLZ API.
454 -# Because of this BIND MUST only run with a single thread when
455 -# using the MySQL driver.
456 -
457 -EAPI="5"
458 -
459 -PYTHON_COMPAT=( python2_7 python3_{4,5,6} )
460 -
461 -inherit python-r1 eutils autotools toolchain-funcs flag-o-matic multilib db-use user systemd
462 -
463 -MY_PV="${PV/_p/-P}"
464 -MY_PV="${MY_PV/_rc/rc}"
465 -MY_P="${PN}-${MY_PV}"
466 -
467 -SDB_LDAP_VER="1.1.0-fc14"
468 -
469 -RRL_PV="${MY_PV}"
470 -
471 -# SDB-LDAP: http://bind9-ldap.bayour.com/
472 -
473 -DESCRIPTION="BIND - Berkeley Internet Name Domain - Name Server"
474 -HOMEPAGE="http://www.isc.org/software/bind"
475 -SRC_URI="https://www.isc.org/downloads/file/${MY_P}/?version=tar-gz -> ${P}.tar.gz
476 - doc? ( mirror://gentoo/dyndns-samples.tbz2 )"
477 -# sdb-ldap? (
478 -# http://ftp.disconnected-by-peer.at/pub/bind-sdb-ldap-${SDB_LDAP_VER}.patch.bz2
479 -# )"
480 -
481 -LICENSE="Apache-2.0 BSD BSD-2 GPL-2 HPND ISC MPL-2.0"
482 -SLOT="0"
483 -KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
484 -# -berkdb by default re bug 602682
485 -IUSE="-berkdb +caps dlz dnstap doc dnsrps fixed-rrset geoip gost gssapi idn ipv6
486 -json ldap libidn2 libressl lmdb mysql odbc postgres python rpz seccomp selinux ssl static-libs
487 -+threads urandom xml +zlib"
488 -# sdb-ldap - patch broken
489 -# no PKCS11 currently as it requires OpenSSL to be patched, also see bug 409687
490 -
491 -REQUIRED_USE="idn? ( !libidn2 )
492 - libidn2? ( !idn )
493 - postgres? ( dlz )
494 - berkdb? ( dlz )
495 - mysql? ( dlz !threads )
496 - odbc? ( dlz )
497 - ldap? ( dlz )
498 - gost? ( !libressl ssl )
499 - threads? ( caps )
500 - dnstap? ( threads )
501 - python? ( ${PYTHON_REQUIRED_USE} )"
502 -# sdb-ldap? ( dlz )
503 -
504 -DEPEND="
505 - ssl? (
506 - !libressl? ( dev-libs/openssl:0[-bindist] )
507 - libressl? ( dev-libs/libressl )
508 - )
509 - mysql? ( >=virtual/mysql-4.0 )
510 - odbc? ( >=dev-db/unixODBC-2.2.6 )
511 - ldap? ( net-nds/openldap )
512 - idn? ( <net-dns/idnkit-2:= )
513 - libidn2? ( net-dns/libidn2 )
514 - postgres? ( dev-db/postgresql:= )
515 - caps? ( >=sys-libs/libcap-2.1.0 )
516 - xml? ( dev-libs/libxml2 )
517 - geoip? ( >=dev-libs/geoip-1.4.6 )
518 - gssapi? ( virtual/krb5 )
519 - gost? ( >=dev-libs/openssl-1.0.0:0[-bindist] )
520 - seccomp? ( sys-libs/libseccomp )
521 - json? ( dev-libs/json-c:= )
522 - lmdb? ( dev-db/lmdb )
523 - zlib? ( sys-libs/zlib )
524 - dnstap? ( dev-libs/fstrm dev-libs/protobuf-c )
525 - python? (
526 - ${PYTHON_DEPS}
527 - dev-python/ply[${PYTHON_USEDEP}]
528 - )"
529 -# sdb-ldap? ( net-nds/openldap )
530 -
531 -RDEPEND="${DEPEND}
532 - selinux? ( sec-policy/selinux-bind )
533 - || ( sys-process/psmisc >=sys-freebsd/freebsd-ubin-9.0_rc sys-process/fuser-bsd )"
534 -
535 -S="${WORKDIR}/${MY_P}"
536 -
537 -# bug 479092, requires networking
538 -RESTRICT="test"
539 -
540 -pkg_setup() {
541 - ebegin "Creating named group and user"
542 - enewgroup named 40
543 - enewuser named 40 -1 /etc/bind named
544 - eend ${?}
545 -}
546 -
547 -src_prepare() {
548 - # Adjusting PATHs in manpages
