[gentoo-commits] repo/gentoo:master commit in: net-dns/bind/ - gentoo-commits

From:	Sam James <sam@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: net-dns/bind/
Date:	Fri, 23 Sep 2022 05:41:22
Message-Id:	`1663911636.9aa557c48ed05bf648c2b6bf2d3699527eff4f34.sam@gentoo`

1

commit:     9aa557c48ed05bf648c2b6bf2d3699527eff4f34

2

Author:     Sam James <sam <AT> gentoo <DOT> org>

3

AuthorDate: Fri Sep 23 05:40:36 2022 +0000

4

Commit:     Sam James <sam <AT> gentoo <DOT> org>

5

CommitDate: Fri Sep 23 05:40:36 2022 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9aa557c4

7

8

net-dns/bind: add 9.16.33

9

10

Bug: https://bugs.gentoo.org/872206

11

Signed-off-by: Sam James <sam <AT> gentoo.org>

12

13

 net-dns/bind/Manifest            |   1 +

14

 net-dns/bind/bind-9.16.33.ebuild | 382 +++++++++++++++++++++++++++++++++++++++

15

 2 files changed, 383 insertions(+)

16

17

diff --git a/net-dns/bind/Manifest b/net-dns/bind/Manifest

18

index dd3dac899b24..e59b6e5dfe71 100644

19

--- a/net-dns/bind/Manifest

20

+++ b/net-dns/bind/Manifest

21

@@ -3,4 +3,5 @@ DIST bind-9.16.29.tar.xz 5088348 BLAKE2B 17ee1443926327c30f1d5820110b01a193c53eb

22

 DIST bind-9.16.30.tar.xz 5086288 BLAKE2B 35fe14b58a018df25563e58a9632b4431f740bc7a708eb823117541548d23b1855e43058cf7323361ca904d5e59d687e282abb73dc8b617e4eb25ef113168e93 SHA512 cc9bcbedf63c2efe0a23f14db3e57fdae46f0509aac58e5840a6805ce4fbd76cad5bfde4d461442adb88c4d947f8d79bf979aeb24aeb9303b6adc8d169b7118c

23

 DIST bind-9.16.31.tar.xz 5087424 BLAKE2B 75c9038c00fe289161a15a8e4fdadaef5a6a7f3ca03068ec24e82aa9f30ac82d0ded9cf73df83219058cd81b198ea8f561211a323e31b41407294f6932dc61d3 SHA512 8577b4d021a5a763b8669d59ef6c3499238e87657ca94ccfc530cb9a7a215ee3682002aa6141f5731154cbc43e0e6094372961468811a68bbd2a37e20e287c7e

24

 DIST bind-9.16.32.tar.xz 5091860 BLAKE2B df6f2c878138015da580dfaf0e16b5a97b11ead9f99c1425a09da8484954196ea3dafb828ac3ab386200ce2b180646c7eb1e0e62a84c153162270a4a1e19a5fc SHA512 99abedf055901b43e1a85c448ee4c2dd731b7ab77de1454b73c8f9df816aa32262e70e23a8112959d94be990fd4f1c48c36611657ba745670141a7447fd53316

25

+DIST bind-9.16.33.tar.xz 5092516 BLAKE2B 4246b61ce91af3d494ace4b8065b4c0043b2cfaf28c6de326691a969837e7d1cfbc0dac6b1e1a5182fc32af68048abcfa1202d00022951f3caa13afb03ebeb69 SHA512 43fd2cea52dfd1115a4cca83830ab5b93208be401cdbbdff2bbf204b8f0d99fb434ad3156d3a21649488cc904ae09f145feba97b9b6918b0cf063ff5e2b10af5

26

 DIST dyndns-samples.tbz2 22866 BLAKE2B 409890653c6536cb9c0e3ba809d2bfde0e0ae73a2a101b4f229b46c01568466bc022bbbc37712171adbd08c572733e93630feab95a0fcd1ac50a7d37da1d1108 SHA512 83b0bf99f8e9ff709e8e9336d8c5231b98a4b5f0c60c10792f34931e32cc638d261967dfa5a83151ec3740977d94ddd6e21e9ce91267b3e279b88affdbc18cac

27

28

diff --git a/net-dns/bind/bind-9.16.33.ebuild b/net-dns/bind/bind-9.16.33.ebuild

29

new file mode 100644

30

index 000000000000..010d5b56b5d2

31

--- /dev/null

32

+++ b/net-dns/bind/bind-9.16.33.ebuild

33

@@ -0,0 +1,382 @@

34

+# Copyright 1999-2022 Gentoo Authors

35

+# Distributed under the terms of the GNU General Public License v2

36

+

37

+# Re dlz/mysql and threads, needs to be verified..

38

+# MySQL uses thread local storage in its C api. Thus MySQL

39

+# requires that each thread of an application execute a MySQL

40

+# thread initialization to setup the thread local storage.

41

+# This is impossible to do safely while staying within the DLZ

42

+# driver API. This is a limitation caused by MySQL, and not the DLZ API.

43

+# Because of this BIND MUST only run with a single thread when

44

+# using the MySQL driver.

