rpms/bind
5
0
Fork 1
Code Issues Pull Requests Releases Activity

fix bugs 191093, 189789; backport selected fixes from upstream v9_3_3b1 CVS

Browse Source
This commit is contained in:
jvdias 2006-06-14 05:26:43 +00:00
parent 10f5fb7f70
commit fc31cdddc1
3 changed files with 80 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
bind-chroot-admin.in
View File

@ -50,6 +50,15 @@ function rootdir()
return 1; return 1;
} }
function selinux_enabled()
{
[ -e /etc/selinux/config ] && . /etc/selinux/config;
if [ -n "$SELINUX" ] && [ "$SELINUX" != 'disabled' ] ; then
return 0;
fi;
return 1;
}
function check_dirs() function check_dirs()
{ {
if [ -z "$BIND_CHROOT_PREFIX" ]; then if [ -z "$BIND_CHROOT_PREFIX" ]; then
@ -89,7 +98,7 @@ function check_dirs()
[ ! -e "${BIND_CHROOT_PREFIX}/etc/localtime" ] && [ -e /etc/localtime ] && /bin/cp -fp /etc/localtime "${BIND_CHROOT_PREFIX}/etc/localtime"; [ ! -e "${BIND_CHROOT_PREFIX}/etc/localtime" ] && [ -e /etc/localtime ] && /bin/cp -fp /etc/localtime "${BIND_CHROOT_PREFIX}/etc/localtime";
chown root:named "${BIND_CHROOT_PREFIX}"/dev/{random,null,zero}; chown root:named "${BIND_CHROOT_PREFIX}"/dev/{random,null,zero};
chmod 660 "${BIND_CHROOT_PREFIX}"/dev/{random,null,zero}; chmod 660 "${BIND_CHROOT_PREFIX}"/dev/{random,null,zero};
if [ -d /selinux ] && [ -e /selinux/enforce ] && [ -x /usr/bin/chcon ]; then if selinux_enabled && [ -x /usr/bin/chcon ]; then
for dev in random zero null; do for dev in random zero null; do
/usr/bin/chcon --reference=/dev/$dev ${BIND_CHROOT_PREFIX}/dev/$dev; /usr/bin/chcon --reference=/dev/$dev ${BIND_CHROOT_PREFIX}/dev/$dev;
done done
@ -250,7 +259,7 @@ function sync_files()
chmod 660 ${pfx}/var/named/{data/*,slaves/*} >/dev/null 2>&1; chmod 660 ${pfx}/var/named/{data/*,slaves/*} >/dev/null 2>&1;
chmod 770 ${pfx}/var/named/{data/*/.,slaves/*/.} >/dev/null 2>&1; chmod 770 ${pfx}/var/named/{data/*/.,slaves/*/.} >/dev/null 2>&1;
if [ -e $changed ]; then if [ -e $changed ]; then
if [ -e /selinux/enforce ] && [ -x /sbin/restorecon ]; then if selinux_enabled && [ -x /sbin/restorecon ]; then
/sbin/restorecon -R ${BIND_CHROOT_PREFIX}/etc ${BIND_CHROOT_PREFIX}/var/named ${BIND_CHROOT_PREFIX}/var/run/named >/dev/null 2>&1; /sbin/restorecon -R ${BIND_CHROOT_PREFIX}/etc ${BIND_CHROOT_PREFIX}/var/named ${BIND_CHROOT_PREFIX}/var/run/named >/dev/null 2>&1;
if [ -e ${BIND_CHROOT_PREFIX}/etc/localtime ] && [ -e /etc/localtime ] ; then if [ -e ${BIND_CHROOT_PREFIX}/etc/localtime ] && [ -e /etc/localtime ] ; then
/usr/bin/chcon --reference=/etc/localtime ${BIND_CHROOT_PREFIX}/etc/localtime >/dev/null 2>&1; /usr/bin/chcon --reference=/etc/localtime ${BIND_CHROOT_PREFIX}/etc/localtime >/dev/null 2>&1;

