rpms
/
bind
7
0
Fork 1
Code Issues Pull Requests Releases Activity

- bind-chroot-admin is now in chroot package 

- SQLite support in bind-sdb
- redhat_doc.patch is always applied
This commit is contained in:
Adam Tkac 2007-03-12 15:15:37 +00:00
parent 03a58f5559
commit c30533e317
5 changed files with 857 additions and 88 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
bind-9.3.2-redhat_doc.patch
View File

@ -1,8 +1,8 @@
--- bind-9.3.2/bin/named/named.8.redhat_doc 2005-10-12 22:33:46.000000000 -0400
+++ bind-9.3.2/bin/named/named.8 2006-02-07 15:56:31.000000000 -0500
@@ -169,6 +169,75 @@
.TP
--- bind-9.4.0/bin/named/named.8.redhat_doc 2007-01-30 01:23:44.000000000 +0100
+++ bind-9.4.0/bin/named/named.8 2007-03-12 15:39:19.000000000 +0100
@@ -205,6 +205,75 @@
\fI/var/run/named.pid\fR
.RS 4
The default process\-id file.
+.PP
+.SH "NOTES"
@ -58,7 +58,7 @@
+which is named compiled with the Simplified Database Backend modules that ISC
+provides in the "contrib/sdb" directory.
+.PP
+The SDB modules for LDAP, PostGreSQL and DirDB are compiled into named_sdb.
+The SDB modules for LDAP, PostGreSQL, DirDB and SQLite are compiled into named_sdb.
+.PP
+To run named_sdb, set the ENABLE_SDB variable in /etc/sysconfig/named to 1 or "yes",
+and then the "service named start" named initscript will run named_sdb instead
@ -73,6 +73,6 @@
+database files. Run the "system-config-bind" command and access the manual
+by selecting the Help menu.
+.PP
.RE
.SH "SEE ALSO"
.PP
RFC 1033,

74
bind-9.3.3rc2-dbus.patch
View File

@ -725,77 +725,3 @@
.SH "SIGNALS"
.PP
In routine operation, signals should not be used to control the nameserver;
@@ -195,6 +202,73 @@
\fBnamed\fR
configuration file is too complex to describe in detail here. A complete description is provided in the
BIND 9 Administrator Reference Manual.
+.PP
+.SH "NOTES"
+.PP
+.TP
+\fBRed Hat SELinux BIND Security Profile:\fR
+.PP
+By default, Red Hat ships BIND with the most secure SELinux policy
+that will not prevent normal BIND operation and will prevent exploitation
+of all known BIND security vulnerabilities . See the selinux(8) man page
+for information about SElinux.
+.PP
+It is not necessary to run named in a chroot environment if the Red Hat
+SELinux policy for named is enabled. When enabled, this policy is far
+more secure than a chroot environment.
+.PP
+With this extra security comes some restrictions:
+.br
+By default, the SELinux policy does not allow named to write any master
+zone database files. Only the root user may create files in the $ROOTDIR/var/named
+zone database file directory (the options { "directory" } option), where
+$ROOTDIR is set in /etc/sysconfig/named.
+.br
+The "named" group must be granted read privelege to
+these files in order for named to be enabled to read them.
+.br
+Any file created in the zone database file directory is automatically assigned
+the SELinux file context named_zone_t .
+.br
+By default, SELinux prevents any role from modifying named_zone_t files; this
+means that files in the zone database directory cannot be modified by dynamic
+DNS (DDNS) updates or zone transfers.
+.br
+The Red Hat BIND distribution and SELinux policy creates two directories where
+named is allowed to create and modify files: $ROOTDIR/var/named/slaves and
+$ROOTDIR/var/named/data. By placing files you want named to modify, such as
+slave or DDNS updateable zone files and database / statistics dump files in
+these directories, named will work normally and no further operator action is
+required. Files in these directories are automatically assigned the 'named_cache_t'
+file context, which SELinux allows named to write.
+.br
+You can enable the named_t domain to write and create named_zone_t files by use
+of the SELinux tunable boolean variable "named_write_master_zones", using the
+setsebool(8) command or the system-config-security GUI . If you do this, you
+must also set the ENABLE_ZONE_WRITE variable in /etc/sysconfig/named to
+1 / yes to set the ownership of files in the $ROOTDIR/var/named directory
+to named:named in order for named to be allowed to write them.
+.PP
+\fBRed Hat BIND named_sdb SDB support:\fR
+.PP
+Red Hat ships the bind-sdb RPM that provides the /usr/sbin/named_sdb program,
+which is named compiled with the Simplified Database Backend modules that ISC
+provides in the "contrib/sdb" directory.
+.br
+The SDB modules for LDAP, PostGreSQL and DirDB are compiled into named_sdb.
+.br
+To run named_sdb, set the ENABLE_SDB variable in /etc/sysconfig/named to 1 or "yes",
+and then the "service named start" named initscript will run named_sdb instead
+of named .