45

+

46

+EAPI=8

47

+

48

+PYTHON_COMPAT=( python3_{8..10} )

49

+

50

+inherit python-r1 autotools multiprocessing toolchain-funcs flag-o-matic db-use systemd tmpfiles

51

+

52

+MY_PV="${PV/_p/-P}"

53

+MY_PV="${MY_PV/_rc/rc}"

54

+MY_P="${PN}-${MY_PV}"

55

+

56

+SDB_LDAP_VER="1.1.0-fc14"

57

+

58

+RRL_PV="${MY_PV}"

59

+

60

+# SDB-LDAP: http://bind9-ldap.bayour.com/

61

+

62

+DESCRIPTION="Berkeley Internet Name Domain - Name Server"

63

+HOMEPAGE="https://www.isc.org/software/bind https://gitlab.isc.org/isc-projects/bind9"

64

+SRC_URI="https://downloads.isc.org/isc/bind9/${PV}/${P}.tar.xz

65

+	doc? ( mirror://gentoo/dyndns-samples.tbz2 )"

66

+

67

+LICENSE="Apache-2.0 BSD BSD-2 GPL-2 HPND ISC MPL-2.0"

68

+SLOT="0"

69

+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux"

70

+# -berkdb by default re bug #602682

71

+IUSE="berkdb +caps +dlz dnstap doc dnsrps fixed-rrset geoip geoip2 gssapi

72

+json ldap lmdb mysql odbc postgres python selinux static-libs test xml +zlib"

73

+# sdb-ldap - patch broken

74

+# no PKCS11 currently as it requires OpenSSL to be patched, also see bug 409687

75

+RESTRICT="!test? ( test )"

76

+

77

+# Upstream dropped the old geoip library, but the BIND configuration for using

78

+# GeoIP remained the same.

79

+REQUIRED_USE="

80

+	postgres? ( dlz )

81

+	berkdb? ( dlz )

82

+	mysql? ( dlz )

83

+	odbc? ( dlz )

84

+	ldap? ( dlz )

85

+	dnsrps? ( dlz )

86

+	python? ( ${PYTHON_REQUIRED_USE} )

87

+"

88

+

89

+DEPEND="

90

+	acct-group/named

91

+	acct-user/named

92

+	berkdb? ( sys-libs/db:= )

93

+	dev-libs/openssl:=[-bindist(-)]

94

+	mysql? ( dev-db/mysql-connector-c:0= )

95

+	odbc? ( >=dev-db/unixODBC-2.2.6 )

96

+	ldap? ( net-nds/openldap:= )

97

+	postgres? ( dev-db/postgresql:= )

98

+	caps? ( >=sys-libs/libcap-2.1.0 )

99

+	xml? ( dev-libs/libxml2 )

100

+	geoip? ( dev-libs/libmaxminddb:= )

101

+	geoip2? ( dev-libs/libmaxminddb:= )

102

+	gssapi? ( virtual/krb5 )

103

+	json? ( dev-libs/json-c:= )

104

+	lmdb? ( dev-db/lmdb:= )

105

+	zlib? ( sys-libs/zlib )

106

+	dnstap? ( dev-libs/fstrm dev-libs/protobuf-c:= )

107

+	python? (

108

+		${PYTHON_DEPS}

109

+		dev-python/ply[${PYTHON_USEDEP}]

110

+	)

111

+	dev-libs/libuv:=

112

+"

113

+

114

+RDEPEND="${DEPEND}

115

+	selinux? ( sec-policy/selinux-bind )

116

+	sys-process/psmisc"

117

+

118

+BDEPEND="

119

+	test? (

120

+		dev-util/cmocka

121

+		dev-util/kyua

122

+	)

123

+"

124

+

125

+S="${WORKDIR}/${MY_P}"

126

+

127

+PATCHES=(

128

+	"${FILESDIR}/ldap-library-path-on-multilib-machines.patch"

129

+)

130

+

131

+src_prepare() {

132

+	default

133

+

134

+	# Should be installed by bind-tools

135

+	sed -i -r -e "s:(nsupdate|dig|delv) ::g" bin/Makefile.in || die

136

+

137

+	# bug #220361

138

+	rm aclocal.m4 || die

139

+	rm -rf libtool.m4/ || die

140

+	eautoreconf

141

+

142

+	use python && python_copy_sources

143

+}

144

+

145

+src_configure() {

146

+	bind_configure --without-python

147

+	use python && python_foreach_impl python_configure

148

+}

149

+

150

+bind_configure() {

151

+	local myeconfargs=(

152

+		AR="$(type -P $(tc-getAR))"

153

+		--prefix="${EPREFIX}"/usr

154

+		--sysconfdir=/etc/bind

155

+		--localstatedir=/var

156

+		--with-libtool

157

+		--enable-full-report

158

+		--without-readline

159

+		--with-openssl="${ESYSROOT}"/usr

160

+		$(use_with test cmocka)

161

+		# Removed in 9.17, drags in libunwind dependency too

162

+		--disable-backtrace

163

+		$(use_enable caps linux-caps)

164

+		$(use_enable dnsrps)

165

+		$(use_enable dnstap)

166

+		$(use_enable fixed-rrset)

167

+		$(use_with berkdb dlz-bdb "${ESYSROOT}"/usr)

168

+		$(use_with dlz dlopen)

169

+		$(use_with dlz dlz-filesystem)

170

+		$(use_with dlz dlz-stub)

171

+		$(use_with gssapi)

172

+		$(use_with json json-c)

173

+		$(use_with ldap dlz-ldap)

174

+		$(use_with mysql dlz-mysql)

175

+		$(use_with odbc dlz-odbc)

176

+		$(use_with postgres dlz-postgres)

177

+		$(use_with lmdb)

178

+		$(use_with xml libxml2)

179

+		$(use_with zlib)

180

+		"${@}"

181

+	)

182

+

183

+	# This is for users to start to migrate back to USE=geoip, rather than

184

+	# USE=geoip2

185

+	if use geoip ; then

186

+		myeconfargs+=( $(use_with geoip maxminddb) --enable-geoip )

187

+	elif use geoip2 ; then

188

+		# Added 2020/09/30

189

+		# Remove USE=geoip2 support after 2020/03/01

190

+		ewarn "USE=geoip2 is deprecated; update your USE flags!"

