Sophie

Sophie

distrib > Mandriva > 2011.0 > i586 > media > main-updates-src > by-pkgid > d4de3e6ce0ef2aef959c614fce0f30ad > files > 25

bind-9.8.4-0.0.P1.0.1.src.rpm

%define Werror_cflags -Wformat

%define plevel P1

# default options
%define sdb_ldap 1
%define sdb_mysql 0
%define gssapi 1

%{?_with_sdb_ldap: %{expand: %%global sdb_ldap 1}}
%{?_without_sdb_ldap: %{expand: %%global sdb_ldap 0}}
%{?_with_sdb_mysql: %{expand: %%global sdb_mysql 1}}
%{?_without_sdb_mysql: %{expand: %%global sdb_mysql 0}}
%{?_with_gssapi: %{expand: %%global gssapi 1}}
%{?_without_gssapi: %{expand: %%global gssapi 0}}

%if %{sdb_mysql}
%define sdb_ldap 0
%endif

%if %{sdb_ldap}
%define sdb_mysql 0
%endif

%if %{gssapi}
%define gssapi 1
%endif

Summary:	A DNS (Domain Name System) server
Name:		bind
Version:	9.8.4
%define subrel 1
Release:	%mkrel 0.0.%{plevel}.0
License:	Distributable
Group:		System/Servers
URL:		http://www.isc.org/products/BIND/
Source0:	ftp://ftp.isc.org/isc/%{name}9/%{version}/%{name}-%{version}-%{plevel}.tar.gz
Source1:	ftp://ftp.isc.org/isc/%{name}9/%{version}/%{name}-%{version}-%{plevel}.tar.gz.asc
Source2:	bind-manpages.tar.bz2
Source3:	bind-dhcp-dynamic-dns-examples.tar.bz2
Source4:	bind-named.init
Source6:	bind-named.sysconfig
Source7:	bind-keygen.c
Source11:	ftp://ftp.internic.net/domain/named.cache
# (oe) http://mysql-bind.sourceforge.net/
Source12:	mysql-bind-0.1.tar.bz2
# (oe) http://bind9-ldap.bayour.com/bind-sdb-ldap-1.0.tar.gz
Source13:	bind-sdb-ldap-1.0.tar.bz2
# (oe) http://www.blue-giraffe.com/zone2ldap/zone2ldap-0.4.tar.gz
Source14:	zone2ldap-0.4.tar.bz2
# (oe) http://www.venaas.no/dns/ldap2zone/
Source15:	ldap2zone.tar.bz2
# caching-nameserver files (S100-S112)
Source100:	bogon_acl.conf
Source101:	hosts
Source102:	localdomain.zone
Source103:	localhost.zone
Source104:	logging.conf
Source105:	named.broadcast
Source106:	named.conf
Source107:	named.ip6.local
Source108:	named.local
Source109:	named.zero
Source110:	rndc.conf
Source111:	rndc.key
Source112:	trusted_networks_acl.conf
Source113:	named.iscdlv.key
Patch0:		bind-fallback-to-second-server.diff
Patch1:		bind-queryperf_fix.diff
Patch2:		bind-9.7.3-link.patch
# http://code.google.com/p/bind-geoip/
Patch3:		bind-9.8.1-geoip-1.3.diff
Patch100:	bind-9.8.1-sdb_ldap.diff
Patch101:	bind-9.3.1-zone2ldap_fixes.diff
Patch102:	bind-9.3.0rc2-sdb_mysql.patch
Patch103:	zone2ldap-0.4-ldapv3.patch
Patch200:	bind-9.2.0rc3-varrun.patch
Patch205:	bind-9.3.2-prctl_set_dumpable.patch
Patch209:	bind-9.5-dlz-64bit.patch
Patch212:	bind-9.5-libidn.patch
Patch213:	bind-9.5-libidn2.patch
Patch215:	bind-9.5-libidn3.patch
Patch216:	bind95-rh461409.patch
Patch218:	bind-96-libtool2.patch
Patch219:	bind-95-rh452060.patch
Patch220:	bind93-rh490837.patch
Patch221:	bind-96-dyndb.patch
Patch222:	bind97-rh478718.patch
Patch223:	bind97-rh570851.patch
Patch224:	bind97-rh645544.patch
Requires(pre): rpm-helper
Requires(postun): rpm-helper
Requires:	bind-utils >= %{version}-%{release}
BuildRequires:	openssl-devel
BuildRequires:	autoconf2.5
BuildRequires:	automake
BuildRequires:  file
%if %{sdb_mysql}
BuildRequires:	mysql-devel
%endif
%if %{sdb_ldap}
BuildRequires:	openldap-devel
%endif
Obsoletes:	libdns0
Provides:	libdns0
Obsoletes:	caching-nameserver
Provides:	caching-nameserver
BuildRequires:	libidn-devel
BuildRequires:	postgresql-devel
BuildRequires:	mysql-devel
BuildRequires:	libcap-devel >= 2.10
%if %{gssapi}
BuildRequires:	krb5-devel
%endif
BuildRequires:	libxml2-devel
BuildRequires:	libgeoip-devel
Epoch:		1
BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-buildroot

%description
BIND (Berkeley Internet Name Domain) is an implementation of the DNS
(domain Name System) protocols. BIND includes a DNS server (named), 
which resolves host names to IP addresses, and a resolver library 
(routines for applications to use when interfacing with DNS).  A DNS 
server allows clients to name resources or objects and share the 
information with other network machines.  The named DNS server can be 
used on workstations as a caching name server, but is generally only 
needed on one machine for an entire network.  Note that the 
configuration files for making BIND act as a simple caching nameserver 
are included in the caching-nameserver package.  