549 - for i in bin/{named/named.8,check/named-checkconf.8,rndc/rndc.8} ; do
550 - sed -i \
551 - -e 's:/etc/named.conf:/etc/bind/named.conf:g' \
552 - -e 's:/etc/rndc.conf:/etc/bind/rndc.conf:g' \
553 - -e 's:/etc/rndc.key:/etc/bind/rndc.key:g' \
554 - "${i}" || die "sed failed, ${i} doesn't exist"
555 - done
556 -
557 -# if use dlz; then
558 -# # sdb-ldap patch as per bug #160567
559 -# # Upstream URL: http://bind9-ldap.bayour.com/
560 -# # New patch take from bug 302735
561 -# if use sdb-ldap; then
562 -# epatch "${WORKDIR}"/${PN}-sdb-ldap-${SDB_LDAP_VER}.patch
563 -# cp -fp contrib/sdb/ldap/ldapdb.[ch] bin/named/
564 -# cp -fp contrib/sdb/ldap/{ldap2zone.1,ldap2zone.c} bin/tools/
565 -# cp -fp contrib/sdb/ldap/{zone2ldap.1,zone2ldap.c} bin/tools/
566 -# fi
567 -# fi
568 -
569 - # should be installed by bind-tools
570 - sed -i -r -e "s:(nsupdate|dig|delv) ::g" bin/Makefile.in || die
571 -
572 - # Disable tests for now, bug 406399
573 - sed -i '/^SUBDIRS/s:tests::' bin/Makefile.in lib/Makefile.in || die
574 -
575 - # bug #220361
576 - rm aclocal.m4
577 - rm -rf libtool.m4/
578 - eautoreconf
579 -}
580 -
581 -src_configure() {
582 - local myconf=""
583 -
584 - if use urandom; then
585 - myconf="${myconf} --with-randomdev=/dev/urandom"
586 - else
587 - myconf="${myconf} --with-randomdev=/dev/random"
588 - fi
589 -
590 - use geoip && myconf="${myconf} --with-geoip"
591 -
592 - # bug #158664
593 -# gcc-specs-ssp && replace-flags -O[23s] -O
594 -
595 - # To include db.h from proper path
596 - use berkdb && append-flags "-I$(db_includedir)"
597 -
598 - export BUILD_CC=$(tc-getBUILD_CC)
599 - econf \
600 - --sysconfdir=/etc/bind \
601 - --localstatedir=/var \
602 - --with-libtool \
603 - --enable-full-report \
604 - --without-readline \
605 - $(use_enable caps linux-caps) \
606 - $(use_enable dnsrps) \
607 - $(use_enable fixed-rrset) \
608 - $(use_enable ipv6) \
609 - $(use_enable rpz rpz-nsdname) \
610 - $(use_enable rpz rpz-nsip) \
611 - $(use_enable seccomp) \
612 - $(use_enable threads) \
613 - $(use_with berkdb dlz-bdb) \
614 - $(use_with dlz dlopen) \
615 - $(use_with dlz dlz-filesystem) \
616 - $(use_with dlz dlz-stub) \
617 - $(use_with gost) \
618 - $(use_with gssapi) \
619 - $(use_with idn idnkit) \
620 - $(use_with libidn2) \
621 - $(use_with json libjson) \
622 - $(use_with ldap dlz-ldap) \
623 - $(use_with mysql dlz-mysql) \
624 - $(use_with odbc dlz-odbc) \
625 - $(use_with postgres dlz-postgres) \
626 - $(use_with lmdb) \
627 - $(use_with python) \
628 - $(use_with ssl ecdsa) \
629 - $(use_with ssl openssl "${EPREFIX}"/usr) \
630 - $(use_with xml libxml2) \
631 - $(use_with zlib) \
632 - ${myconf}
633 -
634 - # $(use_enable static-libs static) \
635 -
636 - # bug #151839
637 - echo '#undef SO_BSDCOMPAT' >> config.h
638 -}
639 -
640 -src_install() {
641 - emake DESTDIR="${D}" install
642 -
643 - dodoc CHANGES README
644 -
645 - if use idn; then
646 - dodoc contrib/idn/README.idnkit
647 - fi
648 -
649 - if use doc; then
650 - dodoc doc/arm/Bv9ARM.pdf
651 -
652 - docinto misc
653 - dodoc doc/misc/*
654 -
655 - # might a 'html' useflag make sense?