191

+		myeconfargs+=( $(use_with geoip2 maxminddb) --enable-geoip )

192

+	else

193

+		myeconfargs+=( --without-maxminddb --disable-geoip )

194

+	fi

195

+

196

+	# bug #158664

197

+	#gcc-specs-ssp && replace-flags -O[23s] -O

198

+

199

+	# To include db.h from proper path

200

+	use berkdb && append-flags "-I$(db_includedir)"

201

+

202

+	export BUILD_CC=$(tc-getBUILD_CC)

203

+	econf "${myeconfargs[@]}"

204

+

205

+	# bug #151839

206

+	echo '#undef SO_BSDCOMPAT' >> config.h || die

207

+}

208

+

209

+python_configure() {

210

+	pushd "${BUILD_DIR}" >/dev/null || die

211

+	bind_configure --with-python

212

+	popd >/dev/null || die

213

+}

214

+

215

+src_compile() {

216

+	default

217

+	use python && python_foreach_impl python_compile

218

+}

219

+

220

+python_compile() {

221

+	pushd "${BUILD_DIR}"/bin/python >/dev/null || die

222

+	emake

223

+	popd >/dev/null || die

224

+}

225

+

226

+src_test() {

227

+	# system tests ('emake test') require network configuration for IPs etc

228

+	# so we run the unit tests instead.

229

+	TEST_PARALLEL_JOBS="$(makeopts_jobs)" emake unit

230

+}

231

+

232

+src_install() {

233

+	default

234

+

235

+	dodoc CHANGES README

236

+

237

+	if use doc; then

238

+		docinto misc

239

+		dodoc -r doc/misc/

240

+

241

+		# might a 'html' useflag make sense?

242

+		docinto html

243

+		dodoc -r doc/arm/

244

+

245

+		docinto contrib

246

+		dodoc contrib/scripts/{nanny.pl,named-bootconf.sh}

247

+

248

+		# some handy-dandy dynamic dns examples

249

+		pushd "${ED}"/usr/share/doc/${PF} 1>/dev/null || die

250

+		tar xf "${DISTDIR}"/dyndns-samples.tbz2 || die

251

+		popd 1>/dev/null || die

252

+	fi

253

+

254

+	insinto /etc/bind

255

+	newins "${FILESDIR}"/named.conf-r8 named.conf

256

+

257

+	# ftp://ftp.rs.internic.net/domain/named.cache:

258

+	insinto /var/bind

259

+	newins "${FILESDIR}"/named.cache-r3 named.cache

260

+

261

+	insinto /var/bind/pri

262

+	newins "${FILESDIR}"/localhost.zone-r3 localhost.zone

263

+

264

+	newinitd "${FILESDIR}"/named.init-r14 named

265

+	newconfd "${FILESDIR}"/named.confd-r7 named

266

+

267

+	newenvd "${FILESDIR}"/10bind.env 10bind

268

+

269

+	# Let's get rid of those tools and their manpages since they're provided by bind-tools

270

+	rm -f "${ED}"/usr/share/man/man1/{dig,host,nslookup,delv,nsupdate}.1* || die

271

+	rm -f "${ED}"/usr/share/man/man8/nsupdate.8* || die

272

+	rm -f "${ED}"/usr/bin/{dig,host,nslookup,nsupdate} || die

273

+	rm -f "${ED}"/usr/sbin/{dig,host,nslookup,nsupdate} || die

274

+	for tool in dsfromkey importkey keyfromlabel keygen \

275

+	revoke settime signzone verify; do

276

+		rm -f "${ED}"/usr/{,s}bin/dnssec-"${tool}" || die

277

+		rm -f "${ED}"/usr/share/man/man8/dnssec-"${tool}".8* || die

278

+	done

279

+

280

+	# bug 405251, library archives aren't properly handled by --enable/disable-static

281

+	if ! use static-libs; then

282

+		find "${ED}" -type f -name '*.a' -delete || die

283

+	fi

284

+

285

+	# bug 405251

286

+	find "${ED}" -type f -name '*.la' -delete || die

287

+

288

+	use python && python_foreach_impl python_install

289

+

290

+	# bug 450406

291

+	dosym named.cache /var/bind/root.cache

292

+

293

+	dosym ../../var/bind/pri /etc/bind/pri

294

+	dosym ../../var/bind/sec /etc/bind/sec

295

+	dosym ../../var/bind/dyn /etc/bind/dyn

296

+	keepdir /var/bind/{pri,sec,dyn} /var/log/named

297

+

298

+	fowners root:named /{etc,var}/bind /var/log/named /var/bind/{sec,pri,dyn}

299

+	fowners root:named /var/bind/named.cache /var/bind/pri/localhost.zone /etc/bind/{bind.keys,named.conf}

300

+	fperms 0640 /var/bind/named.cache /var/bind/pri/localhost.zone /etc/bind/{bind.keys,named.conf}

301

+	fperms 0750 /etc/bind /var/bind/pri

302

+	fperms 0770 /var/log/named /var/bind/{,sec,dyn}

303

+

304

+	systemd_newunit "${FILESDIR}/named.service-r1" named.service

305

+	dotmpfiles "${FILESDIR}"/named.conf

306

+	exeinto /usr/libexec

307

+	doexe "${FILESDIR}/generate-rndc-key.sh"

