%define sdb 1
%define geoip 0
%define gssapi 1
%{?_with_sdbp: %{expand: %%global sdb 1}}
%{?_without_sdb: %{expand: %%global sdb 0}}
%{?_with_geoip: %{expand: %%global geoip 1}}
%{?_without_geoip: %{expand: %%global geoip 0}}
%{?_with_gssapi: %{expand: %%global gssapi 1}}
%{?_without_gssapi: %{expand: %%global gssapi 0}}
%define major_version 9.10.3
%define patch_version P4
%define dashpatch %{?patch_version:-%patch_version}%nil
%define dotpatch %{?patch_version:.%patch_version}%nil
%define chroot_prefix /var/lib/named
Name: bind
Version: %{major_version}%{dotpatch}
Release: %mkrel 1
Summary: A DNS (Domain Name System) server
License: ISC
Group: System/Servers
URL: http://www.isc.org/products/BIND/
Source0: ftp://ftp.isc.org/isc/%{name}9/%{major_version}%{dashpatch}/%{name}-%{major_version}%{dashpatch}.tar.gz
Source1: ftp://ftp.isc.org/isc/%{name}9/%{major_version}%{dashpatch}/%{name}-%{major_version}%{dashpatch}.tar.gz.sha512.asc
Source6: named.sysconfig
Source7: named.logrotate
Source8: named.NetworkManager
Source11: ftp://ftp.internic.net/domain/named.cache
Source20: bind-keygen.c
Source40: bind.tmpfiles
Source41: named.service
Source42: named-sdb.service
Source43: setup-named-chroot.sh
# sdb
Source30: ldap2zone.c
Source31: ldap2zone.1
Source32: named-sdb.8
Source33: zonetodb.1
Source34: zone2sqlite.1
Source35: bind-9.3.1rc1-sdb_tools-Makefile.in
Source36: dnszone.schema
Source37: README.sdb_pgsql
Source100: named.conf
Source102: named.root.key
Source103: trusted-key.key
Source105: rndc.key
Source110: named.ca
Source111: named.localhost
Source112: named.empty
Source113: named.loopback
# fedora patches
Patch10: bind-9.5-PIE.patch
Patch72: bind-9.5-dlz-64bit.patch
Patch87: bind-9.5-parallel-build.patch
Patch99: bind-9.9.3-libtool2.diff
Patch101: bind-96-old-api.patch
Patch102: bind-95-rh452060.patch
Patch106: bind93-rh490837.patch
Patch107: bind97-dist-pkcs11.patch
Patch109: bind97-rh478718.patch
Patch110: bind97-rh570851.patch
Patch111: bind97-exportlib.patch
Patch112: bind97-rh645544.patch
Patch119: bind97-rh693982.patch
Patch123: bind98-rh735103.patch
Patch127: bind99-forward.patch
Patch130: bind-9.9.3-dlz-libdb4.diff
Patch131: bind-9.9.1-P2-multlib-conflict.patch
Patch133: bind99-rh640538.patch
Patch134: bind97-rh669163.patch
Patch135: bind99-libidn4.patch
Patch137: bind99-rrl.patch
# SDB patches
Patch11: bind-9.9.3-sdbsrc.diff
Patch12: bind-9.10-sdb.patch
Patch62: bind-9.5-sdb-sqlite-bld.patch
# needs inpection
Patch17: bind-9.3.2b1-fix_sdb_ldap.patch
Patch104: bind-9.10-dyndb.patch
# IDN patches
Patch73: bind-9.5-libidn.patch
Patch83: bind-9.5-libidn2.patch
Patch85: bind-9.5-libidn3.patch
Patch94: bind95-rh461409.patch
# other patches
Patch206: bind-9.2.0rc3-varrun.patch
Patch208: bind-9.3.2-prctl_set_dumpable.patch
Requires: bind-utils >= %{version}-%{release}
Requires(post): systemd >= %{systemd_required_version}
Requires(post): rpm-helper >= 0.24.8-1
Requires(preun): rpm-helper >= 0.24.8-1
BuildRequires: openssl-devel
BuildRequires: multiarch-utils >= 1.0.3
BuildRequires: libidn-devel
BuildRequires: postgresql-devel
BuildRequires: mysql-devel
BuildRequires: libcap-devel >= 2.10
BuildRequires: libxml2-devel
%if %{gssapi}
BuildRequires: krb5-devel
%endif
%if %{geoip}
BuildRequires: geoip-devel
%endif
%if %{sdb}
BuildRequires: mysql-devel
BuildRequires: openldap-devel
BuildRequires: postgresql-devel
BuildRequires: sqlite3-devel
%endif
%description
BIND (Berkeley Internet Name Domain) is an implementation of the DNS
(domain Name System) protocols. BIND includes a DNS server (named),
which resolves host names to IP addresses, and a resolver library
(routines for applications to use when interfacing with DNS). A DNS
server allows clients to name resources or objects and share the
information with other network machines. The named DNS server can be
used on workstations as a caching name server, but is generally only
needed on one machine for an entire network. Note that the
configuration files for making BIND act as a simple caching nameserver
are included in the caching-nameserver package.