Install the bind package if you need a DNS server for your network.  If
you want bind to act a caching name server, you will also need to install
the caching-nameserver package.

Many BIND 8 features previously unimplemented in BIND 9, including 
domain-specific forwarding, the \$GENERATE master file directive, and
the "blackhole", "dialup", and "sortlist" options Forwarding of dynamic
update requests; this is enabled by the "allow-update-forwarding" option 
A new, simplified database interface and a number of sample drivers based
on it; see doc/dev/sdb for details 
Support for building single-threaded servers for environments that do not 
supply POSIX threads 
New configuration options: "min-refresh-time", "max-refresh-time", 
"min-retry-time", "max-retry-time", "additional-from-auth",
"additional-from-cache", "notify explicit" 
Faster lookups, particularly in large zones. 

Build Options:
--without sdb_ldap    Build without ldap simple database support (enabled
                      per default)
--with sdb_mysql      Build with MySQL database support (disables ldap
                      support, it's either way.)
%package	utils
Summary:	Utilities for querying DNS name servers
Group:		Networking/Other

%description	utils
Bind-utils contains a collection of utilities for querying DNS (Domain
Name Service) name servers to find out information about Internet hosts.
These tools will provide you with the IP addresses for given host names,
as well as other information about registered domains and network 
addresses.

You should install bind-utils if you need to get information from DNS name
servers.

%package	devel
Summary:	Include files and libraries needed for bind DNS development
Group:		Development/C

%description	devel
The bind-devel package contains all the include files and the
library required for DNS (Domain Name Service) development for
BIND versions 9.x.x.

%package	doc
Summary:	Documentation for BIND
Group:		Books/Other

%description	doc
The bind-devel package contains the documentation for BIND.

%prep

%setup -q  -n %{name}-%{version}-%{plevel} -a2 -a3 -a12 -a13 -a14 -a15

%patch0 -p1 -b .fallback-to-second-server.droplet
%patch1 -p0 -b .queryperf_fix.droplet
%patch2 -p0 -b .link
%patch3 -p1 -b .geoip

%if %{sdb_ldap}
%__cp bind-sdb-ldap-*/ldapdb.c bin/named/
%__cp bind-sdb-ldap-*/ldapdb.h bin/named/include/
%patch100 -p1 -b .ldap_sdb.droplet
%patch101 -p0 -b .zone2ldap_fixes.droplet
%patch103 -p0 -b .ldapv3.droplet
%endif

%if %{sdb_mysql}
mv mysql-bind-0.1 contrib/sdb/mysql
%__cp contrib/sdb/mysql/mysqldb.c bin/named
%__cp contrib/sdb/mysql/mysqldb.h bin/named/include
%patch102 -p1 -b .sdb_mysql.droplet
%endif

%patch200 -p0 -b .varrun.droplet
%patch205 -p0 -b .prctl_set_dumpable.droplet
%patch209 -p0 -b .64bit

%patch212 -p1 -b .libidn
%patch213 -p1 -b .libidn2
%patch215 -p1 -b .libidn3
%patch216 -p1 -b .rh461409
mkdir -p m4
%patch218 -p1 -b .libtool2
%patch219 -p0 -b .rh452060
%patch220 -p0 -b .rh490837
%patch221 -p1 -b .dyndb
%patch222 -p1 -b .rh478718
%patch223 -p1 -b .rh570851
%patch224 -p1 -b .rh645544

cp %{SOURCE4} named.init
# fix https://qa.mandriva.com/show_bug.cgi?id=62829
# so..., libgost.so needs to be in the chroot (ugly..., and will break backporting, well...)
OPENSSL_ENGINESDIR=`grep '^#define ENGINESDIR' %{multiarch_includedir}/openssl/opensslconf.h | cut -d\" -f2 | sed -e 's/^\///'`
perl -pi -e "s|_OPENSSL_ENGINESDIR_|$OPENSSL_ENGINESDIR|g" named.init

cp %{SOURCE6} named.sysconfig
cp %{SOURCE7} keygen.c
cp %{SOURCE11} named.cache

mkdir -p caching-nameserver
cp %{SOURCE100} caching-nameserver/bogon_acl.conf
cp %{SOURCE101} caching-nameserver/hosts
cp %{SOURCE102} caching-nameserver/localdomain.zone
cp %{SOURCE103} caching-nameserver/localhost.zone
cp %{SOURCE104} caching-nameserver/logging.conf
cp %{SOURCE105} caching-nameserver/named.broadcast
cp %{SOURCE106} caching-nameserver/named.conf
cp %{SOURCE107} caching-nameserver/named.ip6.local
cp %{SOURCE108} caching-nameserver/named.local
cp %{SOURCE109} caching-nameserver/named.zero
cp %{SOURCE110} caching-nameserver/rndc.conf
cp %{SOURCE111} caching-nameserver/rndc.key
cp %{SOURCE112} caching-nameserver/trusted_networks_acl.conf
cp %{SOURCE113} caching-nameserver/named.iscdlv.key

# strip away annoying ^M
find . -type f|xargs file|grep 'CRLF'|cut -d: -f1|xargs perl -p -i -e 's/\r//'
find . -type f|xargs file|grep 'text'|cut -d: -f1|xargs perl -p -i -e 's/\r//'


%build
%serverbuild

export CPPFLAGS="$CPPFLAGS -DDIG_SIGCHASE"
export STD_CDEFINES="$CPPFLAGS"

export WANT_AUTOCONF_2_5=1
libtoolize --copy --force; aclocal -I m4 --force; autoheader --force; autoconf --force

# (oe) make queryperf from the contrib _before_ bind..., makes it
# easier to determine if it builds or not, it saves time...
pushd contrib/queryperf
export WANT_AUTOCONF_2_5=1
rm -f configure
autoconf

