%define sdb 1 %define geoip 0 %define gssapi 1 %{?_with_sdbp: %{expand: %%global sdb 1}} %{?_without_sdb: %{expand: %%global sdb 0}} %{?_with_geoip: %{expand: %%global geoip 1}} %{?_without_geoip: %{expand: %%global geoip 0}} %{?_with_gssapi: %{expand: %%global gssapi 1}} %{?_without_gssapi: %{expand: %%global gssapi 0}} %define major_version 9.10.3 %define patch_version P4 %define dashpatch %{?patch_version:-%patch_version}%nil %define dotpatch %{?patch_version:.%patch_version}%nil %define chroot_prefix /var/lib/named Name: bind Version: %{major_version}%{dotpatch} Release: %mkrel 1 Summary: A DNS (Domain Name System) server License: ISC Group: System/Servers URL: http://www.isc.org/products/BIND/ Source0: ftp://ftp.isc.org/isc/%{name}9/%{major_version}%{dashpatch}/%{name}-%{major_version}%{dashpatch}.tar.gz Source1: ftp://ftp.isc.org/isc/%{name}9/%{major_version}%{dashpatch}/%{name}-%{major_version}%{dashpatch}.tar.gz.sha512.asc Source6: named.sysconfig Source7: named.logrotate Source8: named.NetworkManager Source11: ftp://ftp.internic.net/domain/named.cache Source20: bind-keygen.c Source40: bind.tmpfiles Source41: named.service Source42: named-sdb.service Source43: setup-named-chroot.sh # sdb Source30: ldap2zone.c Source31: ldap2zone.1 Source32: named-sdb.8 Source33: zonetodb.1 Source34: zone2sqlite.1 Source35: bind-9.3.1rc1-sdb_tools-Makefile.in Source36: dnszone.schema Source37: README.sdb_pgsql Source100: named.conf Source102: named.root.key Source103: trusted-key.key Source105: rndc.key Source110: named.ca Source111: named.localhost Source112: named.empty Source113: named.loopback # fedora patches Patch10: bind-9.5-PIE.patch Patch72: bind-9.5-dlz-64bit.patch Patch87: bind-9.5-parallel-build.patch Patch99: bind-9.9.3-libtool2.diff Patch101: bind-96-old-api.patch Patch102: bind-95-rh452060.patch Patch106: bind93-rh490837.patch Patch107: bind97-dist-pkcs11.patch Patch109: bind97-rh478718.patch Patch110: bind97-rh570851.patch Patch111: bind97-exportlib.patch Patch112: bind97-rh645544.patch Patch119: bind97-rh693982.patch Patch123: bind98-rh735103.patch Patch127: bind99-forward.patch Patch130: bind-9.9.3-dlz-libdb4.diff Patch131: bind-9.9.1-P2-multlib-conflict.patch Patch133: bind99-rh640538.patch Patch134: bind97-rh669163.patch Patch135: bind99-libidn4.patch Patch137: bind99-rrl.patch # SDB patches Patch11: bind-9.9.3-sdbsrc.diff Patch12: bind-9.10-sdb.patch Patch62: bind-9.5-sdb-sqlite-bld.patch # needs inpection Patch17: bind-9.3.2b1-fix_sdb_ldap.patch Patch104: bind-9.10-dyndb.patch # IDN patches Patch73: bind-9.5-libidn.patch Patch83: bind-9.5-libidn2.patch Patch85: bind-9.5-libidn3.patch Patch94: bind95-rh461409.patch # other patches Patch206: bind-9.2.0rc3-varrun.patch Patch208: bind-9.3.2-prctl_set_dumpable.patch Requires: bind-utils >= %{version}-%{release} Requires(post): systemd >= %{systemd_required_version} Requires(post): rpm-helper >= 0.24.8-1 Requires(preun): rpm-helper >= 0.24.8-1 BuildRequires: openssl-devel BuildRequires: multiarch-utils >= 1.0.3 BuildRequires: libidn-devel BuildRequires: postgresql-devel BuildRequires: mysql-devel BuildRequires: libcap-devel >= 2.10 BuildRequires: libxml2-devel %if %{gssapi} BuildRequires: krb5-devel %endif %if %{geoip} BuildRequires: geoip-devel %endif %if %{sdb} BuildRequires: mysql-devel BuildRequires: openldap-devel BuildRequires: postgresql-devel BuildRequires: sqlite3-devel %endif %description BIND (Berkeley Internet Name Domain) is an implementation of the DNS (domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses, and a resolver library (routines for applications to use when interfacing with DNS). A DNS server allows clients to