Install the bind package if you need a DNS server for your network. If
you want bind to act a caching name server, you will also need to install
the caching-nameserver package.
Many BIND 8 features previously unimplemented in BIND 9, including
domain-specific forwarding, the \$GENERATE master file directive, and
the "blackhole", "dialup", and "sortlist" options Forwarding of dynamic
update requests; this is enabled by the "allow-update-forwarding" option
A new, simplified database interface and a number of sample drivers based
on it; see doc/dev/sdb for details
Support for building single-threaded servers for environments that do not
supply POSIX threads
New configuration options: "min-refresh-time", "max-refresh-time",
"min-retry-time", "max-retry-time", "additional-from-auth",
"additional-from-cache", "notify explicit"
Faster lookups, particularly in large zones.
Build Options:
--with sdb Build with database backends and DLZ support (enabled by default)
--with geoip Build with GeoIP support (disabled per default)
%if %{sdb}
%package sdb
Summary: BIND server with database backends and DLZ support
Group: System/Servers
Requires: bind
Requires(post): rpm-helper >= 0.24.8-1
Requires(preun): rpm-helper >= 0.24.8-1
%description sdb
BIND (Berkeley Internet Name Domain) is an implementation of the DNS
(Domain Name System) protocols. BIND includes a DNS server (named-sdb)
which has compiled-in SDB (Simplified Database Backend) which includes
support for using alternative Zone Databases stored in an LDAP server
(ldapdb), a postgreSQL database (pgsqldb), an sqlite database (sqlitedb),
or in the filesystem (dirdb), in addition to the standard in-memory RBT
(Red Black Tree) zone database. It also includes support for DLZ
(Dynamic Loadable Zones)
%endif
%package utils
Summary: Utilities for querying DNS name servers
Group: Networking/Other
%description utils
Bind-utils contains a collection of utilities for querying DNS (Domain
Name Service) name servers to find out information about Internet hosts.
These tools will provide you with the IP addresses for given host names,
as well as other information about registered domains and network
addresses.
You should install bind-utils if you need to get information from DNS name
servers.
%package devel
Summary: Include files and libraries needed for bind DNS development
Group: Development/C
%description devel
The bind-devel package contains all the include files and the
library required for DNS (Domain Name Service) development for
BIND versions 9.x.x.
%package doc
Summary: Documentation for BIND
Group: Documentation
BuildArch: noarch
%description doc
The bind-devel package contains the documentation for BIND.
