Browse Source

net-dns/bind: fix conf, remove 9.16.12

pull/1/head 2785
root 5 months ago
parent
commit
f24e7efe4c
  1. 1
      net-dns/bind/Manifest
  2. 403
      net-dns/bind/bind-9.16.12-r1.ebuild
  3. 0
      net-dns/bind/bind-9.16.22-r9.ebuild
  4. 1
      net-dns/bind/files/named.conf-r8

1
net-dns/bind/Manifest

@ -1,3 +1,2 @@
DIST bind-9.16.12.tar.xz 5017756 BLAKE2B e48fe94432a93df1f7f61b2d7ecb596e82a156deab3ee8dd3f5f11139028d42f839c483200ca6954076dfb68e768353a0ceb0d360d9e1dff3e36cf5ad06e8c43 SHA512 001613bd3c8bfc73d60bf3c053b233233a981132206e1ae5847820c5416ba0d65b0e026817ea3a718c7d3745c28a8de8dd9fb4355344955bead7bc2e1433e074
DIST bind-9.16.22.tar.xz 5059000 BLAKE2B c4853a8be268f9666f3677adf2e64c6d74f7df44d2dc05df544cead38c6c3b86489d25a66ccea6ce8ca89fa525a1848fe93a8aaa6bb1ee090aa189bf6aad40f3 SHA512 586fb4d5a656d6539033dcdfdd230b36465a2d2e6ada651c1f1548d062a9050e7a962af87e2a56931fe24c65586d29012d4a041dcddbb28f42b4d01fe291d9d1
DIST dyndns-samples.tbz2 22866 BLAKE2B 409890653c6536cb9c0e3ba809d2bfde0e0ae73a2a101b4f229b46c01568466bc022bbbc37712171adbd08c572733e93630feab95a0fcd1ac50a7d37da1d1108 SHA512 83b0bf99f8e9ff709e8e9336d8c5231b98a4b5f0c60c10792f34931e32cc638d261967dfa5a83151ec3740977d94ddd6e21e9ce91267b3e279b88affdbc18cac