name resources or objects and share the information with other network machines. The named DNS server can be used on workstations as a caching name server, but is generally only needed on one machine for an entire network. Note that the configuration files for making BIND act as a simple caching nameserver are included in the caching-nameserver package. Install the bind package if you need a DNS server for your network. If you want bind to act a caching name server, you will also need to install the caching-nameserver package. Many BIND 8 features previously unimplemented in BIND 9, including domain-specific forwarding, the \$GENERATE master file directive, and the "blackhole", "dialup", and "sortlist" options Forwarding of dynamic update requests; this is enabled by the "allow-update-forwarding" option A new, simplified database interface and a number of sample drivers based on it; see doc/dev/sdb for details Support for building single-threaded servers for environments that do not supply POSIX threads New configuration options: "min-refresh-time", "max-refresh-time", "min-retry-time", "max-retry-time", "additional-from-auth", "additional-from-cache", "notify explicit" Faster lookups, particularly in large zones. Build Options: --with sdb Build with database backends and DLZ support (enabled by default) --with geoip Build with GeoIP support (disabled per default) %if %{sdb} %package sdb Summary: BIND server with database backends and DLZ support Group: System/Servers Requires: bind Requires(post): rpm-helper >= 0.24.8-1 Requires(preun): rpm-helper >= 0.24.8-1 %description sdb BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named-sdb) which has compiled-in SDB (Simplified Database Backend) which includes support for using alternative Zone Databases stored in an LDAP server (ldapdb), a postgreSQL database (pgsqldb), an sqlite database (sqlitedb), or in the filesystem (dirdb), in addition to the standard in-memory RBT (Red Black Tree) zone database. It also includes support for DLZ (Dynamic Loadable Zones) %endif %package utils Summary: Utilities for querying DNS name servers Group: Networking/Other %description utils Bind-utils contains a collection of utilities for querying DNS (Domain Name Service) name servers to find out information about Internet hosts. These tools will provide you with the IP addresses for given host names, as well as other information about registered domains and network addresses. You should install bind-utils if you need to get information from DNS name servers. %package devel Summary: Include files and libraries needed for bind DNS development Group: Development/C %description devel The bind-devel package contains all the include files and the library required for DNS (Domain Name Service) development for BIND versions 9.x.x. %package doc Summary: Documentation for BIND Group: Documentation BuildArch: noarch %description doc The bind-devel package contains the documentation for BIND. %prep %setup -q -n %{name}-%{major_version}%{dashpatch} %patch10 -p1 -b .PIE %patch104 -p1 -b .dyndb %patch72 -p1 -b .64bit %patch73 -p1 -b .libidn %patch83 -p1 -b .libidn2 %patch85 -p1 -b .libidn3 %patch87 -p1 -b .parallel %patch94 -p1 -b .rh461409 mkdir m4 %patch99 -p0 -b .libtool2 %patch102 -p1 -b .rh452060 %patch106 -p1 -b .rh490837 %patch107 -p1 -b .dist-pkcs11 %patch109 -p1 -b .rh478718 %patch110 -p1 -b .rh570851 # exportlib is gone, keep for now # %%patch111 -p1 -b .exportlib %patch112 -p1 -b .rh645544 %patch119 -p1 -b .rh693982 %patch123 -p1 -b .rh735103 %patch127 -p1 -b .forward # no idea what this is good for, keep for now # %%patch130 -p1 -b .libdb4 %patch131 -p1 -b .multlib-conflict %patch137 -p1 -b .rrl %if %{sdb} %patch101 -p1 -b .old-api mkdir bin/named-sdb cp -r bin/named/* bin/named-sdb %patch11 -p1 -b .sdbsrc # SDB ldap cp -fp contrib/sdb/ldap/ldapdb.