+.br
+See the documentation for the various SDB modules in /usr/share/doc/bind-sdb-*/ .
+.PP
+\fBRed Hat system-config-bind:\fR
+.PP
+Red Hat provides the system-config-bind GUI to configure named.conf and zone
+database files. Run the "system-config-bind" command and access the manual
+by selecting the Help menu.
+.PP
.SH "FILES"
.PP
\fI/etc/named.conf\fR

729
bind-9.3.4-sdb-sqlite-src.patch Normal file
View File

@ -0,0 +1,729 @@
--- bind-9.3.4/contrib/sdb/sqlite/sqlitedb.c.sdb-sqlite-src 2007-03-01 23:06:02.000000000 -0500
+++ bind-9.3.4/contrib/sdb/sqlite/sqlitedb.c 2007-03-01 23:06:02.000000000 -0500
@@ -0,0 +1,324 @@
+/*
+ * Copyright (C) 2007 Internet Software Consortium.
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
+ * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
+ * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
+ * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
+ * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
+ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/* $Id: sqlitedb.c Exp $ */
+
+#include <config.h>
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <unistd.h>
+
+#include <sqlite3.h>
+
+#include <isc/mem.h>
+#include <isc/print.h>
+#include <isc/result.h>
+#include <isc/util.h>
+
+#include <dns/sdb.h>
+#include <dns/result.h>
+
+#include <named/globals.h>
+
+#include "sqlitedb.h"
+
+/*
+ * A simple database driver that interfaces to a SQLite database.
+ *
+ * The table must contain the fields "name", "rdtype", and "rdata", and
+ * is expected to contain a properly constructed zone. The program "zonetodb"
+ * creates such a table.
+ */
+
+static dns_sdbimplementation_t *sqlitedb = NULL;
+
+typedef struct _dbinfo {
+ sqlite3 *db;
+ char *filename;
+ char *table;
+} dbinfo_t;
+
+
+static isc_result_t
+db_connect(dbinfo_t *dbi)
+{
+ if (sqlite3_open(dbi->filename, &dbi->db) == SQLITE_OK) {
+ return (ISC_R_SUCCESS);
+ } else {
+ /* a connection is returned even if the open fails */
+ sqlite3_close(dbi->db);
+ dbi->db = NULL;
+ return (ISC_R_FAILURE);
+ }
+}
+
+
+typedef struct _lookup_parm_t {
+ int i;
+ dns_sdblookup_t *lookup;
+ isc_result_t result;
+} lookup_parm_t;
+
+
+static int
+sqlitedb_lookup_cb(void *p, int cc, char **cv, char **cn)
+{
+ lookup_parm_t *parm = p;
+ dns_ttl_t ttl;
+ char *endp;
+
+ /* FIXME - check these(num/names); I'm assuming a mapping for now */
+ char *ttlstr = cv[0];
+ char *type = cv[1];
+ char *data = cv[2];
+
+ UNUSED(cc);
+ UNUSED(cn);
+
+ ttl = strtol(ttlstr, &endp, 10);
+ if (*endp) {
+ parm->result = DNS_R_BADTTL;
+ return 1;
+ }
+
+ parm->result = dns_sdb_putrr(parm->lookup, type, ttl, data);
+
+ if (parm->result != ISC_R_SUCCESS)
+ return 1;
+
+ (parm->i)++;
+
+ return 0;
+}
+
+
+static isc_result_t
+sqlitedb_lookup(const char *zone,
+ const char *name, void *dbdata,
+ dns_sdblookup_t *lookup)
+/*
+ * synchronous absolute name lookup
+ */
+{
+ dbinfo_t *dbi = (dbinfo_t *) dbdata;
+ char *sql;
+ lookup_parm_t parm = { 0, lookup, ISC_R_SUCCESS };
+ char *errmsg = NULL;
+ int result;
+
+ UNUSED(zone);
+
+ sql = sqlite3_mprintf(
+ "SELECT TTL,RDTYPE,RDATA FROM \"%q\" WHERE "
+ "lower(NAME) = lower('%q')",
+ dbi->table, name);
+
+ result = sqlite3_exec(dbi->db, sql,
+ &sqlitedb_lookup_cb, &parm,
+ &errmsg);
+ sqlite3_free(sql);
+
+ if (result != SQLITE_OK)
+ return (ISC_R_FAILURE);
+ if (parm.i == 0)
+ return (ISC_R_NOTFOUND);
+
+ return (ISC_R_SUCCESS);
+}
+
+
+typedef struct _allnodes_parm_t {
+ int i;
+ dns_sdballnodes_t *allnodes;
+ isc_result_t result;
+} allnodes_parm_t;
+
+
+static int
+sqlitedb_allnodes_cb(void *p, int cc, char **cv, char **cn)
