%define debug_package %{nil} %define Werror_cflags -Wformat %define _disable_lto 1 # For plugins %global _disable_ld_no_undefined 1 %define plevel %{nil} # default options %define sdb_mysql 0 %bcond_with gssapi %{?_with_sdb_mysql: %{expand: %%global sdb_mysql 1}} %{?_without_sdb_mysql: %{expand: %%global sdb_mysql 0}} Summary: A DNS (Domain Name System) server Name: bind Epoch: 1 Version: 9.17.6 %if "%plevel" != "" Release: 0.%{plevel}.1 Source0: http://ftp.isc.org/isc/%{name}9/%{version}-%plevel/%{name}-%{version}-%{plevel}.tar.xz %else Release: 1 Source0: http://ftp.isc.org/isc/%{name}9/%{version}/%{name}-%{version}.tar.xz %endif License: Distributable Group: System/Servers Url: http://www.isc.org/products/BIND/ Source2: bind-manpages.tar.bz2 Source3: bind-dhcp-dynamic-dns-examples.tar.bz2 Source4: bind-named.init Source6: bind-named.sysconfig Source7: bind-keygen.c Source11: ftp://ftp.internic.net/domain/named.cache # (oe) http://mysql-bind.sourceforge.net/ Source12: mysql-bind-0.1.tar.bz2 # caching-nameserver files (S100-S112) Source100: bogon_acl.conf Source101: hosts Source102: localdomain.zone Source103: localhost.zone Source104: logging.conf Source105: named.broadcast Source106: named.conf Source107: named.ip6.local Source108: named.local Source109: named.zero Source110: rndc.conf Source111: rndc.key Source112: trusted_networks_acl.conf Source113: named.iscdlv.key Patch0: bind-fallback-to-second-server.diff #Patch2: bind-9.7.3-link.patch Patch3: bind-9.12.2-json-c.patch Patch102: bind-9.3.0rc2-sdb_mysql.patch Patch205: bind-9.3.2-prctl_set_dumpable.patch Patch209: bind-9.9-dlz-64bit.patch Patch210: bind-9.17.6-system-ltdl.patch BuildRequires: file %if %{sdb_mysql} BuildRequires: mysql-devel %endif %if %{with gssapi} BuildRequires: pkgconfig(krb5) %endif BuildRequires: libtool BuildRequires: libltdl-devel BuildRequires: pkgconfig(libcap) BuildRequires: geoip-devel BuildRequires: mysql-devel BuildRequires: openldap-devel BuildRequires: postgresql-devel BuildRequires: pkgconfig(libidn2) BuildRequires: pkgconfig(libxml-2.0) BuildRequires: pkgconfig(openssl) BuildRequires: pkgconfig(libcrypto) BuildRequires: pkgconfig(libssl) BuildRequires: pkgconfig(json-c) BuildRequires: pkgconfig(libuv) BuildRequires: pkgconfig(readline) BuildRequires: lmdb-devel BuildRequires: doxygen BuildRequires: xsltproc BuildRequires: python3dist(sphinx) BuildRequires: rpm-helper Requires: bind-utils >= %{version}-%{release} # takes care of MDV Bug #: 62829 Requires: openssl-engines Requires(pre,postun): rpm-helper %description BIND (Berkeley Internet Name Domain) is an implementation of the DNS (domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses, and a resolver library (routines for applications to use when interfacing with DNS). A DNS server allows clients to name resources or objects and share the information with other network machines. The named DNS server can be used on workstations as a caching name server, but is generally only needed on one machine for an entire network. Note that the configuration files for making BIND act as a simple caching nameserver are included in the caching-nameserver package. Install the bind package if you need a DNS server for your network. If you want bind to act a caching name server, you will also need to install the caching-nameserver package. Many BIND 8 features previously unimplemented in BIND 9, including domain-specific