%prep
%setup -q -n %{name}-%{major_version}%{dashpatch}
%patch10 -p1 -b .PIE
%patch104 -p1 -b .dyndb
%patch72 -p1 -b .64bit
%patch73 -p1 -b .libidn
%patch83 -p1 -b .libidn2
%patch85 -p1 -b .libidn3
%patch87 -p1 -b .parallel
%patch94 -p1 -b .rh461409
mkdir m4
%patch99 -p0 -b .libtool2
%patch102 -p1 -b .rh452060
%patch106 -p1 -b .rh490837
%patch107 -p1 -b .dist-pkcs11
%patch109 -p1 -b .rh478718
%patch110 -p1 -b .rh570851
# exportlib is gone, keep for now
# %%patch111 -p1 -b .exportlib
%patch112 -p1 -b .rh645544
%patch119 -p1 -b .rh693982
%patch123 -p1 -b .rh735103
%patch127 -p1 -b .forward
# no idea what this is good for, keep for now
# %%patch130 -p1 -b .libdb4
%patch131 -p1 -b .multlib-conflict
%patch137 -p1 -b .rrl
%if %{sdb}
%patch101 -p1 -b .old-api
mkdir bin/named-sdb
cp -r bin/named/* bin/named-sdb
%patch11 -p1 -b .sdbsrc
# SDB ldap
cp -fp contrib/sdb/ldap/ldapdb.[ch] bin/named-sdb
# SDB postgreSQL
cp -fp contrib/sdb/pgsql/pgsqldb.[ch] bin/named-sdb
# SDB sqlite
cp -fp contrib/sdb/sqlite/sqlitedb.[ch] bin/named-sdb
# SDB Berkeley DB - needs to be ported to DB4!
#cp -fp contrib/sdb/bdb/bdb.[ch] bin/named_sdb
# SDB dir
cp -fp contrib/sdb/dir/dirdb.[ch] bin/named-sdb
# SDB tools
mkdir -p bin/sdb_tools
cp -fp %{SOURCE30} bin/sdb_tools/ldap2zone.c
cp -fp %{SOURCE35} bin/sdb_tools/Makefile.in
#cp -fp contrib/sdb/bdb/zone2bdb.c bin/sdb_tools
cp -fp contrib/sdb/ldap/{zone2ldap.1,zone2ldap.c} bin/sdb_tools
cp -fp contrib/sdb/pgsql/zonetodb.c bin/sdb_tools
cp -fp contrib/sdb/sqlite/zone2sqlite.c bin/sdb_tools
%patch12 -p1 -b .sdb
%patch17 -p1 -b .fix_sdb_ldap
%patch62 -p1 -b .sdb-sqlite-bld
%endif
%patch133 -p1 -b .rh640538
%patch134 -p1 -b .rh669163
%patch135 -p1 -b .libidn4
%patch206 -p1 -b .varrun.droplet
%patch208 -p1 -b .prctl_set_dumpable.droplet
cp %{SOURCE20} keygen.c
cp %{SOURCE11} named.cache
%build
%serverbuild
# https://kb.isc.org/article/AA-01167
export CFLAGS="$CFLAGS -fno-delete-null-pointer-checks"
# -DBIND9 due to P123
export CPPFLAGS="$CPPFLAGS -DDIG_SIGCHASE -DBIND9 -fPIC"
export STD_CDEFINES="$CPPFLAGS"
libtoolize --copy --force
aclocal -I m4 --force
autoheader --force
autoconf --force
# (oe) make queryperf from the contrib _before_ bind..., makes it
# easier to determine if it builds or not, it saves time...
pushd contrib/queryperf
rm -f configure
autoconf
%configure2_5x
%make CFLAGS="$CFLAGS"
popd
pushd contrib/query-loc-*
perl -pi -e "s|-lnsl|-lnsl -lresolv|g" configure*
rm -f configure
autoconf
%configure2_5x
%make CFLAGS="$CFLAGS"
popd
%configure2_5x \
--localstatedir=/var \
--disable-openssl-version-check \
--enable-exportlib \
--with-export-libdir=%{_libdir} \
--with-export-includedir=%{_includedir} \
--enable-threads \
--enable-largefile \
--enable-ipv6 \
--enable-filter-aaaa \
--enable-epoll \
--with-openssl=%{_prefix} \
%if %{gssapi}
--with-gssapi=%{_prefix} --disable-isc-spnego \
%endif
%if %{geoip}
--with-geoip=%{_prefix} \
%endif
--with-randomdev=/dev/urandom \
--with-libxml2=yes \
--enable-newstats \
--enable-rrl \
%if %{sdb}
--with-dlz-ldap=yes \
--with-dlz-postgres=yes \
--with-dlz-mysql=yes \
--with-dlz-filesystem=yes \
--with-dlz-stub=yes
%endif
# pkcs11 support requires a working backend, otherwise bind won't start
# http://blogs.sun.com/janp/
# http://sourceforge.net/projects/opencryptoki
#--with-pkcs11 \
make
gcc $CFLAGS -o dns-keygen keygen.c
%install
%makeinstall_std
install -d -p %{buildroot}%{_libdir}/bind
install -d %{buildroot}/var/named/{slaves,data,dynamic}
install -d %{buildroot}/var/log
# chroot
install -d %{buildroot}%{chroot_prefix}/{dev,etc,var}
install -d %{buildroot}%{chroot_prefix}/var/{log,named,run/named,tmp}
install -d %{buildroot}%{chroot_prefix}/etc/{pki/dnssec-keys,named}
install -d %{buildroot}%{chroot_prefix}/%{_libdir}/bind
install -d %{buildroot}%{chroot_prefix}/%{_libdir}/openssl
