rpms/bind
6
0
Fork 1
Code Issues Pull Requests Releases Activity

- very minor compatibility change in bind-chroot-admin (line 215)

Browse Source 
- enabled IDN support by default and don't distribute IDN libraries
    (#169546)
- specfile cleanup
- add dynamic directory to /var/named. This directory will be primarily
    used for dynamic DNS zones. ENABLE_ZONE_WRITE and SELinux's
    named_write_master_zones no longer exist
This commit is contained in:
Adam Tkac 2007-06-04 13:44:35 +00:00
parent 9091db68d8
commit 7fdb7fd693
9 changed files with 35 additions and 150 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.cvsignore
View File

@ -1,3 +1,3 @@
bind-chroot.tar.gz
libbind-man.tar.gz
bind-9.4.1.tar.gz bind-9.4.1.tar.gz
bind-chroot.tar.bz2
libbind-man.tar.gz

78
bind-9.3.1-redhat_doc.patch
View File

@ -1,78 +0,0 @@
--- bind-9.3.1/bin/named/named.8.redhat_doc 2004-06-03 01:35:47.000000000 -0400
+++ bind-9.3.1/bin/named/named.8 2005-05-17 21:22:25.000000000 -0400
@@ -164,6 +164,75 @@
.TP
\fB\fI/var/run/named.pid\fB\fR
The default process-id file.
+.PP
+.SH "NOTES"
+.PP
+.TP
+\fBRed Hat SELinux BIND Security Profile:\fR
+.PP
+By default, Red Hat ships BIND with the most secure SELinux policy
+that will not prevent normal BIND operation and will prevent exploitation
+of all known BIND security vulnerabilities . See the selinux(8) man page
+for information about SElinux.
+.PP
+It is not necessary to run named in a chroot environment if the Red Hat
+SELinux policy for named is enabled. When enabled, this policy is far
+more secure than a chroot environment. Users are recommended to enable
+SELinux and remove the bind-chroot package.
+.PP
+With this extra security comes some restrictions:
+.PP
+By default, the SELinux policy does not allow named to write any master
+zone database files. Only the root user may create files in the $ROOTDIR/var/named
+zone database file directory (the options { "directory" } option), where
+$ROOTDIR is set in /etc/sysconfig/named.
+.PP
+The "named" group must be granted read privelege to
+these files in order for named to be enabled to read them.
+.PP
+Any file created in the zone database file directory is automatically assigned
+the SELinux file context named_zone_t .
+.PP
+By default, SELinux prevents any role from modifying named_zone_t files; this
+means that files in the zone database directory cannot be modified by dynamic
+DNS (DDNS) updates or zone transfers.
+.PP
+The Red Hat BIND distribution and SELinux policy creates two directories where
+named is allowed to create and modify files: $ROOTDIR/var/named/slaves and
+$ROOTDIR/var/named/data. By placing files you want named to modify, such as
+slave or DDNS updateable zone files and database / statistics dump files in
+these directories, named will work normally and no further operator action is
+required. Files in these directories are automatically assigned the 'named_cache_t'
+file context, which SELinux allows named to write.
+.PP
+You can enable the named_t domain to write and create named_zone_t files by use
+of the SELinux tunable boolean variable "named_write_master_zones", using the
+setsebool(8) command or the system-config-security GUI . If you do this, you
+must also set the ENABLE_ZONE_WRITE variable in /etc/sysconfig/named to
+1 / yes to set the ownership of files in the $ROOTDIR/var/named directory
+to named:named in order for named to be allowed to write them.
+.PP
+\fBRed Hat BIND named_sdb SDB support:\fR
+.PP
+Red Hat ships the bind-sdb RPM that provides the /usr/sbin/named_sdb program,
+which is named compiled with the Simplified Database Backend modules that ISC
+provides in the "contrib/sdb" directory.
+.PP
+The SDB modules for LDAP, PostGreSQL and DirDB are compiled into named_sdb.
+.PP
+To run named_sdb, set the ENABLE_SDB variable in /etc/sysconfig/named to 1 or "yes",
+and then the "service named start" named initscript will run named_sdb instead
+of named .
+.PP
+See the documentation for the various SDB modules in /usr/share/doc/bind-sdb-*/ .
+.br
+.PP
+\fBRed Hat system-config-bind:\fR
+.PP
+Red Hat provides the system-config-bind GUI to configure named.conf and zone
+database files. Run the "system-config-bind" command and access the manual
+by selecting the Help menu.
+.PP
.SH "SEE ALSO"
.PP
\fIRFC 1033\fR,

