diff --git a/bind-9.3.1rc1-sdb.patch b/bind-9.3.1rc1-sdb.patch new file mode 100644 index 0000000..7f0c41d --- /dev/null +++ b/bind-9.3.1rc1-sdb.patch @@ -0,0 +1,170 @@ +--- bind-9.3.1rc1/configure.in.sdb 2005-02-16 22:25:08.000000000 -0500 ++++ bind-9.3.1rc1/configure.in 2005-02-16 22:25:08.000000000 -0500 +@@ -2194,6 +2194,8 @@ + bin/check/Makefile + bin/named/Makefile + bin/named/unix/Makefile ++ bin/named_sdb/Makefile ++ bin/named_sdb/unix/Makefile + bin/rndc/Makefile + bin/rndc/unix/Makefile + bin/dig/Makefile +@@ -2215,6 +2217,7 @@ + bin/tests/system/tkey/Makefile + bin/tests/headerdep_test.sh + bin/dnssec/Makefile ++ bin/sdb_tools/Makefile + doc/Makefile + doc/arm/Makefile + doc/arm/nominum-docbook-html.dsl +--- bind-9.3.1rc1/bin/named_sdb/main.c.sdb 2004-10-24 20:42:54.000000000 -0400 ++++ bind-9.3.1rc1/bin/named_sdb/main.c 2005-02-16 22:25:08.000000000 -0500 +@@ -71,6 +71,9 @@ + * Include header files for database drivers here. + */ + /* #include "xxdb.h" */ ++#include "ldapdb.h" ++#include "pgsqldb.h" ++#include "dirdb.h" + + static isc_boolean_t want_stats = ISC_FALSE; + static char program_name[ISC_DIR_NAMEMAX] = "named"; +@@ -656,7 +659,57 @@ + * Add calls to register sdb drivers here. + */ + /* xxdb_init(); */ +- ++ result = ldapdb_init(); ++ if (result != ISC_R_SUCCESS) ++ { ++ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN, ++ ISC_LOG_ERROR, ++ "SDB ldap module initialisation failed: %s.", ++ isc_result_totext(result) ++ ); ++ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN, ++ ISC_LOG_ERROR, ++ "SDB ldap zone database will be unavailable." ++ ); ++ }else ++ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN, ++ ISC_LOG_NOTICE, "SDB ldap zone database module loaded." ++ ); ++ ++ result = pgsqldb_init(); ++ if (result != ISC_R_SUCCESS) ++ { ++ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN, ++ ISC_LOG_ERROR, ++ "SDB pgsql module initialisation failed: %s.", ++ isc_result_totext(result) ++ ); ++ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN, ++ ISC_LOG_ERROR, ++ "SDB pgsql zone database will be unavailable." ++ ); ++ }else ++ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN, ++ ISC_LOG_NOTICE, "SDB postgreSQL DB zone database module loaded." ++ ); ++ ++ result = dirdb_init(); ++ if (result != ISC_R_SUCCESS) ++ { ++ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN, ++ ISC_LOG_ERROR, ++ "SDB directory DB module initialisation failed: %s.", ++ isc_result_totext(result) ++ ); ++ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN, ++ ISC_LOG_ERROR, ++ "SDB directory DB zone database will be unavailable." ++ ); ++ }else ++ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN, ++ ISC_LOG_NOTICE, "SDB directory DB zone database module loaded." ++ ); ++ + ns_server_create(ns_g_mctx, &ns_g_server); + } + +@@ -673,6 +726,10 @@ + */ + /* xxdb_clear(); */ + ++ ldapdb_clear(); ++ pgsqldb_clear(); ++ dirdb_clear(); ++ + isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN, + ISC_LOG_NOTICE, "exiting"); + ns_log_shutdown(); +--- bind-9.3.1rc1/bin/named_sdb/Makefile.in.sdb 