# these are required to prevent them being erased during upgrade of previous
# versions that included them (rh bug #130121):
touch %{buildroot}%{chroot_prefix}/dev/null
touch %{buildroot}%{chroot_prefix}/dev/random
touch %{buildroot}%{chroot_prefix}/dev/zero
touch %{buildroot}%{chroot_prefix}/etc/localtime
install -m 755 %{SOURCE43} %{buildroot}%{_sbindir}/setup-named-chroot.sh
# systemd files
install -d -m 755 %{buildroot}%{_unitdir}
install -m 644 %{SOURCE41} %{buildroot}%{_unitdir}
install -m 644 %{SOURCE42} %{buildroot}%{_unitdir}
install -D -m 644 %{SOURCE40} %{buildroot}%{_tmpfilesdir}/named.conf
# main configuration
install -m 644 %{SOURCE100} %{buildroot}%{_sysconfdir}/named.conf
install -m 644 %{SOURCE102} %{buildroot}%{_sysconfdir}/named.root.key
install -m 644 %{SOURCE103} %{buildroot}%{_sysconfdir}/trusted-key.key
install -m 640 %{SOURCE105} %{buildroot}%{_sysconfdir}/rndc.key
mv %{buildroot}%{_sysconfdir}/bind.keys \
%{buildroot}%{_sysconfdir}/named.iscdlv.key
install -d 755 %{buildroot}/etc/named
install -d 755 %{buildroot}%{_localstatedir}/named
install -m 644 %{SOURCE110} %{buildroot}%{_localstatedir}/named/named.ca
install -m 644 %{SOURCE111} %{buildroot}%{_localstatedir}/named/named.localhost
install -m 644 %{SOURCE112} %{buildroot}%{_localstatedir}/named/named.empty
install -m 644 %{SOURCE113} %{buildroot}%{_localstatedir}/named/named.loopback
# other configuration
install -D -m 644 %{SOURCE6} %{buildroot}%{_sysconfdir}/sysconfig/named
install -D -m 644 %{SOURCE7} %{buildroot}%{_sysconfdir}/logrotate.d/named
install -d -m 755 %{buildroot}%{_sysconfdir}/rsyslog.d/
cat > %{buildroot}%{_sysconfdir}/rsyslog.d/named.conf <<'EOF'
$AddUnixListenSocket /var/lib/named/dev/log
EOF
install -D -m 755 \
%{SOURCE8} %{buildroot}%{_sysconfdir}/NetworkManager/dispatcher.d/13-named
%if %{sdb}
mkdir -p %{buildroot}/etc/openldap/schema
install -m 644 %{SOURCE36} %{buildroot}/etc/openldap/schema/dnszone.schema
install -m 644 %{SOURCE37} contrib/sdb/pgsql/
install -m 644 %{SOURCE31} %{buildroot}%{_mandir}/man1/ldap2zone.1
install -m 644 %{SOURCE32} %{buildroot}%{_mandir}/man8/named-sdb.8
install -m 644 %{SOURCE33} %{buildroot}%{_mandir}/man1/zonetodb.1
install -m 644 %{SOURCE34} %{buildroot}%{_mandir}/man1/zone2sqlite.1
%endif
# contrib
install -m0755 contrib/scripts/named-bootconf.sh %{buildroot}%{_sbindir}/named-bootconf
install -m0755 contrib/queryperf/queryperf %{buildroot}%{_bindir}/
cp contrib/queryperf/README README.queryperf
install -m0755 contrib/query-loc-*/query-loc %{buildroot}%{_bindir}/
install -m0644 contrib/query-loc-*/query-loc.1 %{buildroot}%{_mandir}/man1/
cp contrib/query-loc-*/ADDRESSES ADDRESSES.query-loc
cp contrib/query-loc-*/ALGO ALGO.query-loc
cp contrib/query-loc-*/README README.query-loc
cp contrib/query-loc-*/USAGE USAGE.query-loc
install -m 755 dns-keygen %{buildroot}%{_sbindir}/dns-keygen
install -d -m 755 %{buildroot}%{_docdir}/%{name}
install -d -m 755 %{buildroot}%{_docdir}/%{name}/arm
install -m 644 doc/arm/*.html %{buildroot}%{_docdir}/%{name}/arm
install -m 644 doc/arm/*.pdf %{buildroot}%{_docdir}/%{name}/arm
cp -pr doc/misc %{buildroot}%{_docdir}/%{name}
rm -f %{buildroot}%{_docdir}/%{name}/misc/Makefile*
%multiarch_binaries %{buildroot}%{_bindir}/isc-config.sh
%multiarch_binaries %{buildroot}%{_bindir}/bind9-config
cat > README.mga <<EOF
Mageia BIND SDB support:
Mageia ships named with compiled in Simplified Database Backend modules that
ISC provides in the "contrib/sdb" directory. Install bind-sdb package if you
want to use them. The SDB modules for LDAP, PostGreSQL, DirDB and SQLite are
compiled into named-sdb.
EOF
%triggerpostun -- bind < 9.9.2