70
bind.spec
View File

@ -17,7 +17,7 @@ Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv
Name: bind Name: bind
License: BSD-like License: BSD-like
Version: 9.3.2 Version: 9.3.2
Release: 24.FC6 Release: 26.FC6
Epoch: 30 Epoch: 30
Url: http://www.isc.org/products/BIND/ Url: http://www.isc.org/products/BIND/
Buildroot: %{_tmppath}/%{name}-root Buildroot: %{_tmppath}/%{name}-root
@ -89,6 +89,24 @@ Patch29: bind-9.3.2-bz177854.patch
Patch30: bind-9.3.2-bz187286_fix_host_cname.patch Patch30: bind-9.3.2-bz187286_fix_host_cname.patch
Patch31: bind-9.3.2-bz173961.patch Patch31: bind-9.3.2-bz173961.patch
Patch32: bind-9.3.2-prctl_set_dumpable.patch Patch32: bind-9.3.2-prctl_set_dumpable.patch
Patch33: bind-9.3.2-ch2024_rt16027.patch
Patch34: bind-9.3.2-ch2013_rt15941.patch
Patch35: bind-9.3.2-ch2009_rt15808.patch
Patch36: bind-9.3.2-ch1997_rt15818.patch
Patch37: bind-9.3.2-ch1994_rt15694.patch
Patch38: bind-9.3.2-ch1991_rt15813.patch
Patch39: bind-9.3.2-9_3_3_validator.patch
Patch40: bind-9.3.2-9_3_3_resolver.patch
Patch41: bind-9.3.2-9_3_3_dns.patch
Patch42: bind-9.3.2-9_3_3_isc.patch
Patch43: bind-9.3.2-9_3_3_bind.patch
Patch44: bind-9.3.2-9_3_3_isccfg.patch
Patch45: bind-9.3.2-9_3_3_lwres.patch
Patch46: bind-9.3.2-9_3_3_named.patch
Patch47: bind-9.3.2-9_3_3_dig.patch
Patch48: bind-9.3.2-9_3_3_dnssec.patch
Patch49: bind-9.3.2-9_3_3_nsupdate.patch
Patch50: bind-9.3.2-9_3_3_tests.patch
# #
Requires: bind-libs = %{epoch}:%{version}-%{release}, glibc >= 2.2 Requires: bind-libs = %{epoch}:%{version}-%{release}, glibc >= 2.2
Requires(post): bash, coreutils, sed, grep, chkconfig >= 1.3.26 Requires(post): bash, coreutils, sed, grep, chkconfig >= 1.3.26
@ -97,7 +115,7 @@ Requires(preun):chkconfig >= 1.3.26
%if %{selinux} %if %{selinux}
Requires(post): policycoreutils Requires(post): policycoreutils
%endif %endif
BuildRequires: gcc, glibc-devel >= 2.2.5-26, glibc-kernheaders >= 2.4-7.10, openssl-devel, libtool, pkgconfig, tar BuildRequires: gcc, glibc-devel >= 2.2.5-26, glibc-kernheaders >= 2.4-7.10, openssl-devel, libtool, autoconf, pkgconfig
%if %{SDB} %if %{SDB}
BuildRequires: openldap-devel, postgresql-devel BuildRequires: openldap-devel, postgresql-devel
%endif %endif
@ -317,6 +335,24 @@ cp -fp contrib/sdb/pgsql/zonetodb.c bin/sdb_tools
%patch30 -p1 -b .bz187286_fix_host_cname %patch30 -p1 -b .bz187286_fix_host_cname
%patch31 -p1 -b .bz173961 %patch31 -p1 -b .bz173961
%patch32 -p1 -b .prctl_set_dumpable %patch32 -p1 -b .prctl_set_dumpable
%patch33 -p1 -b .ch2024_rt16027
%patch34 -p1 -b .ch2013_rt15941
%patch35 -p1 -b .ch2009_rt15808
%patch36 -p1 -b .ch1997_rt15818
%patch37 -p1 -b .ch1994_rt15694
%patch38 -p1 -b .ch1991_rt15813
%patch39 -p1 -b .9_3_3_validator
%patch40 -p1 -b .9_3_3_resolver
%patch41 -p1 -b .9_3_3_dns
%patch42 -p1 -b .9_3_3_isc
%patch43 -p1 -b .9_3_3_bind
%patch44 -p1 -b .9_3_3_isccfg
%patch45 -p1 -b .9_3_3_lwres