2005-02-16 22:25:08.000000000 -0500 ++++ bind-9.3.1rc1/bin/named_sdb/Makefile.in 2005-02-16 22:25:08.000000000 -0500 +@@ -26,10 +26,10 @@ + # + # Add database drivers here. + # +-DBDRIVER_OBJS = +-DBDRIVER_SRCS = ++DBDRIVER_OBJS = ldapdb.o pgsqldb.o dirdb.o ++DBDRIVER_SRCS = ldapdb.c pgsqldb.c dirdb.c + DBDRIVER_INCLUDES = +-DBDRIVER_LIBS = ++DBDRIVER_LIBS = -lldap -llber -lpq + + CINCLUDES = -I${srcdir}/include -I${srcdir}/unix/include \ + ${LWRES_INCLUDES} ${DNS_INCLUDES} ${BIND9_INCLUDES} \ +@@ -61,7 +61,7 @@ + + SUBDIRS = unix + +-TARGETS = named@EXEEXT@ lwresd@EXEEXT@ ++TARGETS = named_sdb@EXEEXT@ + + OBJS = aclconf.o builtin.o client.o config.o control.o \ + controlconf.o interfacemgr.o \ +@@ -114,14 +114,10 @@ + -DNS_LOCALSTATEDIR=\"${localstatedir}\" \ + -c ${srcdir}/config.c + +-named@EXEEXT@: ${OBJS} ${UOBJS} ${DEPLIBS} ++named_sdb@EXEEXT@: ${OBJS} ${UOBJS} ${DEPLIBS} + ${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} -o $@ \ + ${OBJS} ${UOBJS} ${LIBS} + +-lwresd@EXEEXT@: named@EXEEXT@ +- rm -f lwresd@EXEEXT@ +- @LN@ named@EXEEXT@ lwresd@EXEEXT@ +- + doc man:: ${MANOBJS} + + docclean manclean maintainer-clean:: +@@ -132,13 +128,8 @@ + + installdirs: + $(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${sbindir} +- $(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${mandir}/man5 +- $(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${mandir}/man8 + +-install:: named@EXEEXT@ lwresd@EXEEXT@ installdirs +- ${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} named@EXEEXT@ ${DESTDIR}${sbindir} +- (cd ${DESTDIR}${sbindir}; rm -f lwresd@EXEEXT@; @LN@ named@EXEEXT@ lwresd@EXEEXT@) +- ${INSTALL_DATA} ${srcdir}/named.8 ${DESTDIR}${mandir}/man8 +- ${INSTALL_DATA} ${srcdir}/lwresd.8 ${DESTDIR}${mandir}/man8 +- ${INSTALL_DATA} ${srcdir}/named.conf.5 ${DESTDIR}${mandir}/man5 ++install:: named_sdb@EXEEXT@ installdirs ++ ${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} named_sdb@EXEEXT@ ${DESTDIR}${sbindir} ++ + +--- bind-9.3.1rc1/bin/Makefile.in.sdb 2004-03-06 05:21:10.000000000 -0500 ++++ bind-9.3.1rc1/bin/Makefile.in 2005-02-16 22:25:08.000000000 -0500 +@@ -19,7 +19,7 @@ + VPATH = @srcdir@ + top_srcdir = @top_srcdir@ + +-SUBDIRS = named rndc dig dnssec tests nsupdate check ++SUBDIRS = named named_sdb rndc dig dnssec tests nsupdate check sdb_tools + TARGETS = + + @BIND9_MAKE_RULES@ diff --git a/bind.spec b/bind.spec index c4d67ac..8cd2da4 100644 --- a/bind.spec +++ b/bind.spec @@ -1,4 +1,5 @@ %define posix_threads 0 +%define SDB 1 Summary: A DNS (Domain Name System) server. Name: bind License: BSD-like @@ -17,6 +18,9 @@ Source3: named.logrotate Source4: keygen.c Source5: rfc1912.txt Source6: bind-chroot.tar.gz +Source7: bind-9.3.1rc1-sdb_tools-Makefile.in +Source8: dnszone.schema +# http://www.venaas.no/ldap/bind-sdb/dnszone-schema.txt Patch: bind-9.2.0rc3-varrun.patch Patch1: bind-9.2.1-key.patch Patch2: bind-9.3.1beta2-openssl-suffix.patch @@ -28,6 +32,8 @@ Patch7: bind-9.2.4rc7-pie.patch Patch8: bind-9.3.0-handle-send-errors.patch Patch9: bind-9.3.0-missing-dnssec-tools.patch Patch10: bind-9.3.1rc1-no-libtool-for-PIEs.patch +Patch11: bind-9.3.1rc1-sdbsrc.patch +Patch12: bind-9.3.1rc1-sdb.patch Requires(pre,preun): shadow-utils Requires(post,preun): chkconfig Requires(post): textutils, fileutils, sed, grep @@ -35,7 +41,11 @@ Requires: bind-utils /bin/usleep #Requires: kernel >= 2.4 #Requires: glibc >= 2.3.2-5 Requires: glibc >= 2.2 +%if %{SDB} +BuildRequires: openssl-devel gcc glibc-devel >= 2.2.5-26 glibc-kernheaders >= 2.4-7.10 libtool pkgconfig tar openldap-devel postgresql-devel +%else BuildRequires: openssl-devel gcc glibc-devel >= 2.2.5-26 glibc-kernheaders >= 2.4-7.10 libtool pkgconfig tar +%endif %description BIND (Berkeley Internet Name Domain) is an implementation of the DNS @@ -235,6 +245,26 @@ fi; # This patch is now in ISC bind-9.3.1x %patch9 -p1 -b .missing_dnssec_tools %patch10 -p2 -b .no-libtool-for-PIEs +%if %{SDB} +%patch11 -p1 -b .sdbsrc +# BUILD 'Simplified Database Backend' (SDB) version of named: named_sdb +cp -rfp bin/named bin/named_sdb +# SDB ldap +cp -fp contrib/sdb/ldap/ldapdb.[ch] bin/named_sdb +# SDB postgreSQL +cp -fp contrib/sdb/pgsql/pgsqldb.[ch] bin/named_sdb +# SDB Berkeley DB - needs to be ported to DB4! +#cp -fp contrib/sdb/bdb/bdb.[ch] bin/named_sdb +# SDB dir +cp -fp contrib/sdb/dir/dirdb.[ch] bin/named_sdb +# SDB tools +mkdir -p bin/sdb_tools +cp -fp %{SOURCE7} bin/sdb_tools/Makefile.in +#cp -fp contrib/sdb/bdb/zone2bdb.c bin/sdb_tools +cp -fp contrib/sdb/ldap/{zone2ldap.1,zone2ldap.c} bin/sdb_tools +cp -fp contrib/sdb/pgsql/zonetodb.c bin/sdb_tools +%patch12 -p1 -b .sdb +%endif %build libtoolize --copy --force; aclocal; autoconf @@ -249,8 +279,9 @@ fi %configure --with-libtool --localstatedir=/var \ --enable-threads \ --enable-ipv6 \ + --enable-libbind \ --with-openssl=/usr -make +make cp %{SOURCE5} doc/rfc gzip -9 doc/rfc/* @@ -288,6 +319,10 @@ __EOF gcc $RPM_OPT_FLAGS -o $RPM_BUILD_ROOT/usr/sbin/dns-keygen %{SOURCE4} mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig cp %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/named +%if %{SDB} +mkdir -p $RPM_BUILD_ROOT/etc/openldap/schema +install -c -m 644 %{SOURCE8} $RPM_BUILD_ROOT/etc/openldap/schema/dnszone.schema +%endif #mv $RPM_BUILD_ROOT/usr/share/man/man8/named.conf.* $RPM_BUILD_ROOT/usr/share/man/man5 %pre @@ -316,10 +351,31 @@ if [ $1 = 1 ]; then # Restore selinux file_context # /sbin/restorecon /etc/rndc.key /etc/rndc.conf /etc/named.conf - fi + fi chmod 0640 /etc/rndc.conf /etc/rndc.key chown root:named /etc/rndc.conf /etc/rndc.key /etc/named.conf /sbin/ldconfig +elif [ "$1" -gt 0 ]; then + # check that dnszone.schema is installed in OpenLDAP's slapd.conf + if [ -x /usr/sbin/named_sdb ] && [ -f /etc/openldap/slapd.conf ]; then + # include the LDAP dnszone.schema in slapd.conf: + if ! /bin/egrep -q '^include.*\dnszone.schema' /etc/openldap/slapd.conf; then + tf=`/bin/mktemp /tmp/XXXXXX` + let n=`/bin/grep -n '^include.