656 - docinto html
657 - dohtml -r doc/arm/*
658 -
659 - docinto contrib
660 - dodoc contrib/scripts/{nanny.pl,named-bootconf.sh}
661 -
662 - # some handy-dandy dynamic dns examples
663 - pushd "${D}"/usr/share/doc/${PF} 1>/dev/null
664 - tar xf "${DISTDIR}"/dyndns-samples.tbz2 || die
665 - popd 1>/dev/null
666 - fi
667 -
668 - insinto /etc/bind
669 - newins "${FILESDIR}"/named.conf-r8 named.conf
670 -
671 - # ftp://ftp.rs.internic.net/domain/named.cache:
672 - insinto /var/bind
673 - newins "${FILESDIR}"/named.cache-r3 named.cache
674 -
675 - insinto /var/bind/pri
676 - newins "${FILESDIR}"/localhost.zone-r3 localhost.zone
677 -
678 - newinitd "${FILESDIR}"/named.init-r13 named
679 - newconfd "${FILESDIR}"/named.confd-r7 named
680 -
681 - if use gost; then
682 - sed -i -e 's/^OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-0}$/OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-1}/' "${D}/etc/init.d/named" || die
683 - else
684 - sed -i -e 's/^OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-1}$/OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-0}/' "${D}/etc/init.d/named" || die
685 - fi
686 -
687 - newenvd "${FILESDIR}"/10bind.env 10bind
688 -
689 - # Let's get rid of those tools and their manpages since they're provided by bind-tools
690 - rm -f "${D}"/usr/share/man/man1/{dig,host,nslookup}.1*
691 - rm -f "${D}"/usr/share/man/man8/nsupdate.8*
692 - rm -f "${D}"/usr/bin/{dig,host,nslookup,nsupdate}
693 - rm -f "${D}"/usr/sbin/{dig,host,nslookup,nsupdate}
694 - for tool in dsfromkey importkey keyfromlabel keygen \
695 - revoke settime signzone verify; do
696 - rm -f "${D}"/usr/{,s}bin/dnssec-"${tool}"
697 - rm -f "${D}"/usr/share/man/man8/dnssec-"${tool}".8*
698 - done
699 -
700 - # bug 405251, library archives aren't properly handled by --enable/disable-static
701 - if ! use static-libs; then
702 - find "${D}" -type f -name '*.a' -delete || die
703 - fi
704 -
705 - # bug 405251
706 - find "${D}" -type f -name '*.la' -delete || die
707 -
708 - if use python; then
709 - install_python_tools() {
710 - dosbin bin/python/dnssec-{checkds,coverage}
711 - }
712 - python_foreach_impl install_python_tools
713 -
714 - python_replicate_script "${D}usr/sbin/dnssec-checkds"
715 - python_replicate_script "${D}usr/sbin/dnssec-coverage"
716 - fi
717 -
718 - # bug 450406
719 - dosym named.cache /var/bind/root.cache
720 -
721 - dosym /var/bind/pri /etc/bind/pri
722 - dosym /var/bind/sec /etc/bind/sec
723 - dosym /var/bind/dyn /etc/bind/dyn
724 - keepdir /var/bind/{pri,sec,dyn}
725 -
726 - dodir /var/log/named
727 -
728 - fowners root:named /{etc,var}/bind /var/log/named /var/bind/{sec,pri,dyn}
729 - fowners root:named /var/bind/named.cache /var/bind/pri/localhost.zone /etc/bind/{bind.keys,named.conf}
730 - fperms 0640 /var/bind/named.cache /var/bind/pri/localhost.zone /etc/bind/{bind.keys,named.conf}
731 - fperms 0750 /etc/bind /var/bind/pri
732 - fperms 0770 /var/log/named /var/bind/{,sec,dyn}
733 -
734 - systemd_newunit "${FILESDIR}/named.service-r1" named.service
735 - systemd_dotmpfilesd "${FILESDIR}"/named.conf
736 - exeinto /usr/libexec
737 - doexe "${FILESDIR}/generate-rndc-key.sh"
738 -}
739 -
740 -pkg_postinst() {
741 - if [ ! -f '/etc/bind/rndc.key' ]; then
742 - if use urandom; then
743 - einfo "Using /dev/urandom for generating rndc.key"
744 - /usr/sbin/rndc-confgen -r /dev/urandom -a
745 - echo
746 - else
747 - einfo "Using /dev/random for generating rndc.key"
748 - /usr/sbin/rndc-confgen -a
749 - echo
750 - fi
751 - chown root:named /etc/bind/rndc.key
752 - chmod 0640 /etc/bind/rndc.key
753 - fi
754 -
755 - einfo
756 - einfo "You can edit /etc/conf.d/named to customize named settings"
757 - einfo
758 - use mysql || use postgres || use ldap && {
759 - elog "If your named depends on MySQL/PostgreSQL or LDAP,"
760 - elog "uncomment the specified rc_named_* lines in your"
761 - elog "/etc/conf.d/named config to ensure they'll start before bind"
762 - einfo
763 - }
764 - einfo "If you'd like to run bind in a chroot AND this is a new"
765 - einfo "install OR your bind doesn't already run in a chroot:"
766 - einfo "1) Uncomment and set the CHROOT variable in /etc/conf.d/named."
767 - einfo "2) Run \`emerge --config '=${CATEGORY}/${PF}'\`"
768 - einfo
769 -
770 - CHROOT=$(source /etc/conf.d/named 2>/dev/null; echo ${CHROOT})
771 - if [[ -n ${CHROOT} ]]; then
772 - elog "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!"