+{
+ allnodes_parm_t *parm = p;
+ dns_ttl_t ttl;
+ char *endp;
+
+ /* FIXME - check these(num/names); I'm assuming a mapping for now */
+ char *ttlstr = cv[0];
+ char *name = cv[1];
+ char *type = cv[2];
+ char *data = cv[3];
+
+ UNUSED(cc);
+ UNUSED(cn);
+
+ ttl = strtol(ttlstr, &endp, 10);
+ if (*endp) {
+ parm->result = DNS_R_BADTTL;
+ return 1;
+ }
+
+ parm->result = dns_sdb_putnamedrr(parm->allnodes, name, type, ttl, data);
+
+ if (parm->result != ISC_R_SUCCESS)
+ return 1;
+
+ (parm->i)++;
+
+ return 0;
+}
+
+
+static isc_result_t
+sqlitedb_allnodes(const char *zone,
+ void *dbdata,
+ dns_sdballnodes_t *allnodes)
+{
+ dbinfo_t *dbi = (dbinfo_t *) dbdata;
+ char *sql;
+ allnodes_parm_t parm = { 0, allnodes, ISC_R_SUCCESS };
+ char *errmsg = NULL;
+ int result;
+
+ UNUSED(zone);
+
+ sql = sqlite3_mprintf(
+ "SELECT TTL,NAME,RDTYPE,RDATA FROM \"%q\" ORDER BY NAME",
+ dbi->table);
+
+ result = sqlite3_exec(dbi->db, sql,
+ &sqlitedb_allnodes_cb, &parm,
+ &errmsg);
+ sqlite3_free(sql);
+
+ if (result != SQLITE_OK)
+ return (ISC_R_FAILURE);
+ if (parm.i == 0)
+ return (ISC_R_NOTFOUND);
+
+ return (ISC_R_SUCCESS);
+}
+
+
+static void
+sqlitedb_destroy(const char *zone, void *driverdata, void **dbdata)
+{
+ dbinfo_t *dbi = *dbdata;
+
+ UNUSED(zone);
+ UNUSED(driverdata);
+
+ if (dbi->db != NULL)
+ sqlite3_close(dbi->db);
+ if (dbi->table != NULL)
+ isc_mem_free(ns_g_mctx, dbi->table);
+ if (dbi->filename != NULL)
+ isc_mem_free(ns_g_mctx, dbi->filename);
+
+ isc_mem_put(ns_g_mctx, dbi, sizeof(dbinfo_t));
+}
+
+
+#define STRDUP_OR_FAIL(target, source) \
+ do { \
+ target = isc_mem_strdup(ns_g_mctx, source); \
+ if (target == NULL) { \
+ result = ISC_R_NOMEMORY; \
+ goto cleanup; \
+ } \
+ } while (0);
+
+/*
+ * Create a connection to the database and save any necessary information
+ * in dbdata.
+ *
+ * argv[0] is the name of the database file
+ * argv[1] is the name of the table
+ */
+static isc_result_t
+sqlitedb_create(const char *zone,
+ int argc, char **argv,
+ void *driverdata, void **dbdata)
+{
+ dbinfo_t *dbi;
+ isc_result_t result;
+
+ UNUSED(zone);
+ UNUSED(driverdata);
+
+ if (argc < 2)
+ return (ISC_R_FAILURE);
+
+ dbi = isc_mem_get(ns_g_mctx, sizeof(dbinfo_t));
+ if (dbi == NULL)
+ return (ISC_R_NOMEMORY);
+ dbi->db = NULL;
+ dbi->filename = NULL;
+ dbi->table = NULL;
+
+ STRDUP_OR_FAIL(dbi->filename, argv[0]);
+ STRDUP_OR_FAIL(dbi->table, argv[1]);
+
+ result = db_connect(dbi);
+ if (result != ISC_R_SUCCESS)
+ goto cleanup;
+
+ *dbdata = dbi;
+ return (ISC_R_SUCCESS);
+
+cleanup:
+ sqlitedb_destroy(zone, driverdata, (void **)&dbi);
+ return (result);
+}
+
+
+/*
+ * Since the SQL database corresponds to a zone, the authority data should
+ * be returned by the lookup() function. Therefore the authority() function
+ * is NULL.
+ */
+static dns_sdbmethods_t sqlitedb_methods = {
+ sqlitedb_lookup,
+ NULL, /* authority */
+ sqlitedb_allnodes,
+ sqlitedb_create,
+ sqlitedb_destroy
+};
+
+
+/*
+ * Wrapper around dns_sdb_register().
+ */
+isc_result_t
+sqlitedb_init(void)
+{
+ unsigned int flags;
+ flags = 0;
+ return (dns_sdb_register("sqlite", &sqlitedb_methods, NULL, flags,
+ ns_g_mctx, &sqlitedb));
+}
+
+
+/*
+ * Wrapper around dns_sdb_unregister().
+ */
+void
+sqlitedb_clear(void)
+{
+ if (sqlitedb != NULL)
+ dns_sdb_unregister(&sqlitedb);
+}
--- bind-9.3.4/contrib/sdb/sqlite/sqlitedb.h.sdb-sqlite-src 2007-03-01 23:06:02.000000000 -0500
+++ bind-9.3.4/contrib/sdb/sqlite/sqlitedb.h 2007-03-01 23:06:02.000000000 -0500
@@ -0,0 +1,25 @@
+/*
+ * Copyright (C) 2000-2002 Internet Software Consortium.
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
+ * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
+ * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
+ * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
+ * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
+ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/* $Id: pgsqldb.h,v 1.2.4.2 2002/08/05 06:57:07 marka Exp $ */
+
+#include <isc/types.h>
+
+isc_result_t sqlitedb_init(void);
+
+void sqlitedb_clear(void);
+
--- bind-9.3.4/contrib/sdb/sqlite/README.sdb_sqlite.sdb-sqlite-src 2007-03-01 23:06:02.000000000 -0500
+++ bind-9.3.4/contrib/sdb/sqlite/README.sdb_sqlite 2007-03-01 23:17:01.000000000 -0500
@@ -0,0 +1,67 @@
+ SQLite BIND SDB driver
+
+The SQLite BIND SDB "driver" is intended as an alternative both to the
+pgsqldb and dirdb drivers, for situations that would like the management
+simplicity and convenience of single filesystem files, with the additional
+capability of SQL databases. It is also intended as an alternative to
+the standard dynamic DNS update capability in bind, which effectively
+requires use of DNSSEC keys for authorization, and is limited to 'nsupdate'
+for updates. An sqlite database, by contrast, uses and requires only
+normal filesystem permissions, and may be updated however a typical SQLite
+database might be updated, e.g., via a web service with an SQLite backend.
+
+This driver is not considered suitable for very high volume public
+nameserver use, while likely useful for smaller private nameserver
+applications, whether or not in a production environment. It should
+generally be suitable wherever SQLite is preferable over larger database
+engines, and not suitable where SQLite is not preferable.
+
+Usage:
+
+o Use the named_sdb process ( put ENABLE_SDB=yes in /etc/sysconfig/named )
+
+o Edit your named.conf to contain a database zone, eg.:
+
+zone "mydomain.net." IN {
+ type master;
+ database "sqlite mydomain.db mydomain";
+ # ^- DB name ^-Table
+};
+
+o Create the database zone table
+ The table must contain the columns "name", "rdtype", and "rdata", and
+ is expected to contain a properly constructed zone. The program
+ "zone2sqlite" creates such a table.
+
+ zone2sqlite usage:
+
+ zone2sqlite origin zonefile dbfile dbtable
+
+ where
+ origin : zone origin, eg "mydomain.net."
+ zonefile : master zone database file, eg. mydomain.net.zone
+ dbfile : name of SQLite database file
+ dbtable : name of table in database
+
+---
+# mydomain.net.zone:
+$TTL 1H
+@ SOA localhost. root.localhost. ( 1
+ 3H
+ 1H
+ 1W
+ 1H )
+ NS localhost.
+host1 A 192.168.2.1
+host2 A 192.168.2.2
+host3 A 192.168.2.3
+host4 A 192.168.2.4
+host5 A 192.168.2.5
+host6 A 192.168.2.6
+host7 A 192.168.2.7
+---
+
+# zone2sqlite mydomain.net. mydomain.net.zone mydomain.net.db mydomain
+
+will create/update the 'mydomain' table in database file 'mydomain.net.db'.
+
--- bind-9.3.4/contrib/sdb/sqlite/zone2sqlite.c.sdb-sqlite-src 2007-03-01 23:06:02.000000000 -0500
+++ bind-9.3.4/contrib/sdb/sqlite/zone2sqlite.c 2007-03-01 23:06:02.000000000 -0500
@@ -0,0 +1,301 @@
+/*
+ * Copyright (C) 2007 Internet Software Consortium.
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
+ * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
+ * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
+ * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
+ * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
+ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/* $Id: zonetosqlite.c Exp $ */
+
+#include <stdlib.h>
+#include <string.h>
+
+#include <isc/buffer.h>
+#include <isc/mem.h>
+#include <isc/print.h>
+#include <isc/result.h>
+
+#include <dns/db.h>
+#include <dns/dbiterator.h>
+#include <dns/fixedname.h>
+#include <dns/name.h>
+#include <dns/rdata.h>
+#include <dns/rdataset.h>
+#include <dns/rdatasetiter.h>
+#include <dns/rdatatype.h>
+#include <dns/result.h>
+
+#include <sqlite3.h>
+
+#ifndef UNUSED
+#define UNUSED(x) (x) = (x)
+#endif
+
+/*
+ * Generate an SQLite table from a zone.
+ */
+
+typedef struct _dbinfo {
+ sqlite3 *db;
+ char *filename;
+ char *table;
+} dbinfo_t;
+
+dbinfo_t dbi = { NULL, NULL, NULL };
+
+
+static void
+closeandexit(int status)
+{
+ if (dbi.db) {
+ sqlite3_close(dbi.db);
+ dbi.db = NULL;
+ }
+ exit(status);
+}
+
+static void
+check_result(isc_result_t result, const char *message)
+{
+ if (result != ISC_R_SUCCESS) {
+ fprintf(stderr, "%s: %s\n", message,
+ isc_result_totext(result));
+ closeandexit(1);
+ }
+}
+
+static isc_result_t
+db_connect(dbinfo_t *dbi)
+{
+ if (sqlite3_open(dbi->filename, &dbi->db) == SQLITE_OK) {
+ return (ISC_R_SUCCESS);
+ } else {
+ /* a connection is returned even if the open fails */
+ sqlite3_close(dbi->db);
+ dbi->db = NULL;
+ return (ISC_R_FAILURE);
+ }
+}
+
+static int
+add_rdata_cb(void *parm, int cc, char **cv, char **cn)
+{
+ UNUSED(parm);
+ UNUSED(cc);
+ UNUSED(cv);
+ UNUSED(cn);
+
+ return 0;
+}
+
+
+static void
+addrdata(dns_name_t *name, dns_ttl_t ttl, dns_rdata_t *rdata)
+{
+ unsigned char namearray[DNS_NAME_MAXTEXT + 1];
+ unsigned char typearray[20];
+ unsigned char dataarray[2048];
+ isc_buffer_t b;
+ isc_result_t result;
+ char *sql;
+ char *errmsg = NULL;
+ int res;
+
+ isc_buffer_init(&b, namearray, sizeof(namearray) - 1);
+ result = dns_name_totext(name, ISC_TRUE, &b);
+ check_result(result, "dns_name_totext");
+ namearray[isc_buffer_usedlength(&b)] = 0;
+
+ isc_buffer_init(&b, typearray, sizeof(typearray) - 1);
+ result = dns_rdatatype_totext(rdata->type, &b);
+ check_result(result, "dns_rdatatype_totext");
+ typearray[isc_buffer_usedlength(&b)] = 0;
+
+ isc_buffer_init(&b, dataarray, sizeof(dataarray) - 1);
+ result = dns_rdata_totext(rdata, NULL, &b);
+ check_result(result, "dns_rdata_totext");
+ dataarray[isc_buffer_usedlength(&b)] = 0;
+
+ sql = sqlite3_mprintf(
+ "INSERT INTO %q (NAME, TTL, RDTYPE, RDATA)"
+ " VALUES ('%q', %d, '%q', '%q') ",
+ dbi.table,
+ namearray, ttl, typearray, dataarray);
+ printf("%s\n", sql);
+ res = sqlite3_exec(dbi.db, sql, add_rdata_cb, NULL, &errmsg);
+ sqlite3_free(sql);
+
+ if (result != SQLITE_OK) {
+ fprintf(stderr, "INSERT failed: %s\n", errmsg);
+ closeandexit(1);
+ }
+}
+
+int
+main(int argc, char *argv[])
+{
+ char *sql;
+ int res;
+ char *errmsg = NULL;
+ char *porigin, *zonefile;
+ dns_fixedname_t forigin, fname;
+ dns_name_t *origin, *name;
+ dns_db_t *db = NULL;
+ dns_dbiterator_t *dbiter;
+ dns_dbnode_t *node;
+ dns_rdatasetiter_t *rdsiter;
+ dns_rdataset_t rdataset;
+ dns_rdata_t rdata = DNS_RDATA_INIT;
+ isc_mem_t *mctx = NULL;
+ isc_buffer_t b;
+ isc_result_t result;
+
+ if (argc != 5) {
+ printf("usage: %s <zone> <zonefile> <dbfile> <dbtable>\n", argv[0]);
+ exit(1);
+ }
+
+ porigin = argv[1];
+ zonefile = argv[2];
+
+ dbi.filename = argv[3];
+ dbi.table = argv[4];
+
+ dns_result_register();
+
+ mctx = NULL;
+ result = isc_mem_create(0, 0, &mctx);
+ check_result(result, "isc_mem_create");
+
+ isc_buffer_init(&b, porigin, strlen(porigin));
+ isc_buffer_add(&b, strlen(porigin));
+ dns_fixedname_init(&forigin);
+ origin = dns_fixedname_name(&forigin);
+ result = dns_name_fromtext(origin, &b, dns_rootname, ISC_FALSE, NULL);
+ check_result(result, "dns_name_fromtext");
+
+ db = NULL;
+ result = dns_db_create(mctx, "rbt", origin, dns_dbtype_zone,
+ dns_rdataclass_in, 0, NULL, &db);
+ check_result(result, "dns_db_create");
+
+ result = dns_db_load(db, zonefile);
+ if (result == DNS_R_SEENINCLUDE)
+ result = ISC_R_SUCCESS;
+ check_result(result, "dns_db_load");
+
+ printf("Connecting to '%s'\n", dbi.filename);
+
+ if ((result = db_connect(&dbi)) != ISC_R_SUCCESS) {
+ fprintf(stderr, "Connection to database '%s' failed\n",
+ dbi.filename);
+ closeandexit(1);
+ }
+
+ sql = sqlite3_mprintf("DROP TABLE %q ", dbi.table);
+ printf("%s\n", sql);
+ res = sqlite3_exec(dbi.db, sql, NULL, NULL, &errmsg);
+ sqlite3_free(sql);
+#if 0
+ if (res != SQLITE_OK) {
+ fprintf(stderr, "DROP TABLE %s failed: %s\n",
+ dbi.table, errmsg);
+ }
+#endif
+
+#if 0
+ sql = sqlite3_mprintf(sql, "BEGIN TRANSACTION");
+ printf("%s\n", sql);
+ res = sqlite3_exec(dbi.db, sql, NULL, NULL, &errmsg);
+ sqlite3_free(sql);
+ if (res != SQLITE_OK) {
+ fprintf(stderr, "BEGIN TRANSACTION failed: %s\n", errmsg);
+ closeandexit(1);
+ }
+#endif
+
+ sql = sqlite3_mprintf(
+ "CREATE TABLE %q "
+ "(NAME TEXT, TTL INTEGER, RDTYPE TEXT, RDATA TEXT) ",
+ dbi.table);
+ printf("%s\n", sql);
+ res = sqlite3_exec(dbi.db, sql, NULL, NULL, &errmsg);
+ sqlite3_free(sql);
+ if (res != SQLITE_OK) {
+ fprintf(stderr, "CREATE TABLE %s failed: %s\n",
+ dbi.table, errmsg);
+ closeandexit(1);
+ }
+
+ dbiter = NULL;
+ result = dns_db_createiterator(db, ISC_FALSE, &dbiter);
+ check_result(result, "dns_db_createiterator()");
+
+ result = dns_dbiterator_first(dbiter);
+ check_result(result, "dns_dbiterator_first");
+
+ dns_fixedname_init(&fname);
+ name = dns_fixedname_name(&fname);
+ dns_rdataset_init(&rdataset);
+ dns_rdata_init(&rdata);
+
+ while (result == ISC_R_SUCCESS) {
+ node = NULL;
+ result = dns_dbiterator_current(dbiter, &node, name);
+ if (result == ISC_R_NOMORE)
+ break;
+ check_result(result, "dns_dbiterator_current");
+
+ rdsiter = NULL;
+ result = dns_db_allrdatasets(db, node, NULL, 0, &rdsiter);
+ check_result(result, "dns_db_allrdatasets");
+
+ result = dns_rdatasetiter_first(rdsiter);
+
+ while (result == ISC_R_SUCCESS) {
+ dns_rdatasetiter_current(rdsiter, &rdataset);
+ result = dns_rdataset_first(&rdataset);
+ check_result(result, "dns_rdataset_first");
+ while (result == ISC_R_SUCCESS) {
+ dns_rdataset_current(&rdataset, &rdata);
+ addrdata(name, rdataset.ttl, &rdata);
+ dns_rdata_reset(&rdata);
+ result = dns_rdataset_next(&rdataset);
+ }
+ dns_rdataset_disassociate(&rdataset);
+ result = dns_rdatasetiter_next(rdsiter);
+ }
+ dns_rdatasetiter_destroy(&rdsiter);
+ dns_db_detachnode(db, &node);
+ result = dns_dbiterator_next(dbiter);
+ }
+
+#if 0
+ sql = sqlite3_mprintf(sql, "COMMIT TRANSACTION ");
+ printf("%s\n", sql);
+ res = sqlite3_exec(dbi.db, sql, NULL, NULL, &errmsg);
+ sqlite3_free(sql);
+ if (res != SQLITE_OK) {
+ fprintf(stderr, "COMMIT TRANSACTION failed: %s\n", errmsg);
+ closeandexit(1);
+ }
+#endif
+
+ dns_dbiterator_destroy(&dbiter);
+ dns_db_detach(&db);
+ isc_mem_destroy(&mctx);
+
+ closeandexit(0);
+
+ exit(0);
+}

99
bind-9.4.0-sdb-sqlite-bld.patch Normal file
View File

@ -0,0 +1,99 @@
--- bind-9.4.0/bin/named_sdb/main.c.sdb-sqlite-bld 2007-03-12 14:00:05.000000000 +0100
+++ bind-9.4.0/bin/named_sdb/main.c 2007-03-12 14:02:34.000000000 +0100
@@ -74,6 +74,7 @@
/* #include "xxdb.h" */
#include "ldapdb.h"
#include "pgsqldb.h"
+#include "sqlitedb.h"
#include "dirdb.h"
/*
@@ -648,6 +649,7 @@
ldapdb_clear();
pgsqldb_clear();
+ sqlitedb_clear();
dirdb_clear();
isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN,
@@ -737,6 +739,23 @@
ISC_LOG_NOTICE, "SDB postgreSQL DB zone database module loaded."
);
+ result = sqlitedb_init();
+ if (result != ISC_R_SUCCESS)
+ {
+ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN,
+ ISC_LOG_ERROR,
+ "SDB sqlite3 module initialisation failed: %s.",
+ isc_result_totext(result)
+ );
+ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN,
+ ISC_LOG_ERROR,
+ "SDB sqlite3 zone database will be unavailable."
+ );
+ }else
+ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN,
+ ISC_LOG_NOTICE, "SDB sqlite3 DB zone database module loaded."
+ );
+
result = dirdb_init();
if (result != ISC_R_SUCCESS)
{
@@ -781,6 +800,7 @@
ldapdb_clear();
pgsqldb_clear();
+ sqlitedb_clear();
dirdb_clear();
isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN,
--- bind-9.4.0/bin/named_sdb/Makefile.in.sdb-sqlite-bld 2007-03-12 14:00:05.000000000 +0100
+++ bind-9.4.0/bin/named_sdb/Makefile.in 2007-03-12 14:00:05.000000000 +0100
@@ -26,10 +26,10 @@
#
# Add database drivers here.
#
-DBDRIVER_OBJS = ldapdb.o pgsqldb.o dirdb.o
-DBDRIVER_SRCS = ldapdb.c pgsqldb.c dirdb.c
+DBDRIVER_OBJS = ldapdb.o pgsqldb.o sqlitedb.o dirdb.o
+DBDRIVER_SRCS = ldapdb.c pgsqldb.c sqlitedb.c dirdb.c
DBDRIVER_INCLUDES =
-DBDRIVER_LIBS = -lldap -llber -lpq
+DBDRIVER_LIBS = -lldap -llber -lpq -lsqlite3
DLZ_DRIVER_DIR = ${top_srcdir}/contrib/dlz/drivers
--- bind-9.4.0/bin/sdb_tools/Makefile.in.sdb-sqlite-bld 2007-03-12 14:00:05.000000000 +0100
+++ bind-9.4.0/bin/sdb_tools/Makefile.in 2007-03-12 14:00:05.000000000 +0100
@@ -30,11 +30,11 @@
LIBS = ${LWRESLIBS} ${DNSLIBS} ${BIND9LIBS} \
${ISCCFGLIBS} ${ISCCCLIBS} ${ISCLIBS} ${DBDRIVER_LIBS} @LIBS@
-TARGETS = zone2ldap@EXEEXT@ ldap2zone@EXEEXT@ zonetodb@EXEEXT@
+TARGETS = zone2ldap@EXEEXT@ ldap2zone@EXEEXT@ zonetodb@EXEEXT@ zone2sqlite@EXEEXT@
-OBJS = zone2ldap.o ldap2zone.o zonetodb.o
+OBJS = zone2ldap.o ldap2zone.o zonetodb.o zone2sqlite
-SRCS = zone2ldap.c ldap2zone.c zonetodb.c
+SRCS = zone2ldap.c ldap2zone.c zonetodb.c zone2sqlite.c
MANPAGES = zone2ldap.1
@@ -54,6 +54,9 @@
zonetodb: zonetodb.o ${DEPLIBS}
${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} -o $@ zonetodb.o -lpq ${LIBS}
+zone2sqlite: zone2sqlite.o ${DEPLIBS}
+ ${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} -o $@ zone2sqlite.o -lsqlite3 -lssl ${LIBS}
+
ldap2zone: ldap2zone.o ${DEPLIBS}
${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} -o $@ ldap2zone.o -lldap -llber ${LIBS}
@@ -68,4 +71,5 @@
${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} zone2ldap ${DESTDIR}${sbindir}
${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} ldap2zone ${DESTDIR}${sbindir}
${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} zonetodb ${DESTDIR}${sbindir}
+ ${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} zone2sqlite ${DESTDIR}${sbindir}
${INSTALL_DATA} ${srcdir}/zone2ldap.1 ${DESTDIR}${mandir}/man1/zone2ldap.1

31
bind.spec
View File

@ -17,7 +17,7 @@ Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv
Name: bind
License: BSD-like
Version: 9.4.0
Release: 1%{?dist}
Release: 2%{?dist}
Epoch: 31
Url: http://www.isc.org/products/BIND/
Buildroot: %{_tmppath}/%{name}-root
@ -74,6 +74,8 @@ Patch22: bind-9.3.1-sdb_dbus.patch
Patch23: bind-9.3.1-dbus_archdep_libdir.patch
Patch32: bind-9.3.2-prctl_set_dumpable.patch
Patch52: bind-9.3.3-edns.patch
Patch61: bind-9.3.4-sdb-sqlite-src.patch
Patch62: bind-9.4.0-sdb-sqlite-bld.patch
#
Requires: bind-libs = %{epoch}:%{version}-%{release}, glibc >= 2.2, mktemp
Requires(post): bash, coreutils, sed, grep, chkconfig >= 1.3.26
@ -84,7 +86,7 @@ Requires(post): policycoreutils
%endif
BuildRequires: gcc, glibc-devel >= 2.2.5-26, glibc-kernheaders >= 2.4-7.10, openssl-devel, libtool, autoconf, pkgconfig
%if %{SDB}
BuildRequires: openldap-devel, postgresql-devel
BuildRequires: openldap-devel, postgresql-devel, sqlite-devel
%endif
%if %{WITH_DBUS}
BuildRequires: dbus-devel
@ -205,9 +207,9 @@ tools for verifying that the DNS server is operating properly.
BIND SDB (Simplified Database Backend) provides named_sdb, the DNS
name server compiled to include support for using alternative Zone Databases
stored in an LDAP server (ldapdb), a postgreSQL database (pgsqldb), or in the
filesystem (dirdb), in addition to the standard in-memory RBT (Red Black Tree)
zone database.
stored in an LDAP server (ldapdb), a postgreSQL database (pgsqldb), an
sqlite database (sqlitedb), or in the filesystem (dirdb), in addition
to the standard in-memory RBT (Red Black Tree) zone database.
%endif
@ -223,12 +225,15 @@ zone database.
%patch10 -p1 -b .PIE
%if %{SDB}
%patch11 -p1 -b .sdbsrc
%patch61 -p1 -b .sdb-sqlite-src
# BUILD 'Simplified Database Backend' (SDB) version of named: named_sdb
cp -rfp bin/named bin/named_sdb
# SDB ldap
cp -fp contrib/sdb/ldap/ldapdb.[ch] bin/named_sdb
# SDB postgreSQL
cp -fp contrib/sdb/pgsql/pgsqldb.[ch] bin/named_sdb
# SDB sqlite
cp -fp contrib/sdb/sqlite/sqlitedb.[ch] bin/named_sdb
# SDB Berkeley DB - needs to be ported to DB4!
#cp -fp contrib/sdb/bdb/bdb.[ch] bin/named_sdb
# SDB dir
@ -239,20 +244,20 @@ cp -fp %{SOURCE7} bin/sdb_tools/Makefile.in
#cp -fp contrib/sdb/bdb/zone2bdb.c bin/sdb_tools
cp -fp contrib/sdb/ldap/{zone2ldap.1,zone2ldap.c} bin/sdb_tools
cp -fp contrib/sdb/pgsql/zonetodb.c bin/sdb_tools
cp -fp contrib/sdb/sqlite/zone2sqlite.c bin/sdb_tools
%patch12 -p1 -b .sdb
%endif
%if %{LIBBIND}
%patch13 -p1 -b .fix_libbind_includedir
%patch14 -p1 -b .fix_h_errno
%endif
%patch16 -p1 -b .redhat_doc
%if %{WITH_DBUS}
%patch15 -p1 -b .dbus
%if %{SDB}
%patch22 -p1 -b .sdb_dbus
%endif
%patch23 -p1 -b .dbus_archdep_libdir
%else
%patch16 -p1 -b .redhat_doc
%endif
%if %{SDB}
%patch17 -p1 -b .fix_sdb_ldap
@ -274,6 +279,9 @@ cp -fp bin/named/include/named/{globals.h,server.h,log.h,types.h} bin/named_sdb/
%endif
%patch32 -p1 -b .prctl_set_dumpable
%patch52 -p1 -b .edns
%if %{SDB}
%patch62 -p1 -b .sdb-sqlite-bld
%endif
:;
@ -480,7 +488,6 @@ chmod 0755 ${RPM_BUILD_ROOT}%{_libdir}/lib*so.*
%{_sbindir}/named
%{_sbindir}/named-bootconf
%{_sbindir}/rndc*
%{_sbindir}/bind-chroot-admin
%{_sbindir}/named-compilezone
%defattr(0644,root,root,0755)
%{_mandir}/man5/named.conf.5*
@ -593,6 +600,8 @@ chmod 0755 ${RPM_BUILD_ROOT}%{_libdir}/lib*so.*
%ghost %prefix/dev/null
%ghost %prefix/dev/random
%ghost %prefix/dev/zero
%defattr(0750,root,root,0755)
%{_sbindir}/bind-chroot-admin
%if %{SDB}
@ -602,6 +611,7 @@ chmod 0755 ${RPM_BUILD_ROOT}%{_libdir}/lib*so.*
%{_sbindir}/zone2ldap
%{_sbindir}/ldap2zone
%{_sbindir}/zonetodb
%{_sbindir}/zone2sqlite
%defattr(0644,root,root,0755)
%config(noreplace) /etc/openldap/schema/dnszone.schema
%defattr(0644,root,named,0755)
@ -746,6 +756,11 @@ rm -rf ${RPM_BUILD_ROOT}
:;
%changelog
* Mon Mar 12 2007 Adam Tkac <atkac redhat com> 31:9.4.0-2.fc7
- added experimental SQLite support (written by John Boyd <jaboydjr@netwalk.com>)
- moved bind-chroot-admin script to chroot package
- bind-9.3.2-redhat_doc.patch is always applied (#231738)
* Tue Mar 06 2007 Adam Tkac <atkac@redhat.com> 31:9.4.0-1.fc7
- updated to 9.4.0
- bind-chroot-admin now sets EAs correctly (#213926)