403
net-dns/bind/bind-9.16.12-r1.ebuild

@ -1,403 +0,0 @@
# Copyright 1999-2020 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
# Re dlz/mysql and threads, needs to be verified..
# MySQL uses thread local storage in its C api. Thus MySQL
# requires that each thread of an application execute a MySQL
# thread initialization to setup the thread local storage.
# This is impossible to do safely while staying within the DLZ
# driver API. This is a limitation caused by MySQL, and not the DLZ API.
# Because of this BIND MUST only run with a single thread when
# using the MySQL driver.
EAPI=7
PYTHON_COMPAT=( python3_{7..9} )
inherit python-r1 autotools toolchain-funcs flag-o-matic multilib db-use systemd
MY_PV="${PV/_p/-P}"
MY_PV="${MY_PV/_rc/rc}"
MY_P="${PN}-${MY_PV}"
SDB_LDAP_VER="1.1.0-fc14"
RRL_PV="${MY_PV}"
# SDB-LDAP: http://bind9-ldap.bayour.com/
DESCRIPTION="Berkeley Internet Name Domain - Name Server"
HOMEPAGE="https://www.isc.org/software/bind"
SRC_URI="https://downloads.isc.org/isc/bind9/${PV}/${P}.tar.xz
doc? ( mirror://gentoo/dyndns-samples.tbz2 )"
LICENSE="Apache-2.0 BSD BSD-2 GPL-2 HPND ISC MPL-2.0"
SLOT="0"
KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~mips ~ppc ppc64 ~s390 sparc x86 ~amd64-linux ~x86-linux"
# -berkdb by default re bug 602682
IUSE="-berkdb +caps dlz dnstap doc dnsrps fixed-rrset geoip geoip2 gssapi
json ldap lmdb mysql odbc postgres python selinux static-libs
urandom xml +zlib sdb-ldap"
# sdb-ldap - patch broken
# no PKCS11 currently as it requires OpenSSL to be patched, also see bug 409687
# Upstream dropped the old geoip library, but the BIND configuration for using
# GeoIP remained the same.
REQUIRED_USE="
postgres? ( dlz )
berkdb? ( dlz )
mysql? ( dlz )
odbc? ( dlz )
ldap? ( dlz )
dnsrps? ( dlz )
python? ( ${PYTHON_REQUIRED_USE} )
sdb-ldap? ( dlz )
"
DEPEND="
acct-group/named
acct-user/named
berkdb? ( sys-libs/db:= )
dev-libs/openssl:=[-bindist]
mysql? ( dev-db/mysql-connector-c:0= )
odbc? ( >=dev-db/unixODBC-2.2.6 )
ldap? ( net-nds/openldap )
postgres? ( dev-db/postgresql:= )
caps? ( >=sys-libs/libcap-2.1.0 )
xml? ( dev-libs/libxml2 )
geoip? ( dev-libs/libmaxminddb )
geoip2? ( dev-libs/libmaxminddb )
gssapi? ( virtual/krb5 )
json? ( dev-libs/json-c:= )
lmdb? ( dev-db/lmdb )
zlib? ( sys-libs/zlib )
dnstap? ( dev-libs/fstrm dev-libs/protobuf-c )
python? (
${PYTHON_DEPS}
dev-python/ply[${PYTHON_USEDEP}]
)
dev-libs/libuv:=
sdb-ldap? ( net-nds/openldap )
"
RDEPEND="${DEPEND}
selinux? ( sec-policy/selinux-bind )
sys-process/psmisc"
S="${WORKDIR}/${MY_P}"
PATCHES=(
"${FILESDIR}/ldap-library-path-on-multilib-machines.patch"
)
# bug 479092, requires networking
# bug 710840, cmocka fails LDFLAGS='-Wl,-O1'
#RESTRICT="test"
src_prepare() {
default
export LDFLAGS="${LDFLAGS} -L${EPREFIX}/usr/$(get_libdir)"
if use dlz; then
# sdb-ldap patch as per bug #160567
# Upstream URL: http://bind9-ldap.bayour.com/
# New patch take from bug 302735
if use sdb-ldap; then
eapply "${FILESDIR}"/bind-9.16.6-sdb-ldap.patch
cp -fp contrib/sdb/ldap/ldapdb.[ch] bin/named/
cp -fp contrib/sdb/ldap/{ldap2zone.1,ldap2zone.c} bin/tools/
cp -fp contrib/sdb/ldap/{zone2ldap.1,zone2ldap.c} bin/tools/
fi
fi
# should be installed by bind-tools
sed -i -r -e "s:(nsupdate|dig|delv) ::g" bin/Makefile.in || die
# Disable tests for now, bug 406399
sed -i '/^SUBDIRS/s:tests::' bin/Makefile.in lib/Makefile.in || die
# bug #220361
rm aclocal.m4 || die
rm -rf libtool.m4/ || die
eautoreconf
use python && python_copy_sources
}
src_configure() {
bind_configure --without-python
use python && python_foreach_impl python_configure
}
bind_configure() {
local myeconfargs=(
AR="$(type -P $(tc-getAR))"
--prefix="${EPREFIX}"/usr
--sysconfdir=/etc/bind
--localstatedir=/var
--with-libtool
--enable-full-report
--without-readline
--with-openssl="${EPREFIX}"/usr
--without-cmocka