# handle migration from previous setup after uninstallation of previous release
# so as to catch modified configuration files saved as .rpmsave
for f in named.conf trusted_networks_acl.conf logging.conf rndc.conf rndc.key; do
if [ -f %{chroot_prefix}/etc/$f.rpmsave ]; then
if [ -f %{_sysconfdir}/$f ]; then
mv %{_sysconfdir}/$f %{_sysconfdir}/$f.rpmnew
fi
mv %{chroot_prefix}/etc/$f.rpmsave %{_sysconfdir}/$f;
fi
done
if [ -d %{chroot_prefix}/var/named/master ]; then
mv %{chroot_prefix}/var/named/master %{_localstatedir}/named
fi
if [ -d %{chroot_prefix}/var/named/reverse ]; then
mv %{chroot_prefix}/var/named/reverse %{_localstatedir}/named
fi
%pre
%_pre_useradd named /var/lib/named /bin/false
%post
if [ "$1" -gt 1 ]; then
# upgrade
mv -f %{chroot_prefix}/var/named/* /var/named/
rm -rf %{chroot_prefix}%{_libdir}/openssl-*
fi
%_tmpfilescreate named
%_post_service named
# chroot devices
[ -e %{chroot_prefix}/dev/random ] || \
/bin/mknod %{chroot_prefix}/dev/random c 1 8
[ -e %{chroot_prefix}/dev/zero ] || \
/bin/mknod %{chroot_prefix}/dev/zero c 1 5
[ -e %{chroot_prefix}/dev/null ] || \
/bin/mknod %{chroot_prefix}/dev/null c 1 3
rm -f %{chroot_prefix}/etc/localtime
cp /etc/localtime %{chroot_prefix}/etc/localtime
if [ "$1" -eq 1 ]; then
# installation
MYKEY="`%{_sbindir}/dns-keygen`"
perl -pi -e "s|_MY_KEY_|$MYKEY|g" %{_sysconfdir}/rndc.key
fi
%preun
%_preun_service named
if [ "$1" -eq 0 ]; then
# uninstallation
rm -f %{chroot_prefix}/dev/{random,zero,null}
rm -f %{chroot_prefix}/etc/localtime
fi
%postun
%_postun_userdel named
%files
%doc CHANGES README README.mga FAQ COPYRIGHT
%{_bindir}/delv
%{_sbindir}/arpaname
%{_sbindir}/ddns-confgen
%{_sbindir}/dns-keygen
%{_sbindir}/dnssec-checkds
%{_sbindir}/dnssec-coverage
%{_sbindir}/dnssec-dsfromkey
%{_sbindir}/dnssec-importkey
%{_sbindir}/dnssec-keyfromlabel
%{_sbindir}/dnssec-keygen
%{_sbindir}/dnssec-revoke
%{_sbindir}/dnssec-settime
%{_sbindir}/dnssec-signzone
%{_sbindir}/dnssec-verify
%{_sbindir}/genrandom
%{_sbindir}/isc-hmac-fixup
%{_sbindir}/lwresd
%{_sbindir}/named
%{_sbindir}/named-bootconf
%{_sbindir}/named-checkconf
%{_sbindir}/named-checkzone
%{_sbindir}/named-compilezone
%{_sbindir}/named-journalprint
%{_sbindir}/named-rrchecker
%{_sbindir}/nsec3hash
%{_sbindir}/rndc
%{_sbindir}/rndc-confgen
%{_sbindir}/setup-named-chroot.sh
%{_sbindir}/tsig-keygen
%{_mandir}/man1/arpaname.1.*
%{_mandir}/man1/delv.1*
%{_mandir}/man1/named-rrchecker.1*
%{_mandir}/man5/named.conf.5*
%{_mandir}/man5/rndc.conf.5*
%{_mandir}/man8/ddns-confgen.8.*
%{_mandir}/man8/dnssec-*.8*
%{_mandir}/man8/genrandom.8.*
%{_mandir}/man8/isc-hmac-fixup.8.*
%{_mandir}/man8/lwresd.8*
%{_mandir}/man8/named-*.8*
%{_mandir}/man8/named.8*
%{_mandir}/man8/nsec3hash.8.*
%{_mandir}/man8/rndc.8*
%{_mandir}/man8/rndc-confgen.8*
%{_mandir}/man8/tsig-keygen.8*
%{_libdir}/bind
# main configuration
%dir %{_sysconfdir}/named
%config(noreplace) %{_sysconfdir}/named.conf
%attr(-,root,named) %config(noreplace) %{_sysconfdir}/rndc.key
%attr(-,root,named) %config(noreplace) %{_sysconfdir}/named.iscdlv.key
%attr(-,root,named) %config(noreplace) %{_sysconfdir}/named.root.key
# other configuration
%config(noreplace) %{_sysconfdir}/sysconfig/named
%config(noreplace) %{_sysconfdir}/rsyslog.d/named.conf
%config(noreplace) %{_sysconfdir}/logrotate.d/named
%{_sysconfdir}/NetworkManager/dispatcher.d/13-named
%{_tmpfilesdir}/named.conf
%{_unitdir}/named.service
# variable directory
%dir %{_localstatedir}/named
%attr(-,named,named) %dir %{_localstatedir}/named/slaves
%attr(-,named,named) %dir %{_localstatedir}/named/data
%attr(-,named,named) %dir %{_localstatedir}/named/dynamic
%config(noreplace) %{_localstatedir}/named/named.ca
%config(noreplace) %{_localstatedir}/named/named.localhost
%config(noreplace) %{_localstatedir}/named/named.loopback
%config(noreplace) %{_localstatedir}/named/named.empty
# the chroot
%ghost %{chroot_prefix}/dev/null