773 - elog "To enable the old behaviour (without using mount) uncomment the"
774 - elog "CHROOT_NOMOUNT option in your /etc/conf.d/named config."
775 - elog "If you decide to use the new/default method, ensure to make backup"
776 - elog "first and merge your existing configs/zones to /etc/bind and"
777 - elog "/var/bind because bind will now mount the needed directories into"
778 - elog "the chroot dir."
779 - fi
780 -}
781 -
782 -pkg_config() {
783 - CHROOT=$(source /etc/conf.d/named; echo ${CHROOT})
784 - CHROOT_NOMOUNT=$(source /etc/conf.d/named; echo ${CHROOT_NOMOUNT})
785 - CHROOT_GEOIP=$(source /etc/conf.d/named; echo ${CHROOT_GEOIP})
786 -
787 - if [[ -z "${CHROOT}" ]]; then
788 - eerror "This config script is designed to automate setting up"
789 - eerror "a chrooted bind/named. To do so, please first uncomment"
790 - eerror "and set the CHROOT variable in '/etc/conf.d/named'."
791 - die "Unset CHROOT"
792 - fi
793 - if [[ -d "${CHROOT}" ]]; then
794 - ewarn "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!"
795 - ewarn "To enable the old behaviour (without using mount) uncomment the"
796 - ewarn "CHROOT_NOMOUNT option in your /etc/conf.d/named config."
797 - ewarn
798 - ewarn "${CHROOT} already exists... some things might become overridden"
799 - ewarn "press CTRL+C if you don't want to continue"
800 - sleep 10
801 - fi
802 -
803 - echo; einfo "Setting up the chroot directory..."
804 -
805 - mkdir -m 0750 -p ${CHROOT}
806 - mkdir -m 0755 -p ${CHROOT}/{dev,etc,var/log,run}
807 - mkdir -m 0750 -p ${CHROOT}/etc/bind
808 - mkdir -m 0770 -p ${CHROOT}/var/{bind,log/named} ${CHROOT}/run/named/
809 - # As of bind 9.8.0
810 - if has_version net-dns/bind[gost]; then
811 - if [ "$(get_libdir)" = "lib64" ]; then
812 - mkdir -m 0755 -p ${CHROOT}/usr/lib64/engines
813 - ln -s lib64 ${CHROOT}/usr/lib
814 - else
815 - mkdir -m 0755 -p ${CHROOT}/usr/lib/engines
816 - fi
817 - fi
818 - chown root:named ${CHROOT} ${CHROOT}/var/{bind,log/named} ${CHROOT}/run/named/ ${CHROOT}/etc/bind
819 -
820 - mknod ${CHROOT}/dev/null c 1 3
821 - chmod 0666 ${CHROOT}/dev/null
822 -
823 - mknod ${CHROOT}/dev/zero c 1 5
824 - chmod 0666 ${CHROOT}/dev/zero
825 -
826 - if use urandom; then
827 - mknod ${CHROOT}/dev/urandom c 1 9
828 - chmod 0666 ${CHROOT}/dev/urandom
829 - else
830 - mknod ${CHROOT}/dev/random c 1 8
831 - chmod 0666 ${CHROOT}/dev/random
832 - fi
833 -
834 - if [ "${CHROOT_NOMOUNT:-0}" -ne 0 ]; then
835 - cp -a /etc/bind ${CHROOT}/etc/
836 - cp -a /var/bind ${CHROOT}/var/
837 - fi
838 -
839 - if [ "${CHROOT_GEOIP:-0}" -eq 1 ]; then
840 - mkdir -m 0755 -p ${CHROOT}/usr/share/GeoIP
841 - fi
842 -
843 - elog "You may need to add the following line to your syslog-ng.conf:"
844 - elog "source jail { unix-stream(\"${CHROOT}/dev/log\"); };"
845 -}
846
847 diff --git a/net-dns/bind/bind-9.12.2_p2.ebuild b/net-dns/bind/bind-9.12.2_p2.ebuild
848 deleted file mode 100644
849 index 37870df4e0c..00000000000
850 --- a/net-dns/bind/bind-9.12.2_p2.ebuild
851 +++ /dev/null
852 @@ -1,407 +0,0 @@
853 -# Copyright 1999-2018 Gentoo Authors
854 -# Distributed under the terms of the GNU General Public License v2
855 -
856 -# Re dlz/mysql and threads, needs to be verified..
857 -# MySQL uses thread local storage in its C api. Thus MySQL
858 -# requires that each thread of an application execute a MySQL
859 -# thread initialization to setup the thread local storage.
860 -# This is impossible to do safely while staying within the DLZ
861 -# driver API. This is a limitation caused by MySQL, and not the DLZ API.