$(use_enable caps linux-caps)
$(use_enable dnsrps)
$(use_enable dnstap)
$(use_enable fixed-rrset)
# $(use_enable static-libs static)
$(use_with berkdb dlz-bdb)
$(use_with dlz dlopen)
$(use_with dlz dlz-filesystem)
$(use_with dlz dlz-stub)
$(use_with gssapi)
$(use_with json json-c)
$(use_with ldap dlz-ldap)
$(use_with mysql dlz-mysql)
$(use_with odbc dlz-odbc)
$(use_with postgres dlz-postgres)
$(use_with lmdb)
$(use_with xml libxml2)
$(use_with zlib)
"${@}"
)
# This is for users to start to migrate back to USE=geoip, rather than
# USE=geoip2
if use geoip ; then
myeconfargs+=( $(use_with geoip maxminddb) --enable-geoip )
elif use geoip2 ; then
# Added 2020/09/30
# Remove USE=geoip2 support after 2020/03/01
ewarn "USE=geoip2 is deprecated; update your USE flags!"
myeconfargs+=( $(use_with geoip2 maxminddb) --enable-geoip )
else
myeconfargs+=( --without-maxminddb --disable-geoip )
fi
# bug #158664
# gcc-specs-ssp && replace-flags -O[23s] -O
# To include db.h from proper path
use berkdb && append-flags "-I$(db_includedir)"
export BUILD_CC=$(tc-getBUILD_CC)
econf "${myeconfargs[@]}"
# bug #151839
echo '#undef SO_BSDCOMPAT' >> config.h
}
python_configure() {
pushd "${BUILD_DIR}" >/dev/null || die
bind_configure --with-python
popd >/dev/null || die
}
src_compile() {
default
use python && python_foreach_impl python_compile
}
python_compile() {
pushd "${BUILD_DIR}"/bin/python >/dev/null || die
emake
popd >/dev/null || die
}
src_install() {
default
# don't create /var/run
rmdir "${ED}"/var/run || die
dodoc CHANGES README
if use doc; then
docinto misc
dodoc -r doc/misc/
# might a 'html' useflag make sense?
docinto html
dodoc -r doc/arm/
docinto contrib
dodoc contrib/scripts/{nanny.pl,named-bootconf.sh}
# some handy-dandy dynamic dns examples
pushd "${ED}"/usr/share/doc/${PF} 1>/dev/null || die
tar xf "${DISTDIR}"/dyndns-samples.tbz2 || die
popd 1>/dev/null || die
fi
insinto /etc/bind
newins "${FILESDIR}"/named.conf-r8 named.conf
# ftp://ftp.rs.internic.net/domain/named.cache:
insinto /var/bind
newins "${FILESDIR}"/named.cache-r3 named.cache
insinto /var/bind/pri
newins "${FILESDIR}"/localhost.zone-r3 localhost.zone
newinitd "${FILESDIR}"/named.init-r13 named
newconfd "${FILESDIR}"/named.confd-r7 named
newenvd "${FILESDIR}"/10bind.env 10bind
# Let's get rid of those tools and their manpages since they're provided by bind-tools
rm -f "${ED}"/usr/share/man/man1/{dig,host,nslookup,delv,nsupdate}.1* || die
rm -f "${ED}"/usr/share/man/man8/nsupdate.8* || die
rm -f "${ED}"/usr/bin/{dig,host,nslookup,nsupdate} || die
rm -f "${ED}"/usr/sbin/{dig,host,nslookup,nsupdate} || die
for tool in dsfromkey importkey keyfromlabel keygen \
revoke settime signzone verify; do
rm -f "${ED}"/usr/{,s}bin/dnssec-"${tool}" || die
rm -f "${ED}"/usr/share/man/man8/dnssec-"${tool}".8* || die
done
# bug 405251, library archives aren't properly handled by --enable/disable-static
if ! use static-libs; then
find "${ED}" -type f -name '*.a' -delete || die
fi
# bug 405251
find "${ED}" -type f -name '*.la' -delete || die
use python && python_foreach_impl python_install
# bug 450406
dosym named.cache /var/bind/root.cache
dosym ../../var/bind/pri /etc/bind/pri
dosym ../../var/bind/sec /etc/bind/sec
dosym ../../var/bind/dyn /etc/bind/dyn
keepdir /var/bind/{pri,sec,dyn} /var/log/named
fowners root:named /{etc,var}/bind /var/log/named /var/bind/{sec,pri,dyn}
fowners root:named /var/bind/named.cache /var/bind/pri/localhost.zone /etc/bind/{bind.keys,named.conf}
fperms 0640 /var/bind/named.cache /var/bind/pri/localhost.zone /etc/bind/{bind.keys,named.conf}
fperms 0750 /etc/bind /var/bind/pri
fperms 0770 /var/log/named /var/bind/{,sec,dyn}
systemd_newunit "${FILESDIR}/named.service-r1" named.service
dotmpfilesd "${FILESDIR}"/named.conf
exeinto /usr/libexec
doexe "${FILESDIR}/generate-rndc-key.sh"
}
python_install() {