[ch] bin/named-sdb # SDB postgreSQL cp -fp contrib/sdb/pgsql/pgsqldb.[ch] bin/named-sdb # SDB sqlite cp -fp contrib/sdb/sqlite/sqlitedb.[ch] bin/named-sdb # SDB Berkeley DB - needs to be ported to DB4! #cp -fp contrib/sdb/bdb/bdb.[ch] bin/named_sdb # SDB dir cp -fp contrib/sdb/dir/dirdb.[ch] bin/named-sdb # SDB tools mkdir -p bin/sdb_tools cp -fp %{SOURCE30} bin/sdb_tools/ldap2zone.c cp -fp %{SOURCE35} bin/sdb_tools/Makefile.in #cp -fp contrib/sdb/bdb/zone2bdb.c bin/sdb_tools cp -fp contrib/sdb/ldap/{zone2ldap.1,zone2ldap.c} bin/sdb_tools cp -fp contrib/sdb/pgsql/zonetodb.c bin/sdb_tools cp -fp contrib/sdb/sqlite/zone2sqlite.c bin/sdb_tools %patch12 -p1 -b .sdb %patch17 -p1 -b .fix_sdb_ldap %patch62 -p1 -b .sdb-sqlite-bld %endif %patch133 -p1 -b .rh640538 %patch134 -p1 -b .rh669163 %patch135 -p1 -b .libidn4 %patch206 -p1 -b .varrun.droplet %patch208 -p1 -b .prctl_set_dumpable.droplet cp %{SOURCE20} keygen.c cp %{SOURCE11} named.cache %build %serverbuild # https://kb.isc.org/article/AA-01167 export CFLAGS="$CFLAGS -fno-delete-null-pointer-checks" # -DBIND9 due to P123 export CPPFLAGS="$CPPFLAGS -DDIG_SIGCHASE -DBIND9 -fPIC" export STD_CDEFINES="$CPPFLAGS" libtoolize --copy --force aclocal -I m4 --force autoheader --force autoconf --force # (oe) make queryperf from the contrib _before_ bind..., makes it # easier to determine if it builds or not, it saves time... pushd contrib/queryperf rm -f configure autoconf %configure2_5x %make CFLAGS="$CFLAGS" popd pushd contrib/query-loc-* perl -pi -e "s|-lnsl|-lnsl -lresolv|g" configure* rm -f configure autoconf %configure2_5x %make CFLAGS="$CFLAGS" popd %configure2_5x \ --localstatedir=/var \ --disable-openssl-version-check \ --enable-exportlib \ --with-export-libdir=%{_libdir} \ --with-export-includedir=%{_includedir} \ --enable-threads \ --enable-largefile \ --enable-ipv6 \ --enable-filter-aaaa \ --enable-epoll \ --with-openssl=%{_prefix} \ %if %{gssapi} --with-gssapi=%{_prefix} --disable-isc-spnego \ %endif %if %{geoip} --with-geoip=%{_prefix} \ %endif --with-randomdev=/dev/urandom \ --with-libxml2=yes \ --enable-newstats \ --enable-rrl \ %if %{sdb} --with-dlz-ldap=yes \ --with-dlz-postgres=yes \ --with-dlz-mysql=yes \ --with-dlz-filesystem=yes \ --with-dlz-stub=yes %endif # pkcs11 support requires a working backend, otherwise bind won't start # http://blogs.sun.com/janp/ # http://sourceforge.net/projects/opencryptoki #--with-pkcs11 \ make gcc $CFLAGS -o dns-keygen keygen.c %install %makeinstall_std install -d -p %{buildroot}%{_libdir}/bind install -d %{buildroot}/var/named/{slaves,data,dynamic} install -d %{buildroot}/var/log # chroot install -d %{buildroot}%{chroot_prefix}/{dev,etc,var} install -d %{buildroot}%{chroot_prefix}/var/{log,named,run/named,tmp} install -d %{buildroot}%{chroot_prefix}/etc/{pki/dnssec-keys,named} install -d %{buildroot}%{chroot_prefix}/%{_libdir}/bind install -d %{buildroot}%{chroot_prefix}/%{_libdir}/openssl # these are required to prevent them being erased during upgrade of previous # versions that included them (rh bug #130121): touch %{buildroot}%{chroot_prefix}/dev/null touch %{buildroot}%{chroot_prefix}/dev/random touch %{buildroot}%{chroot_prefix}/dev/zero touch %{buildroot}%{chroot_prefix}/etc/localtime install -m 755 %{SOURCE43} %{buildroot}%{_sbindir}/setup-named-chroot.sh # systemd files install -d -m 755 %{buildroot}%{_unitdir} install -m 644 %{SOURCE41} %{buildroot}%{_unitdir} install -m 644 %{SOURCE42} %{buildroot}%{_unitdir} install -D -m 644 %{SOURCE40} %{buildroot}%{_tmpfilesdir}/named.conf # main configuration install -m 644 %{SOURCE100} %{buildroot}%{_sysconfdir}/named.conf install -m 644 %{SOURCE102} %{buildroot}%{_sysconfdir}/named.root.key install -m 644 %{SOURCE103} %{buildroot}%{_sysconfdir}/trusted-key.key install -m 640 %{SOURCE105} %{buildroot}%{_sysconfdir}/rndc.key mv %{buildroot}%{_sysconfdir}/bind.keys \ %{buildroot}%{_sysconfdir}/named.iscdlv.key install -d 755 %{buildroot}/etc/named install -d 755 %{buildroot}%{_localstatedir}/named install -m 644 %{SOURCE110} %{buildroot}%{_localstatedir}/named/named.ca install -m 644 %{SOURCE111} %{buildroot}%{_localstatedir}/named/named.localhost install -m 644 %{SOURCE112} %{buildroot}%{_localstatedir}/named/named.empty install -m 644 %{SOURCE113} %{buildroot}%{_localstatedir}/named/named.loopback # other configuration install -D -m 644 %{SOURCE6} %{buildroot}%{_sysconfdir}/sysconfig/named install -D -m 644 %{SOURCE7} %{buildroot}%{_sysconfdir}/logrotate.d/named install -d -m 755 %{buildroot}%{_sysconfdir}/rsyslog.d/ cat > %{buildroot}%{_sysconfdir}/rsyslog.d/named.conf <<'EOF' $AddUnixListenSocket /var/lib/named/dev/log EOF install -D -m 755 \ %{SOURCE8} %{buildroot}%{_sysconfdir}/NetworkManager/dispatcher.d/13-named %if %{sdb} mkdir -p %{buildroot}/etc/openldap/schema install -m 644 %{SOURCE36} %{buildroot}/etc/openldap/schema/dnszone.schema install -m 644 %{SOURCE37} contrib/sdb/pgsql/ install -m 644 %{SOURCE31} %{buildroot}%{_mandir}/man1/ldap2zone.1 install -m 644 %{SOURCE32} %{buildroot}%{_mandir}/man8/named-sdb.8 install -m 644 %{SOURCE33} %{buildroot}%{_mandir}/man1/zonetodb.1 install -m 644 %{SOURCE34} %{buildroot}%{_mandir}/man1/zone2sqlite.1 %endif # contrib install -m0755 contrib/scripts/named-bootconf.sh %{buildroot}%{_sbindir}/named-bootconf install -m0755 contrib/queryperf/queryperf %{buildroot}%{_bindir}/ cp contrib/queryperf/README README.queryperf install -m0755 contrib/query-loc-*/query-loc %{buildroot}%{_bindir}/ install -m0644 contrib/query-loc-*/query-loc.1 %{buildroot}%{_mandir}/man1/ cp contrib/query-loc-*/ADDRESSES ADDRESSES.query-loc cp contrib/query-loc-*/ALGO ALGO.query-loc cp contrib/query-loc-*/README README.query-loc cp contrib/query-loc-*/USAGE USAGE.query-loc install -m 755 dns-keygen %{buildroot}%{_sbindir}/dns-keygen install -d -m 755 %{buildroot}%{_docdir}/%{name} install -d -m 755 %{buildroot}%{_docdir}/%{name}/arm install -m 644 doc/arm/*.html %{buildroot}%{_docdir}/%{name}/arm install -m 644 doc/arm/*.pdf %{buildroot}%{_docdir}/%{name}/arm cp -pr doc/misc %{buildroot}%{_docdir}/%{name} rm -f %{buildroot}%{_docdir}/%{name}/misc/Makefile* %multiarch_binaries %{buildroot}%{_bindir}/isc-config.sh %multiarch_binaries %{buildroot}%{_bindir}/bind9-config cat > README.mga <<EOF Mageia BIND SDB support: Mageia ships named with compiled in Simplified Database Backend modules that ISC provides in the "contrib/sdb" directory. Install bind-sdb package if you want to use them. The SDB modules for LDAP, PostGreSQL, DirDB and SQLite are compiled into named-sdb. EOF %triggerpostun -- bind < 9.9.2 # handle migration from previous setup after uninstallation of previous release # so as to catch modified configuration files saved as .rpmsave for f in named.conf trusted_networks_acl.conf logging.conf rndc.conf rndc.key; do if [ -f %{chroot_prefix}/etc/$f.rpmsave ]; then if [ -f %{_sysconfdir}/$f ]; then mv %{_sysconfdir}/$f %{_sysconfdir}/$f.rpmnew fi mv %{chroot_prefix}/etc/$f.rpmsave %{_sysconfdir}/$f; fi done if [ -d %{chroot_prefix}/var/named/master ]; then mv %{chroot_prefix}/var/named/master %{_localstatedir}/named fi if [ -d %{chroot_prefix}/var/named/reverse ]; then mv %{chroot_prefix}/var/named/reverse %{_localstatedir}/named fi %pre %_pre_useradd named /var/lib/named /bin/false %post if [ "$1" -gt 1 ]; then # upgrade mv -f %{chroot_prefix}/var/named/* /var/named/ rm -rf %{chroot_prefix}%{_libdir}/openssl-* fi %_tmpfilescreate named %_post_service named # chroot devices [ -e %{chroot_prefix}/dev/random ] || \ /bin/mknod %{chroot_prefix}/dev/random c 1 8 [ -e %{chroot_prefix}/dev/zero ] || \ /bin/mknod %{chroot_prefix}/dev/zero c 1 5 [ -e %{chroot_prefix}/dev/null ] || \ /bin/mknod %{chroot_prefix}/dev/null c 1 3 rm -f %{chroot_prefix}/etc/localtime cp /etc/localtime %{chroot_prefix}/etc/localtime if [ "$1" -eq 1 ]; then # installation MYKEY="`%{_sbindir}/dns-keygen`" perl -pi -e "s|_MY_KEY_|$MYKEY|g" %{_sysconfdir}/rndc.key fi %preun %_preun_service named if [ "$1" -eq 0 ]; then # uninstallation rm -f %{chroot_prefix}/dev/{random,zero,null} rm -f %{chroot_prefix}/etc/localtime fi %postun %_postun_userdel named %files %doc CHANGES README README.mga FAQ COPYRIGHT %{_bindir}/delv %{_sbindir}/arpaname %{_sbindir}/ddns-confgen %{_sbindir}/dns-keygen %{_sbindir}/dnssec-checkds %{_sbindir}/dnssec-coverage %{_sbindir}/dnssec-dsfromkey %{_sbindir}/dnssec-importkey %{_sbindir}/dnssec-keyfromlabel %{_sbindir}/dnssec-keygen %{_sbindir}/dnssec-revoke %{_sbindir}/dnssec-settime %{_sbindir}/dnssec-signzone %{_sbindir}/dnssec-verify %{_sbindir}/genrandom %{_sbindir}/isc-hmac-fixup %{_sbindir}/lwresd %{_sbindir}/named %{_sbindir}/named-bootconf %{_sbindir}/named-checkconf %{_sbindir}/named-checkzone %{_sbindir}/named-compilezone %{_sbindir}/named-journalprint %{_sbindir}/named-rrchecker %{_sbindir}/nsec3hash %{_sbindir}/rndc %{_sbindir}/rndc-confgen %{_sbindir}/setup-named-chroot.sh %{_sbindir}/tsig-keygen %{_mandir}/man1/arpaname.1.* %{_mandir}/man1/delv.1* %{_mandir}/man1/named-rrchecker.1* %{_mandir}/man5/named.conf.5* %{_mandir}/man5/rndc.conf.5* %{_mandir}/man8/ddns-confgen.8.* %{_mandir}/man8/dnssec-*.8* %{_mandir}/man8/genrandom.8.* %{_mandir}/man8/isc-hmac-fixup.8.* %{_mandir}/man8/lwresd.8* %{_mandir}/man8/named-*.8* %{_mandir}/man8/named.8* %{_mandir}/man8/nsec3hash.8.* %{_mandir}/man8/rndc.8* %{_mandir}/man8/rndc-confgen.8* %{_mandir}/man8/tsig-keygen.8* %{_libdir}/bind # main configuration %dir %{_sysconfdir}/named %config(noreplace) %{_sysconfdir}/named.conf %attr(-,root,named) %config(noreplace) %{_sysconfdir}/rndc.key %attr(-,root,named) %config(noreplace) %{_sysconfdir}/named.iscdlv.key %attr(-,root,named) %config(noreplace) %{_sysconfdir}/named.root.key # other configuration %config(noreplace) %{_sysconfdir}/sysconfig/named %config(noreplace) %{_sysconfdir}/rsyslog.d/named.conf %config(noreplace) %{_sysconfdir}/logrotate.d/named %{_sysconfdir}/NetworkManager/dispatcher.d/13-named %{_tmpfilesdir}/named.conf %{_unitdir}/named.service # variable directory %dir %{_localstatedir}/named %attr(-,named,named) %dir %{_localstatedir}/named/slaves %attr(-,named,named) %dir %{_localstatedir}/named/data %attr(-,named,named) %dir %{_localstatedir}/named/dynamic %config(noreplace) %{_localstatedir}/named/named.ca %config(noreplace) %{_localstatedir}/named/named.localhost %config(noreplace) %{_localstatedir}/named/named.loopback %config(noreplace) %{_localstatedir}/named/named.empty # the chroot %ghost %{chroot_prefix}/dev/null %ghost %{chroot_prefix}/dev/random %ghost %{chroot_prefix}/dev/zero %ghost %{chroot_prefix}/etc/localtime %dir %{chroot_prefix} %dir %{chroot_prefix}/dev %dir %{chroot_prefix}/etc %dir %{chroot_prefix}/etc/named %dir %{chroot_prefix}/etc/pki %dir %{chroot_prefix}/etc/pki/dnssec-keys %dir %{chroot_prefix}/var %dir %{chroot_prefix}/var/run %dir %{chroot_prefix}/var/named %dir %{chroot_prefix}/usr %dir %{chroot_prefix}/%{_libdir} %dir %{chroot_prefix}/%{_libdir}/bind %dir %{chroot_prefix}/%{_libdir}/openssl %attr(-,named,named) %dir %{chroot_prefix}/var/run/named %attr(-,named,named) %dir %{chroot_prefix}/var/tmp %attr(-,named,named) %dir %{chroot_prefix}/var/log %files devel %doc CHANGES README %multiarch %{multiarch_bindir}/isc-config.sh %multiarch %{multiarch_bindir}/bind9-config %{_bindir}/isc-config.sh %{_bindir}/bind9-config %{_includedir}/* %{_libdir}/*.a %{_mandir}/man1/bind9-config.1* %{_mandir}/man1/isc-config.sh.1* %{_mandir}/man3/lwres*.3* %files utils %doc README COPYRIGHT *.query-loc *.queryperf %{_bindir}/dig %{_bindir}/host %{_bindir}/nslookup %{_bindir}/nsupdate %{_bindir}/queryperf %{_bindir}/query-loc %{_mandir}/man1/host.1* %{_mandir}/man1/dig.1* %{_mandir}/man1/nslookup.1* %{_mandir}/man1/nsupdate.1* %{_mandir}/man1/query-loc.1* %{_sysconfdir}/trusted-key.key %files doc %{_docdir}/%{name} %if %{sdb} %files sdb %doc contrib/sdb/ldap/README.ldap %doc contrib/sdb/ldap/INSTALL.ldap %doc contrib/sdb/pgsql/README.sdb_pgsql %{_unitdir}/named-sdb.service %{_mandir}/man1/zone2ldap.1* %{_mandir}/man1/ldap2zone.1* %{_mandir}/man1/zonetodb.1* %{_mandir}/man1/zone2sqlite.1* %{_mandir}/man8/named-sdb.8* %config(noreplace) %{_sysconfdir}/openldap/schema/dnszone.schema %{_sbindir}/named-sdb %{_sbindir}/zone2ldap %{_sbindir}/ldap2zone %{_sbindir}/zonetodb %{_sbindir}/zone2sqlite %endif %changelog * Wed Mar 09 2016 luigiwalser <luigiwalser> 9.10.3.P4-1.mga5 + Revision: 988665 - 9.10.3-P4 (fixes CVE-2016-1285, CVE-2016-1286, CVE-2016-2088) - 9.10.3-P3 (fixes CVE-2015-8704 and CVE-2015-8705) - update named.cache file (oden) - remove geoip patch (oden) - remove make check-related bits (oden) - 9.10.3-P2 (fixes CVE-2015-8000 and CVE-2015-8461) - update patches 104 and 131 from fedora - rediff patch 12 - use network-online target dep so it does not try to start too early - 9.10.2-P4 (fixes CVE-2015-5722 and CVE-2015-5986) - 9.10.2-P3 (fixes CVE-2015-5477) - 9.10.2-P2 (fixes CVE-2015-4620) * Thu Feb 26 2015 colin <colin> 9.10.1.P2-2.mga5 + Revision: 817024 - Drop Fedora patch rejected by upstream and now dropped from Fedora (which causes crashes rhbz#1172935) * Thu Feb 19 2015 oden <oden> 9.10.1.P2-1.mga5 + Revision: 815795 - 9.10.1-P2 (fixes CVE-2015-1349) * Sat Jan 03 2015 alien <alien> 9.10.1.P1-2.mga5 + Revision: 808287 - fix mounting /etc/named - allow mounting rw files - allow adding custom mounts * Tue Dec 09 2014 luigiwalser <luigiwalser> 9.10.1.P1-1.mga5 + Revision: 802431 - 9.10.1-P1 (fixes CVE-2014-8500 and CVE-2014-8680) * Tue Nov 25 2014 cjw <cjw> 9.10.1-2.mga5 + Revision: 798994 - rebuild against postgresql9.4 * Tue Sep 23 2014 luigiwalser <luigiwalser> 9.10.1-1.mga5 + Revision: 721699 - 9.10.1 - add line to patch 72 to fix autoheader complaint - rediff patch 12 and patch 104 - drop patch 5 (fixed upstream) - drop patch 125 (seems to not be needed) * Tue Sep 16 2014 umeabot <umeabot> 9.10.0.P2-2.mga5 + Revision: 678151 - Mageia 5 Mass Rebuild * Thu Jun 12 2014 oden <oden> 9.10.0.P2-1.mga5 + Revision: 635753 - 9.10.0-P2 (fixes CVE-2014-3859, CVE-2014-3214) * Thu Jun 05 2014 oden <oden> 9.10.0.P1-2.mga5 + Revision: 633352 - use "-fno-delete-null-pointer-checks" (https://kb.isc.org/article/AA-01167) * Fri May 09 2014 oden <oden> 9.10.0.P1-1.mga5 + Revision: 621433 - 9.10.0-P1 - rediff patches - new named.cache * Sun Feb 02 2014 oden <oden> 9.9.5-1.mga5 + Revision: 568669 - 9.9.5 - rediffed most patches * Mon Jan 13 2014 oden <oden> 9.9.4.P2-1.mga4 + Revision: 566486 - 9.9.4-P2 (fixes CVE-2014-0591) * Sat Oct 19 2013 umeabot <umeabot> 9.9.4-2.mga4 + Revision: 535211 - Mageia 4 Mass Rebuild * Fri Sep 20 2013 oden <oden> 9.9.4-1.mga4 + Revision: 481658 - the test suite does not work correctly, disable that for now - 9.9.4 - rediff and drop some patches - rebuild - P209: make the test suite work - more deps - run the test suite * Sun Jul 28 2013 oden <oden> 9.9.3.P2-1.mga4 + Revision: 459394 - 9.9.3-P2 (fixes CVE-2013-4854) * Wed Jun 05 2013 oden <oden> 9.9.3.P1-1.mga4 + Revision: 437452 - 9.9.3-P1 (fixes CVE-2013-3919 introduced with 9.9.3) * Wed May 29 2013 oden <oden> 9.9.3-1.mga4 + Revision: 431338 - 9.9.3 - slight sync with bind-9.9.3-0.7.rc2.fc20.src.rpm - rediffed some patches * Wed May 08 2013 luigiwalser <luigiwalser> 9.9.2.P2-2.mga3 + Revision: 412751 - fix issues caused by leftover files in the chroot when upgrading (mga#10025) * Mon Apr 01 2013 luigiwalser <luigiwalser> 9.9.2.P2-1.mga3 + Revision: 406905 - 9.9.2-P2 (fixes CVE-2013-2266) - add patch from redhat to fix CVE-2012-5689 * Sun Mar 24 2013 colin <colin> 9.9.2.P1-6.mga3 + Revision: 404859 - Add systemd requires and general post/pre fixes (mga#9302) * Tue Feb 26 2013 neoclust <neoclust> 9.9.2.P1-5.mga3 + Revision: 400410 - Make sure named-sdb wait for ldap to be started * Wed Feb 13 2013 dlucio <dlucio> 9.9.2.P1-4.mga3 + Revision: 398286 - for new openssl * Fri Jan 11 2013 umeabot <umeabot> 9.9.2.P1-3.mga3 + Revision: 346903 - Mass Rebuild - https://wiki.mageia.org/en/Feature:Mageia3MassRebuild * Sat Dec 08 2012 guillomovitch <guillomovitch> 9.9.2.P1-2.mga3 + Revision: 328904 - rework chroot setup script for clarity, and mount everything possible as read-only (oden suggestion) - disable dnssec by default (oden suggestion) * Wed Dec 05 2012 oden <oden> 9.9.2.P1-1.mga3 + Revision: 326885 - 9.9.2-P1 (fixes CVE-2012-5688) * Tue Dec 04 2012 guillomovitch <guillomovitch> 9.9.2-5.mga3 + Revision: 326686 - switch to a versioned post-uninstallation trigger to handle upgrade, so as to keep modified configuration files - use arch-specific directories list in chroot creation script * Sun Nov 25 2012 colin <colin> 9.9.2-4.mga3 + Revision: 321818 - Fix up tmpfiles config * Sat Nov 17 2012 guillomovitch <guillomovitch> 9.9.2-3.mga3 + Revision: 319149 - don't ship rndc.conf, the internal default configuration is to use rndc.key - migrate the remaning parts of previous default configuration back to /etc before update (fix #8095) - migrate zone files from chroot before update, as they are now bind-mounted from the non-chroot location - keep rfc1912 zones in main configuration file, for closer similarity with previous setup * Mon Nov 12 2012 guillomovitch <guillomovitch> 9.9.2-2.mga3 + Revision: 317273 - document SDB support in README.mga - add %%{_libdir}/openssl in chroot (fix #8029) - fix pid file path in systemd service * Fri Nov 09 2012 guillomovitch <guillomovitch> 9.9.2-1.mga3 + Revision: 316758 - sync with fedora spec, for easier maintainance: the real files now live outside the chroot - new version + fwang <fwang> - update rpm group * Wed Oct 10 2012 fwang <fwang> 9.9.1.P4-1.mga3 + Revision: 304065 - new version 9.9.1-p4 + guillomovitch <guillomovitch> - install tmpfiles configuration under %%_prefix/lib - don't ship /var/run directory * Thu Sep 13 2012 oden <oden> 9.9.1.P3-1.mga3 + Revision: 293449 - 9.9.1-P3 (fixes CVE-2012-4244) * Mon Jul 30 2012 guillomovitch <guillomovitch> 9.9.1.P2-1.mga3 + Revision: 276006 - new version * Tue Jun 05 2012 guillomovitch <guillomovitch> 9.9.1.P1-1.mga3 + Revision: 256011 - new version - update patchset from fedora * Sat Apr 28 2012 tmb <tmb> 9.9.0-7.mga2 + Revision: 233607 - Require rpm-helper >= 0.24.8-1 for systemd support * Fri