%define Werror_cflags -Wformat %define plevel P1 # default options %define sdb_ldap 1 %define sdb_mysql 0 %define gssapi 1 %{?_with_sdb_ldap: %{expand: %%global sdb_ldap 1}} %{?_without_sdb_ldap: %{expand: %%global sdb_ldap 0}} %{?_with_sdb_mysql: %{expand: %%global sdb_mysql 1}} %{?_without_sdb_mysql: %{expand: %%global sdb_mysql 0}} %{?_with_gssapi: %{expand: %%global gssapi 1}} %{?_without_gssapi: %{expand: %%global gssapi 0}} %if %{sdb_mysql} %define sdb_ldap 0 %endif %if %{sdb_ldap} %define sdb_mysql 0 %endif %if %{gssapi} %define gssapi 1 %endif Summary: A DNS (Domain Name System) server Name: bind Version: 9.8.4 %define subrel 1 Release: %mkrel 0.0.%{plevel}.0 License: Distributable Group: System/Servers URL: http://www.isc.org/products/BIND/ Source0: ftp://ftp.isc.org/isc/%{name}9/%{version}/%{name}-%{version}-%{plevel}.tar.gz Source1: ftp://ftp.isc.org/isc/%{name}9/%{version}/%{name}-%{version}-%{plevel}.tar.gz.asc Source2: bind-manpages.tar.bz2 Source3: bind-dhcp-dynamic-dns-examples.tar.bz2 Source4: bind-named.init Source6: bind-named.sysconfig Source7: bind-keygen.c Source11: ftp://ftp.internic.net/domain/named.cache # (oe) http://mysql-bind.sourceforge.net/ Source12: mysql-bind-0.1.tar.bz2 # (oe) http://bind9-ldap.bayour.com/bind-sdb-ldap-1.0.tar.gz Source13: bind-sdb-ldap-1.0.tar.bz2 # (oe) http://www.blue-giraffe.com/zone2ldap/zone2ldap-0.4.tar.gz Source14: zone2ldap-0.4.tar.bz2 # (oe) http://www.venaas.no/dns/ldap2zone/ Source15: ldap2zone.tar.bz2 # caching-nameserver files (S100-S112) Source100: bogon_acl.conf Source101: hosts Source102: localdomain.zone Source103: localhost.zone Source104: logging.conf Source105: named.broadcast Source106: named.conf Source107: named.ip6.local Source108: named.local Source109: named.zero Source110: rndc.conf Source111: rndc.key Source112: trusted_networks_acl.conf Source113: named.iscdlv.key Patch0: bind-fallback-to-second-server.diff Patch1: bind-queryperf_fix.diff Patch2: bind-9.7.3-link.patch # http://code.google.com/p/bind-geoip/ Patch3: bind-9.8.1-geoip-1.3.diff Patch100: bind-9.8.1-sdb_ldap.diff Patch101: bind-9.3.1-zone2ldap_fixes.diff Patch102: bind-9.3.0rc2-sdb_mysql.patch Patch103: zone2ldap-0.4-ldapv3.patch Patch200: bind-9.2.0rc3-varrun.patch Patch205: bind-9.3.2-prctl_set_dumpable.patch Patch209: bind-9.5-dlz-64bit.patch Patch212: bind-9.5-libidn.patch Patch213: bind-9.5-libidn2.patch Patch215: bind-9.5-libidn3.patch Patch216: bind95-rh461409.patch Patch218: bind-96-libtool2.patch Patch219: bind-95-rh452060.patch Patch220: bind93-rh490837.patch Patch221: bind-96-dyndb.patch Patch222: bind97-rh478718.patch Patch223: bind97-rh570851.patch Patch224: bind97-rh645544.patch Requires(pre): rpm-helper Requires(postun): rpm-helper Requires: bind-utils >= %{version}-%{release} BuildRequires: openssl-devel BuildRequires: autoconf2.5 BuildRequires: automake BuildRequires: file %if %{sdb_mysql} BuildRequires: mysql-devel %endif %if %{sdb_ldap} BuildRequires: openldap-devel %endif Obsoletes: libdns0 Provides: libdns0 Obsoletes: caching-nameserver Provides: caching-nameserver BuildRequires: libidn-devel BuildRequires: postgresql-devel BuildRequires: mysql-devel BuildRequires: libcap-devel >= 2.10 %if %{gssapi} BuildRequires: krb5-devel %endif BuildRequires: libxml2-devel BuildRequires: libgeoip-devel Epoch: 1 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot %description BIND (Berkeley Internet Name Domain) is an implementation of the DNS (domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses, and a resolver library (routines for applications to use when interfacing with DNS). A DNS server allows clients to name resources or objects and share the information with other network machines. The named DNS server can be used on workstations as a caching name server, but is generally only needed on one machine for an entire network. Note that the configuration files for making BIND act as a simple caching nameserver are included in the caching-nameserver package. Install the bind package if you need a DNS server for your network. If you