%configure2_5x
%make CFLAGS="$CFLAGS"
popd

pushd contrib/query-loc-*
export WANT_AUTOCONF_2_5=1
perl -pi -e "s|-lnsl|-lnsl -lresolv|g" configure*
rm -f configure
autoconf
%configure2_5x
%make CFLAGS="$CFLAGS"
popd

export CFLAGS="$CFLAGS -DLDAP_DEPRECATED"

# threading is evil for the host command
%configure2_5x \
    --localstatedir=/var \
    --disable-openssl-version-check \
    --disable-threads \
    --enable-largefile \
    --enable-ipv6 \
    --with-openssl=%{_prefix} \
    --with-randomdev=/dev/urandom \
    --with-geoip

make -C lib
make -C bin/dig
make -C bin/dig DESTDIR="`pwd`" install 
make clean

%configure2_5x \
    --localstatedir=/var \
    --disable-openssl-version-check \
    --enable-threads \
    --enable-largefile \
    --enable-ipv6 \
    --enable-filter-aaaa \
    --enable-epoll \
    --with-openssl=%{_prefix} \
%if %{gssapi}
    --with-gssapi=%{_prefix} --disable-isc-spnego \
%endif
    --with-randomdev=/dev/urandom \
    --with-libxml2=yes \
    --with-dlz-postgres=yes \
    --with-dlz-mysql=yes \
    --with-dlz-bdb=no \
    --with-dlz-filesystem=yes \
    --with-dlz-ldap=yes \
    --with-dlz-odbc=no \
    --with-dlz-stub=yes \
    --with-geoip

# pkcs11 support requires a working backend, otherwise bind won't start
# http://blogs.sun.com/janp/
# http://sourceforge.net/projects/opencryptoki
#--with-pkcs11 \

make

%if %{sdb_ldap}
pushd zone2ldap
# fix references to zone2ldap
perl -pi -e "s|zone2ldap|zonetoldap|g" *
    gcc $CFLAGS -I../lib/dns/include -I../lib/dns/sec/dst/include \
    -I../lib/isc/include -I../lib/isc/unix/include -I../lib/isc/pthreads/include -c zone2ldap.c
    gcc $CFLAGS $LDFLAGS -o zone2ldap zone2ldap.o ../lib/dns/libdns.a -lcrypto -lpthread \
    ../lib/isc/libisc.a -lldap -llber -lresolv %{?gssapi:`krb5-config --libs gssapi`} -lxml2 -lGeoIP
popd

pushd ldap2zone
    gcc $CFLAGS -I../lib/dns/include -I../lib/dns/sec/dst/include \
    -I../lib/isc/include -I../lib/isc/unix/include -I../lib/isc/pthreads/include -c ldap2zone.c
    gcc $CFLAGS $LDFLAGS -o ldap2zone ldap2zone.o ../lib/dns/libdns.a -lcrypto -lpthread \
    ../lib/isc/libisc.a -lldap -llber -lresolv %{?_with_gssapi:`krb5-config --libs gssapi`} -lxml2 -lGeoIP
popd
%endif

%if %{sdb_mysql}
pushd contrib/sdb/mysql
gcc $CFLAGS -I%{_includedir}/mysql -I../../../lib/dns/include -I../../../lib/dns/sec/dst/include \
  -I../../../lib/isc/include -I../../../lib/isc/unix/include -I../../../lib/isc/pthreads/include \
  -c zonetodb.c
gcc $CFLAGS $LDFLAGS -o zonetodb zonetodb.o \
  ../../../lib/dns/libdns.a -lcrypto -lpthread ../../../lib/isc/libisc.a \
  -lmysqlclient -lresolv %{?_with_gssapi:`krb5-config --libs gssapi`} -lxml2 -lGeoIP
popd
%endif

gcc $CFLAGS -o dns-keygen keygen.c

#%%check
## run the test suite
#make check

%install
rm -rf %{buildroot}

pushd doc
    rm -rf html
popd

# make some directories
install -d %{buildroot}%{_initrddir}
install -d %{buildroot}%{_sysconfdir}/sysconfig
install -d %{buildroot}/var/run/named 

%makeinstall_std

ln -snf named %{buildroot}%{_sbindir}/lwresd

install -m0755 contrib/named-bootconf/named-bootconf.sh %{buildroot}%{_sbindir}/named-bootconf
install -m0755 contrib/queryperf/queryperf %{buildroot}%{_bindir}/
cp contrib/queryperf/README README.queryperf

install -m0755 contrib/query-loc-*/query-loc %{buildroot}%{_bindir}/
install -m0644 contrib/query-loc-*/query-loc.1 %{buildroot}%{_mandir}/man1/
cp contrib/query-loc-*/ADDRESSES ADDRESSES.query-loc
cp contrib/query-loc-*/ALGO ALGO.query-loc
cp contrib/query-loc-*/README README.query-loc
cp contrib/query-loc-*/USAGE USAGE.query-loc

install -m0755 named.init %{buildroot}%{_initrddir}/named
install -m0644 named.sysconfig %{buildroot}%{_sysconfdir}/sysconfig/named

%if %{sdb_ldap}
install -m0755 zone2ldap/zone2ldap %{buildroot}%{_bindir}/zonetoldap
install -m0644 zone2ldap/zone2ldap.1 %{buildroot}%{_mandir}/man1/zonetoldap.1
install -m0755 ldap2zone/ldap2zone %{buildroot}%{_bindir}/ldap2zone
%endif