15
bind-9.3.2-redhat_doc.patch
View File

@ -1,6 +1,6 @@
--- bind-9.4.0/bin/named/named.8.redhat_doc 2007-01-30 01:23:44.000000000 +0100 --- bind-9.4.0/bin/named/named.8.redhat_doc 2007-01-30 01:23:44.000000000 +0100
+++ bind-9.4.0/bin/named/named.8 2007-03-12 15:39:19.000000000 +0100 +++ bind-9.4.0/bin/named/named.8 2007-03-12 15:39:19.000000000 +0100
@@ -205,6 +205,75 @@ @@ -205,6 +205,68 @@
\fI/var/run/named.pid\fR \fI/var/run/named.pid\fR
.RS 4 .RS 4
The default process\-id file. The default process\-id file.
@ -37,21 +37,14 @@
+means that files in the zone database directory cannot be modified by dynamic +means that files in the zone database directory cannot be modified by dynamic
+DNS (DDNS) updates or zone transfers. +DNS (DDNS) updates or zone transfers.
+.PP +.PP
+The Red Hat BIND distribution and SELinux policy creates two directories where +The Red Hat BIND distribution and SELinux policy creates three directories where
+named is allowed to create and modify files: $ROOTDIR/var/named/slaves and +named is allowed to create and modify files: /var/named/slaves, /var/named/dynamic
+$ROOTDIR/var/named/data. By placing files you want named to modify, such as +/var/named/data. By placing files you want named to modify, such as
+slave or DDNS updateable zone files and database / statistics dump files in +slave or DDNS updateable zone files and database / statistics dump files in
+these directories, named will work normally and no further operator action is +these directories, named will work normally and no further operator action is
+required. Files in these directories are automatically assigned the 'named_cache_t' +required. Files in these directories are automatically assigned the 'named_cache_t'
+file context, which SELinux allows named to write. +file context, which SELinux allows named to write.
+.PP +.PP
+You can enable the named_t domain to write and create named_zone_t files by use
+of the SELinux tunable boolean variable "named_write_master_zones", using the
+setsebool(8) command or the system-config-security GUI . If you do this, you
+must also set the ENABLE_ZONE_WRITE variable in /etc/sysconfig/named to
+1 / yes to set the ownership of files in the $ROOTDIR/var/named directory
+to named:named in order for named to be allowed to write them.
+.PP
+\fBRed Hat BIND named_sdb SDB support:\fR +\fBRed Hat BIND named_sdb SDB support:\fR
+.PP +.PP
+Red Hat ships the bind-sdb RPM that provides the /usr/sbin/named_sdb program, +Red Hat ships the bind-sdb RPM that provides the /usr/sbin/named_sdb program,