want bind to act a caching name server, you will also need to install the caching-nameserver package. Many BIND 8 features previously unimplemented in BIND 9, including domain-specific forwarding, the \$GENERATE master file directive, and the "blackhole", "dialup", and "sortlist" options Forwarding of dynamic update requests; this is enabled by the "allow-update-forwarding" option A new, simplified database interface and a number of sample drivers based on it; see doc/dev/sdb for details Support for building single-threaded servers for environments that do not supply POSIX threads New configuration options: "min-refresh-time", "max-refresh-time", "min-retry-time", "max-retry-time", "additional-from-auth", "additional-from-cache", "notify explicit" Faster lookups, particularly in large zones. Build Options: --without sdb_ldap Build without ldap simple database support (enabled per default) --with sdb_mysql Build with MySQL database support (disables ldap support, it's either way.) %package utils Summary: Utilities for querying DNS name servers Group: Networking/Other %description utils Bind-utils contains a collection of utilities for querying DNS (Domain Name Service) name servers to find out information about Internet hosts. These tools will provide you with the IP addresses for given host names, as well as other information about registered domains and network addresses. You should install bind-utils if you need to get information from DNS name servers. %package devel Summary: Include files and libraries needed for bind DNS development Group: Development/C %description devel The bind-devel package contains all the include files and the library required for DNS (Domain Name Service) development for BIND versions 9.x.x. %package doc Summary: Documentation for BIND Group: Books/Other %description doc The bind-devel package contains the documentation for BIND. %prep %setup -q -n %{name}-%{version}-%{plevel} -a2 -a3 -a12 -a13 -a14 -a15 %patch0 -p1 -b .fallback-to-second-server.droplet %patch1 -p0 -b .queryperf_fix.droplet %patch2 -p0 -b .link %patch3 -p1 -b .geoip %if %{sdb_ldap} %__cp bind-sdb-ldap-*/ldapdb.c bin/named/ %__cp bind-sdb-ldap-*/ldapdb.h bin/named/include/ %patch100 -p1 -b .ldap_sdb.droplet %patch101 -p0 -b .zone2ldap_fixes.droplet %patch103 -p0 -b .ldapv3.droplet %endif %if %{sdb_mysql} mv mysql-bind-0.1 contrib/sdb/mysql %__cp contrib/sdb/mysql/mysqldb.c bin/named %__cp contrib/sdb/mysql/mysqldb.h bin/named/include %patch102 -p1 -b .sdb_mysql.droplet %endif %patch200 -p0 -b .varrun.droplet %patch205 -p0 -b .prctl_set_dumpable.droplet %patch209 -p0 -b .64bit %patch212 -p1 -b .libidn %patch213 -p1 -b .libidn2 %patch215 -p1 -b .libidn3 %patch216 -p1 -b .rh461409 mkdir -p m4 %patch218 -p1 -b .libtool2 %patch219 -p0 -b .rh452060 %patch220 -p0 -b .rh490837 %patch221 -p1 -b .dyndb %patch222 -p1 -b .rh478718 %patch223 -p1 -b .rh570851 %patch224 -p1 -b .rh645544 cp %{SOURCE4} named.init # fix https://qa.mandriva.com/show_bug.cgi?id=62829 # so..., libgost.so needs to be in the chroot (ugly..., and will break backporting, well...) OPENSSL_ENGINESDIR=`grep '^#define ENGINESDIR' %{multiarch_includedir}/openssl/opensslconf.h | cut -d\" -f2 | sed -e 's/^\///'` perl -pi -e "s|_OPENSSL_ENGINESDIR_|$OPENSSL_ENGINESDIR|g" named.init cp %{SOURCE6} named.sysconfig cp %{SOURCE7} keygen.c cp %{SOURCE11} named.cache mkdir -p caching-nameserver cp %{SOURCE100} caching-nameserver/bogon_acl.conf cp %{SOURCE101} caching-nameserver/hosts cp %{SOURCE102} caching-nameserver/localdomain.zone cp %{SOURCE103} caching-nameserver/localhost.zone cp %{SOURCE104} caching-nameserver/logging.conf cp %{SOURCE105} caching-nameserver/named.broadcast cp %{SOURCE106} caching-nameserver/named.conf cp %{SOURCE107} caching-nameserver/named.ip6.local cp %{SOURCE108} caching-nameserver/named.local cp %{SOURCE109} caching-nameserver/named.zero cp %{SOURCE110} caching-nameserver/rndc.conf cp %{SOURCE111} caching-nameserver/rndc.key cp %{SOURCE112} caching-nameserver/trusted_networks_acl.conf cp %{SOURCE113} caching-nameserver/named.iscdlv.key # strip away annoying ^M find . -type f|xargs file|grep 'CRLF'|cut -d: -f1|xargs perl -p -i -e 's/\r//' find . -type f|xargs file|grep 'text'|cut -d: -f1|xargs perl -p -i -e 's/\r//' %build %serverbuild export CPPFLAGS="$CPPFLAGS -DDIG_SIGCHASE" export STD_CDEFINES="$CPPFLAGS" export WANT_AUTOCONF_2_5=1 libtoolize --copy --force; aclocal -I m4 --force; autoheader --force; autoconf --force # (oe) make queryperf from the contrib _before_ bind..., makes it # easier to determine if it builds or not, it saves time... pushd contrib/queryperf export WANT_AUTOCONF_2_5=1 rm -f configure autoconf %configure2_5x %make CFLAGS="$CFLAGS" popd pushd contrib/query-loc-* export WANT_AUTOCONF_2_5=1 perl -pi -e "s|-lnsl|-lnsl -lresolv|g" configure* rm -f configure autoconf %configure2_5x %make CFLAGS="$CFLAGS" popd export CFLAGS="$CFLAGS -DLDAP_DEPRECATED" # threading is evil for the host command %configure2_5x \ --localstatedir=/var \ --disable-openssl-version-check \ --disable-threads \ --enable-largefile \ --enable-ipv6 \ --with-openssl=%{_prefix} \ --with-randomdev=/dev/urandom \ --with-geoip make -C lib make -C bin/dig make -C bin/dig DESTDIR="`pwd`" install make clean %configure2_5x \ --localstatedir=/var \ --disable-openssl-version-check \ --enable-threads \ --enable-largefile \ --enable-ipv6 \ --enable-filter-aaaa \ --enable-epoll \ --with-openssl=%{_prefix} \ %if %{gssapi} --with-gssapi=%{_prefix} --disable-isc-spnego \ %endif --with-randomdev=/dev/urandom \ --with-libxml2=yes \ --with-dlz-postgres=yes \ --with-dlz-mysql=yes \ --with-dlz-bdb=no \ --with-dlz-filesystem=yes \ --with-dlz-ldap=yes \ --with-dlz-odbc=no \ --with-dlz-stub=yes \ --with-geoip # pkcs11 support requires a working backend, otherwise bind won't start # http://blogs.sun.com/janp/ # http://sourceforge.net/projects/opencryptoki #--with-pkcs11 \ make %if %{sdb_ldap} pushd zone2ldap # fix references to zone2ldap perl -pi -e "s|zone2ldap|zonetoldap|g" * gcc $CFLAGS -I../lib/dns/include -I../lib/dns/sec/dst/include \ -I../lib/isc/include -I../lib/isc/unix/include -I../lib/isc/pthreads/include -c zone2ldap.c gcc $CFLAGS $LDFLAGS -o zone2ldap zone2ldap.o ../lib/dns/libdns.a -lcrypto -lpthread \ ../lib/isc/libisc.a -lldap -llber -lresolv %{?gssapi:`krb5-config --libs gssapi`} -lxml2 -lGeoIP popd pushd ldap2zone gcc $CFLAGS -I../lib/dns/include -I../lib/dns/sec/dst/include \ -I../lib/isc/include -I../lib/isc/unix/include -I../lib/isc/pthreads/include -c ldap2zone.c gcc $CFLAGS $LDFLAGS -o ldap2zone ldap2zone.o ../lib/dns/libdns.a -lcrypto -lpthread \ ../lib/isc/libisc.a -lldap -llber -lresolv %{?_with_gssapi:`krb5-config --libs gssapi`} -lxml2 -lGeoIP popd %endif %if %{sdb_mysql} pushd contrib/sdb/mysql gcc $CFLAGS -I%{_includedir}/mysql -I../../../lib/dns/include -I../../../lib/dns/sec/dst/include \ -I../../../lib/isc/include -I../../../lib/isc/unix/include -I../../../lib/isc/pthreads/include \ -c zonetodb.c gcc $CFLAGS $LDFLAGS -o zonetodb zonetodb.o \ ../../../lib/dns/libdns.a -lcrypto -lpthread ../../../lib/isc/libisc.a \ -lmysqlclient -lresolv %{?_with_gssapi:`krb5-config --libs gssapi`} -lxml2 -lGeoIP popd %endif gcc $CFLAGS -o dns-keygen keygen.c #%%check ## run the test suite #make check %install rm -rf %{buildroot} pushd doc rm -rf html popd # make some directories install -d %{buildroot}%{_initrddir} install -d %{buildroot}%{_sysconfdir}/sysconfig install -d %{buildroot}/var/run/named %makeinstall_std ln -snf named %{buildroot}%{_sbindir}/lwresd install -m0755 contrib/named-bootconf/named-bootconf.sh %{buildroot}%{_sbindir}/named-bootconf install -m0755 contrib/queryperf/queryperf %{buildroot}%{_bindir}/ cp contrib/queryperf/README README.queryperf install -m0755 contrib/query-loc-*/query-loc %{buildroot}%{_bindir}/ install -m0644 contrib/query-loc-*/query-loc.1 %{buildroot}%{_mandir}/man1/ cp contrib/query-loc-*/ADDRESSES ADDRESSES.query-loc cp contrib/query-loc-*/ALGO ALGO.query-loc cp contrib/query-loc-*/README README.query-loc cp contrib/query-loc-*/USAGE USAGE.query-loc install -m0755 named.init %{buildroot}%{_initrddir}/named