862 -# Because of this BIND MUST only run with a single thread when
863 -# using the MySQL driver.
864 -
865 -EAPI=7
866 -
867 -PYTHON_COMPAT=( python2_7 python3_{4,5,6,7} )
868 -
869 -inherit python-r1 eutils autotools toolchain-funcs flag-o-matic multilib db-use user systemd
870 -
871 -MY_PV="${PV/_p/-P}"
872 -MY_PV="${MY_PV/_rc/rc}"
873 -MY_P="${PN}-${MY_PV}"
874 -
875 -SDB_LDAP_VER="1.1.0-fc14"
876 -
877 -RRL_PV="${MY_PV}"
878 -
879 -# SDB-LDAP: http://bind9-ldap.bayour.com/
880 -
881 -DESCRIPTION="BIND - Berkeley Internet Name Domain - Name Server"
882 -HOMEPAGE="http://www.isc.org/software/bind"
883 -SRC_URI="https://www.isc.org/downloads/file/${MY_P}/?version=tar-gz -> ${P}.tar.gz
884 - doc? ( mirror://gentoo/dyndns-samples.tbz2 )"
885 -# sdb-ldap? (
886 -# http://ftp.disconnected-by-peer.at/pub/bind-sdb-ldap-${SDB_LDAP_VER}.patch.bz2
887 -# )"
888 -
889 -LICENSE="Apache-2.0 BSD BSD-2 GPL-2 HPND ISC MPL-2.0"
890 -SLOT="0"
891 -KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
892 -# -berkdb by default re bug 602682
893 -IUSE="-berkdb +caps dlz dnstap doc dnsrps fixed-rrset geoip gost gssapi idn ipv6
894 -json ldap libidn2 libressl lmdb mysql odbc postgres python rpz seccomp selinux ssl static-libs
895 -+threads urandom xml +zlib"
896 -# sdb-ldap - patch broken
897 -# no PKCS11 currently as it requires OpenSSL to be patched, also see bug 409687
898 -
899 -REQUIRED_USE="idn? ( !libidn2 )
900 - libidn2? ( !idn )
901 - postgres? ( dlz )
902 - berkdb? ( dlz )
903 - mysql? ( dlz !threads )
904 - odbc? ( dlz )
905 - ldap? ( dlz )
906 - gost? ( !libressl ssl )
907 - threads? ( caps )
908 - dnstap? ( threads )
909 - python? ( ${PYTHON_REQUIRED_USE} )"
910 -# sdb-ldap? ( dlz )
911 -
912 -DEPEND="
913 - ssl? (
914 - !libressl? ( dev-libs/openssl:0[-bindist] )
915 - libressl? ( dev-libs/libressl )
916 - )
917 - mysql? ( >=virtual/mysql-4.0 )
918 - odbc? ( >=dev-db/unixODBC-2.2.6 )
919 - ldap? ( net-nds/openldap )
920 - idn? ( <net-dns/idnkit-2:= )
921 - libidn2? ( net-dns/libidn2 )
922 - postgres? ( dev-db/postgresql:= )
923 - caps? ( >=sys-libs/libcap-2.1.0 )
924 - xml? ( dev-libs/libxml2 )
925 - geoip? ( >=dev-libs/geoip-1.4.6 )
926 - gssapi? ( virtual/krb5 )
927 - gost? ( >=dev-libs/openssl-1.0.0:0[-bindist] )
928 - seccomp? ( sys-libs/libseccomp )
929 - json? ( dev-libs/json-c:= )
930 - lmdb? ( dev-db/lmdb )
931 - zlib? ( sys-libs/zlib )
932 - dnstap? ( dev-libs/fstrm dev-libs/protobuf-c )
933 - python? (
934 - ${PYTHON_DEPS}
935 - dev-python/ply[${PYTHON_USEDEP}]
936 - )"
937 -# sdb-ldap? ( net-nds/openldap )
938 -
939 -RDEPEND="${DEPEND}
940 - selinux? ( sec-policy/selinux-bind )
941 - || ( sys-process/psmisc >=sys-freebsd/freebsd-ubin-9.0_rc sys-process/fuser-bsd )"
942 -
943 -S="${WORKDIR}/${MY_P}"
944 -
945 -# bug 479092, requires networking
946 -RESTRICT="test"
947 -
948 -pkg_setup() {
949 - ebegin "Creating named group and user"
950 - enewgroup named 40
951 - enewuser named 40 -1 /etc/bind named
952 - eend ${?}
953 -}
954 -
955 -src_prepare() {
956 - default
957 -
958 - # Adjusting PATHs in manpages