%if %{sdb_mysql}
install -m0755 contrib/sdb/mysql/zonetodb %{buildroot}%{_bindir}/
cp contrib/sdb/mysql/ChangeLog contrib/sdb/mysql/ChangeLog.mysql
cp contrib/sdb/mysql/README contrib/sdb/mysql/README.mysql
%endif

install -m0755 dns-keygen %{buildroot}%{_sbindir}/dns-keygen

# install the non-threaded host command
# fixes #16855
install -m0755 usr/bin/host %{buildroot}%{_bindir}/

# make the chroot
install -d %{buildroot}/var/lib/named/{dev,etc}
install -d %{buildroot}/var/lib/named/var/{log,run,tmp}
install -d %{buildroot}/var/lib/named/var/named/{master,slaves,reverse,dynamic,data}

install -m 644 \
    caching-nameserver/named.conf \
    caching-nameserver/logging.conf \
    caching-nameserver/trusted_networks_acl.conf \
    caching-nameserver/hosts \
    caching-nameserver/bogon_acl.conf \
    %{buildroot}/var/lib/named/etc
install -m 640 \
    caching-nameserver/rndc.conf\
    caching-nameserver/rndc.key \
    caching-nameserver/named.iscdlv.key \
    %{buildroot}/var/lib/named/etc
install -m 644 \
    caching-nameserver/localdomain.zone \
    caching-nameserver/localhost.zone \
    %{buildroot}/var/lib/named/var/named/master
install -m 644 \
    caching-nameserver/named.broadcast  \
    caching-nameserver/named.ip6.local \
    caching-nameserver/named.local \
    caching-nameserver/named.zero \
    %{buildroot}/var/lib/named/var/named/reverse

# fix some compat symlinks
ln -s /var/lib/named/etc/named.conf %{buildroot}%{_sysconfdir}/named.conf
ln -s /var/lib/named/etc/rndc.conf %{buildroot}%{_sysconfdir}/rndc.conf
ln -s /var/lib/named/etc/rndc.key %{buildroot}%{_sysconfdir}/rndc.key
ln -s /var/lib/named/etc/named.iscdlv.key %{buildroot}%{_sysconfdir}/named.iscdlv.key
mv %{buildroot}%{_sysconfdir}/bind.keys %{buildroot}/var/lib/named/etc/
ln -s /var/lib/named/etc/bind.keys %{buildroot}%{_sysconfdir}/bind.keys

echo "; Use \"dig @A.ROOT-SERVERS.NET . ns\" to update this file if it's outdated." > named.cache.tmp
cat named.cache >> named.cache.tmp
install -m0644 named.cache.tmp %{buildroot}/var/lib/named/var/named/named.ca

# fix man pages
install -m0644 man5/resolver.5 %{buildroot}%{_mandir}/man5/
ln -s resolver.5 %{buildroot}%{_mandir}/man5/resolv.5

# the following 3 lines is needed to make it short-circuit compliant.
pushd doc
    rm -rf html
popd

install -d doc/html
cp -f `find . -type f |grep html |sed -e 's#\/%{name}-%{version}##'|grep -v contrib` doc/html 

cat > README.urpmi << EOF
The most significant changes starting from the bind-9.3.2-5mdk package:

 o Installs in a chroot environment per default (/var/lib/named) for 
   security measures.

 o Acts as a caching only resolver per default, ip addresses that should be
   allowed to use recursive lookups must be defined in the 
   /var/lib/named/etc/trusted_networks_acl.conf file.
EOF

# this is just sick...
touch %{buildroot}/var/lib/named/var/named/dynamic/managed-keys.bind

%pre
%_pre_useradd named /var/lib/named /bin/false

# adjust home dir location if needed 
if [ "`getent passwd named | awk -F: '{print $6}'`" == "/var/named" ]; then
    usermod -d /var/lib/named named
fi

# check if bind is chrooted and try to restore it
if [ -x %{_sbindir}/bind-chroot.sh ]; then
    ROOTDIR="/var/lib/named-chroot"
    [ -f /etc/sysconfig/named ] && . /etc/sysconfig/named
    if [ -d $ROOTDIR -a ! -d /var/lib/named ]; then
	echo "old chroot found at $ROOTDIR, copying to /var/lib/named"
        cp -rp $ROOTDIR /var/lib/named
	chown -R named:named /var/lib/named
    fi
    if grep -q "$ROOTDIR" /etc/sysconfig/syslog; then
	if [ -f /var/lock/subsys/named ]; then
	    service named stop > /dev/null 2>/dev/null || :
	fi
	%{_sbindir}/bind-chroot.sh --unchroot > /dev/null 2>/dev/null || :
    fi
    if [ -f /var/lock/subsys/syslog ]; then
	service syslog restart  > /dev/null 2>/dev/null || :
    fi
fi

DATE=`date +%%Y%%m%%d%%j%%S`
for f in named.conf rndc.conf rndc.key; do
    # move away files to prepare for softlinks
    if [ -f /etc/$f -a ! -h /etc/$f ]; then mv -vf /etc/$f /etc/$f.$DATE; fi
    if [ -f /etc/$f -a ! -h /etc/$f ]; then mv -vf /etc/$f /etc/$f.$DATE; fi
    if [ -f /etc/$f -a ! -h /etc/$f ]; then mv -vf /etc/$f /etc/$f.$DATE; fi
done

%post
if grep -q "_MY_KEY_" /var/lib/named/etc/rndc.conf /var/lib/named/etc/rndc.key; then
    MYKEY="`%{_sbindir}/dns-keygen`"
    perl -pi -e "s|_MY_KEY_|$MYKEY|g" /var/lib/named/etc/rndc.conf /var/lib/named/etc/rndc.key
fi