install -m0644 named.sysconfig %{buildroot}%{_sysconfdir}/sysconfig/named %if %{sdb_ldap} install -m0755 zone2ldap/zone2ldap %{buildroot}%{_bindir}/zonetoldap install -m0644 zone2ldap/zone2ldap.1 %{buildroot}%{_mandir}/man1/zonetoldap.1 install -m0755 ldap2zone/ldap2zone %{buildroot}%{_bindir}/ldap2zone %endif %if %{sdb_mysql} install -m0755 contrib/sdb/mysql/zonetodb %{buildroot}%{_bindir}/ cp contrib/sdb/mysql/ChangeLog contrib/sdb/mysql/ChangeLog.mysql cp contrib/sdb/mysql/README contrib/sdb/mysql/README.mysql %endif install -m0755 dns-keygen %{buildroot}%{_sbindir}/dns-keygen # install the non-threaded host command # fixes #16855 install -m0755 usr/bin/host %{buildroot}%{_bindir}/ # make the chroot install -d %{buildroot}/var/lib/named/{dev,etc} install -d %{buildroot}/var/lib/named/var/{log,run,tmp} install -d %{buildroot}/var/lib/named/var/named/{master,slaves,reverse,dynamic,data} install -m 644 \ caching-nameserver/named.conf \ caching-nameserver/logging.conf \ caching-nameserver/trusted_networks_acl.conf \ caching-nameserver/hosts \ caching-nameserver/bogon_acl.conf \ %{buildroot}/var/lib/named/etc install -m 640 \ caching-nameserver/rndc.conf\ caching-nameserver/rndc.key \ caching-nameserver/named.iscdlv.key \ %{buildroot}/var/lib/named/etc install -m 644 \ caching-nameserver/localdomain.zone \ caching-nameserver/localhost.zone \ %{buildroot}/var/lib/named/var/named/master install -m 644 \ caching-nameserver/named.broadcast \ caching-nameserver/named.ip6.local \ caching-nameserver/named.local \ caching-nameserver/named.zero \ %{buildroot}/var/lib/named/var/named/reverse # fix some compat symlinks ln -s /var/lib/named/etc/named.conf %{buildroot}%{_sysconfdir}/named.conf ln -s /var/lib/named/etc/rndc.conf %{buildroot}%{_sysconfdir}/rndc.conf ln -s /var/lib/named/etc/rndc.key %{buildroot}%{_sysconfdir}/rndc.key ln -s /var/lib/named/etc/named.iscdlv.key %{buildroot}%{_sysconfdir}/named.iscdlv.key mv %{buildroot}%{_sysconfdir}/bind.keys %{buildroot}/var/lib/named/etc/ ln -s /var/lib/named/etc/bind.keys %{buildroot}%{_sysconfdir}/bind.keys echo "; Use \"dig @A.ROOT-SERVERS.NET . ns\" to update this file if it's outdated." > named.cache.tmp cat named.cache >> named.cache.tmp install -m0644 named.cache.tmp %{buildroot}/var/lib/named/var/named/named.ca # fix man pages install -m0644 man5/resolver.5 %{buildroot}%{_mandir}/man5/ ln -s resolver.5 %{buildroot}%{_mandir}/man5/resolv.5 # the following 3 lines is needed to make it short-circuit compliant. pushd doc rm -rf html popd install -d doc/html cp -f `find . -type f |grep html |sed -e 's#\/%{name}-%{version}##'|grep -v contrib` doc/html cat > README.urpmi << EOF The most significant changes starting from the bind-9.3.2-5mdk package: o Installs in a chroot environment per default (/var/lib/named) for security measures. o Acts as a caching only resolver per default, ip addresses that should be allowed to use recursive lookups must be defined in the /var/lib/named/etc/trusted_networks_acl.conf file. EOF # this is just sick... touch %{buildroot}/var/lib/named/var/named/dynamic/managed-keys.bind %pre %_pre_useradd named /var/lib/named /bin/false # adjust home dir location if needed if [ "`getent passwd named | awk -F: '{print $6}'`" == "/var/named" ]; then usermod -d /var/lib/named named fi # check if bind is chrooted and try to restore it if [ -x %{_sbindir}/bind-chroot.sh ]; then ROOTDIR="/var/lib/named-chroot" [ -f /etc/sysconfig/named ] && . /etc/sysconfig/named if [ -d $ROOTDIR -a ! -d /var/lib/named ]; then echo "old chroot found at $ROOTDIR, copying to /var/lib/named" cp -rp $ROOTDIR /var/lib/named chown -R named:named /var/lib/named fi if grep -q "$ROOTDIR" /etc/sysconfig/syslog; then if [ -f /var/lock/subsys/named ]; then service named stop > /dev/null 2>/dev/null || : fi %{_sbindir}/bind-chroot.sh --unchroot > /dev/null 2>/dev/null || : fi if [ -f /var/lock/subsys/syslog ]; then service syslog restart > /dev/null 2>/dev/null || : fi fi DATE=`date +%%Y%%m%%d%%j%%S` for f in named.conf rndc.conf rndc.key; do # move away files to prepare for softlinks if [ -f /etc/$f -a ! -h /etc/$f ]; then mv -vf /etc/$f /etc/$f.