*\.schema' /etc/openldap/slapd.conf | /usr/bin/tail -1 | /bin/sed 's/:.*//'` + if [ "$n" -gt 0 ]; then + /bin/cp -fp /etc/openldap/slapd.conf /etc/openldap/slapd.conf.rpmsave; + /usr/bin/head -$n /etc/openldap/slapd.conf > $tf + echo 'include /etc/openldap/schema/dnszone.schema' >> $tf + let n='n+1' + /usr/bin/tail +$n /etc/openldap/slapd.conf >> $tf + /bin/mv -f $tf /etc/openldap/slapd.conf; + /bin/chmod --reference=/etc/openldap/slapd.conf.rpmsave /etc/openldap/slapd.conf + [ -x /sbin/restorecon ] && /sbin/restorecon /etc/openldap/slapd.conf + [ -x /etc/init.d/ldap ] && /etc/init.d/ldap condrestart >/dev/null 2>&1 + fi + rm -f $tf >/dev/null 2>&1; + fi; + fi fi exit 0 @@ -329,12 +385,22 @@ if [ $1 = 0 ]; then /usr/sbin/groupdel named 2>/dev/null || : /sbin/chkconfig --del named [ -f /var/lock/subsys/named ] && /etc/rc.d/init.d/named stop >/dev/null 2>&1 + if [ -x /usr/sbin/named_sdb ] && [ -f /etc/openldap/slapd.conf ]; then + if /bin/egrep -q '^include.*\dnszone.schema' /etc/openldap/slapd.conf; then + tf=`/bin/mktemp /tmp/XXXXXX` + /bin/egrep -v '^include.*dnszone\.schema' /etc/openldap/slapd.conf > $tf + /bin/mv -f $tf /etc/openldap/slapd.conf; + rm -f $tf >/dev/null 2>&1 + [ -x /etc/init.d/ldap ] && /etc/init.d/ldap condrestart >/dev/null 2>&1 + fi; + fi; +fi fi exit 0 %postun if [ "$1" -ge 1 ]; then - /etc/rc.d/init.d/named condrestart >/dev/null 2>&1 || : + /etc/rc.d/init.d/named condrestart >/dev/null 2>&1 || : fi /sbin/ldconfig @@ -355,11 +421,10 @@ rm -rf ${RPM_BUILD_ROOT} %doc CHANGES COPYRIGHT README %doc doc/arm doc/misc %config(noreplace) /etc/logrotate.d/named -%config /etc/rc.d/init.d/named +%attr(754,root,root) %config /etc/rc.d/init.d/named %config(noreplace) /etc/sysconfig/named %verify(not size,not md5) %config(noreplace) %attr(0640,root,named) /etc/rndc.conf %verify(not size,not md5) %config(noreplace) %attr(0640,root,named) /etc/rndc.key - %{_sbindir}/dnssec* %{_sbindir}/lwresd %{_sbindir}/named @@ -367,6 +432,13 @@ rm -rf ${RPM_BUILD_ROOT} %{_sbindir}/named-check* %{_sbindir}/rndc* %{_sbindir}/dns-keygen +%if %{SDB} +%config /etc/openldap/schema/dnszone.schema +%{_sbindir}/named_sdb +%{_sbindir}/zone2ldap +%{_sbindir}/zonetodb +%doc contrib/sdb/ldap/README.ldap contrib/sdb/ldap/INSTALL.ldap +%endif %{_mandir}/man5/named.conf.5* %{_mandir}/man5/rndc.conf.5* @@ -377,6 +449,9 @@ rm -rf ${RPM_BUILD_ROOT} %{_mandir}/man8/named-checkconf.8* %{_mandir}/man8/named-checkzone.8* %{_mandir}/man8/rndc-confgen.8* +%if %{SDB} +%{_mandir}/man1/zone2ldap.1* +%endif %attr(750,root,named) %dir /var/named %attr(770,named,named) %dir /var/named/slaves @@ -408,6 +483,12 @@ rm -rf ${RPM_BUILD_ROOT} %doc doc/draft doc/rfc %changelog +* Wed Feb 16 2005 Jason Vas Dias - 22:9.3.1rc1-1 +- Upgrade to 9.3.1rc1 +- add named_sdb - ldap + pgsql + dir database backend support with +- 'ENABLE_SDB' named.sysconfig option +- fix bug 147824 / 147073 / 145664: ENABLE_ZONE_WRITE in named.init + * Tue Jan 11 2005 Jason Vas Dias - 22:9.3.0-2 - Fix bug 143438: named.init will now make correct