%_post_service named

%preun
%_preun_service named

%postun
%_postun_userdel named

%clean
rm -rf %{buildroot}

%files
%defattr(-,root,root)
%doc CHANGES README FAQ COPYRIGHT README.urpmi
%if %{sdb_ldap}
%doc contrib/sdb/ldap/README.ldap contrib/sdb/ldap/INSTALL.ldap
%endif
%if %{sdb_mysql}
%doc contrib/sdb/mysql/ChangeLog.mysql contrib/sdb/mysql/README.mysql
%endif
%config(noreplace) %{_sysconfdir}/sysconfig/named
%{_initrddir}/named
%{_sbindir}/arpaname
%{_sbindir}/ddns-confgen
%{_sbindir}/dns-keygen
%{_sbindir}/dnssec-dsfromkey
%{_sbindir}/dnssec-keyfromlabel
%{_sbindir}/dnssec-keygen
%{_sbindir}/dnssec-revoke
%{_sbindir}/dnssec-settime
%{_sbindir}/dnssec-signzone
%{_sbindir}/genrandom
%{_sbindir}/isc-hmac-fixup
%{_sbindir}/lwresd
%{_sbindir}/named
%{_sbindir}/named-bootconf
%{_sbindir}/named-checkconf
%{_sbindir}/named-checkzone
%{_sbindir}/named-compilezone
%{_sbindir}/named-journalprint
%{_sbindir}/nsec3hash
%{_sbindir}/rndc
%{_sbindir}/rndc-confgen
%{_mandir}/man1/arpaname.1.*
%{_mandir}/man5/named.conf.5*
%{_mandir}/man5/rndc.conf.5*
%{_mandir}/man8/ddns-confgen.8.*
%{_mandir}/man8/dnssec-*.8*
%{_mandir}/man8/genrandom.8.*
%{_mandir}/man8/isc-hmac-fixup.8.*
%{_mandir}/man8/lwresd.8*
%{_mandir}/man8/named-*.8*
%{_mandir}/man8/named.8*
%{_mandir}/man8/nsec3hash.8.*
%{_mandir}/man8/rndc.8*
%{_mandir}/man8/rndc-confgen.8*
# the chroot
%dir /var/lib/named
%dir /var/lib/named/dev
%dir /var/lib/named/etc
%dir /var/lib/named/var
%dir /var/lib/named/var/named
%attr(-,named,named) %dir /var/lib/named/var/log
%attr(-,named,named) %dir /var/lib/named/var/run
%attr(-,named,named) %dir /var/lib/named/var/tmp
%attr(-,named,named) %dir /var/lib/named/var/named/master
%attr(-,named,named) %dir /var/lib/named/var/named/slaves
%attr(-,named,named) %dir /var/lib/named/var/named/reverse
%attr(-,named,named) %dir /var/lib/named/var/named/dynamic
%attr(-,named,named) %dir /var/lib/named/var/named/data
%config(noreplace) /var/lib/named/etc/named.conf
%attr(-,root,named) %config(noreplace) /var/lib/named/etc/bind.keys
%attr(-,root,named) %config(noreplace) /var/lib/named/etc/rndc.conf
%attr(-,root,named) %config(noreplace) /var/lib/named/etc/rndc.key
%attr(-,root,named) %config(noreplace) /var/lib/named/etc/named.iscdlv.key
%attr(-,named,named) /var/lib/named/var/named/dynamic/managed-keys.bind
%{_sysconfdir}/bind.keys
%{_sysconfdir}/named.conf
%{_sysconfdir}/rndc.conf
%{_sysconfdir}/rndc.key
%{_sysconfdir}/named.iscdlv.key
%config(noreplace) /var/lib/named/etc/bogon_acl.conf
%config(noreplace) /var/lib/named/etc/logging.conf
%config(noreplace) /var/lib/named/etc/trusted_networks_acl.conf
%config(noreplace) /var/lib/named/etc/hosts
%config(noreplace) /var/lib/named/var/named/master/localdomain.zone
%config(noreplace) /var/lib/named/var/named/master/localhost.zone
%config(noreplace) /var/lib/named/var/named/reverse/named.broadcast
%config(noreplace) /var/lib/named/var/named/reverse/named.ip6.local
%config(noreplace) /var/lib/named/var/named/reverse/named.local
%config(noreplace) /var/lib/named/var/named/reverse/named.zero
%config(noreplace) /var/lib/named/var/named/named.ca

%files devel
%defattr(-,root,root)
%doc CHANGES README
%{_bindir}/isc-config.sh
%{_includedir}/*
%{_libdir}/*.a
%{_mandir}/man1/isc-config.sh.1*
%{_mandir}/man3/lwres*.3*

%files utils
%defattr(-,root,root)
%doc README COPYRIGHT *.query-loc *.queryperf
%{_bindir}/dig
%{_bindir}/host
%{_bindir}/nslookup
%{_bindir}/nsupdate
%{_bindir}/queryperf
%{_bindir}/query-loc
%{_mandir}/man1/host.1*
%{_mandir}/man1/dig.1*
%{_mandir}/man1/nslookup.1*
%{_mandir}/man1/nsupdate.1*
%{_mandir}/man1/query-loc.1*
%if %{sdb_ldap}
%doc zone2ldap/zone2ldap.README ldap2zone/README.ldap2zone ldap2zone/dnszone-schema.txt
%{_bindir}/zonetoldap
%{_bindir}/ldap2zone
%{_mandir}/man1/zonetoldap.1*
%endif
%{_mandir}/man5/resolver.5*
%{_mandir}/man5/resolv.5*

%files doc
%defattr(-,root,root)
%doc doc/html doc/misc/
%doc doc/dhcp-dynamic-dns-examples doc/chroot doc/trustix


%changelog
* Wed Dec 05 2012 Oden Eriksson <oeriksson@mandriva.com> 1:9.8.4-0.0.P1.0.1
- 9.8.4-P1 (fixes CVE-2012-5688)