959 - for i in bin/{named/named.8,check/named-checkconf.8,rndc/rndc.8} ; do
960 - sed -i \
961 - -e 's:/etc/named.conf:/etc/bind/named.conf:g' \
962 - -e 's:/etc/rndc.conf:/etc/bind/rndc.conf:g' \
963 - -e 's:/etc/rndc.key:/etc/bind/rndc.key:g' \
964 - "${i}" || die "sed failed, ${i} doesn't exist"
965 - done
966 -
967 -# if use dlz; then
968 -# # sdb-ldap patch as per bug #160567
969 -# # Upstream URL: http://bind9-ldap.bayour.com/
970 -# # New patch take from bug 302735
971 -# if use sdb-ldap; then
972 -# epatch "${WORKDIR}"/${PN}-sdb-ldap-${SDB_LDAP_VER}.patch
973 -# cp -fp contrib/sdb/ldap/ldapdb.[ch] bin/named/
974 -# cp -fp contrib/sdb/ldap/{ldap2zone.1,ldap2zone.c} bin/tools/
975 -# cp -fp contrib/sdb/ldap/{zone2ldap.1,zone2ldap.c} bin/tools/
976 -# fi
977 -# fi
978 -
979 - # should be installed by bind-tools
980 - sed -i -r -e "s:(nsupdate|dig|delv) ::g" bin/Makefile.in || die
981 -
982 - # Disable tests for now, bug 406399
983 - sed -i '/^SUBDIRS/s:tests::' bin/Makefile.in lib/Makefile.in || die
984 -
985 - # bug #220361
986 - rm aclocal.m4
987 - rm -rf libtool.m4/
988 - eautoreconf
989 -}
990 -
991 -src_configure() {
992 - local myeconfargs=(
993 - --sysconfdir=/etc/bind
994 - --localstatedir=/var
995 - --with-libtool
996 - --enable-full-report
997 - --without-readline
998 - $(use_enable caps linux-caps)
999 - $(use_enable dnsrps)
1000 - $(use_enable fixed-rrset)
1001 - $(use_enable ipv6)
1002 - $(use_enable rpz rpz-nsdname)
1003 - $(use_enable rpz rpz-nsip)
1004 - $(use_enable seccomp)
1005 - # $(use_enable static-libs static)
1006 - $(use_enable threads)
1007 - $(use_with berkdb dlz-bdb)
1008 - $(use_with dlz dlopen)
1009 - $(use_with dlz dlz-filesystem)
1010 - $(use_with dlz dlz-stub)
1011 - $(use_with gost)
1012 - $(use_with gssapi)
1013 - $(use_with idn idnkit)
1014 - $(use_with libidn2)
1015 - $(use_with json libjson)
1016 - $(use_with ldap dlz-ldap)
1017 - $(use_with mysql dlz-mysql)
1018 - $(use_with odbc dlz-odbc)
1019 - $(use_with postgres dlz-postgres)
1020 - $(use_with lmdb)
1021 - $(use_with python)
1022 - $(use_with ssl ecdsa)
1023 - $(use_with ssl openssl "${EPREFIX}"/usr)
1024 - $(use_with xml libxml2)
1025 - $(use_with zlib)
1026 - )
1027 -
1028 - if use urandom; then
1029 - myeconfargs+=( --with-randomdev=/dev/urandom )
1030 - else
1031 - myeconfargs+=( --with-randomdev=/dev/random )
1032 - fi
1033 -
1034 - use geoip && myeconfargs+=( --with-geoip )
1035 -
1036 - # bug #158664
1037 -# gcc-specs-ssp && replace-flags -O[23s] -O
1038 -
1039 - # To include db.h from proper path
1040 - use berkdb && append-flags "-I$(db_includedir)"
1041 -
1042 - export BUILD_CC=$(tc-getBUILD_CC)
1043 - econf "${myeconfargs[@]}"
1044 -
1045 - # bug #151839
1046 - echo '#undef SO_BSDCOMPAT' >> config.h
1047 -}
1048 -
1049 -src_install() {
1050 - emake DESTDIR="${D}" install
1051 -
1052 - dodoc CHANGES README
1053 -
1054 - if use idn; then
1055 - dodoc contrib/idn/README.idnkit
1056 - fi
1057 -
1058 - if use doc; then
1059 - dodoc doc/arm/Bv9ARM.pdf
1060 -
1061 - docinto misc
1062 - dodoc doc/misc/*
1063 -
1064 - # might a 'html' useflag make sense?