%ghost %{chroot_prefix}/dev/random
%ghost %{chroot_prefix}/dev/zero
%ghost %{chroot_prefix}/etc/localtime
%dir %{chroot_prefix}
%dir %{chroot_prefix}/dev
%dir %{chroot_prefix}/etc
%dir %{chroot_prefix}/etc/named
%dir %{chroot_prefix}/etc/pki
%dir %{chroot_prefix}/etc/pki/dnssec-keys
%dir %{chroot_prefix}/var
%dir %{chroot_prefix}/var/run
%dir %{chroot_prefix}/var/named
%dir %{chroot_prefix}/usr
%dir %{chroot_prefix}/%{_libdir}
%dir %{chroot_prefix}/%{_libdir}/bind
%dir %{chroot_prefix}/%{_libdir}/openssl
%attr(-,named,named) %dir %{chroot_prefix}/var/run/named
%attr(-,named,named) %dir %{chroot_prefix}/var/tmp
%attr(-,named,named) %dir %{chroot_prefix}/var/log
%files devel
%doc CHANGES README
%multiarch %{multiarch_bindir}/isc-config.sh
%multiarch %{multiarch_bindir}/bind9-config
%{_bindir}/isc-config.sh
%{_bindir}/bind9-config
%{_includedir}/*
%{_libdir}/*.a
%{_mandir}/man1/bind9-config.1*
%{_mandir}/man1/isc-config.sh.1*
%{_mandir}/man3/lwres*.3*
%files utils
%doc README COPYRIGHT *.query-loc *.queryperf
%{_bindir}/dig
%{_bindir}/host
%{_bindir}/nslookup
%{_bindir}/nsupdate
%{_bindir}/queryperf
%{_bindir}/query-loc
%{_mandir}/man1/host.1*
%{_mandir}/man1/dig.1*
%{_mandir}/man1/nslookup.1*
%{_mandir}/man1/nsupdate.1*
%{_mandir}/man1/query-loc.1*
%{_sysconfdir}/trusted-key.key
%files doc
%{_docdir}/%{name}
%if %{sdb}
%files sdb
%doc contrib/sdb/ldap/README.ldap
%doc contrib/sdb/ldap/INSTALL.ldap
%doc contrib/sdb/pgsql/README.sdb_pgsql
%{_unitdir}/named-sdb.service
%{_mandir}/man1/zone2ldap.1*
%{_mandir}/man1/ldap2zone.1*
%{_mandir}/man1/zonetodb.1*
%{_mandir}/man1/zone2sqlite.1*
%{_mandir}/man8/named-sdb.8*
%config(noreplace) %{_sysconfdir}/openldap/schema/dnszone.schema
%{_sbindir}/named-sdb
%{_sbindir}/zone2ldap
%{_sbindir}/ldap2zone
%{_sbindir}/zonetodb
%{_sbindir}/zone2sqlite
%endif
%changelog
* Wed Mar 09 2016 luigiwalser <luigiwalser> 9.10.3.P4-1.mga5
+ Revision: 988665
- 9.10.3-P4 (fixes CVE-2016-1285, CVE-2016-1286, CVE-2016-2088)
- 9.10.3-P3 (fixes CVE-2015-8704 and CVE-2015-8705)
- update named.cache file (oden)
- remove geoip patch (oden)
- remove make check-related bits (oden)
- 9.10.3-P2 (fixes CVE-2015-8000 and CVE-2015-8461)
- update patches 104 and 131 from fedora
- rediff patch 12
- use network-online target dep so it does not try to start too early
- 9.10.2-P4 (fixes CVE-2015-5722 and CVE-2015-5986)
- 9.10.2-P3 (fixes CVE-2015-5477)
- 9.10.2-P2 (fixes CVE-2015-4620)
* Thu Feb 26 2015 colin <colin> 9.10.1.P2-2.mga5
+ Revision: 817024
- Drop Fedora patch rejected by upstream and now dropped from Fedora (which causes crashes rhbz#1172935)
* Thu Feb 19 2015 oden <oden> 9.10.1.P2-1.mga5
+ Revision: 815795
- 9.10.1-P2 (fixes CVE-2015-1349)
* Sat Jan 03 2015 alien <alien> 9.10.1.P1-2.mga5
+ Revision: 808287
- fix mounting /etc/named
- allow mounting rw files
- allow adding custom mounts
* Tue Dec 09 2014 luigiwalser <luigiwalser> 9.10.1.P1-1.mga5
+ Revision: 802431
- 9.10.1-P1 (fixes CVE-2014-8500 and CVE-2014-8680)
* Tue Nov 25 2014 cjw <cjw> 9.10.1-2.mga5
+ Revision: 798994
- rebuild against postgresql9.4
* Tue Sep 23 2014 luigiwalser <luigiwalser> 9.10.1-1.mga5
+ Revision: 721699
- 9.10.1
- add line to patch 72 to fix autoheader complaint
- rediff patch 12 and patch 104
- drop patch 5 (fixed upstream)
- drop patch 125 (seems to not be needed)
* Tue Sep 16 2014 umeabot <umeabot> 9.10.0.P2-2.mga5
+ Revision: 678151
- Mageia 5 Mass Rebuild
* Thu Jun 12 2014 oden <oden> 9.10.0.P2-1.mga5
+ Revision: 635753
- 9.10.0-P2 (fixes CVE-2014-3859, CVE-2014-3214)
* Thu Jun 05 2014 oden <oden> 9.10.0.P1-2.mga5
+ Revision: 633352
- use "-fno-delete-null-pointer-checks" (https://kb.isc.org/article/AA-01167)
* Fri May 09 2014 oden <oden> 9.10.0.P1-1.mga5
+ Revision: 621433
- 9.10.0-P1
- rediff patches