* Wed Oct 10 2012 Oden Eriksson <oeriksson@mandriva.com> 1:9.8.3-0.0.P4.0.1
- 9.8.3-P4 (fixes CVE-2012-5166)

* Tue Oct 02 2012 Oden Eriksson <oeriksson@mandriva.com> 1:9.8.3-0.0.P3.0.1
- 9.8.3-P3 (fixes CVE-2012-4244)

* Sun Jul 29 2012 Oden Eriksson <oeriksson@mandriva.com> 1:9.8.3-0.0.P2.0.1
- 9.8.3-P2 (fixes CVE-2012-3868)

* Fri Jun 08 2012 Oden Eriksson <oeriksson@mandriva.com> 1:9.8.3-0.0.P1.0.1
- 9.8.3-P1
- rediff patches
- S11: new file from internic

* Thu Apr 05 2012 Oden Eriksson <oeriksson@mandriva.com> 1:9.8.2-0.0.P0.0.1
- 9.8.2
- rediff patches
- drop redundant patches

* Wed Nov 16 2011 Oden Eriksson <oeriksson@mandriva.com> 1:9.8.1-0.0.P1.0.1
- 9.8.1-P1

* Sat Sep 17 2011 Oden Eriksson <oeriksson@mandriva.com> 1:9.8.1-0.0.P0.0.1
- built for updates

* Thu Sep 08 2011 Oden Eriksson <oeriksson@mandriva.com> 1:9.8.1-0.0.P0.1mdv2012.0
+ Revision: 698992
- 9.8.1 (fixes a lot of security issues...)
- rediff patches
- drop redundant patches

* Sun Aug 21 2011 Oden Eriksson <oeriksson@mandriva.com> 1:9.8.0-0.0.P4.2
+ Revision: 696033
- disable the flaky dnssec crap per default, enable it if you need it

* Tue Jul 19 2011 Oden Eriksson <oeriksson@mandriva.com> 1:9.8.0-0.0.P4.1
+ Revision: 690598
- "fix" build by removing useless tagging
- 9.8.0-P2

* Mon Jul 11 2011 Luis Daniel Lucio Quiroz <dlucio@mandriva.org> 9.8.0-6.P2.2
+ Revision: 689562
- rebuild for new geoip

* Mon May 30 2011 Oden Eriksson <oeriksson@mandriva.com> 9.8.0-6.P2.1
+ Revision: 681804
- 9.8.0-P2

* Thu May 12 2011 Oden Eriksson <oeriksson@mandriva.com> 9.8.0-6.P1.1
+ Revision: 673747
- 9.8.0-P1

* Mon May 02 2011 Oden Eriksson <oeriksson@mandriva.com> 9.8.0-5
+ Revision: 661625
- multiarch fixes

* Tue Apr 26 2011 Luis Daniel Lucio Quiroz <dlucio@mandriva.org> 9.8.0-4
+ Revision: 659234
- multiarch_binaries macro does not exists, lets comment by now
- GeoIP as BR
- P3 for GeoIP support

* Tue Apr 12 2011 Oden Eriksson <oeriksson@mandriva.com> 9.8.0-3
+ Revision: 652806
- sync patches with bind-9.8.0-2.fc16.src.rpm
- fix #62829 (Chrooted bind needs copy of /usr/lib64/openssl-1.0.0d (maybe just libgost.so) to start bind)

* Thu Mar 17 2011 Oden Eriksson <oeriksson@mandriva.com> 9.8.0-2
+ Revision: 645741
- relink against libmysqlclient.so.18

* Wed Mar 02 2011 Oden Eriksson <oeriksson@mandriva.com> 9.8.0-1
+ Revision: 641252
- 9.8.0

* Sun Feb 27 2011 Funda Wang <fwang@mandriva.org> 9.7.3-2
+ Revision: 640225
- fix linkage
- rebuild to obsolete old packages

* Thu Feb 17 2011 Oden Eriksson <oeriksson@mandriva.com> 9.7.3-1
+ Revision: 638111
- 9.7.3

* Wed Jan 26 2011 Oden Eriksson <oeriksson@mandriva.com> 9.7.2-9
+ Revision: 633043
- relocate some generated files to /var/named/data
- drop the geoip patch, seems dead upstream and was never applied

* Tue Jan 25 2011 Oden Eriksson <oeriksson@mandriva.com> 9.7.2-8
+ Revision: 632499
- new named.cache file
- slight cleanups
- added dnssec config, note that the managed-keys.bind file will be fetched from isc (just restart bind)

* Sat Jan 01 2011 Oden Eriksson <oeriksson@mandriva.com> 9.7.2-7mdv2011.0
+ Revision: 627297
- don't force the usage of automake1.7

* Sat Jan 01 2011 Oden Eriksson <oeriksson@mandriva.com> 9.7.2-6mdv2011.0
+ Revision: 626993
- rebuilt against mysql-5.5.8 libs, again

* Mon Dec 27 2010 Oden Eriksson <oeriksson@mandriva.com> 9.7.2-5mdv2011.0
+ Revision: 625415
- rebuilt against mysql-5.5.8 libs

* Thu Dec 09 2010 Oden Eriksson <oeriksson@mandriva.com> 9.7.2-4mdv2011.0
+ Revision: 618160
- 9.7.2-P3

* Fri Oct 01 2010 Oden Eriksson <oeriksson@mandriva.com> 9.7.2-3mdv2011.0
+ Revision: 582292
- 9.7.2-P2

  + Maarten Vanraes <alien@mandriva.org>
    - Add IPv6 filtering support

* Tue Sep 14 2010 Oden Eriksson <oeriksson@mandriva.com> 9.7.2-1mdv2011.0
+ Revision: 578198
- 9.7.2

* Thu Jul 15 2010 Oden Eriksson <oeriksson@mandriva.com> 9.7.1-1mdv2011.0
+ Revision: 553765
- 9.7.1-P2