1065 - docinto html
1066 - dodoc -r doc/arm/*
1067 -
1068 - docinto contrib
1069 - dodoc contrib/scripts/{nanny.pl,named-bootconf.sh}
1070 -
1071 - # some handy-dandy dynamic dns examples
1072 - pushd "${ED%/}"/usr/share/doc/${PF} 1>/dev/null || die
1073 - tar xf "${DISTDIR}"/dyndns-samples.tbz2 || die
1074 - popd 1>/dev/null || die
1075 - fi
1076 -
1077 - insinto /etc/bind
1078 - newins "${FILESDIR}"/named.conf-r8 named.conf
1079 -
1080 - # ftp://ftp.rs.internic.net/domain/named.cache:
1081 - insinto /var/bind
1082 - newins "${FILESDIR}"/named.cache-r3 named.cache
1083 -
1084 - insinto /var/bind/pri
1085 - newins "${FILESDIR}"/localhost.zone-r3 localhost.zone
1086 -
1087 - newinitd "${FILESDIR}"/named.init-r13 named
1088 - newconfd "${FILESDIR}"/named.confd-r7 named
1089 -
1090 - if use gost; then
1091 - sed -e 's/^OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-0}$/OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-1}/' \
1092 - -i "${ED%/}/etc/init.d/named" || die
1093 - else
1094 - sed -e 's/^OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-1}$/OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-0}/' \
1095 - -i "${ED%/}/etc/init.d/named" || die
1096 - fi
1097 -
1098 - newenvd "${FILESDIR}"/10bind.env 10bind
1099 -
1100 - # Let's get rid of those tools and their manpages since they're provided by bind-tools
1101 - rm -f "${ED%/}"/usr/share/man/man1/{dig,host,nslookup}.1*
1102 - rm -f "${ED%/}"/usr/share/man/man8/nsupdate.8*
1103 - rm -f "${ED%/}"/usr/bin/{dig,host,nslookup,nsupdate}
1104 - rm -f "${ED%/}"/usr/sbin/{dig,host,nslookup,nsupdate}
1105 - for tool in dsfromkey importkey keyfromlabel keygen \
1106 - revoke settime signzone verify; do
1107 - rm -f "${ED%/}"/usr/{,s}bin/dnssec-"${tool}"
1108 - rm -f "${ED%/}"/usr/share/man/man8/dnssec-"${tool}".8*
1109 - done
1110 -
1111 - # bug 405251, library archives aren't properly handled by --enable/disable-static
1112 - if ! use static-libs; then
1113 - find "${ED}" -type f -name '*.a' -delete || die
1114 - fi
1115 -
1116 - # bug 405251
1117 - find "${ED}" -type f -name '*.la' -delete || die
1118 -
1119 - if use python; then
1120 - install_python_tools() {
1121 - dosbin bin/python/dnssec-{checkds,coverage}
1122 - }
1123 - python_foreach_impl install_python_tools
1124 -
1125 - python_replicate_script "${ED%/}/usr/sbin/dnssec-checkds"
1126 - python_replicate_script "${ED%/}/usr/sbin/dnssec-coverage"
1127 - fi
1128 -
1129 - # bug 450406
1130 - dosym named.cache /var/bind/root.cache
1131 -
1132 - dosym /var/bind/pri /etc/bind/pri
1133 - dosym /var/bind/sec /etc/bind/sec
1134 - dosym /var/bind/dyn /etc/bind/dyn
1135 - keepdir /var/bind/{pri,sec,dyn}
1136 -
1137 - dodir /var/log/named
1138 -
1139 - fowners root:named /{etc,var}/bind /var/log/named /var/bind/{sec,pri,dyn}
1140 - fowners root:named /var/bind/named.cache /var/bind/pri/localhost.zone /etc/bind/{bind.keys,named.conf}
1141 - fperms 0640 /var/bind/named.cache /var/bind/pri/localhost.zone /etc/bind/{bind.keys,named.conf}
1142 - fperms 0750 /etc/bind /var/bind/pri
1143 - fperms 0770 /var/log/named /var/bind/{,sec,dyn}
1144 -
1145 - systemd_newunit "${FILESDIR}/named.service-r1" named.service
1146 - systemd_dotmpfilesd "${FILESDIR}"/named.conf
1147 - exeinto /usr/libexec
1148 - doexe "${FILESDIR}/generate-rndc-key.sh"
1149 -}
1150 -
1151 -pkg_postinst() {
1152 - if [ ! -f '/etc/bind/rndc.key' ]; then
1153 - if use urandom; then
1154 - einfo "Using /dev/urandom for generating rndc.key"
1155 - /usr/sbin/rndc-confgen -r /dev/urandom -a
1156 - echo
1157 - else
1158 - einfo "Using /dev/random for generating rndc.key"
1159 - /usr/sbin/rndc-confgen -a
1160 - echo
1161 - fi
1162 - chown root:named /etc/bind/rndc.key || die
1163 - chmod 0640 /etc/bind/rndc.key || die
1164 - fi
1165 -
1166 - einfo
1167 - einfo "You can edit /etc/conf.d/named to customize named settings"
1168 - einfo
1169 - use mysql || use postgres || use ldap && {
1170 - elog "If your named depends on MySQL/PostgreSQL or LDAP,"
1171 - elog "uncomment the specified rc_named_* lines in your"
1172 - elog "/etc/conf.d/named config to ensure they'll start before bind"
1173 - einfo
1174 - }
1175 - einfo "If you'd like to run bind in a chroot AND this is a new"
1176 - einfo "install OR your bind doesn't already run in a chroot:"
1177 - einfo "1) Uncomment and set the CHROOT variable in /etc/conf.d/named."