308

+}

309

+

310

+python_install() {

311

+	pushd "${BUILD_DIR}"/bin/python >/dev/null || die

312

+	emake DESTDIR="${D}" install

313

+	python_scriptinto /usr/sbin

314

+	python_doscript dnssec-{checkds,coverage}

315

+	python_optimize

316

+	popd >/dev/null || die

317

+}

318

+

319

+pkg_postinst() {

320

+	tmpfiles_process named.conf

321

+

322

+	if [[ ! -f '/etc/bind/rndc.key' && ! -f '/etc/bind/rndc.conf' ]]; then

323

+		einfo "Using /dev/urandom for generating rndc.key"

324

+		/usr/sbin/rndc-confgen -a

325

+		chown root:named /etc/bind/rndc.key || die

326

+		chmod 0640 /etc/bind/rndc.key || die

327

+	fi

328

+

329

+	einfo

330

+	einfo "You can edit /etc/conf.d/named to customize named settings"

331

+	einfo

332

+	use mysql || use postgres || use ldap && {

333

+		elog "If your named depends on MySQL/PostgreSQL or LDAP,"

334

+		elog "uncomment the specified rc_named_* lines in your"

335

+		elog "/etc/conf.d/named config to ensure they'll start before bind"

336

+		einfo

337

+	}

338

+	einfo "If you'd like to run bind in a chroot AND this is a new"

339

+	einfo "install OR your bind doesn't already run in a chroot:"

340

+	einfo "1) Uncomment and set the CHROOT variable in /etc/conf.d/named."

341

+	einfo "2) Run \`emerge --config '=${CATEGORY}/${PF}'\`"

342

+	einfo

343

+

344

+	CHROOT=$(source /etc/conf.d/named 2>/dev/null; echo ${CHROOT})

345

+	if [[ -n ${CHROOT} ]]; then

346

+		elog "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!"

347

+		elog "To enable the old behaviour (without using mount) uncomment the"

348

+		elog "CHROOT_NOMOUNT option in your /etc/conf.d/named config."

349

+		elog "If you decide to use the new/default method, ensure to make backup"

350

+		elog "first and merge your existing configs/zones to /etc/bind and"

351

+		elog "/var/bind because bind will now mount the needed directories into"

352

+		elog "the chroot dir."

353

+	fi

354

+}

355

+

356

+pkg_config() {

357

+	CHROOT=$(source /etc/conf.d/named; echo ${CHROOT})

358

+	CHROOT_NOMOUNT=$(source /etc/conf.d/named; echo ${CHROOT_NOMOUNT})

359

+	CHROOT_GEOIP=$(source /etc/conf.d/named; echo ${CHROOT_GEOIP})

360

+

361

+	if [[ -z "${CHROOT}" ]]; then

362

+		eerror "This config script is designed to automate setting up"

363

+		eerror "a chrooted bind/named. To do so, please first uncomment"

364

+		eerror "and set the CHROOT variable in '/etc/conf.d/named'."

365

+		die "Unset CHROOT"

366

+	fi

367

+	if [[ -d "${CHROOT}" ]]; then

368

+		ewarn "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!"

369

+		ewarn "To enable the old behaviour (without using mount) uncomment the"

370

+		ewarn "CHROOT_NOMOUNT option in your /etc/conf.d/named config."

371

+		ewarn

372

+		ewarn "${CHROOT} already exists... some things might become overridden"

373

+		ewarn "press CTRL+C if you don't want to continue"

374

+		sleep 10

375

+	fi

376

+

377

+	echo; einfo "Setting up the chroot directory..."

378

+

379

+	mkdir -m 0750 -p ${CHROOT} || die

380

+	mkdir -m 0755 -p ${CHROOT}/{dev,etc,var/log,run} || die

381

+	mkdir -m 0750 -p ${CHROOT}/etc/bind || die

382

+	mkdir -m 0770 -p ${CHROOT}/var/{bind,log/named} ${CHROOT}/run/named/ || die

383

+

384

+	chown root:named \

385

+		${CHROOT} \

386

+		${CHROOT}/var/{bind,log/named} \

387

+		${CHROOT}/run/named/ \

388

+		${CHROOT}/etc/bind \

389

+		|| die

390

+

391

+	mknod ${CHROOT}/dev/null c 1 3 || die

392

+	chmod 0666 ${CHROOT}/dev/null || die

393

+

394

+	mknod ${CHROOT}/dev/zero c 1 5 || die

395

+	chmod 0666 ${CHROOT}/dev/zero || die

396

+

397

+	mknod ${CHROOT}/dev/urandom c 1 9 || die

398

+	chmod 0666 ${CHROOT}/dev/urandom || die

399

+

400

+	if [ "${CHROOT_NOMOUNT:-0}" -ne 0 ]; then

401

+		cp -a /etc/bind ${CHROOT}/etc/ || die

402

+		cp -a /var/bind ${CHROOT}/var/ || die

403

+	fi

404

+

405

+	if [ "${CHROOT_GEOIP:-0}" -eq 1 ]; then

406

+		if use geoip; then

407

+			mkdir -m 0755 -p ${CHROOT}/usr/share/GeoIP || die

408

+		elif use geoip2; then

409

+			mkdir -m 0755 -p ${CHROOT}/usr/share/GeoIP2 || die

410

+		fi

411

+	fi

412

+

413

+	elog "You may need to add the following line to your syslog-ng.conf:"

414

+	elog "source jail { unix-stream(\"${CHROOT}/dev/log\"); };"

415

+}

1	commit: 9aa557c48ed05bf648c2b6bf2d3699527eff4f34
2	Author: Sam James <sam <AT> gentoo <DOT> org>
3	AuthorDate: Fri Sep 23 05:40:36 2022 +0000
4	Commit: Sam James <sam <AT> gentoo <DOT> org>
5	CommitDate: Fri Sep 23 05:40:36 2022 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9aa557c4
7
8	net-dns/bind: add 9.16.33
9
10	Bug: https://bugs.gentoo.org/872206
11	Signed-off-by: Sam James <sam <AT> gentoo.org>
12
13	net-dns/bind/Manifest \| 1 +
14	net-dns/bind/bind-9.16.33.ebuild \| 382 +++++++++++++++++++++++++++++++++++++++
15	2 files changed, 383 insertions(+)
16
17	diff --git a/net-dns/bind/Manifest b/net-dns/bind/Manifest
18	index dd3dac899b24..e59b6e5dfe71 100644
19	--- a/net-dns/bind/Manifest
20	+++ b/net-dns/bind/Manifest
21	@@ -3,4 +3,5 @@ DIST bind-9.16.29.tar.xz 5088348 BLAKE2B 17ee1443926327c30f1d5820110b01a193c53eb
22	DIST bind-9.16.30.tar.xz 5086288 BLAKE2B 35fe14b58a018df25563e58a9632b4431f740bc7a708eb823117541548d23b1855e43058cf7323361ca904d5e59d687e282abb73dc8b617e4eb25ef113168e93 SHA512 cc9bcbedf63c2efe0a23f14db3e57fdae46f0509aac58e5840a6805ce4fbd76cad5bfde4d461442adb88c4d947f8d79bf979aeb24aeb9303b6adc8d169b7118c
23	DIST bind-9.16.31.tar.xz 5087424 BLAKE2B 75c9038c00fe289161a15a8e4fdadaef5a6a7f3ca03068ec24e82aa9f30ac82d0ded9cf73df83219058cd81b198ea8f561211a323e31b41407294f6932dc61d3 SHA512 8577b4d021a5a763b8669d59ef6c3499238e87657ca94ccfc530cb9a7a215ee3682002aa6141f5731154cbc43e0e6094372961468811a68bbd2a37e20e287c7e
24	DIST bind-9.16.32.tar.xz 5091860 BLAKE2B df6f2c878138015da580dfaf0e16b5a97b11ead9f99c1425a09da8484954196ea3dafb828ac3ab386200ce2b180646c7eb1e0e62a84c153162270a4a1e19a5fc SHA512 99abedf055901b43e1a85c448ee4c2dd731b7ab77de1454b73c8f9df816aa32262e70e23a8112959d94be990fd4f1c48c36611657ba745670141a7447fd53316
25	+DIST bind-9.16.33.tar.xz 5092516 BLAKE2B 4246b61ce91af3d494ace4b8065b4c0043b2cfaf28c6de326691a969837e7d1cfbc0dac6b1e1a5182fc32af68048abcfa1202d00022951f3caa13afb03ebeb69 SHA512 43fd2cea52dfd1115a4cca83830ab5b93208be401cdbbdff2bbf204b8f0d99fb434ad3156d3a21649488cc904ae09f145feba97b9b6918b0cf063ff5e2b10af5
26	DIST dyndns-samples.tbz2 22866 BLAKE2B 409890653c6536cb9c0e3ba809d2bfde0e0ae73a2a101b4f229b46c01568466bc022bbbc37712171adbd08c572733e93630feab95a0fcd1ac50a7d37da1d1108 SHA512 83b0bf99f8e9ff709e8e9336d8c5231b98a4b5f0c60c10792f34931e32cc638d261967dfa5a83151ec3740977d94ddd6e21e9ce91267b3e279b88affdbc18cac
27
28	diff --git a/net-dns/bind/bind-9.16.33.ebuild b/net-dns/bind/bind-9.16.33.ebuild
29	new file mode 100644
30	index 000000000000..010d5b56b5d2
31	--- /dev/null
32	+++ b/net-dns/bind/bind-9.16.33.ebuild
33	@@ -0,0 +1,382 @@
34	+# Copyright 1999-2022 Gentoo Authors
35	+# Distributed under the terms of the GNU General Public License v2
36	+
37	+# Re dlz/mysql and threads, needs to be verified..
38	+# MySQL uses thread local storage in its C api. Thus MySQL
39	+# requires that each thread of an application execute a MySQL
40	+# thread initialization to setup the thread local storage.
41	+# This is impossible to do safely while staying within the DLZ
42	+# driver API. This is a limitation caused by MySQL, and not the DLZ API.
43	+# Because of this BIND MUST only run with a single thread when
44	+# using the MySQL driver.
45	+
46	+EAPI=8
47	+
48	+PYTHON_COMPAT=( python3_{8..10} )
49	+
50	+inherit python-r1 autotools multiprocessing toolchain-funcs flag-o-matic db-use systemd tmpfiles
51	+
52	+MY_PV="${PV/_p/-P}"
53	+MY_PV="${MY_PV/_rc/rc}"
54	+MY_P="${PN}-${MY_PV}"
55	+
56	+SDB_LDAP_VER="1.1.0-fc14"
57	+
58	+RRL_PV="${MY_PV}"
59	+
60	+# SDB-LDAP: http://bind9-ldap.bayour.com/
61	+
62	+DESCRIPTION="Berkeley Internet Name Domain - Name Server"
63	+HOMEPAGE="https://www.isc.org/software/bind https://gitlab.isc.org/isc-projects/bind9"
64	+SRC_URI="https://downloads.isc.org/isc/bind9/${PV}/${P}.tar.xz
65	+ doc? ( mirror://gentoo/dyndns-samples.tbz2 )"
66	+
67	+LICENSE="Apache-2.0 BSD BSD-2 GPL-2 HPND ISC MPL-2.0"
68	+SLOT="0"
69	+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux"
70	+# -berkdb by default re bug #602682
71	+IUSE="berkdb +caps +dlz dnstap doc dnsrps fixed-rrset geoip geoip2 gssapi
72	+json ldap lmdb mysql odbc postgres python selinux static-libs test xml +zlib"
73	+# sdb-ldap - patch broken
74	+# no PKCS11 currently as it requires OpenSSL to be patched, also see bug 409687
75	+RESTRICT="!test? ( test )"
76	+
77	+# Upstream dropped the old geoip library, but the BIND configuration for using
78	+# GeoIP remained the same.
79	+REQUIRED_USE="
80	+ postgres? ( dlz )
81	+ berkdb? ( dlz )
82	+ mysql? ( dlz )
83	+ odbc? ( dlz )
84	+ ldap? ( dlz )
85	+ dnsrps? ( dlz )
86	+ python? ( ${PYTHON_REQUIRED_USE} )
87	+"
88	+
89	+DEPEND="
90	+ acct-group/named
91	+ acct-user/named
92	+ berkdb? ( sys-libs/db:= )
93	+ dev-libs/openssl:=[-bindist(-)]
94	+ mysql? ( dev-db/mysql-connector-c:0= )
95	+ odbc? ( >=dev-db/unixODBC-2.2.6 )
96	+ ldap? ( net-nds/openldap:= )
97	+ postgres? ( dev-db/postgresql:= )
98	+ caps? ( >=sys-libs/libcap-2.1.0 )
99	+ xml? ( dev-libs/libxml2 )
100	+ geoip? ( dev-libs/libmaxminddb:= )
101	+ geoip2? ( dev-libs/libmaxminddb:= )
102	+ gssapi? ( virtual/krb5 )
103	+ json? ( dev-libs/json-c:= )
104	+ lmdb? ( dev-db/lmdb:= )
105	+ zlib? ( sys-libs/zlib )
106	+ dnstap? ( dev-libs/fstrm dev-libs/protobuf-c:= )
107	+ python? (
108	+ ${PYTHON_DEPS}
109	+ dev-python/ply[${PYTHON_USEDEP}]
110	+ )
111	+ dev-libs/libuv:=
112	+"
113	+
114	+RDEPEND="${DEPEND}
115	+ selinux? ( sec-policy/selinux-bind )
116	+ sys-process/psmisc"
117	+
118	+BDEPEND="
119	+ test? (
120	+ dev-util/cmocka
121	+ dev-util/kyua
122	+ )
123	+"
124	+
125	+S="${WORKDIR}/${MY_P}"
126	+
127	+PATCHES=(
128	+ "${FILESDIR}/ldap-library-path-on-multilib-machines.patch"
129	+)
130	+
131	+src_prepare() {
132	+ default
133	+
134	+ # Should be installed by bind-tools
135	+ sed -i -r -e "s:(nsupdate\|dig\|delv) ::g" bin/Makefile.in \|\| die
136	+
137	+ # bug #220361
138	+ rm aclocal.m4 \|\| die
139	+ rm -rf libtool.m4/ \|\| die
140	+ eautoreconf
141	+
142	+ use python && python_copy_sources
143	+}
144	+
145	+src_configure() {
146	+ bind_configure --without-python
147	+ use python && python_foreach_impl python_configure
148	+}
149	+
150	+bind_configure() {
151	+ local myeconfargs=(
152	+ AR="$(type -P $(tc-getAR))"
153	+ --prefix="${EPREFIX}"/usr
154	+ --sysconfdir=/etc/bind
155	+ --localstatedir=/var
156	+ --with-libtool
157	+ --enable-full-report
158	+ --without-readline
159	+ --with-openssl="${ESYSROOT}"/usr
160	+ $(use_with test cmocka)
161	+ # Removed in 9.17, drags in libunwind dependency too
162	+ --disable-backtrace
163	+ $(use_enable caps linux-caps)
164	+ $(use_enable dnsrps)
165	+ $(use_enable dnstap)
166	+ $(use_enable fixed-rrset)
167	+ $(use_with berkdb dlz-bdb "${ESYSROOT}"/usr)
168	+ $(use_with dlz dlopen)
169	+ $(use_with dlz dlz-filesystem)
170	+ $(use_with dlz dlz-stub)
171	+ $(use_with gssapi)
172	+ $(use_with json json-c)
173	+ $(use_with ldap dlz-ldap)
174	+ $(use_with mysql dlz-mysql)
175	+ $(use_with odbc dlz-odbc)
176	+ $(use_with postgres dlz-postgres)
177	+ $(use_with lmdb)
178	+ $(use_with xml libxml2)
179	+ $(use_with zlib)
180	+ "${@}"
181	+ )
182	+
183	+ # This is for users to start to migrate back to USE=geoip, rather than
184	+ # USE=geoip2
185	+ if use geoip ; then
186	+ myeconfargs+=( $(use_with geoip maxminddb) --enable-geoip )
187	+ elif use geoip2 ; then
188	+ # Added 2020/09/30
189	+ # Remove USE=geoip2 support after 2020/03/01
190	+ ewarn "USE=geoip2 is deprecated; update your USE flags!"
191	+ myeconfargs+=( $(use_with geoip2 maxminddb) --enable-geoip )
192	+ else
193	+ myeconfargs+=( --without-maxminddb --disable-geoip )
194	+ fi
195	+
196	+ # bug #158664
197	+ #gcc-specs-ssp && replace-flags -O[23s] -O
198	+
199	+ # To include db.h from proper path