* Thu May 20 2010 Oden Eriksson <oeriksson@mandriva.com> 9.7.0-5mdv2010.1
+ Revision: 545467
- 9.7.0-P2

* Tue Apr 06 2010 Funda Wang <fwang@mandriva.org> 9.7.0-4mdv2010.1
+ Revision: 531955
- rebuild for new openssl

* Wed Mar 17 2010 Oden Eriksson <oeriksson@mandriva.com> 9.7.0-3mdv2010.1
+ Revision: 523437
- 9.7.0-P1

* Fri Feb 26 2010 Oden Eriksson <oeriksson@mandriva.com> 9.7.0-2mdv2010.1
+ Revision: 511553
- rebuilt against openssl-0.9.8m

* Wed Feb 17 2010 Oden Eriksson <oeriksson@mandriva.com> 9.7.0-1mdv2010.1
+ Revision: 507199
- 9.7.0
- drop some redundant patches
- sync some patches with fedora
- drop the missing-dnssec-tools stuff, it's dead

* Wed Feb 17 2010 Oden Eriksson <oeriksson@mandriva.com> 9.6.1-7mdv2010.1
+ Revision: 507019
- rebuild

* Tue Jan 19 2010 Oden Eriksson <oeriksson@mandriva.com> 9.6.1-6mdv2010.1
+ Revision: 493774
- 9.6.1-P3

* Tue Nov 24 2009 Oden Eriksson <oeriksson@mandriva.com> 9.6.1-5mdv2010.1
+ Revision: 469687
- 9.6.1-P2

* Wed Aug 19 2009 Oden Eriksson <oeriksson@mandriva.com> 9.6.1-4mdv2010.0
+ Revision: 418249
- comment the now disabled bogon stuff (duh!)

* Fri Jul 31 2009 Oden Eriksson <oeriksson@mandriva.com> 9.6.1-3mdv2010.0
+ Revision: 405097
- disable the static bogon_acl.conf file as it's too much work
  maintaining it, instead look at http://www.team-cymru.org/Services/Bogons/
- new named.cache file from internic

* Wed Jul 29 2009 Oden Eriksson <oeriksson@mandriva.com> 9.6.1-2mdv2010.0
+ Revision: 403724
- 9.6.1-P1

* Sat Jun 13 2009 Oden Eriksson <oeriksson@mandriva.com> 9.6.1-1mdv2010.0
+ Revision: 385642
- 9.6.1
- drop upstream implemented patches
- sync rediffed and added patches from fedora

* Sun Mar 08 2009 Oden Eriksson <oeriksson@mandriva.com> 9.6.0-5mdv2009.1
+ Revision: 352808
- fix #26641 (can start before name services are up)
- sync with bind-9.6.0-7.P1.fc11

* Sun Feb 01 2009 Oden Eriksson <oeriksson@mandriva.com> 9.6.0-4mdv2009.1
+ Revision: 336058
- added 4 patches from bind-9.6.0-4.P1.fc11.src.rpm

* Tue Jan 13 2009 Oden Eriksson <oeriksson@mandriva.com> 9.6.0-3mdv2009.1
+ Revision: 329224
- re-enable postgresql support
- enable statistics at http://127.0.0.1:5380/ only from 127.0.0.1 (via libxml2)

* Thu Jan 08 2009 Oden Eriksson <oeriksson@mandriva.com> 9.6.0-2mdv2009.1
+ Revision: 327072
- 9.6.0-P1 (security fix)

* Sun Jan 04 2009 Oden Eriksson <oeriksson@mandriva.com> 9.6.0-1mdv2009.1
+ Revision: 324717
- 9.6.0
- disable postgresql support

* Wed Dec 17 2008 Oden Eriksson <oeriksson@mandriva.com> 9.6.0-0.1.rc1.2mdv2009.1
+ Revision: 315205
- added P400 to fix build with -Werror=format-security (thanks fcrozat)
- rediffed fuzzy patches

* Wed Dec 03 2008 Oden Eriksson <oeriksson@mandriva.com> 9.6.0-0.1.rc1.1mdv2009.1
+ Revision: 309647
- 9.6.0rc1
- rediff patches

* Fri Nov 07 2008 Oden Eriksson <oeriksson@mandriva.com> 9.6.0-0.b1.1mdv2009.1
+ Revision: 300462
- 9.6.0b1

* Fri Oct 10 2008 Oden Eriksson <oeriksson@mandriva.com> 9.6.0-0.a1.1mdv2009.1
+ Revision: 291332
- 9.6.0a1
- enable gss
- rediffed P202,P209
- nuke obsolete patches (P2,P201,P203)

* Wed Sep 10 2008 Oden Eriksson <oeriksson@mandriva.com> 9.5.0-6mdv2009.0
+ Revision: 283490
- re-enable threading

* Sat Aug 02 2008 Oden Eriksson <oeriksson@mandriva.com> 9.5.0-5mdv2009.0
+ Revision: 260671
- 9.5.0-P2

* Wed Jul 09 2008 Oden Eriksson <oeriksson@mandriva.com> 9.5.0-4mdv2009.0
+ Revision: 232924
- 9.5.0-P1

* Mon Jun 02 2008 Oden Eriksson <oeriksson@mandriva.com> 9.5.0-3mdv2009.0
+ Revision: 214279
- bump release
- hard code %%{_localstatedir}/lib (easier for backports)

  + Pixel <pixel@mandriva.com>
    - adapt to %%_localstatedir now being /var instead of /var/lib (#22312)

  + Thomas Backlund <tmb@mandriva.org>
    - update bogon_acl to version 6.3 27 MAY 2008