6
bind-9.4.0-idnkit-autotools.patch
View File

@ -24,7 +24,7 @@
+if RUNIDN +if RUNIDN
+bin_SCRIPTS = +bin_SCRIPTS =
+man1_MANS = +man1_MANS =
+lib_LTLIBRARIES = libidnkitres.la +noinst_LTLIBRARIES = libidnkitres.la
+ +
+libidnkitres_la_SOURCES = \ +libidnkitres_la_SOURCES = \
+ resolver.lo stub.lo + resolver.lo stub.lo
@ -91,9 +91,9 @@
--- idnkit-1.0-src/lib/Makefile.am.autotools 2007-04-16 13:39:47.000000000 +0200 --- idnkit-1.0-src/lib/Makefile.am.autotools 2007-04-16 13:39:47.000000000 +0200
+++ idnkit-1.0-src/lib/Makefile.am 2007-04-16 13:11:02.000000000 +0200 +++ idnkit-1.0-src/lib/Makefile.am 2007-04-16 13:11:02.000000000 +0200
@@ -0,0 +1,85 @@ @@ -0,0 +1,85 @@
+lib_LTLIBRARIES = libidnkitlite.la +noinst_LTLIBRARIES = libidnkitlite.la
+if ! LITEONLY +if ! LITEONLY
+lib_LTLIBRARIES += libidnkit.la +noinst_LTLIBRARIES += libidnkit.la
+endif +endif
+ +
+AM_CPPFLAGS = \ +AM_CPPFLAGS = \