200	+ use berkdb && append-flags "-I$(db_includedir)"
201	+
202	+ export BUILD_CC=$(tc-getBUILD_CC)
203	+ econf "${myeconfargs[@]}"
204	+
205	+ # bug #151839
206	+ echo '#undef SO_BSDCOMPAT' >> config.h \|\| die
207	+}
208	+
209	+python_configure() {
210	+ pushd "${BUILD_DIR}" >/dev/null \|\| die
211	+ bind_configure --with-python
212	+ popd >/dev/null \|\| die
213	+}
214	+
215	+src_compile() {
216	+ default
217	+ use python && python_foreach_impl python_compile
218	+}
219	+
220	+python_compile() {
221	+ pushd "${BUILD_DIR}"/bin/python >/dev/null \|\| die
222	+ emake
223	+ popd >/dev/null \|\| die
224	+}
225	+
226	+src_test() {
227	+ # system tests ('emake test') require network configuration for IPs etc
228	+ # so we run the unit tests instead.
229	+ TEST_PARALLEL_JOBS="$(makeopts_jobs)" emake unit
230	+}
231	+
232	+src_install() {
233	+ default
234	+
235	+ dodoc CHANGES README
236	+
237	+ if use doc; then
238	+ docinto misc
239	+ dodoc -r doc/misc/
240	+
241	+ # might a 'html' useflag make sense?
242	+ docinto html
243	+ dodoc -r doc/arm/
244	+
245	+ docinto contrib
246	+ dodoc contrib/scripts/{nanny.pl,named-bootconf.sh}
247	+
248	+ # some handy-dandy dynamic dns examples
249	+ pushd "${ED}"/usr/share/doc/${PF} 1>/dev/null \|\| die
250	+ tar xf "${DISTDIR}"/dyndns-samples.tbz2 \|\| die
251	+ popd 1>/dev/null \|\| die
252	+ fi
253	+
254	+ insinto /etc/bind
255	+ newins "${FILESDIR}"/named.conf-r8 named.conf
256	+
257	+ # ftp://ftp.rs.internic.net/domain/named.cache:
258	+ insinto /var/bind
259	+ newins "${FILESDIR}"/named.cache-r3 named.cache
260	+
261	+ insinto /var/bind/pri
262	+ newins "${FILESDIR}"/localhost.zone-r3 localhost.zone
263	+
264	+ newinitd "${FILESDIR}"/named.init-r14 named
265	+ newconfd "${FILESDIR}"/named.confd-r7 named
266	+
267	+ newenvd "${FILESDIR}"/10bind.env 10bind
268	+
269	+ # Let's get rid of those tools and their manpages since they're provided by bind-tools
270	+ rm -f "${ED}"/usr/share/man/man1/{dig,host,nslookup,delv,nsupdate}.1* \|\| die
271	+ rm -f "${ED}"/usr/share/man/man8/nsupdate.8* \|\| die
272	+ rm -f "${ED}"/usr/bin/{dig,host,nslookup,nsupdate} \|\| die
273	+ rm -f "${ED}"/usr/sbin/{dig,host,nslookup,nsupdate} \|\| die
274	+ for tool in dsfromkey importkey keyfromlabel keygen \
275	+ revoke settime signzone verify; do
276	+ rm -f "${ED}"/usr/{,s}bin/dnssec-"${tool}" \|\| die
277	+ rm -f "${ED}"/usr/share/man/man8/dnssec-"${tool}".8* \|\| die
278	+ done
279	+
280	+ # bug 405251, library archives aren't properly handled by --enable/disable-static
281	+ if ! use static-libs; then
282	+ find "${ED}" -type f -name '*.a' -delete \|\| die
283	+ fi
284	+
285	+ # bug 405251
286	+ find "${ED}" -type f -name '*.la' -delete \|\| die
287	+
288	+ use python && python_foreach_impl python_install
289	+
290	+ # bug 450406
291	+ dosym named.cache /var/bind/root.cache
292	+
293	+ dosym ../../var/bind/pri /etc/bind/pri
294	+ dosym ../../var/bind/sec /etc/bind/sec
295	+ dosym ../../var/bind/dyn /etc/bind/dyn
296	+ keepdir /var/bind/{pri,sec,dyn} /var/log/named
297	+
298	+ fowners root:named /{etc,var}/bind /var/log/named /var/bind/{sec,pri,dyn}
299	+ fowners root:named /var/bind/named.cache /var/bind/pri/localhost.zone /etc/bind/{bind.keys,named.conf}
300	+ fperms 0640 /var/bind/named.cache /var/bind/pri/localhost.zone /etc/bind/{bind.keys,named.conf}
301	+ fperms 0750 /etc/bind /var/bind/pri
302	+ fperms 0770 /var/log/named /var/bind/{,sec,dyn}
303	+
304	+ systemd_newunit "${FILESDIR}/named.service-r1" named.service
305	+ dotmpfiles "${FILESDIR}"/named.conf
306	+ exeinto /usr/libexec
307	+ doexe "${FILESDIR}/generate-rndc-key.sh"
308	+}
309	+
310	+python_install() {
311	+ pushd "${BUILD_DIR}"/bin/python >/dev/null \|\| die
312	+ emake DESTDIR="${D}" install
313	+ python_scriptinto /usr/sbin
314	+ python_doscript dnssec-{checkds,coverage}
315	+ python_optimize
316	+ popd >/dev/null \|\| die
317	+}