forwarding, the \$GENERATE master file directive, and the "blackhole", "dialup", and "sortlist" options Forwarding of dynamic update requests; this is enabled by the "allow-update-forwarding" option A new, simplified database interface and a number of sample drivers based on it; see doc/dev/sdb for details Support for building single-threaded servers for environments that do not supply POSIX threads New configuration options: "min-refresh-time", "max-refresh-time", "min-retry-time", "max-retry-time", "additional-from-auth", "additional-from-cache", "notify explicit" Faster lookups, particularly in large zones. Build Options: --with sdb_mysql Build with MySQL database support %package utils Summary: Utilities for querying DNS name servers Group: Networking/Other %description utils Bind-utils contains a collection of utilities for querying DNS (Domain Name Service) name servers to find out information about Internet hosts. These tools will provide you with the IP addresses for given host names, as well as other information about registered domains and network addresses. You should install bind-utils if you need to get information from DNS name servers. %package devel Summary: Include files and libraries needed for bind DNS development Group: Development/C %description devel The bind-devel package contains all the include files and the library required for DNS (Domain Name Service) development for BIND versions 9.x.x. %package doc Summary: Documentation for BIND Group: Books/Other %description doc The bind-devel package contains the documentation for BIND. %prep %if "%plevel" != "" %setup -q -n %{name}-%{version}-%{plevel} -a2 -a3 -a12 %else %setup -q -n %{name}-%{version} -a2 -a3 -a12 %endif %patch0 -p1 -b .fallback-to-second-server.droplet #patch2 -p1 -b .link %if %{sdb_mysql} mv mysql-bind-0.1 contrib/sdb/mysql %__cp contrib/sdb/mysql/mysqldb.c bin/named %__cp contrib/sdb/mysql/mysqldb.h bin/named/include %patch102 -p1 -b .sdb_mysql.droplet %endif %patch205 -p1 -b .prctl_set_dumpable.droplet %patch209 -p1 -b .64bit %patch210 -p1 -b .systemltdl~ cp %{SOURCE4} named.init # fix https://qa.mandriva.com/show_bug.cgi?id=62829 # so..., libgost.so needs to be in the chroot (ugly..., and will break backporting, well...) OPENSSL_ENGINESDIR=$(grep '^#define ENGINESDIR' %{multiarch_includedir}/openssl/opensslconf.h | cut -d\" -f2 | sed -e 's/^\///') perl -pi -e "s|_OPENSSL_ENGINESDIR_|$OPENSSL_ENGINESDIR|g" named.init cp %{SOURCE6} named.sysconfig cp %{SOURCE7} keygen.c cp %{SOURCE11} named.cache mkdir -p caching-nameserver cp %{SOURCE100} caching-nameserver/bogon_acl.conf cp %{SOURCE101} caching-nameserver/hosts cp %{SOURCE102} caching-nameserver/localdomain.zone cp %{SOURCE103} caching-nameserver/localhost.zone cp %{SOURCE104} caching-nameserver/logging.conf cp %{SOURCE105} caching-nameserver/named.broadcast cp %{SOURCE106} caching-nameserver/named.conf cp %{SOURCE107} caching-nameserver/named.ip6.local cp %{SOURCE108} caching-nameserver/named.local cp %{SOURCE109} caching-nameserver/named.zero cp %{SOURCE110} caching-nameserver/rndc.conf cp %{SOURCE111} caching-nameserver/rndc.key cp %{SOURCE112} caching-nameserver/trusted_networks_acl.conf cp %{SOURCE113} caching-nameserver/named.iscdlv.key # strip away annoying ^M find . -type f|xargs file|grep 'CRLF'|cut -d: -f1|xargs perl -p -i -e 's/\r//' find . -type f|xargs file|grep 'text'|cut -d: -f1|xargs perl -p -i -e 