- new named.cache
* Sun Feb 02 2014 oden <oden> 9.9.5-1.mga5
+ Revision: 568669
- 9.9.5
- rediffed most patches
* Mon Jan 13 2014 oden <oden> 9.9.4.P2-1.mga4
+ Revision: 566486
- 9.9.4-P2 (fixes CVE-2014-0591)
* Sat Oct 19 2013 umeabot <umeabot> 9.9.4-2.mga4
+ Revision: 535211
- Mageia 4 Mass Rebuild
* Fri Sep 20 2013 oden <oden> 9.9.4-1.mga4
+ Revision: 481658
- the test suite does not work correctly, disable that for now
- 9.9.4
- rediff and drop some patches
- rebuild
- P209: make the test suite work
- more deps
- run the test suite
* Sun Jul 28 2013 oden <oden> 9.9.3.P2-1.mga4
+ Revision: 459394
- 9.9.3-P2 (fixes CVE-2013-4854)
* Wed Jun 05 2013 oden <oden> 9.9.3.P1-1.mga4
+ Revision: 437452
- 9.9.3-P1 (fixes CVE-2013-3919 introduced with 9.9.3)
* Wed May 29 2013 oden <oden> 9.9.3-1.mga4
+ Revision: 431338
- 9.9.3
- slight sync with bind-9.9.3-0.7.rc2.fc20.src.rpm
- rediffed some patches
* Wed May 08 2013 luigiwalser <luigiwalser> 9.9.2.P2-2.mga3
+ Revision: 412751
- fix issues caused by leftover files in the chroot when upgrading (mga#10025)
* Mon Apr 01 2013 luigiwalser <luigiwalser> 9.9.2.P2-1.mga3
+ Revision: 406905
- 9.9.2-P2 (fixes CVE-2013-2266)
- add patch from redhat to fix CVE-2012-5689
* Sun Mar 24 2013 colin <colin> 9.9.2.P1-6.mga3
+ Revision: 404859
- Add systemd requires and general post/pre fixes (mga#9302)
* Tue Feb 26 2013 neoclust <neoclust> 9.9.2.P1-5.mga3
+ Revision: 400410
- Make sure named-sdb wait for ldap to be started
* Wed Feb 13 2013 dlucio <dlucio> 9.9.2.P1-4.mga3
+ Revision: 398286
- for new openssl
* Fri Jan 11 2013 umeabot <umeabot> 9.9.2.P1-3.mga3
+ Revision: 346903
- Mass Rebuild - https://wiki.mageia.org/en/Feature:Mageia3MassRebuild
* Sat Dec 08 2012 guillomovitch <guillomovitch> 9.9.2.P1-2.mga3
+ Revision: 328904
- rework chroot setup script for clarity, and mount everything possible as read-only (oden suggestion)
- disable dnssec by default (oden suggestion)
* Wed Dec 05 2012 oden <oden> 9.9.2.P1-1.mga3
+ Revision: 326885
- 9.9.2-P1 (fixes CVE-2012-5688)
* Tue Dec 04 2012 guillomovitch <guillomovitch> 9.9.2-5.mga3
+ Revision: 326686
- switch to a versioned post-uninstallation trigger to handle upgrade, so as to
keep modified configuration files
- use arch-specific directories list in chroot creation script
* Sun Nov 25 2012 colin <colin> 9.9.2-4.mga3
+ Revision: 321818
- Fix up tmpfiles config
* Sat Nov 17 2012 guillomovitch <guillomovitch> 9.9.2-3.mga3
+ Revision: 319149
- don't ship rndc.conf, the internal default configuration is to use rndc.key
- migrate the remaning parts of previous default configuration back to /etc before update (fix #8095)
- migrate zone files from chroot before update, as they are now bind-mounted
from the non-chroot location
- keep rfc1912 zones in main configuration file, for closer similarity with previous setup
* Mon Nov 12 2012 guillomovitch <guillomovitch> 9.9.2-2.mga3
+ Revision: 317273
- document SDB support in README.mga
- add %%{_libdir}/openssl in chroot (fix #8029)
- fix pid file path in systemd service
* Fri Nov 09 2012 guillomovitch <guillomovitch> 9.9.2-1.mga3
+ Revision: 316758
- sync with fedora spec, for easier maintainance:
the real files now live outside the chroot
- new version
+ fwang <fwang>
- update rpm group
* Wed Oct 10 2012 fwang <fwang> 9.9.1.P4-1.mga3
+ Revision: 304065
- new version 9.9.1-p4
+ guillomovitch <guillomovitch>
- install tmpfiles configuration under %%_prefix/lib
- don't ship /var/run directory
* Thu Sep 13 2012 oden <oden> 9.9.1.P3-1.mga3
+ Revision: 293449
- 9.9.1-P3 (fixes CVE-2012-4244)
* Mon Jul 30 2012 guillomovitch <guillomovitch> 9.9.1.P2-1.mga3
+ Revision: 276006
- new version
* Tue Jun 05 2012 guillomovitch <guillomovitch> 9.9.1.P1-1.mga3
+ Revision: 256011
- new version
- update patchset from fedora
