From f17cf8721270ff756ec6b5c669df4af010581ced Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= Date: Fri, 12 Dec 2025 16:52:32 +0100 Subject: [PATCH] Create /var/named directories for bind-chroot Fixes bind-chroot in Image Mode. Include even subdirectories. Resolves: RHEL-135629 --- bind-chroot.tmpfiles.d | 37 +++++++++++++++++++++++++++++++++++++ bind.spec | 8 +++++++- 2 files changed, 44 insertions(+), 1 deletion(-) create mode 100644 bind-chroot.tmpfiles.d diff --git a/bind-chroot.tmpfiles.d b/bind-chroot.tmpfiles.d new file mode 100644 index 0000000..ba13ee1 --- /dev/null +++ b/bind-chroot.tmpfiles.d @@ -0,0 +1,37 @@ +# vim: ft=conf: +# TODO: these definitions are in different form in rpm spec %files chroot section +# find a way to have it defined only once +#defattr(0664,root,named,-) +c /var/named/chroot/dev/null 0664 root named - 1:3 +c /var/named/chroot/dev/random 0664 root named - 1:8 +c /var/named/chroot/dev/urandom 0664 root named - 1:9 +c /var/named/chroot/dev/zero 0664 root named - 1:5 +#defattr(0640,root,named,0750) +d /var/named/chroot 0750 root named - +d /var/named/chroot/dev 0750 root named - +d /var/named/chroot/etc 0750 root named - +d /var/named/chroot/etc/named 0750 root named - +d /var/named/chroot/etc/pki 0750 root named - +d /var/named/chroot/etc/pki/dnssec-keys 0750 root named - +d /var/named/chroot/etc/crypto-policies 0750 root named - +d /var/named/chroot/etc/crypto-policies/back-ends 0750 root named - +d /var/named/chroot/var 0750 root named - +d /var/named/chroot/run 0750 root named - +#defattr(-,root,root,-) +d /var/named/chroot/usr - root root - +d /var/named/chroot/usr/lib64 - root root - +d /var/named/chroot/usr/lib64/bind - root root - +d /var/named/chroot/usr/share/GeoIP - root root - +d /var/named/chroot/usr/share/named - root root - +d /var/named/chroot/proc - root root - +d /var/named/chroot/proc/sys - root root - +d /var/named/chroot/proc/sys/net - root root - +d /var/named/chroot/proc/sys/net/ipv4 - root root - +#defattr(0660,root,named,01770) +d /var/named/chroot/var/named 01770 root named - +#defattr(0660,named,named,0770) +d /var/named/chroot/var/tmp 0770 named named - +d /var/named/chroot/var/log 0770 named named - +#defattr(-,named,named,-) +d /var/named/chroot/run/named - named named - +L /var/named/chroot/var/run - named named - ../run diff --git a/bind.spec b/bind.spec index 499e194..7cc374c 100644 --- a/bind.spec +++ b/bind.spec @@ -56,7 +56,7 @@ Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv Name: bind License: MPLv2.0 Version: 9.16.23 -Release: 36%{?dist} +Release: 37%{?dist} Epoch: 32 Url: https://www.isc.org/downloads/bind/ # @@ -87,6 +87,7 @@ Source46: named-setup-rndc.service Source47: named-pkcs11.service Source48: setup-named-softhsm.sh Source49: named-chroot.files +Source51: bind-chroot.tmpfiles.d # Common patches Patch10: bind-9.5-PIE.patch @@ -901,6 +902,7 @@ done mkdir -p ${RPM_BUILD_ROOT}%{_tmpfilesdir} install -p -m 644 %{SOURCE35} ${RPM_BUILD_ROOT}%{_tmpfilesdir}/named.conf +install -p -m 644 %{SOURCE51} ${RPM_BUILD_ROOT}%{_tmpfilesdir}/%{name}-chroot.conf mkdir -p ${RPM_BUILD_ROOT}%{_sysconfdir}/rwtab.d install -p -m 644 %{SOURCE43} ${RPM_BUILD_ROOT}%{_sysconfdir}/rwtab.d/named @@ -1155,6 +1157,7 @@ fi; %{_unitdir}/named-chroot.service %{_unitdir}/named-chroot-setup.service %{_libexecdir}/setup-named-chroot.sh +%{_tmpfilesdir}/%{name}-chroot.conf %defattr(0664,root,named,-) %ghost %dev(c,1,3) %verify(not mtime) %{chroot_prefix}/dev/null %ghost %dev(c,1,8) %verify(not mtime) %{chroot_prefix}/dev/random @@ -1252,6 +1255,9 @@ fi; %endif %changelog +* Fri Dec 12 2025 Petr Menšík - 32:9.16.23-37 +- Create /var/named directories for bind-chroot (RHEL-132053) + * Wed Oct 29 2025 Petr Menšík - 32:9.16.23-36 - Copy named.* files from /var/named into /usr/share/named