318	+
319	+pkg_postinst() {
320	+ tmpfiles_process named.conf
321	+
322	+ if [[ ! -f '/etc/bind/rndc.key' && ! -f '/etc/bind/rndc.conf' ]]; then
323	+ einfo "Using /dev/urandom for generating rndc.key"
324	+ /usr/sbin/rndc-confgen -a
325	+ chown root:named /etc/bind/rndc.key \|\| die
326	+ chmod 0640 /etc/bind/rndc.key \|\| die
327	+ fi
328	+
329	+ einfo
330	+ einfo "You can edit /etc/conf.d/named to customize named settings"
331	+ einfo
332	+ use mysql \|\| use postgres \|\| use ldap && {
333	+ elog "If your named depends on MySQL/PostgreSQL or LDAP,"
334	+ elog "uncomment the specified rc_named_* lines in your"
335	+ elog "/etc/conf.d/named config to ensure they'll start before bind"
336	+ einfo
337	+ }
338	+ einfo "If you'd like to run bind in a chroot AND this is a new"
339	+ einfo "install OR your bind doesn't already run in a chroot:"
340	+ einfo "1) Uncomment and set the CHROOT variable in /etc/conf.d/named."
341	+ einfo "2) Run \`emerge --config '=${CATEGORY}/${PF}'\`"
342	+ einfo
343	+
344	+ CHROOT=$(source /etc/conf.d/named 2>/dev/null; echo ${CHROOT})
345	+ if [[ -n ${CHROOT} ]]; then
346	+ elog "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!"
347	+ elog "To enable the old behaviour (without using mount) uncomment the"
348	+ elog "CHROOT_NOMOUNT option in your /etc/conf.d/named config."
349	+ elog "If you decide to use the new/default method, ensure to make backup"
350	+ elog "first and merge your existing configs/zones to /etc/bind and"
351	+ elog "/var/bind because bind will now mount the needed directories into"
352	+ elog "the chroot dir."
353	+ fi
354	+}
355	+
356	+pkg_config() {
357	+ CHROOT=$(source /etc/conf.d/named; echo ${CHROOT})
358	+ CHROOT_NOMOUNT=$(source /etc/conf.d/named; echo ${CHROOT_NOMOUNT})
359	+ CHROOT_GEOIP=$(source /etc/conf.d/named; echo ${CHROOT_GEOIP})
360	+
361	+ if [[ -z "${CHROOT}" ]]; then
362	+ eerror "This config script is designed to automate setting up"
363	+ eerror "a chrooted bind/named. To do so, please first uncomment"
364	+ eerror "and set the CHROOT variable in '/etc/conf.d/named'."
365	+ die "Unset CHROOT"
366	+ fi
367	+ if [[ -d "${CHROOT}" ]]; then
368	+ ewarn "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!"
369	+ ewarn "To enable the old behaviour (without using mount) uncomment the"
370	+ ewarn "CHROOT_NOMOUNT option in your /etc/conf.d/named config."
371	+ ewarn
372	+ ewarn "${CHROOT} already exists... some things might become overridden"
373	+ ewarn "press CTRL+C if you don't want to continue"
374	+ sleep 10
375	+ fi
376	+
377	+ echo; einfo "Setting up the chroot directory..."
378	+
379	+ mkdir -m 0750 -p ${CHROOT} \|\| die
380	+ mkdir -m 0755 -p ${CHROOT}/{dev,etc,var/log,run} \|\| die
381	+ mkdir -m 0750 -p ${CHROOT}/etc/bind \|\| die
382	+ mkdir -m 0770 -p ${CHROOT}/var/{bind,log/named} ${CHROOT}/run/named/ \|\| die
383	+
384	+ chown root:named \
385	+ ${CHROOT} \
386	+ ${CHROOT}/var/{bind,log/named} \
387	+ ${CHROOT}/run/named/ \
388	+ ${CHROOT}/etc/bind \
389	+ \|\| die
390	+
391	+ mknod ${CHROOT}/dev/null c 1 3 \|\| die
392	+ chmod 0666 ${CHROOT}/dev/null \|\| die
393	+
394	+ mknod ${CHROOT}/dev/zero c 1 5 \|\| die
395	+ chmod 0666 ${CHROOT}/dev/zero \|\| die
396	+
397	+ mknod ${CHROOT}/dev/urandom c 1 9 \|\| die
398	+ chmod 0666 ${CHROOT}/dev/urandom \|\| die
399	+
400	+ if [ "${CHROOT_NOMOUNT:-0}" -ne 0 ]; then
401	+ cp -a /etc/bind ${CHROOT}/etc/ \|\| die
402	+ cp -a /var/bind ${CHROOT}/var/ \|\| die
403	+ fi
404	+
405	+ if [ "${CHROOT_GEOIP:-0}" -eq 1 ]; then
406	+ if use geoip; then
407	+ mkdir -m 0755 -p ${CHROOT}/usr/share/GeoIP \|\| die
408	+ elif use geoip2; then
409	+ mkdir -m 0755 -p ${CHROOT}/usr/share/GeoIP2 \|\| die
410	+ fi
411	+ fi
412	+
413	+ elog "You may need to add the following line to your syslog-ng.conf:"
414	+ elog "source jail { unix-stream(\"${CHROOT}/dev/log\"); };"
415	+}

Gentoo Archives: gentoo-commits