's/\r//' %build %serverbuild # it does not work with -fPIE and someone added that to the serverbuild macro... CFLAGS=$(echo %{optflags}|sed -e 's|-fPIE||g') CXXFLAGS=$(echo %{optflags}|sed -e 's|-fPIE||g') export CC=%{__cc} export CXX=%{__cxx} export CPPFLAGS="$CPPFLAGS -DDIG_SIGCHASE" export STD_CDEFINES="$CPPFLAGS" export WANT_AUTOCONF_2_5=1 rm m4/ltdl.m4 libtoolize --force; aclocal -I m4 --force; autoheader --force; automake -a; autoconf --force export CFLAGS="$CFLAGS -DLDAP_DEPRECATED" # threading is evil for the host command %configure \ --localstatedir=/var \ --disable-openssl-version-check \ --disable-threads \ --enable-largefile \ --enable-ipv6 \ --with-openssl=%{_prefix} \ --with-libidn2 \ --with-randomdev=/dev/urandom \ --with-geoip # FIXME configure should be fixed instead of having to work around # its brokenness... echo '#define HAVE_JSON_C 1' >>config.h make -C lib make -C bin/dig make -C bin/dig DESTDIR="$(pwd)" install make clean %configure \ --localstatedir=/var \ --disable-openssl-version-check \ --enable-threads \ --enable-largefile \ --enable-ipv6 \ --enable-filter-aaaa \ --enable-epoll \ --with-openssl=%{_prefix} \ --with-libidn2 \ %if %{with gssapi} --with-gssapi=%{_prefix} --disable-isc-spnego \ %else --without-gssapi \ %endif --with-randomdev=/dev/urandom \ --with-libxml2=yes \ --with-dlz-postgres=yes \ --with-dlz-mysql=yes \ --with-dlz-bdb=no \ --with-dlz-filesystem=yes \ --with-dlz-ldap=yes \ --with-dlz-odbc=no \ --with-dlz-stub=yes \ --with-geoip # FIXME configure should be fixed instead of having to work around # its brokenness... echo '#define HAVE_JSON_C 1' >>config.h %make_build -j1 %if %{sdb_mysql} cd contrib/sdb/mysql %{__cc} $CFLAGS -I%{_includedir}/mysql -I../../../lib/dns/include -I../../../lib/dns/sec/dst/include \ -I../../../lib/isc/include -I../../../lib/isc/unix/include -I../../../lib/isc/pthreads/include \ -c zonetodb.c %{_cc} $CFLAGS $LDFLAGS -o zonetodb zonetodb.o \ ../../../lib/dns/libdns.a -lcrypto -lpthread ../../../lib/isc/libisc.a \ -lmysqlclient -lresolv %{?_with_gssapi:$(krb5-config --libs gssapi)} -lxml2 -lGeoIP cd - %endif %{__cc} $CFLAGS -o dns-keygen keygen.c #%%check ## run the test suite #make check %install cd doc rm -rf html cd - # make some directories install -d %{buildroot}%{_initrddir} install -d %{buildroot}%{_sysconfdir}/sysconfig install -d %{buildroot}/var/run/named %make_install ln -snf named %{buildroot}%{_sbindir}/lwresd install -m0755 named.init %{buildroot}%{_initrddir}/named install -m0644 named.sysconfig %{buildroot}%{_sysconfdir}/sysconfig/named %if %{sdb_mysql} install -m0755 contrib/sdb/mysql/zonetodb %{buildroot}%{_bindir}/ cp contrib/sdb/mysql/ChangeLog contrib/sdb/mysql/ChangeLog.mysql cp contrib/sdb/mysql/README contrib/sdb/mysql/README.mysql %endif install -m0755 dns-keygen %{buildroot}%{_sbindir}/dns-keygen # install the non-threaded host command # fixes #16855 install -m0755 usr/bin/host %{buildroot}%{_bindir}/ # make the chroot install -d %{buildroot}/var/lib/named/{dev,etc} install -d %{buildroot}/var/lib/named/var/{log,run,tmp} install -d %{buildroot}/var/lib/named/var/named/{master,slaves,reverse,dynamic,data} install -m 644 \ caching-nameserver/named.conf \ caching-nameserver/logging.conf \ caching-nameserver/trusted_networks_acl.conf \ caching-nameserver/hosts \ caching-nameserver/bogon_acl.conf \ %{buildroot}/var/lib/named/etc install -m 640 \ caching-nameserver/rndc.conf\ caching-nameserver/rndc.key \ caching-nameserver/named.iscdlv.key \ %{buildroot}/var/lib/named/etc install -m 644 \ caching-nameserver/localdomain.zone \ caching-nameserver/localhost.zone \ %{buildroot}/var/lib/named/var/named/master install -m 644 \ caching-nameserver/named.broadcast \ caching-nameserver/named.ip6.local \ caching-nameserver/named.local \ caching-nameserver/named.zero \ %{buildroot}/var/lib/named/var/named/reverse # fix some compat symlinks ln -s /var/lib/named/etc/named.conf %{buildroot}%{_sysconfdir}/named.conf ln -s /var/lib/named/etc/rndc.conf %{buildroot}%{_sysconfdir}/rndc.conf ln -s /var/lib/named/etc/rndc.key %{buildroot}%{_sysconfdir}/rndc.key ln -s /var/lib/named/etc/named.iscdlv.key %{buildroot}%{_sysconfdir}/named.iscdlv.key mv %{buildroot}%{_sysconfdir}/bind.keys %{buildroot}/var/lib/named/etc/ ln -s /var/lib/named/etc/bind.keys %{buildroot}%{_sysconfdir}/bind.keys echo "; Use \"dig @A.ROOT-SERVERS.NET . ns\" to update this file if it's outdated." > named.cache.tmp cat named.cache >> named.cache.tmp install -m0644 named.cache.tmp %{buildroot}/var/lib/named/var/named/named.ca # fix man pages install -D -m 0644 man5/resolver.5 %{buildroot}%{_mandir}/man5/resolver.5 ln -s resolver.5 %{buildroot}%{_mandir}/man5/resolv.5 # this is just sick... touch %{buildroot}/var/lib/named/var/named/dynamic/managed-keys.bind rm -rf %{buildroot}$RPM_BUILD_DIR %pre %_pre_useradd named /var/lib/named /bin/false # adjust home dir location if needed if [ "$(getent passwd named | awk -F: '{print $6}')" == "/var/named" ]; then usermod -d /var/lib/named named fi # check if bind is chrooted and try to restore it if [ -x %{_sbindir}/bind-chroot.sh ]; then ROOTDIR="/var/lib/named-chroot" [ -f /etc/sysconfig/named ] && . /etc/sysconfig/named if [ -d $ROOTDIR -a ! -d /var/lib/named ]; then echo "old chroot found at $ROOTDIR, copying to /var/lib/named" cp -rp $ROOTDIR /var/lib/named chown -R named:named /var/lib/named fi if grep -q "$ROOTDIR" /etc/sysconfig/syslog; then if [ -f /var/lock/subsys/named ]; then service named stop > /dev/null 2>/dev/null || : fi %{_sbindir}/bind-chroot.sh --unchroot > /dev/null 2>/dev/null || : fi if [ -f /var/lock/subsys/syslog ]; then service syslog restart > /dev/null 2>/dev/null || : fi fi DATE=$(date +%%Y%%m%%d%%j%%S) for f in named.conf rndc.conf rndc.key; do # move away files to prepare for softlinks if [ -f /etc/$f -a ! -h /etc/$f ]; then mv -vf /etc/$f /etc/$f.$DATE; fi if [ -f /etc/$f -a ! -h /etc/$f ]; then mv -vf /etc/$f /etc/$f.$DATE; fi if [ -f /etc/$f -a ! -h /etc/$f ]; then mv -vf /etc/$f /etc/$f.$DATE; fi done %post if grep -q "_MY_KEY_" /var/lib/named/etc/rndc.conf /var/lib/named/etc/rndc.key; then MYKEY="$(%{_sbindir}/dns-keygen)" perl -pi -e "s|_MY_KEY_|$MYKEY|g" /var/lib/named/etc/rndc.conf /var/lib/named/etc/rndc.key fi %postun %_postun_userdel named %files %config(noreplace) %{_sysconfdir}/sysconfig/named %{_initrddir}/named %{_sbindir}/ddns-confgen %{_sbindir}/dns-keygen %{_sbindir}/lwresd %{_sbindir}/named %{_sbindir}/rndc %{_sbindir}/rndc-confgen %{_sbindir}/tsig-keygen %{_bindir}/dnssec-cds %{_bindir}/dnssec-dsfromkey %{_bindir}/dnssec-importkey %{_bindir}/dnssec-keyfromlabel %{_bindir}/dnssec-keygen %{_bindir}/dnssec-revoke %{_bindir}/dnssec-settime %{_bindir}/dnssec-signzone %{_bindir}/dnssec-verify %{_bindir}/named-checkconf %{_bindir}/named-checkzone %{_bindir}/named-compilezone %{_bindir}/named-journalprint %optional %{_bindir}/named-nzd2nzf %{_bindir}/nsec3hash %{_libdir}/bind/filter-aaaa.so %{_mandir}/man1/arpaname.1.