Apr 27 2012 tmb <tmb> 9.9.0-6.mga2 + Revision: 233504 - rebuild for versioned rpm-helper requires * Mon Mar 12 2012 guillomovitch <guillomovitch> 9.9.0-5.mga2 + Revision: 223162 - test device file existence before checking its minor number * Sat Mar 10 2012 guillomovitch <guillomovitch> 9.9.0-4.mga2 + Revision: 222546 - fix non-writable directory (#4147) - don't use syslogadd macro, but manage rsyslog file directly, to use default daemon log facility destination - fix openssl libs setup in chroot - add a default syslog channel - remove wrong device file in chroot in post-install (#3028) * Thu Mar 08 2012 guillomovitch <guillomovitch> 9.9.0-3.mga2 + Revision: 221653 - use %%_post_syslogadd and %%_preun_syslogdel macros - fix urandom device minor number (#3028) - fixed pid file path * Wed Mar 07 2012 guillomovitch <guillomovitch> 9.9.0-2.mga2 + Revision: 221261 - extract chroot creation logic in an external script, to be shared between sysinit initscript and systemd service - don't ship services both for chrooted and non-chrooted setup, mageia package only support chroot installation currently - fix systemd services, we don't use the same root for chroot as fedora - drop old chroot migration pre-installation code * Tue Mar 06 2012 guillomovitch <guillomovitch> 9.9.0-1.mga2 + Revision: 220366 - new version - systemd integration * Sat Jan 28 2012 anssi <anssi> 9.8.1P1-2.mga2 + Revision: 202727 - add a managed-keys-directory /var/named/dynamic in the chroot (see bug #3379 for discussion) + fwang <fwang> - convert doc into noarch package * Fri Dec 09 2011 guillomovitch <guillomovitch> 9.8.1P1-1.mga2 + Revision: 179488 - new version * Wed Sep 14 2011 guillomovitch <guillomovitch> 9.8.1-1.mga2 + Revision: 143347 - drop old README.urpmi file - new version - sync SDB patches and sources with fedora - sanitize doc installation * Tue Aug 30 2011 guillomovitch <guillomovitch> 9.8.0P4-1.mga2 + Revision: 136692 - disable parallel build again, it fails with too many CPUs - more spec cleanup - use version tag only for upstream versioning, not release tag - update dyndb patch - drop ppc patch - renumerate patches to match fedora ones - new version - allow parallel build (fedora patch) - no need to build a non-threaded host binary, the threaded version works correctly * Mon Aug 29 2011 guillomovitch <guillomovitch> 9.8.0-7.P1.mga2 + Revision: 136264 - spec cleanup - ensure missing headers, such as dns/client.h, are present * Fri May 06 2011 pterjan <pterjan> 9.8.0-6.P1.mga1 + Revision: 95476 - Update to 9.8.0-P1 (CVE-2011-1907) * Sun May 01 2011 cjw <cjw> 9.8.0-5.mga1 + Revision: 94107 - get libgost.so fix working on i586 as well by using %%_target_cpu instead of %%_build_arch * Sat Apr 30 2011 cjw <cjw> 9.8.0-4.mga1 + Revision: 93654 - copy only the libgost.so module for the bind build architecture to the chroot (improved fix for bug #871) * Tue Apr 19 2011 misc <misc> 9.8.0-3.mga1 + Revision: 88257 - fix the initscript, as proposed by Dave Hodgins * Mon Apr 18 2011 misc <misc> 9.8.0-2.mga1 + Revision: 87629 - copy libgost.so in the chroot, fix bug #871 * Sun Apr 17 2011 misc <misc> 9.8.0-1.mga1 + Revision: 87096 - update to 9.8.0, update dyndb patch from fedora - remove old Obsoletes/Provides ( date back to mandrake days ) - remove old script to cope with old packages migration - remove old trigger * Thu Mar 24 2011 dmorgan <dmorgan> 9.7.3-2.mga1 + Revision: 76740 - Rebuild against new mysql * Sat Mar 05 2011 mikala <mikala> 9.7.3-1.mga1 + Revision: 64748 - Update to bind version 9.7.3 ( fix CVE-2011-0414 ) * Mon Jan 24 2011 ennael <ennael> 9.7.2-7.mga1 + Revision: 36775 - remove mdkversion - imported package bind