%patch46 -p1 -b .9_3_3_named
%patch47 -p1 -b .9_3_3_dig
%patch48 -p1 -b .9_3_3_dnssec
%patch49 -p1 -b .9_3_3_nsupdate
%patch50 -p1 -b .9_3_3_tests
# #
# this must follow all dbus patches: # this must follow all dbus patches:
%if %{SDB} %if %{SDB}
@ -363,6 +399,7 @@ export LDFLAGS=-lefence
%endif %endif
CFLAGS="$CFLAGS" \ CFLAGS="$CFLAGS" \
; ;
if [ -s openssl_config.h ]; then cat openssl_config.h >> config.h ; fi;
make %{?_smp_mflags} make %{?_smp_mflags}
@ -503,7 +540,7 @@ exit 0
%dir /var/named/slaves %dir /var/named/slaves
%dir /var/named/data %dir /var/named/data
%dir /var/run/named %dir /var/run/named
%defattr(0750,root,root,0750) %defattr(0754,root,root,0750)
%config /etc/rc.d/init.d/named %config /etc/rc.d/init.d/named
%defattr(0640,root,named,0750) %defattr(0640,root,named,0750)
%config(noreplace) /etc/sysconfig/named %config(noreplace) /etc/sysconfig/named
@ -806,6 +843,33 @@ rm -rf ${RPM_BUILD_ROOT}
:; :;
%changelog %changelog
* Wed Jun 14 2006 Jason Vas Dias <jvdias@redhat.com> - 30:9.3.2-26.FC6
- fix bugs 191093, 189789
- backport selected fixes from upstream bind9 'v9_3_3b1' CVS version:
( see http://www.isc.org/sw/bind9.3.php "Fixes" ):
o change 2024 / bug 16027:
named emitted spurious "zone serial unchanged" messages on reload
o change 2013 / bug 15941:
handle unexpected TSIGs on unsigned AXFR/IXFR responses more gracefully
o change 2009 / bug 15808: coverity fixes
o change 1997 / bug 15818:
named was failing to replace negative cache entries when a positive one
for the type was learnt
o change 1994 / bug 15694: OpenSSL 0.9.8 support
o change 1991 / bug 15813:
The configuration data, once read, should be treated as readonly.
o misc. validator fixes
o misc. resolver fixes
o misc. dns fixes
o misc. isc fixes
o misc. libbind fixes
o misc. isccfg fix
o misc. lwres fix
o misc. named fixes
o misc. dig fixes
o misc. nsupdate fix
o misc. tests fixes
* Wed Jun 7 2006 Jeremy Katz <katzj@redhat.com> - 30:9.3.2-24.FC6 * Wed Jun 7 2006 Jeremy Katz <katzj@redhat.com> - 30:9.3.2-24.FC6
- and actually put the devel symlinks in the right subpackage - and actually put the devel symlinks in the right subpackage

4
named.conf.sample
View File

@ -68,8 +68,8 @@ view "internal"
/* This view will contain zones you want to serve only to "internal" clients /* This view will contain zones you want to serve only to "internal" clients
that connect via your directly attached LAN interfaces - "localnets" . that connect via your directly attached LAN interfaces - "localnets" .
*/ */
match-clients { !localnets; !localhost; }; match-clients { localnets; };
match-destinations { !localnets; !localhost; }; match-destinations { localnets; };
recursion yes; recursion yes;
// all views must contain the root hints zone: // all views must contain the root hints zone:
include "/etc/named.root.hints"; include "/etc/named.root.hints";