* %{_mandir}/man5/named.conf.5* %{_mandir}/man5/rndc.conf.5* %{_mandir}/man8/rndc.8* %{_mandir}/man8/rndc-confgen.8* %{_mandir}/man8/tsig-keygen.8* # the chroot %dir /var/lib/named %dir /var/lib/named/dev %dir /var/lib/named/etc %dir /var/lib/named/var %dir /var/lib/named/var/named %attr(-,named,named) %dir /var/lib/named/var/log %attr(-,named,named) %dir /var/lib/named/var/run %attr(-,named,named) %dir /var/lib/named/var/tmp %attr(-,named,named) %dir /var/lib/named/var/named/master %attr(-,named,named) %dir /var/lib/named/var/named/slaves %attr(-,named,named) %dir /var/lib/named/var/named/reverse %attr(-,named,named) %dir /var/lib/named/var/named/dynamic %attr(-,named,named) %dir /var/lib/named/var/named/data %config(noreplace) /var/lib/named/etc/named.conf %attr(-,root,named) %config(noreplace) /var/lib/named/etc/bind.keys %attr(-,root,named) %config(noreplace) /var/lib/named/etc/rndc.conf %attr(-,root,named) %config(noreplace) /var/lib/named/etc/rndc.key %attr(-,root,named) %config(noreplace) /var/lib/named/etc/named.iscdlv.key %attr(-,named,named) /var/lib/named/var/named/dynamic/managed-keys.bind %{_sysconfdir}/bind.keys %{_sysconfdir}/named.conf %{_sysconfdir}/rndc.conf %{_sysconfdir}/rndc.key %{_sysconfdir}/named.iscdlv.key %config(noreplace) /var/lib/named/etc/bogon_acl.conf %config(noreplace) /var/lib/named/etc/logging.conf %config(noreplace) /var/lib/named/etc/trusted_networks_acl.conf %config(noreplace) /var/lib/named/etc/hosts %config(noreplace) /var/lib/named/var/named/master/localdomain.zone %config(noreplace) /var/lib/named/var/named/master/localhost.zone %config(noreplace) /var/lib/named/var/named/reverse/named.broadcast %config(noreplace) /var/lib/named/var/named/reverse/named.ip6.local %config(noreplace) /var/lib/named/var/named/reverse/named.local %config(noreplace) /var/lib/named/var/named/reverse/named.zero %config(noreplace) /var/lib/named/var/named/named.ca %{_mandir}/man1/dnssec-cds.1* %{_mandir}/man1/dnssec-dsfromkey.1* %{_mandir}/man1/dnssec-importkey.1* %{_mandir}/man1/dnssec-keyfromlabel.1* %{_mandir}/man1/dnssec-keygen.1* %{_mandir}/man1/dnssec-revoke.1* %{_mandir}/man1/dnssec-settime.1* %{_mandir}/man1/dnssec-signzone.1* %{_mandir}/man1/dnssec-verify.1* %{_mandir}/man1/dnstap-read.1* %{_mandir}/man1/named-checkconf.1* %{_mandir}/man1/named-checkzone.1* %{_mandir}/man1/named-journalprint.1* %{_mandir}/man1/named-nzd2nzf.1* %{_mandir}/man1/nsec3hash.1* %{_mandir}/man8/filter-aaaa.8* %{_mandir}/man8/named.8* %libpackage bind9 1701 %libpackage dns 1706 %libpackage irs 1701 %libpackage isc 1705 %libpackage isccc 1702 %libpackage isccfg 1702 %libpackage ns 1704 %files devel %{_includedir}/* %{_libdir}/*.so %files utils %{_bindir}/dig %{_bindir}/host %{_bindir}/nslookup %{_bindir}/nsupdate %{_bindir}/arpaname %{_bindir}/delv %{_bindir}/mdig %{_bindir}/named-rrchecker %{_mandir}/man1/delv.1* %{_mandir}/man1/mdig.1* %{_mandir}/man1/named-rrchecker.1* %{_mandir}/man1/host.1* %{_mandir}/man1/dig.1* %{_mandir}/man1/nslookup.1* %{_mandir}/man1/nsupdate.1* %{_mandir}/man5/resolver.5* %{_mandir}/man5/resolv.5* %files doc %doc CHANGES COPYRIGHT %if %{sdb_mysql} %doc contrib/sdb/mysql/ChangeLog.mysql contrib/sdb/mysql/README.mysql %endif %doc doc/misc/ %doc doc/dhcp-dynamic-dns-examples doc/chroot doc/trustix