29
bind-chroot-admin.in
View File

@ -78,18 +78,18 @@ function check_dirs()
/bin/chown root:named /etc/sysconfig/named; /bin/chown root:named /etc/sysconfig/named;
/bin/chmod 0640 /etc/sysconfig/named; /bin/chmod 0640 /etc/sysconfig/named;
fi fi
/bin/mkdir -p ${BIND_DIR}/{slaves,data}; /bin/mkdir -p ${BIND_DIR}/{slaves,data,dynamic};
/bin/chown --preserve-root root:named ${BIND_DIR}; /bin/chown --preserve-root root:named ${BIND_DIR};
/bin/chown --preserve-root named:named ${BIND_DIR}/{slaves,data}; /bin/chown --preserve-root named:named ${BIND_DIR}/{slaves,data,dynamic};
/bin/chmod --preserve-root 750 ${BIND_DIR} /bin/chmod --preserve-root 750 ${BIND_DIR}
/bin/chmod --preserve-root 770 ${BIND_DIR}/{slaves,data}; /bin/chmod --preserve-root 770 ${BIND_DIR}/{slaves,data,dynamic};
mkdir -p ${BIND_CHROOT_PREFIX}/{etc,dev,var/{run/named,named/{slaves,data}}}; mkdir -p ${BIND_CHROOT_PREFIX}/{etc,dev,var/{run/named,named/{slaves,data,dynamic}}};
/bin/chown --preserve-root root:named ${BIND_CHROOT_PREFIX}/{etc,dev,var/{run,named/}}; /bin/chown --preserve-root root:named ${BIND_CHROOT_PREFIX}/{etc,dev,var/{run,named/}};
/bin/chown --preserve-root root:named ${BIND_CHROOT_PREFIX}/var; /bin/chown --preserve-root root:named ${BIND_CHROOT_PREFIX}/var;
/bin/chmod --preserve-root 750 ${BIND_CHROOT_PREFIX}/{,etc,dev,var,var/{run,named/}}; /bin/chmod --preserve-root 750 ${BIND_CHROOT_PREFIX}/{,etc,dev,var,var/{run,named/}};
/bin/chown --preserve-root named:named ${BIND_CHROOT_PREFIX}/var/{run/named,named/{data,slaves}}; /bin/chown --preserve-root named:named ${BIND_CHROOT_PREFIX}/var/{run/named,named/{data,slaves,dynamic}};
/bin/chmod --preserve-root 770 ${BIND_CHROOT_PREFIX}/var/{run/named,named/{slaves,data}}; /bin/chmod --preserve-root 770 ${BIND_CHROOT_PREFIX}/var/{run/named,named/{slaves,data,dynamic}};
[ ! -e "${BIND_CHROOT_PREFIX}/dev/random" ] && /bin/mknod "${BIND_CHROOT_PREFIX}/dev/random" c 1 8 [ ! -e "${BIND_CHROOT_PREFIX}/dev/random" ] && /bin/mknod "${BIND_CHROOT_PREFIX}/dev/random" c 1 8
[ ! -e "${BIND_CHROOT_PREFIX}/dev/zero" ] && /bin/mknod "${BIND_CHROOT_PREFIX}/dev/zero" c 1 5 [ ! -e "${BIND_CHROOT_PREFIX}/dev/zero" ] && /bin/mknod "${BIND_CHROOT_PREFIX}/dev/zero" c 1 5
@ -238,7 +238,7 @@ function sync_files()
changed=`/bin/mktemp /tmp/XXXXXX`; changed=`/bin/mktemp /tmp/XXXXXX`;
rm -f $changed rm -f $changed
if [ $ENABLED -eq 0 ] ; then # chroot is enabled if [ $ENABLED -eq 0 ] ; then # chroot is enabled
/usr/bin/find /{etc/{named.*,rndc.*},${BIND_DIR#/}{/*,/data/*,/slaves/*}} -maxdepth 0 -type f | /usr/bin/find /{etc/{named.*,rndc.*},${BIND_DIR#/}{/*,/data/*,/slaves/*,/dynamic/*}} -maxdepth 0 -type f |
while read f; while read f;
do do
replace_with_link ${BIND_CHROOT_PREFIX}/$f $f; replace_with_link ${BIND_CHROOT_PREFIX}/$f $f;
@ -251,7 +251,7 @@ function sync_files()
done done
pfx=${BIND_CHROOT_PREFIX} pfx=${BIND_CHROOT_PREFIX}
else # chroot is disabled else # chroot is disabled
/usr/bin/find /var/named/chroot/{etc/{named.*,rndc.*},var/named{/*,/data/*,/slaves/*}} -maxdepth 0 | /usr/bin/find /var/named/chroot/{etc/{named.*,rndc.*},var/named{/*,/data/*,/slaves/*,/dynamic/*}} -maxdepth 0 |
while read f; while read f;
do do
if [ ! -d "$f" ]; then if [ ! -d "$f" ]; then
@ -280,11 +280,11 @@ function sync_files()
chmod 750 ${pfx}/var/named >/dev/null 2>&1; chmod 750 ${pfx}/var/named >/dev/null 2>&1;
chmod 640 ${pfx}/var/named/* >/dev/null 2>&1; chmod 640 ${pfx}/var/named/* >/dev/null 2>&1;
chmod 750 ${pfx}/var/named/*/. >/dev/null 2>&1; chmod 750 ${pfx}/var/named/*/. >/dev/null 2>&1;
chown -h named:named /var/named/{data{,/*},slaves{,*/}} >/dev/null 2>&1; chown -h named:named /var/named/{data{,/*},slaves{,/*},dynamic{,/*}} >/dev/null 2>&1;
chown -h named:named ${BIND_CHROOT_PREFIX}/var/named/{data{,/*},slaves{,*/}} >/dev/null 2>&1; chown -h named:named ${BIND_CHROOT_PREFIX}/var/named/{data{,/*},slaves{,/*},dynamic{,/*}} >/dev/null 2>&1;
chmod 770 ${pfx}/var/named/{data,slaves} >/dev/null 2>&1; chmod 770 ${pfx}/var/named/{data,slaves,dynamic} >/dev/null 2>&1;
chmod 660 ${pfx}/var/named/{data/*,slaves/*} >/dev/null 2>&1; chmod 660 ${pfx}/var/named/{data/*,slaves/*,dynamic/*} >/dev/null 2>&1;
chmod 770 ${pfx}/var/named/{data/*/.,slaves/*/.} >/dev/null 2>&1; chmod 770 ${pfx}/var/named/{data/*/.,slaves/*/.,dynamic/*/.} >/dev/null 2>&1;
if [ -e $changed ]; then if [ -e $changed ]; then
if selinux_enabled && [ -x /sbin/restorecon ]; then if selinux_enabled && [ -x /sbin/restorecon ]; then
/sbin/restorecon -R ${BIND_CHROOT_PREFIX}/etc ${BIND_CHROOT_PREFIX}/var/named ${BIND_CHROOT_PREFIX}/var/run/named >/dev/null 2>&1; /sbin/restorecon -R ${BIND_CHROOT_PREFIX}/etc ${BIND_CHROOT_PREFIX}/var/named ${BIND_CHROOT_PREFIX}/var/run/named >/dev/null 2>&1;
@ -295,7 +295,7 @@ function sync_files()
/sbin/restorecon /etc/rndc.key >/dev/null 2>&1; /sbin/restorecon /etc/rndc.key >/dev/null 2>&1;
/sbin/restorecon /etc/rndc.conf >/dev/null 2>&1; /sbin/restorecon /etc/rndc.conf >/dev/null 2>&1;
/sbin/restorecon /var/named{/,/*} >/dev/null 2>&1; /sbin/restorecon /var/named{/,/*} >/dev/null 2>&1;
/sbin/restorecon /var/named/{slaves,data}{/,/*} >/dev/null 2>&1; /sbin/restorecon /var/named/{slaves,data,dynamic}{/,/*} >/dev/null 2>&1;
/sbin/restorecon /var/named/named.ca ${BIND_CHROOT_PREFIX}/var/named/named.ca >/dev/null 2>&1; /sbin/restorecon /var/named/named.ca ${BIND_CHROOT_PREFIX}/var/named/named.ca >/dev/null 2>&1;
/sbin/restorecon ${BIND_CHROOT_PREFIX} >/dev/null 2>&1; /sbin/restorecon ${BIND_CHROOT_PREFIX} >/dev/null 2>&1;
/sbin/restorecon /var/named/named.ca >/dev/null 2>&1; /sbin/restorecon /var/named/named.ca >/dev/null 2>&1;
@ -320,6 +320,7 @@ function clean_root()
rmdir ${BIND_CHROOT_PREFIX}/var/run >/dev/null 2>&1 || :; rmdir ${BIND_CHROOT_PREFIX}/var/run >/dev/null 2>&1 || :;
rmdir ${BIND_CHROOT_PREFIX}/var/named/slaves >/dev/null 2>&1 || :; rmdir ${BIND_CHROOT_PREFIX}/var/named/slaves >/dev/null 2>&1 || :;
rmdir ${BIND_CHROOT_PREFIX}/var/named/data >/dev/null 2>&1 || :; rmdir ${BIND_CHROOT_PREFIX}/var/named/data >/dev/null 2>&1 || :;
rmdir ${BIND_CHROOT_PREFIX}/var/named/dynamic >/dev/null 2>&1 || :;
rmdir ${BIND_CHROOT_PREFIX}/var/named >/dev/null 2>&1 || :; rmdir ${BIND_CHROOT_PREFIX}/var/named >/dev/null 2>&1 || :;
rmdir ${BIND_CHROOT_PREFIX}/var/tmp >/dev/null 2>&1 || :; rmdir ${BIND_CHROOT_PREFIX}/var/tmp >/dev/null 2>&1 || :;
rmdir ${BIND_CHROOT_PREFIX}/var >/dev/null 2>&1 || :; rmdir ${BIND_CHROOT_PREFIX}/var >/dev/null 2>&1 || :;

11
bind.spec
View File

@ -28,7 +28,7 @@ Source2: named.init
Source3: named.logrotate Source3: named.logrotate
Source4: keygen.c Source4: keygen.c
Source5: rfc1912.txt Source5: rfc1912.txt
Source6: bind-chroot.tar.gz Source6: bind-chroot.tar.bz2
Source7: bind-9.3.1rc1-sdb_tools-Makefile.in Source7: bind-9.3.1rc1-sdb_tools-Makefile.in
Source8: http://www.venaas.no/ldap/bind-sdb/dnszone.schema Source8: http://www.venaas.no/ldap/bind-sdb/dnszone.schema
Source9: libbind-man.tar.gz Source9: libbind-man.tar.gz
@ -359,11 +359,12 @@ mkdir -p ${RPM_BUILD_ROOT}/usr/{bin,lib,sbin,include}
mkdir -p ${RPM_BUILD_ROOT}/var/named mkdir -p ${RPM_BUILD_ROOT}/var/named
mkdir -p ${RPM_BUILD_ROOT}/var/named/slaves mkdir -p ${RPM_BUILD_ROOT}/var/named/slaves
mkdir -p ${RPM_BUILD_ROOT}/var/named/data mkdir -p ${RPM_BUILD_ROOT}/var/named/data
mkdir -p ${RPM_BUILD_ROOT}/var/named/dynamic
mkdir -p ${RPM_BUILD_ROOT}%{_mandir}/{man1,man5,man8} mkdir -p ${RPM_BUILD_ROOT}%{_mandir}/{man1,man5,man8}
mkdir -p ${RPM_BUILD_ROOT}/var/run/named mkdir -p ${RPM_BUILD_ROOT}/var/run/named
#chroot #chroot
mkdir -p ${RPM_BUILD_ROOT}/%{chroot_prefix} mkdir -p ${RPM_BUILD_ROOT}/%{chroot_prefix}
tar --no-same-owner -zxvf %{SOURCE6} --directory ${RPM_BUILD_ROOT}/%{chroot_prefix} tar --no-same-owner -jxvf %{SOURCE6} --directory ${RPM_BUILD_ROOT}/%{chroot_prefix}
# these are required to prevent them being erased during upgrade of previous # these are required to prevent them being erased during upgrade of previous
# versions that included them (bug #130121): # versions that included them (bug #130121):
touch ${RPM_BUILD_ROOT}/%{chroot_prefix}/etc/named.conf touch ${RPM_BUILD_ROOT}/%{chroot_prefix}/etc/named.conf
@ -611,6 +612,7 @@ rm -rf ${RPM_BUILD_ROOT}
%defattr(0660,named,named,0770) %defattr(0660,named,named,0770)
%dir /var/named/slaves %dir /var/named/slaves
%dir /var/named/data %dir /var/named/data
%dir /var/named/dynamic
%dir /var/run/named %dir /var/run/named
%defattr(0754,root,root,0750) %defattr(0754,root,root,0750)
%config /etc/rc.d/init.d/named %config /etc/rc.d/init.d/named
@ -743,6 +745,7 @@ rm -rf ${RPM_BUILD_ROOT}
%defattr(0660,named,named,0770) %defattr(0660,named,named,0770)
%dir %prefix/var/named/slaves %dir %prefix/var/named/slaves
%dir %prefix/var/named/data %dir %prefix/var/named/data
%dir %prefix/var/named/dynamic
%dir %prefix/var/run/named %dir %prefix/var/run/named
%dir %prefix/var/tmp %dir %prefix/var/tmp
%ghost %prefix/dev/null %ghost %prefix/dev/null
@ -769,10 +772,12 @@ rm -rf ${RPM_BUILD_ROOT}
%endif %endif
%changelog %changelog
* Tue Jun 04 2007 Adam Tkac <atkac redhat com> 31:9.4.1-4.2.fc8 * Tue Jun 04 2007 Adam Tkac <atkac redhat com> 31:9.4.1-5.fc8
- very minor compatibility change in bind-chroot-admin (line 215) - very minor compatibility change in bind-chroot-admin (line 215)
- enabled IDN support by default and don't distribute IDN libraries - enabled IDN support by default and don't distribute IDN libraries
- specfile cleanup - specfile cleanup
- add dynamic directory to /var/named. This directory will be primarily used for
dynamic DNS zones. ENABLE_ZONE_WRITE and SELinux's named_write_master_zones no longer exist
* Wed May 24 2007 Adam Tkac <atkac redhat com> 31:9.4.1-4.fc8 * Wed May 24 2007 Adam Tkac <atkac redhat com> 31:9.4.1-4.fc8
- removed ldap-api patch and start using deprecated API - removed ldap-api patch and start using deprecated API

30
named.init
View File

@ -121,35 +121,7 @@ start() {
fi; fi;
fi; fi;
fi fi
no_write_master_zones=0
if [ -e /etc/selinux/config ]; then
. /etc/selinux/config
if [[ ( "$SELINUX" != 'disabled') && ("$SELINUXTYPE" != "") && (-d /etc/selinux/${SELINUXTYPE}) && (-e /etc/selinux/${SELINUXTYPE}/booleans || (-e /etc/selinux/${SELINUXTYPE}/booleans.local)) ]]; then
if [ -e /etc/selinux/${SELINUXTYPE}/booleans.local ]; then
. /etc/selinux/${SELINUXTYPE}/booleans.local;
else
. /etc/selinux/${SELINUXTYPE}/booleans;
fi;
if echo "$named_write_master_zones" | /bin/egrep -q '^[0-9]+$'; then
if [ "$named_write_master_zones" -eq 1 ] ; then
/bin/chown -f --from=root:named named:named $ROOTDIR/var/named
elif [ "$named_write_master_zones" -eq 0 ] ; then
/bin/chown -f --from=named:named root:named $ROOTDIR/var/named
fi;
fi;
else
no_write_master_zones=1
fi;
else
no_write_master_zones=1
fi;
if [ "$no_write_master_zones" -eq 1 ]; then
if [[ "$ENABLE_ZONE_WRITE" = [yY1]* ]]; then
/bin/chown -f --from=root:named named:named $ROOTDIR/var/named
elif [[ "$ENABLE_ZONE_WRITE" = [nN0]* ]]; then
/bin/chown -f --from=named:named root:named $ROOTDIR/var/named
fi;
fi
conf_ok=0; conf_ok=0;
if [ -x /usr/sbin/named-checkconf ] && [ -x /usr/sbin/named-checkzone ] && /usr/sbin/named-checkconf $ckcf_options ${named_conf} >/dev/null 2>&1; then if [ -x /usr/sbin/named-checkconf ] && [ -x /usr/sbin/named-checkzone ] && /usr/sbin/named-checkconf $ckcf_options ${named_conf} >/dev/null 2>&1; then
conf_ok=1; conf_ok=1;

8
named.sysconfig
View File

@ -10,14 +10,6 @@
# OPTIONS="whatever" -- These additional options will be passed to named # OPTIONS="whatever" -- These additional options will be passed to named
# at startup. Don't add -t here, use ROOTDIR instead. # at startup. Don't add -t here, use ROOTDIR instead.
# #
# ENABLE_ZONE_WRITE=yes -- If SELinux is disabled, then allow named to write
# its zone files and create files in its $ROOTDIR/var/named
# directory, necessary for DDNS and slave zone transfers.
# Slave zones should reside in the $ROOTDIR/var/named/slaves
# directory, in which case you would not need to enable zone
# writes. If SELinux is enabled, you must use only the
# 'named_write_master_zones' variable to enable zone writes.
#
# ENABLE_SDB=yes -- This enables use of 'named_sdb', which has support # ENABLE_SDB=yes -- This enables use of 'named_sdb', which has support
# -- for the ldap, pgsql and dir zone database backends # -- for the ldap, pgsql and dir zone database backends
# -- compiled in, to be used instead of named. # -- compiled in, to be used instead of named.

4
sources
View File

@ -1,3 +1,3 @@
3567c35a24cb83a8a69443a399bbb6c8 bind-chroot.tar.gz
13fef79f99fcefebb51d84b08805de51 libbind-man.tar.gz
09b54d35036cb0423b2e618f21766285 bind-9.4.1.tar.gz 09b54d35036cb0423b2e618f21766285 bind-9.4.1.tar.gz
dd2b4f4b795a0a989b0a01f93db3a57b bind-chroot.tar.bz2
13fef79f99fcefebb51d84b08805de51 libbind-man.tar.gz