pushd "${BUILD_DIR}"/bin/python >/dev/null || die
emake DESTDIR="${D}" install
python_scriptinto /usr/sbin
python_doscript dnssec-{checkds,coverage}
python_optimize
popd >/dev/null || die
}
pkg_postinst() {
tmpfiles_process "${FILESDIR}"/named.conf
if [ ! -f '/etc/bind/rndc.key' && ! -f '/etc/bind/rndc.conf' ]; then
if use urandom; then
einfo "Using /dev/urandom for generating rndc.key"
/usr/sbin/rndc-confgen -r /dev/urandom -a
echo
else
einfo "Using /dev/random for generating rndc.key"
/usr/sbin/rndc-confgen -a
echo
fi
chown root:named /etc/bind/rndc.key || die
chmod 0640 /etc/bind/rndc.key || die
fi
einfo
einfo "You can edit /etc/conf.d/named to customize named settings"
einfo
use mysql || use postgres || use ldap && {
elog "If your named depends on MySQL/PostgreSQL or LDAP,"
elog "uncomment the specified rc_named_* lines in your"
elog "/etc/conf.d/named config to ensure they'll start before bind"
einfo
}
einfo "If you'd like to run bind in a chroot AND this is a new"
einfo "install OR your bind doesn't already run in a chroot:"
einfo "1) Uncomment and set the CHROOT variable in /etc/conf.d/named."
einfo "2) Run \`emerge --config '=${CATEGORY}/${PF}'\`"
einfo
CHROOT=$(source /etc/conf.d/named 2>/dev/null; echo ${CHROOT})
if [[ -n ${CHROOT} ]]; then
elog "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!"
elog "To enable the old behaviour (without using mount) uncomment the"
elog "CHROOT_NOMOUNT option in your /etc/conf.d/named config."
elog "If you decide to use the new/default method, ensure to make backup"
elog "first and merge your existing configs/zones to /etc/bind and"
elog "/var/bind because bind will now mount the needed directories into"
elog "the chroot dir."
fi
}
pkg_config() {
CHROOT=$(source /etc/conf.d/named; echo ${CHROOT})
CHROOT_NOMOUNT=$(source /etc/conf.d/named; echo ${CHROOT_NOMOUNT})
CHROOT_GEOIP=$(source /etc/conf.d/named; echo ${CHROOT_GEOIP})
if [[ -z "${CHROOT}" ]]; then
eerror "This config script is designed to automate setting up"
eerror "a chrooted bind/named. To do so, please first uncomment"
eerror "and set the CHROOT variable in '/etc/conf.d/named'."
die "Unset CHROOT"
fi
if [[ -d "${CHROOT}" ]]; then
ewarn "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!"
ewarn "To enable the old behaviour (without using mount) uncomment the"
ewarn "CHROOT_NOMOUNT option in your /etc/conf.d/named config."
ewarn
ewarn "${CHROOT} already exists... some things might become overridden"
ewarn "press CTRL+C if you don't want to continue"
sleep 10
fi
echo; einfo "Setting up the chroot directory..."
mkdir -m 0750 -p ${CHROOT} || die
mkdir -m 0755 -p ${CHROOT}/{dev,etc,var/log,run} || die
mkdir -m 0750 -p ${CHROOT}/etc/bind || die
mkdir -m 0770 -p ${CHROOT}/var/{bind,log/named} ${CHROOT}/run/named/ || die
chown root:named \
${CHROOT} \
${CHROOT}/var/{bind,log/named} \
${CHROOT}/run/named/ \
${CHROOT}/etc/bind \
|| die
mknod ${CHROOT}/dev/null c 1 3 || die
chmod 0666 ${CHROOT}/dev/null || die
mknod ${CHROOT}/dev/zero c 1 5 || die
chmod 0666 ${CHROOT}/dev/zero || die
if use urandom; then
mknod ${CHROOT}/dev/urandom c 1 9 || die
chmod 0666 ${CHROOT}/dev/urandom || die
else
mknod ${CHROOT}/dev/random c 1 8 || die
chmod 0666 ${CHROOT}/dev/random || die
fi
if [ "${CHROOT_NOMOUNT:-0}" -ne 0 ]; then
cp -a /etc/bind ${CHROOT}/etc/ || die
cp -a /var/bind ${CHROOT}/var/ || die
fi
if [ "${CHROOT_GEOIP:-0}" -eq 1 ]; then
if use geoip; then
mkdir -m 0755 -p ${CHROOT}/usr/share/GeoIP || die
elif use geoip2; then
mkdir -m 0755 -p ${CHROOT}/usr/share/GeoIP2 || die
fi
fi
elog "You may need to add the following line to your syslog-ng.conf:"
elog "source jail { unix-stream(\"${CHROOT}/dev/log\"); };"
}

0
net-dns/bind/bind-9.16.22-r9.ebuild

1
net-dns/bind/files/named.conf-r8

@ -87,7 +87,6 @@ options {
*/
dnssec-enable yes;
//dnssec-validation yes;
/*

Loading…
Cancel
Save