ownership of $ROOTDIR/var/named - based on 'named_write_master_zones' SELinux boolean. diff --git a/named.init b/named.init index e9d3b93..5cbda73 100755 --- a/named.init +++ b/named.init @@ -42,9 +42,10 @@ start() { cp -fp /etc/localtime ${ROOTDIR}/etc/localtime fi; fi + no_write_master_zones=0 if [ -e /etc/selinux/config ]; then . /etc/selinux/config - if [ "$SELINUXTYPE" != "" ] && [ -d /etc/selinux/${SELINUXTYPE} ] && [ -e /etc/selinux/${SELINUXTYPE}/booleans ]; then + if [ "$SELINUX" != 'disabled' ] && [ "$SELINUXTYPE" != "" ] && [ -d /etc/selinux/${SELINUXTYPE} ] && [ -e /etc/selinux/${SELINUXTYPE}/booleans ]; then . /etc/selinux/${SELINUXTYPE}/booleans if echo "$named_write_master_zones" | /bin/egrep -q '^[0-9]+$'; then if [ "$named_write_master_zones" -eq 1 ] ; then @@ -53,16 +54,31 @@ start() { /bin/chown -f --from=named:named root:named $ROOTDIR/var/named fi; fi; + else + no_write_master_zones=1 fi; + else + no_write_master_zones=1 fi; + if [ "$no_write_master_zones" -eq 1 ]; then + if [[ "$ENABLE_ZONE_WRITE" = [yY1]* ]]; then + /bin/chown -f --from=root:named named:named $ROOTDIR/var/named + elif [[ "$ENABLE_ZONE_WRITE" = [nN0]* ]]; then + /bin/chown -f --from=named:named root:named $ROOTDIR/var/named + fi; + fi conf_ok=0; if [ -x /usr/sbin/named-checkconf ] && /usr/sbin/named-checkconf $ckcf_options; then conf_ok=1; else RETVAL=$?; fi + PROG=named + if [[ "$ENABLE_SDB" = [yY1]* ]] && [ -x /usr/sbin/named_sdb ]; then + PROG=named_sdb; + fi; if [ $conf_ok -eq 1 ]; then - daemon /usr/sbin/named -u named ${OPTIONS}; + daemon /usr/sbin/$PROG -u named ${OPTIONS}; RETVAL=$?; else named_err=`/usr/sbin/named -g 2>&1 | sed s/\n/\\n/g`; diff --git a/named.sysconfig b/named.sysconfig index fe69e1c..872bae2 100644 --- a/named.sysconfig +++ b/named.sysconfig @@ -1,6 +1,23 @@ +# BIND named process options +# ~~~~~~~~~~~~~~~~~~~~~~~~~~ # Currently, you can use the following options: +# # ROOTDIR="/some/where" -- will run named in a chroot environment. -# you must set up the chroot environment before +# you must set up the chroot environment +# (install the bind-chroot package) before # doing this. -# OPTIONS="whatever" -- These additional options will be passed to named -# at startup. Don't add -t here, use ROOTDIR instead. +# +# OPTIONS="whatever" -- These additional options will be passed to named +# at startup. Don't add -t here, use ROOTDIR instead. +# +# ENABLE_ZONE_WRITE=yes -- If SELinux is disabled, then allow named to write +# its zone files and create files in its $ROOTDIR/var/named +# directory, necessary for DDNS and slave zone transfers. +# Slave zones should reside in the $ROOTDIR/var/named/slaves +# directory, in which case you would not need to enable zone +# writes. If SELinux is enabled, you must use only the +# 'named_write_master_zones' variable to enable zone writes. +# +# ENABLE_SDB=yes -- This enables use of 'named_sdb', which has support +# -- for the ldap, pgsql and dir zone database backends +# -- compiled in, to be used instead of named.