* Sat Apr 28 2012 tmb <tmb> 9.9.0-7.mga2
+ Revision: 233607
- Require rpm-helper >= 0.24.8-1 for systemd support
* Fri Apr 27 2012 tmb <tmb> 9.9.0-6.mga2
+ Revision: 233504
- rebuild for versioned rpm-helper requires
* Mon Mar 12 2012 guillomovitch <guillomovitch> 9.9.0-5.mga2
+ Revision: 223162
- test device file existence before checking its minor number
* Sat Mar 10 2012 guillomovitch <guillomovitch> 9.9.0-4.mga2
+ Revision: 222546
- fix non-writable directory (#4147)
- don't use syslogadd macro, but manage rsyslog file directly, to
use default daemon log facility destination
- fix openssl libs setup in chroot
- add a default syslog channel
- remove wrong device file in chroot in post-install (#3028)
* Thu Mar 08 2012 guillomovitch <guillomovitch> 9.9.0-3.mga2
+ Revision: 221653
- use %%_post_syslogadd and %%_preun_syslogdel macros
- fix urandom device minor number (#3028)
- fixed pid file path
* Wed Mar 07 2012 guillomovitch <guillomovitch> 9.9.0-2.mga2
+ Revision: 221261
- extract chroot creation logic in an external script, to be shared
between sysinit initscript and systemd service
- don't ship services both for chrooted and non-chrooted setup, mageia
package only support chroot installation currently
- fix systemd services, we don't use the same root for chroot as fedora
- drop old chroot migration pre-installation code
* Tue Mar 06 2012 guillomovitch <guillomovitch> 9.9.0-1.mga2
+ Revision: 220366
- new version
- systemd integration
* Sat Jan 28 2012 anssi <anssi> 9.8.1P1-2.mga2
+ Revision: 202727
- add a managed-keys-directory /var/named/dynamic in the chroot (see
bug #3379 for discussion)
+ fwang <fwang>
- convert doc into noarch package
* Fri Dec 09 2011 guillomovitch <guillomovitch> 9.8.1P1-1.mga2
+ Revision: 179488
- new version
* Wed Sep 14 2011 guillomovitch <guillomovitch> 9.8.1-1.mga2
+ Revision: 143347
- drop old README.urpmi file
- new version
- sync SDB patches and sources with fedora
- sanitize doc installation
* Tue Aug 30 2011 guillomovitch <guillomovitch> 9.8.0P4-1.mga2
+ Revision: 136692
- disable parallel build again, it fails with too many CPUs
- more spec cleanup
- use version tag only for upstream versioning, not release tag
- update dyndb patch
- drop ppc patch
- renumerate patches to match fedora ones
- new version
- allow parallel build (fedora patch)
- no need to build a non-threaded host binary, the threaded version works correctly
* Mon Aug 29 2011 guillomovitch <guillomovitch> 9.8.0-7.P1.mga2
+ Revision: 136264
- spec cleanup
- ensure missing headers, such as dns/client.h, are present
* Fri May 06 2011 pterjan <pterjan> 9.8.0-6.P1.mga1
+ Revision: 95476
- Update to 9.8.0-P1 (CVE-2011-1907)
* Sun May 01 2011 cjw <cjw> 9.8.0-5.mga1
+ Revision: 94107
- get libgost.so fix working on i586 as well by using %%_target_cpu instead of %%_build_arch
* Sat Apr 30 2011 cjw <cjw> 9.8.0-4.mga1
+ Revision: 93654
- copy only the libgost.so module for the bind build architecture to the chroot (improved fix for bug #871)
* Tue Apr 19 2011 misc <misc> 9.8.0-3.mga1
+ Revision: 88257
- fix the initscript, as proposed by Dave Hodgins
* Mon Apr 18 2011 misc <misc> 9.8.0-2.mga1
+ Revision: 87629
- copy libgost.so in the chroot, fix bug #871
* Sun Apr 17 2011 misc <misc> 9.8.0-1.mga1
+ Revision: 87096
- update to 9.8.0, update dyndb patch from fedora
- remove old Obsoletes/Provides ( date back to mandrake days )
- remove old script to cope with old packages migration
- remove old trigger
* Thu Mar 24 2011 dmorgan <dmorgan> 9.7.3-2.mga1
+ Revision: 76740
- Rebuild against new mysql
* Sat Mar 05 2011 mikala <mikala> 9.7.3-1.mga1
+ Revision: 64748
- Update to bind version 9.7.3 ( fix CVE-2011-0414 )
* Mon Jan 24 2011 ennael <ennael> 9.7.2-7.mga1
+ Revision: 36775
- remove mdkversion
- imported package bind