1178 - einfo "2) Run \`emerge --config '=${CATEGORY}/${PF}'\`"
1179 - einfo
1180 -
1181 - CHROOT=$(source /etc/conf.d/named 2>/dev/null; echo ${CHROOT})
1182 - if [[ -n ${CHROOT} ]]; then
1183 - elog "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!"
1184 - elog "To enable the old behaviour (without using mount) uncomment the"
1185 - elog "CHROOT_NOMOUNT option in your /etc/conf.d/named config."
1186 - elog "If you decide to use the new/default method, ensure to make backup"
1187 - elog "first and merge your existing configs/zones to /etc/bind and"
1188 - elog "/var/bind because bind will now mount the needed directories into"
1189 - elog "the chroot dir."
1190 - fi
1191 -}
1192 -
1193 -pkg_config() {
1194 - CHROOT=$(source /etc/conf.d/named; echo ${CHROOT})
1195 - CHROOT_NOMOUNT=$(source /etc/conf.d/named; echo ${CHROOT_NOMOUNT})
1196 - CHROOT_GEOIP=$(source /etc/conf.d/named; echo ${CHROOT_GEOIP})
1197 -
1198 - if [[ -z "${CHROOT}" ]]; then
1199 - eerror "This config script is designed to automate setting up"
1200 - eerror "a chrooted bind/named. To do so, please first uncomment"
1201 - eerror "and set the CHROOT variable in '/etc/conf.d/named'."
1202 - die "Unset CHROOT"
1203 - fi
1204 - if [[ -d "${CHROOT}" ]]; then
1205 - ewarn "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!"
1206 - ewarn "To enable the old behaviour (without using mount) uncomment the"
1207 - ewarn "CHROOT_NOMOUNT option in your /etc/conf.d/named config."
1208 - ewarn
1209 - ewarn "${CHROOT} already exists... some things might become overridden"
1210 - ewarn "press CTRL+C if you don't want to continue"
1211 - sleep 10
1212 - fi
1213 -
1214 - echo; einfo "Setting up the chroot directory..."
1215 -
1216 - mkdir -m 0750 -p ${CHROOT} || die
1217 - mkdir -m 0755 -p ${CHROOT}/{dev,etc,var/log,run} || die
1218 - mkdir -m 0750 -p ${CHROOT}/etc/bind || die
1219 - mkdir -m 0770 -p ${CHROOT}/var/{bind,log/named} ${CHROOT}/run/named/ || die
1220 - # As of bind 9.8.0
1221 - if has_version net-dns/bind[gost]; then
1222 - mkdir -m 0755 -p ${CHROOT}/usr/$(get_libdir)/engines || die
1223 - if [ "$(get_libdir)" = "lib64" ]; then
1224 - ln -s lib64 ${CHROOT}/usr/lib || die
1225 - fi
1226 - fi
1227 - chown root:named \
1228 - ${CHROOT} \
1229 - ${CHROOT}/var/{bind,log/named} \
1230 - ${CHROOT}/run/named/ \
1231 - ${CHROOT}/etc/bind \
1232 - || die
1233 -
1234 - mknod ${CHROOT}/dev/null c 1 3 || die
1235 - chmod 0666 ${CHROOT}/dev/null || die
1236 -
1237 - mknod ${CHROOT}/dev/zero c 1 5 || die
1238 - chmod 0666 ${CHROOT}/dev/zero || die
1239 -
1240 - if use urandom; then
1241 - mknod ${CHROOT}/dev/urandom c 1 9 || die
1242 - chmod 0666 ${CHROOT}/dev/urandom || die
1243 - else
1244 - mknod ${CHROOT}/dev/random c 1 8 || die
1245 - chmod 0666 ${CHROOT}/dev/random || die
1246 - fi
1247 -
1248 - if [ "${CHROOT_NOMOUNT:-0}" -ne 0 ]; then
1249 - cp -a /etc/bind ${CHROOT}/etc/ || die
1250 - cp -a /var/bind ${CHROOT}/var/ || die
1251 - fi
1252 -
1253 - if [ "${CHROOT_GEOIP:-0}" -eq 1 ]; then
1254 - mkdir -m 0755 -p ${CHROOT}/usr/share/GeoIP || die
1255 - fi
1256 -
1257 - elog "You may need to add the following line to your syslog-ng.conf:"
1258 - elog "source jail { unix-stream(\"${CHROOT}/dev/log\"); };"
1259 -}
Report Message
Find on MARC Find on Google Groups