$DATE; fi if [ -f /etc/$f -a ! -h /etc/$f ]; then mv -vf /etc/$f /etc/$f.$DATE; fi if [ -f /etc/$f -a ! -h /etc/$f ]; then mv -vf /etc/$f /etc/$f.$DATE; fi done %post if grep -q "_MY_KEY_" /var/lib/named/etc/rndc.conf /var/lib/named/etc/rndc.key; then MYKEY="`%{_sbindir}/dns-keygen`" perl -pi -e "s|_MY_KEY_|$MYKEY|g" /var/lib/named/etc/rndc.conf /var/lib/named/etc/rndc.key fi %_post_service named %preun %_preun_service named %postun %_postun_userdel named %clean rm -rf %{buildroot} %files %defattr(-,root,root) %doc CHANGES README FAQ COPYRIGHT README.urpmi %if %{sdb_ldap} %doc contrib/sdb/ldap/README.ldap contrib/sdb/ldap/INSTALL.ldap %endif %if %{sdb_mysql} %doc contrib/sdb/mysql/ChangeLog.mysql contrib/sdb/mysql/README.mysql %endif %config(noreplace) %{_sysconfdir}/sysconfig/named %{_initrddir}/named %{_sbindir}/arpaname %{_sbindir}/ddns-confgen %{_sbindir}/dns-keygen %{_sbindir}/dnssec-dsfromkey %{_sbindir}/dnssec-keyfromlabel %{_sbindir}/dnssec-keygen %{_sbindir}/dnssec-revoke %{_sbindir}/dnssec-settime %{_sbindir}/dnssec-signzone %{_sbindir}/genrandom %{_sbindir}/isc-hmac-fixup %{_sbindir}/lwresd %{_sbindir}/named %{_sbindir}/named-bootconf %{_sbindir}/named-checkconf %{_sbindir}/named-checkzone %{_sbindir}/named-compilezone %{_sbindir}/named-journalprint %{_sbindir}/nsec3hash %{_sbindir}/rndc %{_sbindir}/rndc-confgen %{_mandir}/man1/arpaname.1.* %{_mandir}/man5/named.conf.5* %{_mandir}/man5/rndc.conf.5* %{_mandir}/man8/ddns-confgen.8.* %{_mandir}/man8/dnssec-*.8* %{_mandir}/man8/genrandom.8.* %{_mandir}/man8/isc-hmac-fixup.8.* %{_mandir}/man8/lwresd.8* %{_mandir}/man8/named-*.8* %{_mandir}/man8/named.8* %{_mandir}/man8/nsec3hash.8.* %{_mandir}/man8/rndc.8* %{_mandir}/man8/rndc-confgen.8* # the chroot %dir /var/lib/named %dir /var/lib/named/dev %dir /var/lib/named/etc %dir /var/lib/named/var %dir /var/lib/named/var/named %attr(-,named,named) %dir /var/lib/named/var/log %attr(-,named,named) %dir /var/lib/named/var/run %attr(-,named,named) %dir /var/lib/named/var/tmp %attr(-,named,named) %dir /var/lib/named/var/named/master %attr(-,named,named) %dir /var/lib/named/var/named/slaves %attr(-,named,named) %dir /var/lib/named/var/named/reverse %attr(-,named,named) %dir /var/lib/named/var/named/dynamic %attr(-,named,named) %dir /var/lib/named/var/named/data %config(noreplace) /var/lib/named/etc/named.conf %attr(-,root,named) %config(noreplace) /var/lib/named/etc/bind.keys %attr(-,root,named) %config(noreplace) /var/lib/named/etc/rndc.conf %attr(-,root,named) %config(noreplace) /var/lib/named/etc/rndc.key %attr(-,root,named) %config(noreplace) /var/lib/named/etc/named.iscdlv.key %attr(-,named,named) /var/lib/named/var/named/dynamic/managed-keys.bind %{_sysconfdir}/bind.keys %{_sysconfdir}/named.conf %{_sysconfdir}/rndc.conf %{_sysconfdir}/rndc.key %{_sysconfdir}/named.iscdlv.key %config(noreplace) /var/lib/named/etc/bogon_acl.conf %config(noreplace) /var/lib/named/etc/logging.conf %config(noreplace) /var/lib/named/etc/trusted_networks_acl.conf %config(noreplace) /var/lib/named/etc/hosts %config(noreplace) /var/lib/named/var/named/master/localdomain.zone %config(noreplace) /var/lib/named/var/named/master/localhost.zone %config(noreplace) /var/lib/named/var/named/reverse/named.broadcast %config(noreplace) /var/lib/named/var/named/reverse/named.ip6.local %config(noreplace) /var/lib/named/var/named/reverse/named.local %config(noreplace) /var/lib/named/var/named/reverse/named.zero %config(noreplace) /var/lib/named/var/named/named.ca %files devel %defattr(-,root,root) %doc CHANGES README %{_bindir}/isc-config.sh %{_includedir}/* %{_libdir}/*.a %{_mandir}/man1/isc-config.sh.1* %{_mandir}/man3/lwres*.3* %files utils %defattr(-,root,root) %doc README COPYRIGHT *.query-loc *.queryperf %{_bindir}/dig %{_bindir}/host %{_bindir}/nslookup %{_bindir}/nsupdate %{_bindir}/queryperf %{_bindir}/query-loc %{_mandir}/man1/host.1* %{_mandir}/man1/dig.1* %{_mandir}/man1/nslookup.1* %{_mandir}/man1/nsupdate.1* %{_mandir}/man1/query-loc.1* %if %{sdb_ldap} %doc zone2ldap/zone2ldap.README ldap2zone/README.ldap2zone ldap2zone/dnszone-schema.txt %{_bindir}/zonetoldap %{_bindir}/ldap2zone %{_mandir}/man1/zonetoldap.1* %endif %{_mandir}/man5/resolver.5* %{_mandir}/man5/resolv.5* %files doc %defattr(-,root,root) %doc doc/html doc/misc/ %doc doc/dhcp-dynamic-dns-examples doc/chroot doc/trustix %changelog * Wed Dec 05 2012 Oden Eriksson <oeriksson@mandriva.com> 1:9.8.4-0.0.P1.0.1 - 9.8.4-P1 (fixes CVE-2012-5688) * Wed Oct 10 2012 Oden Eriksson <oeriksson@mandriva.com> 1:9.8.3-0.0.P4.0.1 - 9.8.3-P4 (fixes CVE-2012-5166) * Tue Oct 02 2012 Oden Eriksson <oeriksson@mandriva.com> 1:9.8.3-0.0.P3.0.1 - 9.8.3-P3 (fixes CVE-2012-4244) * Sun Jul 29 2012 Oden Eriksson <oeriksson@mandriva.com> 1:9.8.3-0.0.P2.0.1 - 9.8.3-P2 (fixes CVE-2012-3868) * Fri Jun 08 2012 Oden Eriksson <oeriksson@mandriva.com> 1:9.8.3-0.0.P1.0.1 - 9.8.3-P1 - rediff patches - S11: new file from internic * Thu Apr 05 2012 Oden Eriksson <oeriksson@mandriva.com> 1:9.8.2-0.0.P0.0.1 - 9.8.2 - rediff patches - drop redundant patches * Wed Nov 16 2011 Oden Eriksson <oeriksson@mandriva.com> 1:9.8.1-0.0.P1.0.1 - 9.8.1-P1 * Sat Sep 17 2011 Oden Eriksson <oeriksson@mandriva.com> 1:9.8.1-0.0.P0.0.1 - built for updates * Thu Sep 08 2011 Oden Eriksson <oeriksson@mandriva.com> 1:9.8.1-0.0.P0.1mdv2012.0 + Revision: 698992 - 9.8.1 (fixes a lot of security issues...) - rediff patches - drop redundant patches * Sun Aug 21 2011 Oden Eriksson <oeriksson@mandriva.com> 1:9.8.0-0.0.P4.2 + Revision: 696033 - disable the flaky dnssec crap per default, enable it if you need it * Tue Jul 19 2011 Oden Eriksson <oeriksson@mandriva.com> 1:9.8.0-0.0.P4.1 + Revision: 690598 - "fix" build by removing useless tagging - 9.8.0-P2 * Mon Jul 11 2011 Luis Daniel Lucio Quiroz <dlucio@mandriva.org> 9.8.0-6.P2.2 + Revision: 689562 - rebuild for new geoip * Mon May 30 2011 Oden Eriksson <oeriksson@mandriva.com> 9.8.0-6.P2.1 + Revision: 681804 - 9.8.0-P2 * Thu May 12 2011 Oden Eriksson <oeriksson@mandriva.com> 9.8.0-6.P1.1 + Revision: 673747 - 9.8.0-P1 * Mon May 02 2011 Oden Eriksson <oeriksson@mandriva.com> 9.8.0-5 + Revision: 661625 - multiarch fixes * Tue Apr 26 2011 Luis Daniel Lucio Quiroz <dlucio@mandriva.org> 9.8.0-4 + Revision: 659234 - multiarch_binaries macro does not exists, lets comment by now - GeoIP as BR - P3 for GeoIP support * Tue Apr 12 2011 Oden Eriksson <oeriksson@mandriva.com> 9.8.0-3 + Revision: 652806 - sync patches with bind-9.8.0-2.fc16.src.rpm - fix #62829 (Chrooted bind needs copy of /usr/lib64/openssl-1.0.0d (maybe just libgost.so) to start bind) * Thu Mar 17 2011 Oden Eriksson <oeriksson@mandriva.com> 9.8.0-2 + Revision: 645741 - relink against libmysqlclient.so.18 * Wed Mar 02 2011 Oden Eriksson <oeriksson@mandriva.com> 9.8.0-1 + Revision: 641252 - 9.8.0 * Sun Feb 27 2011 Funda Wang <fwang@mandriva.org> 9.7.3-2 + Revision: 640225 - fix linkage - rebuild to obsolete old packages * Thu Feb 17 2011 Oden Eriksson <oeriksson@mandriva.com> 9.7.3-1 + Revision: 638111 - 9.7.3 * Wed Jan 26 2011 Oden Eriksson <oeriksson@mandriva.com> 9.7.2-9 + Revision: 633043 - relocate some generated files to /var/named/data - drop the geoip patch, seems dead upstream and was never applied * Tue Jan 25 2011 Oden Eriksson <oeriksson@mandriva.com> 9.7.2-8 + Revision: 632499 - new named.cache file - slight cleanups - added dnssec config, note that the managed-keys.bind file will be fetched from isc (just restart bind) * Sat Jan 01 2011 Oden Eriksson <oeriksson@mandriva.com> 9.7.2-7mdv2011.0 + Revision: 627297 - don't force the usage of automake1.7 * Sat Jan 01 2011 Oden Eriksson <oeriksson@mandriva.com> 9.7.2-6mdv2011.0 + Revision: 626993 - rebuilt against mysql-5.5.8 libs, again * Mon Dec 27 2010 Oden Eriksson <oeriksson@mandriva.com> 9.7.2-5mdv2011.0 + Revision: 625415 - rebuilt against mysql-5.5.8 libs * Thu Dec 09 2010 Oden Eriksson <oeriksson@mandriva.com> 9.7.2-4mdv2011.0 + Revision: 618160 - 9.7.2-P3 * Fri Oct 01 2010 Oden Eriksson <oeriksson@mandriva.com> 9.7.2-3mdv2011.0 + Revision: 582292 - 9.7.2-P2 + Maarten Vanraes <alien@mandriva.org> - Add IPv6 filtering support * Tue Sep 14 2010 Oden Eriksson <oeriksson@mandriva.com> 9.7.2-1mdv2011.0 + Revision: 578198 - 9.7.2 * Thu Jul 15 2010 Oden Eriksson <oeriksson@mandriva.com> 9.7.1-1mdv2011.0 + Revision: 553765 - 9.7.1-P2 * Thu May 20 2010 Oden Eriksson <oeriksson@mandriva.com> 9.7.0-5mdv2010.1 + Revision: 545467 - 9.7.0-P2 * Tue Apr 06 2010 Funda Wang <fwang@mandriva.org> 9.7.0-4mdv2010.1 + Revision: 531955 - rebuild for new openssl * Wed Mar 17 2010 Oden Eriksson <oeriksson@mandriva.com> 9.7.0-3mdv2010.1 + Revision: 523437 - 9.7.0-P1 * Fri Feb 26 2010 Oden Eriksson <oeriksson@mandriva.com> 9.7.0-2mdv2010.1 + Revision: 511553 - rebuilt against openssl-0.9.8m * Wed Feb 17 2010 Oden Eriksson <oeriksson@mandriva.com> 9.7.0-1mdv2010.1 + Revision: 507199 - 9.7.0 - drop some redundant patches - sync some patches with fedora - drop the missing-dnssec-tools stuff, it's dead * Wed Feb 17 2010 Oden Eriksson <oeriksson@mandriva.com> 9.6.1-7mdv2010.1 + Revision: 507019 - rebuild * Tue Jan 19 2010 Oden Eriksson <oeriksson@mandriva.com> 9.6.1-6mdv2010.1 + Revision: 493774 - 9.6.1-P3 * Tue Nov 24 2009 Oden Eriksson <oeriksson@mandriva.com> 9.6.1-5mdv2010.1 + Revision: 469687 - 9.6.1-P2 * Wed Aug 19 2009 Oden Eriksson <oeriksson@mandriva.com> 9.6.1-4mdv2010.0 + Revision: 418249 - comment the now disabled bogon stuff (duh!) * Fri Jul 31 2009 Oden Eriksson <oeriksson@mandriva.com> 9.6.1-3mdv2010.0 + Revision: 405097 - disable the static bogon_acl.conf file as it's too much work maintaining it, instead look at http://www.team-cymru.org/Services/Bogons/ - new named.cache file from internic * Wed Jul 29 2009 Oden Eriksson <oeriksson@mandriva.com> 9.6.1-2mdv2010.0 + Revision: 403724 - 9.6.1-P1 * Sat Jun 13 2009 Oden Eriksson <oeriksson@mandriva.com> 9.6.1-1mdv2010.0 + Revision: 385642 - 9.6.1 - drop upstream implemented patches - sync rediffed and added patches from fedora * Sun Mar 08 2009 Oden Eriksson <oeriksson@mandriva.com> 9.6.0-5mdv2009.1 + Revision: 352808 - fix #26641 (can start before name services are up) - sync with bind-9.6.0-7.P1.fc11 * Sun Feb 01 2009 Oden Eriksson <oeriksson@mandriva.com> 9.6.0-4mdv2009.1 + Revision: 336058 - added 4 patches from bind-9.6.0-4.P1.fc11.src.rpm * Tue Jan 13 2009 Oden Eriksson <oeriksson@mandriva.com> 9.6.0-3mdv2009.1 + Revision: 329224 - re-enable postgresql support - enable statistics at http://127.0.0.1:5380/ only from 127.0.0.1 (via libxml2) * Thu Jan 08 2009 Oden Eriksson <oeriksson@mandriva.com> 9.6.0-2mdv2009.1 + Revision: 327072 - 9.6.0-P1 (security fix) * Sun Jan 04 2009 Oden Eriksson <oeriksson@mandriva.com> 9.6.0-1mdv2009.1 + Revision: 324717 - 9.6.0 - disable postgresql support * Wed Dec 17 2008 Oden Eriksson <oeriksson@mandriva.com> 9.6.0-0.1.rc1.2mdv2009.1 + Revision: 315205 - added P400 to fix build with -Werror=format-security (thanks fcrozat) - rediffed fuzzy patches * Wed Dec 03 2008 Oden Eriksson <oeriksson@mandriva.com> 9.6.0-0.1.rc1.1mdv2009.1 + Revision: 309647 - 9.6.0rc1 - rediff patches * Fri Nov 07 2008 Oden Eriksson <oeriksson@mandriva.com> 9.6.0-0.b1.1mdv2009.1 + Revision: 300462 - 9.6.0b1 * Fri Oct 10 2008 Oden Eriksson <oeriksson@mandriva.com> 9.6.0-0.a1.1mdv2009.1 + Revision: 291332 - 9.6.0a1 - enable gss - rediffed P202,P209 - nuke obsolete patches (P2,P201,P203) * Wed Sep 10 2008 Oden Eriksson <oeriksson@mandriva.com> 9.5.0-6mdv2009.0 + Revision: 283490 - re-enable threading * Sat Aug 02 2008 Oden Eriksson <oeriksson@mandriva.com> 9.5.0-5mdv2009.0 + Revision: 260671 - 9.5.0-P2 * Wed Jul 09 2008 Oden Eriksson <oeriksson@mandriva.com> 9.5.0-4mdv2009.0 + Revision: 232924 - 9.5.0-P1 * Mon Jun 02 2008 Oden Eriksson <oeriksson@mandriva.com> 9.5.0-3mdv2009.0 + Revision: 214279 - bump release - hard code %%{_localstatedir}/lib (easier for backports) + Pixel <pixel@mandriva.com> - adapt to %%_localstatedir now being /var instead of /var/lib (#22312) + Thomas Backlund <tmb@mandriva.org> - update bogon_acl to version 6.3 27 MAY 2008 * Thu May 29 2008 Oden Eriksson <oeriksson@mandriva.com> 9.5.0-2mdv2009.0 + Revision: 213150 - bump release - 9.5.0 * Sun May 18 2008 Oden Eriksson <oeriksson@mandriva.com> 9.5.0-1.0.rc1.1mdv2009.0 + Revision: 208773 - bump release * Sun May 18 2008 Oden Eriksson <oeriksson@mandriva.com> 9.5.0-0.1.rc1.1mdv2009.0 + Revision: 208763 - bump release * Wed May 14 2008 Oden Eriksson <oeriksson@mandriva.com> 9.5.0-0.rc1.1mdv2009.0 + Revision: 207028 - 9.5.0rc1 * Sat Apr 19 2008 Oden Eriksson <oeriksson@mandriva.com> 9.5.0-0.b3.1mdv2009.0 + Revision: 195776 - 9.5.0b3 - drop P207, does not apply anymore * Thu Apr 17 2008 Oden Eriksson <oeriksson@mandriva.com> 9.5.0-0.b2.4mdv2009.0 + Revision: 195099 - revert the "conform to the 2008 specs (don't start the services per default)" changes and let this be handled some other way... * Wed Mar 26 2008 Oden Eriksson <oeriksson@mandriva.com> 9.5.0-0.b2.3mdv2008.1 + Revision: 190295 - really don't start it per default * Thu Feb 14 2008 Oden Eriksson <oeriksson@mandriva.com> 9.5.0-0.b2.2mdv2008.1 + Revision: 167702 - fix typo in the initscript and don't start it per default - fixed dome rpmlint errors * Mon Feb 11 2008 Oden Eriksson <oeriksson@mandriva.com> 9.5.0-0.b2.1mdv2008.1 + Revision: 165036 - 9.5.0b2 - rediffed P211 - dropped upstream implemented patches; P214,P216 * Fri Feb 08 2008 Oden Eriksson <oeriksson@mandriva.com> 9.5.0-0.b1.3mdv2008.1 + Revision: 164047 - use S11 from ftp://ftp.internic.net/domain/named.cache instead, it has the ipv6 entries needed * Thu Jan 24 2008 Oden Eriksson <oeriksson@mandriva.com> 9.5.0-0.b1.2mdv2008.1 + Revision: 157328 - security fix for CVE-2008-0122 * Wed Jan 09 2008 Oden Eriksson <oeriksson@mandriva.com> 9.5.0-0.b1.1mdv2008.1 + Revision: 147342 - correct the release number - 9.5.0b1, sync with fc except the dbus stuff * Mon Dec 24 2007 Oden Eriksson <oeriksson@mandriva.com> 9.4.2-2mdv2008.1 + Revision: 137454 - rebuilt against openldap-2.4.7 libs + Olivier Blin <blino@mandriva.org> - restore BuildRoot + Thierry Vignaud <tv@mandriva.org> - kill re-definition of %%buildroot on Pixel's request * Thu Nov 29 2007 Oden Eriksson <oeriksson@mandriva.com> 9.4.2-1mdv2008.1 + Revision: 113927 - 9.4.2 - drop obsolete patches; P1,P2 * Sat Nov 17 2007 Funda Wang <fwang@mandriva.org> 9.4.1-9mdv2008.1 + Revision: 109296 - rebuild for new lzma * Sat Nov 03 2007 Oden Eriksson <oeriksson@mandriva.com> 9.4.1-8mdv2008.1 + Revision: 105526 - the L.ROOT-SERVERS.NET. root server has a new ip address (199.7.83.42) - move queryperf to the bind-utils subpackage - added query-loc to the bind-utils subpackage - moved the docs to the bind-doc subpackage * Tue Sep 25 2007 Oden Eriksson <oeriksson@mandriva.com> 9.4.1-7mdv2008.0 + Revision: 92757 - the lsm feature in the 2008 kernel and using the capability module seems fishy..., therefore both --disable-linux-caps *and* --disable-threads has to be used in order to able to run bind as non root. * Thu Sep 06 2007 Oden Eriksson <oeriksson@mandriva.com> 9.4.1-6mdv2008.0 + Revision: 80872 - fix #33168 (log file are not rotated because of new chroot) - the previous release also fixed #31393 (bind can't resolv all domains on CS4) * Thu Sep 06 2007 Oden Eriksson <oeriksson@mandriva.com> 9.4.1-5mdv2008.0 + Revision: 80849 - added the config under version control and added some props as well * Wed Jul 25 2007 Oden Eriksson <oeriksson@mandriva.com> 9.4.1-4mdv2008.0 + Revision: 55463 - fix build - 9.4.1-P1 (fixes CVE-2007-2925) * Fri Jun 22 2007 Andreas Hasenack <andreas@mandriva.com> 9.4.1-3mdv2008.0 + Revision: 43307 - using new serverbuild macro which includes -fstack-protector * Fri Jun 08 2007 Oden Eriksson <oeriksson@mandriva.com> 9.4.1-2mdv2008.0 + Revision: 37289 - added P2 to make it shut up about "... is using obsolete setsockopt SO_BSDCOMPAT" - use the %%serverbuild macro - use distro conditional -fstack-protector * Tue May 08 2007 Oden Eriksson <oeriksson@mandriva.com> 9.4.1-1mdv2008.0 + Revision: 25081 - 9.4.1 (fixes CVE-2007-2241) * Wed Apr 18 2007 Oden Eriksson <oeriksson@mandriva.com> 9.4.0-4mdv2008.0 + Revision: 14521 - added GeoIP support (P300) (disabled per default)