* Thu May 29 2008 Oden Eriksson <oeriksson@mandriva.com> 9.5.0-2mdv2009.0
+ Revision: 213150
- bump release
- 9.5.0

* Sun May 18 2008 Oden Eriksson <oeriksson@mandriva.com> 9.5.0-1.0.rc1.1mdv2009.0
+ Revision: 208773
- bump release

* Sun May 18 2008 Oden Eriksson <oeriksson@mandriva.com> 9.5.0-0.1.rc1.1mdv2009.0
+ Revision: 208763
- bump release

* Wed May 14 2008 Oden Eriksson <oeriksson@mandriva.com> 9.5.0-0.rc1.1mdv2009.0
+ Revision: 207028
- 9.5.0rc1

* Sat Apr 19 2008 Oden Eriksson <oeriksson@mandriva.com> 9.5.0-0.b3.1mdv2009.0
+ Revision: 195776
- 9.5.0b3
- drop P207, does not apply anymore

* Thu Apr 17 2008 Oden Eriksson <oeriksson@mandriva.com> 9.5.0-0.b2.4mdv2009.0
+ Revision: 195099
- revert the "conform to the 2008 specs (don't start the services per
  default)" changes and let this be handled some other way...

* Wed Mar 26 2008 Oden Eriksson <oeriksson@mandriva.com> 9.5.0-0.b2.3mdv2008.1
+ Revision: 190295
- really don't start it per default

* Thu Feb 14 2008 Oden Eriksson <oeriksson@mandriva.com> 9.5.0-0.b2.2mdv2008.1
+ Revision: 167702
- fix typo in the initscript and don't start it per default
- fixed dome rpmlint errors

* Mon Feb 11 2008 Oden Eriksson <oeriksson@mandriva.com> 9.5.0-0.b2.1mdv2008.1
+ Revision: 165036
- 9.5.0b2
- rediffed P211
- dropped upstream implemented patches; P214,P216

* Fri Feb 08 2008 Oden Eriksson <oeriksson@mandriva.com> 9.5.0-0.b1.3mdv2008.1
+ Revision: 164047
- use S11 from ftp://ftp.internic.net/domain/named.cache instead, it has the ipv6 entries needed

* Thu Jan 24 2008 Oden Eriksson <oeriksson@mandriva.com> 9.5.0-0.b1.2mdv2008.1
+ Revision: 157328
- security fix for CVE-2008-0122

* Wed Jan 09 2008 Oden Eriksson <oeriksson@mandriva.com> 9.5.0-0.b1.1mdv2008.1
+ Revision: 147342
- correct the release number
- 9.5.0b1, sync with fc except the dbus stuff

* Mon Dec 24 2007 Oden Eriksson <oeriksson@mandriva.com> 9.4.2-2mdv2008.1
+ Revision: 137454
- rebuilt against openldap-2.4.7 libs

  + Olivier Blin <blino@mandriva.org>
    - restore BuildRoot

  + Thierry Vignaud <tv@mandriva.org>
    - kill re-definition of %%buildroot on Pixel's request

* Thu Nov 29 2007 Oden Eriksson <oeriksson@mandriva.com> 9.4.2-1mdv2008.1
+ Revision: 113927
- 9.4.2
- drop obsolete patches; P1,P2

* Sat Nov 17 2007 Funda Wang <fwang@mandriva.org> 9.4.1-9mdv2008.1
+ Revision: 109296
- rebuild for new lzma

* Sat Nov 03 2007 Oden Eriksson <oeriksson@mandriva.com> 9.4.1-8mdv2008.1
+ Revision: 105526
- the L.ROOT-SERVERS.NET. root server has a new ip address (199.7.83.42)
- move queryperf to the bind-utils subpackage
- added query-loc to the bind-utils subpackage
- moved the docs to the bind-doc subpackage

* Tue Sep 25 2007 Oden Eriksson <oeriksson@mandriva.com> 9.4.1-7mdv2008.0
+ Revision: 92757
- the lsm feature in the 2008 kernel and using the capability module seems fishy...,
  therefore both --disable-linux-caps *and* --disable-threads has to be used in order
  to able to run bind as non root.

* Thu Sep 06 2007 Oden Eriksson <oeriksson@mandriva.com> 9.4.1-6mdv2008.0
+ Revision: 80872
- fix #33168 (log file are not rotated because of new chroot)
- the previous release also fixed #31393 (bind can't resolv all domains on CS4)

* Thu Sep 06 2007 Oden Eriksson <oeriksson@mandriva.com> 9.4.1-5mdv2008.0
+ Revision: 80849
- added the config under version control and added some props as well

* Wed Jul 25 2007 Oden Eriksson <oeriksson@mandriva.com> 9.4.1-4mdv2008.0
+ Revision: 55463
- fix build
- 9.4.1-P1 (fixes CVE-2007-2925)

* Fri Jun 22 2007 Andreas Hasenack <andreas@mandriva.com> 9.4.1-3mdv2008.0
+ Revision: 43307
- using new serverbuild macro which includes -fstack-protector

* Fri Jun 08 2007 Oden Eriksson <oeriksson@mandriva.com> 9.4.1-2mdv2008.0
+ Revision: 37289
- added P2 to make it shut up about "... is using obsolete setsockopt SO_BSDCOMPAT"
- use the %%serverbuild macro
- use distro conditional -fstack-protector

* Tue May 08 2007 Oden Eriksson <oeriksson@mandriva.com> 9.4.1-1mdv2008.0
+ Revision: 25081
- 9.4.1 (fixes CVE-2007-2241)

* Wed Apr 18 2007 Oden Eriksson <oeriksson@mandriva.com> 9.4.0-4mdv2008.0
+ Revision: 14521
- added GeoIP support (P300) (disabled per default)

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional