diff options
author | Christian Ruppert <idl0r@gentoo.org> | 2010-12-13 22:08:54 +0000 |
---|---|---|
committer | Christian Ruppert <idl0r@gentoo.org> | 2010-12-13 22:08:54 +0000 |
commit | 8b7eb931acc2682884a3ac7703e462b7ffbf5ab6 (patch) | |
tree | bff64597eb8511c46ade6dd5cba719863dbe22d9 | |
parent | Add ~mips, bug 348421 (diff) | |
download | gentoo-2-8b7eb931acc2682884a3ac7703e462b7ffbf5ab6.tar.gz gentoo-2-8b7eb931acc2682884a3ac7703e462b7ffbf5ab6.tar.bz2 gentoo-2-8b7eb931acc2682884a3ac7703e462b7ffbf5ab6.zip |
Revision bump. Use the new init script and it's configuration. Added support for GeoIP binmount. Remove all rndc stuff, bug 335398. Add checkconfig and checkzones to opts to allow one to check config and zones. Some improvements.
(Portage version: 2.2.0_alpha8/cvs/Linux x86_64)
-rw-r--r-- | net-dns/bind/ChangeLog | 12 | ||||
-rw-r--r-- | net-dns/bind/bind-9.6.2_p3-r2.ebuild | 362 | ||||
-rw-r--r-- | net-dns/bind/bind-9.7.2_p3-r2.ebuild (renamed from net-dns/bind/bind-9.7.1_p2.ebuild) | 76 | ||||
-rw-r--r-- | net-dns/bind/files/named.confd-r5 | 44 | ||||
-rw-r--r-- | net-dns/bind/files/named.init-r9 | 203 |
5 files changed, 665 insertions, 32 deletions
diff --git a/net-dns/bind/ChangeLog b/net-dns/bind/ChangeLog index f6f06eb71502..02ef9da1f23d 100644 --- a/net-dns/bind/ChangeLog +++ b/net-dns/bind/ChangeLog @@ -1,6 +1,16 @@ # ChangeLog for net-dns/bind # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/ChangeLog,v 1.304 2010/12/08 16:50:00 maekke Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/ChangeLog,v 1.305 2010/12/13 22:08:53 idl0r Exp $ + +*bind-9.7.2_p3-r2 (13 Dec 2010) +*bind-9.6.2_p3-r2 (13 Dec 2010) + + 13 Dec 2010; Christian Ruppert <idl0r@gentoo.org> +bind-9.6.2_p3-r2.ebuild, + -bind-9.7.1_p2.ebuild, +bind-9.7.2_p3-r2.ebuild, +files/named.confd-r5, + +files/named.init-r9: + Revision bump. Use the new init script and it's configuration. Added support + for GeoIP binmount. Remove all rndc stuff, bug 335398. Add checkconfig and + checkzones to opts to allow one to check config and zones. Some improvements. 08 Dec 2010; Markus Meier <maekke@gentoo.org> bind-9.6.2_p3-r1.ebuild: arm stable, bug #347621 diff --git a/net-dns/bind/bind-9.6.2_p3-r2.ebuild b/net-dns/bind/bind-9.6.2_p3-r2.ebuild new file mode 100644 index 000000000000..538751881ea3 --- /dev/null +++ b/net-dns/bind/bind-9.6.2_p3-r2.ebuild @@ -0,0 +1,362 @@ +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/bind-9.6.2_p3-r2.ebuild,v 1.1 2010/12/13 22:08:53 idl0r Exp $ + +EAPI="3" + +inherit eutils autotools toolchain-funcs flag-o-matic + +MY_PV="${PV/_p/-P}" +MY_P="${PN}-${MY_PV}" + +SDB_LDAP_VER="1.1.0" + +GEOIP_PV=1.3 +GEOIP_SRC_URI_BASE="http://bind-geoip.googlecode.com/" +GEOIP_P="bind-geoip-${GEOIP_PV}" + +DESCRIPTION="BIND - Berkeley Internet Name Domain - Name Server" +HOMEPAGE="http://www.isc.org/software/bind" +SRC_URI="ftp://ftp.isc.org/isc/bind9/${MY_PV}/${MY_P}.tar.gz + doc? ( mirror://gentoo/dyndns-samples.tbz2 ) + geoip? ( ${GEOIP_SRC_URI_BASE}/files/${GEOIP_P}-readme.txt + ${GEOIP_SRC_URI_BASE}/files/${GEOIP_P}.patch )" +# sdb-ldap? ( mirror://gentoo/bind-sdb-ldap-${SDB_LDAP_VER}.tar.bz2 ) + +LICENSE="as-is" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" +IUSE="ssl ipv6 doc dlz postgres berkdb mysql odbc ldap selinux idn threads + resolvconf urandom xml geoip gssapi" # sdb-ldap + +DEPEND="ssl? ( >=dev-libs/openssl-0.9.6g ) + mysql? ( >=virtual/mysql-4.0 ) + odbc? ( >=dev-db/unixODBC-2.2.6 ) + ldap? ( net-nds/openldap ) + idn? ( net-dns/idnkit ) + postgres? ( dev-db/postgresql-base ) + threads? ( >=sys-libs/libcap-2.1.0 ) + xml? ( dev-libs/libxml2 ) + geoip? ( >=dev-libs/geoip-1.4.6 ) + gssapi? ( virtual/krb5 )" +# sdb-ldap? ( net-nds/openldap ) + +RDEPEND="${DEPEND} + selinux? ( sec-policy/selinux-bind ) + resolvconf? ( net-dns/openresolv ) + sys-process/psmisc" + +S="${WORKDIR}/${MY_P}" + +pkg_setup() { + use threads && { + ewarn + ewarn "If you're in vserver enviroment, you're probably want to" + ewarn "disable threads support because of linux capabilities dependency" + ewarn + } + + ebegin "Creating named group and user" + enewgroup named 40 + enewuser named 40 -1 /etc/bind named + eend ${?} +} + +src_prepare() { + # bug 278364 (workaround) + epatch "${FILESDIR}/${PN}-9.6.1-parallel.patch" + + # Adjusting PATHs in manpages + for i in bin/{named/named.8,check/named-checkconf.8,rndc/rndc.8} ; do + sed -i \ + -e 's:/etc/named.conf:/etc/bind/named.conf:g' \ + -e 's:/etc/rndc.conf:/etc/bind/rndc.conf:g' \ + -e 's:/etc/rndc.key:/etc/bind/rndc.key:g' \ + "${i}" || die "sed failed, ${i} doesn't exist" + done + + if use dlz; then + epatch "${FILESDIR}"/${PN}-9.4.0-dlzbdb-close_cursor.patch + + # bind fails to reconnect to MySQL5 databases, bug #180720, patch by Nicolas Brousse + # (http://www.shell-tips.com/2007/09/04/bind-950-patch-dlz-mysql-5-for-auto-reconnect/) + if use mysql && has_version ">=dev-db/mysql-5"; then + epatch "${FILESDIR}"/bind-dlzmysql5-reconnect.patch + fi + + if use ldap; then + # bug 238681 + epatch "${FILESDIR}/bind-9.6.1-dlz-patch-ldap-url.patch" \ + "${FILESDIR}/bind-9.6.1-dlz-patch-dollar2.patch" + fi + fi + + # should be installed by bind-tools + sed -i -r -e "s:(nsupdate|dig) ::g" bin/Makefile.in || die + + # sdb-ldap patch as per bug #160567 + # Upstream URL: http://bind9-ldap.bayour.com/ + # FIXME: bug 302735 +# use sdb-ldap && epatch "${WORKDIR}"/sdb-ldap/${PN}-sdb-ldap-${SDB_LDAP_VER}.patch + + if use geoip; then + cp "${DISTDIR}"/${GEOIP_P}.patch "${S}" || die + sed -i -e 's/-RELEASEVER=2/-RELEASEVER=3/' \ + -e 's/+RELEASEVER=2-geoip-1.3/+RELEASEVER=3-geoip-1.3/' \ + ${GEOIP_P}.patch || die + epatch ${GEOIP_P}.patch + fi + + # bug #220361 + rm {aclocal,libtool}.m4 + WANT_AUTOCONF=2.5 AT_NO_RECURSIVE=1 eautoreconf + + # remove useless c++ checks + epunt_cxx +} + +src_configure() { + local myconf="" + + use dlz && { + myconf="${myconf} --with-dlz-filesystem --with-dlz-stub" + use postgres && myconf="${myconf} --with-dlz-postgres" + use mysql && myconf="${myconf} --with-dlz-mysql" + use berkdb && myconf="${myconf} --with-dlz-bdb" + use ldap && myconf="${myconf} --with-dlz-ldap" + use odbc && myconf="${myconf} --with-dlz-odbc" + } + + if use threads; then + if use dlz && use mysql; then + ewarn + ewarn "MySQL uses thread local storage in its C api. Thus MySQL" + ewarn "requires that each thread of an application execute a MySQL" + ewarn "\"thread initialization\" to setup the thread local storage." + ewarn "This is impossible to do safely while staying within the DLZ" + ewarn "driver API. This is a limitation caused by MySQL, and not" + ewarn "the DLZ API." + ewarn "Because of this BIND MUST only run with a single thread when" + ewarn "using the MySQL driver." + ewarn + myconf="${myconf} --disable-linux-caps --disable-threads" + ewarn "Threading support disabled" + else + myconf="${myconf} --enable-linux-caps --enable-threads" + einfo "Threading support enabled" + fi + else + myconf="${myconf} --disable-linux-caps --disable-threads" + fi + + if use urandom; then + myconf="${myconf} --with-randomdev=/dev/urandom" + else + myconf="${myconf} --with-randomdev=/dev/random" + fi + + use geoip && myconf="${myconf} --with-geoip" + + # bug #158664 + gcc-specs-ssp && replace-flags -O[23s] -O + + export BUILD_CC=$(tc-getBUILD_CC) + econf \ + --sysconfdir=/etc/bind \ + --localstatedir=/var \ + --with-libtool \ + $(use_with ssl openssl) \ + $(use_with idn) \ + $(use_enable ipv6) \ + $(use_with xml libxml2) \ + $(use_with gssapi) \ + ${myconf} + + # bug #151839 + echo '#undef SO_BSDCOMPAT' >> config.h +} + +src_install() { + emake DESTDIR="${D}" install || die + + dodoc CHANGES FAQ KNOWN-DEFECTS README + + if use idn; then + dodoc README.idnkit || die + fi + + if use doc; then + dodoc doc/arm/Bv9ARM.pdf || die + + docinto misc + dodoc doc/misc/* || die + + # might a 'html' useflag make sense? + docinto html + dohtml -r doc/arm/* || die + + docinto draft + dodoc doc/draft/* || die + + docinto rfc + dodoc doc/rfc/* || die + + docinto contrib + dodoc contrib/named-bootconf/named-bootconf.sh \ + contrib/nanny/nanny.pl || die + + # some handy-dandy dynamic dns examples + cd "${D}"/usr/share/doc/${PF} + tar xf "${DISTDIR}"/dyndns-samples.tbz2 || die + fi + + use geoip && dodoc "${DISTDIR}"/${GEOIP_P}-readme.txt + + insinto /etc/bind + newins "${FILESDIR}"/named.conf-r5 named.conf || die + + # ftp://ftp.rs.internic.net/domain/named.cache: + insinto /var/bind + doins "${FILESDIR}"/named.cache || die + + insinto /var/bind/pri + newins "${FILESDIR}"/127.zone-r1 127.zone || die + newins "${FILESDIR}"/localhost.zone-r3 localhost.zone || die + + newinitd "${FILESDIR}"/named.init-r9 named || die + newconfd "${FILESDIR}"/named.confd-r5 named || die + + newenvd "${FILESDIR}"/10bind.env 10bind || die + + # Let's get rid of those tools and their manpages since they're provided by bind-tools + rm -f "${D}"/usr/share/man/man1/{dig,host,nslookup}.1* + rm -f "${D}"/usr/share/man/man8/{dnssec-keygen,nsupdate}.8* + rm -f "${D}"/usr/bin/{dig,host,nslookup,dnssec-keygen,nsupdate} + rm -f "${D}"/usr/sbin/{dig,host,nslookup,dnssec-keygen,nsupdate} + + dosym /var/bind/named.cache /var/bind/root.cache || die + dosym /var/bind/pri /etc/bind/pri || die + dosym /var/bind/sec /etc/bind/sec || die + keepdir /var/bind/sec + + dodir /var/{run,log}/named || die + + fowners root:named /{etc,var}/bind /var/{run,log}/named /var/bind/{sec,pri} + fowners root:named /var/bind/named.cache /var/bind/pri/{127,localhost}.zone /etc/bind/named.conf + fperms 0640 /var/bind/named.cache /var/bind/pri/{127,localhost}.zone /etc/bind/named.conf + fperms 0750 /etc/bind /var/bind/pri + fperms 0770 /var/{run,log}/named /var/bind/{,sec} +} + +pkg_postinst() { + if [ ! -f '/etc/bind/rndc.key' ]; then + if use urandom; then + einfo "Using /dev/urandom for generating rndc.key" + /usr/sbin/rndc-confgen -r /dev/urandom -a + echo + else + einfo "Using /dev/random for generating rndc.key" + /usr/sbin/rndc-confgen -a + echo + fi + chown root:named /etc/bind/rndc.key + chmod 0640 /etc/bind/rndc.key + fi + + einfo + einfo "You can edit /etc/conf.d/named to customize named settings" + einfo + use mysql || use postgres || use ldap && { + elog "If your named depends on MySQL/PostgreSQL or LDAP," + elog "uncomment the specified rc_named_* lines in your" + elog "/etc/conf.d/named config to ensure they'll start before bind" + einfo + } + einfo "If you'd like to run bind in a chroot AND this is a new" + einfo "install OR your bind doesn't already run in a chroot:" + einfo "1) Uncomment and set the CHROOT variable in /etc/conf.d/named." + einfo "2) Run \`emerge --config '=${CATEGORY}/${PF}'\`" + einfo + + CHROOT=$(source /etc/conf.d/named 2>/dev/null; echo ${CHROOT}) + if [[ -n ${CHROOT} ]]; then + elog "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!" + elog "To enable the old behaviour (without using mount) uncomment the" + elog "CHROOT_NOMOUNT option in your /etc/conf.d/named config." + elog "If you decide to use the new/default method, ensure to make backup" + elog "first and merge your existing configs/zones to /etc/bind and" + elog "/var/bind because bind will now mount the needed directories into" + elog "the chroot dir." + fi + + ewarn + ewarn "NOTE: /var/bind/named.ca has been renamed to /var/bind/named.cache" + ewarn "you may need to fix your named.conf!" + ewarn + ewarn "NOTE: If you upgrade from <net-dns/bind-9.4.3_p5-r1, you may encounter permission problems" + ewarn "To fix the permissions do:" + ewarn "chown root:named /{etc,var}/bind /var/{run,log}/named /var/bind/{sec,pri}" + ewarn "chown root:named /var/bind/named.cache /var/bind/pri/{127,localhost}.zone /etc/bind/{bind.keys,named.conf}" + ewarn "chmod 0640 /var/bind/named.cache /var/bind/pri/{127,localhost}.zone /etc/bind/{bind.keys,named.conf}" + ewarn "chmod 0750 /etc/bind /var/bind/pri" + ewarn "chmod 0770 /var/{run,log}/named /var/bind/{,sec}" + ewarn +} + +pkg_config() { + CHROOT=$(source /etc/conf.d/named; echo ${CHROOT}) + CHROOT_NOMOUNT=$(source /etc/conf.d/named; echo ${CHROOT_NOMOUNT}) + CHROOT_GEOIP=$(source /etc/conf.d/named; echo ${CHROOT_GEOIP}) + + if [[ -z "${CHROOT}" ]]; then + eerror "This config script is designed to automate setting up" + eerror "a chrooted bind/named. To do so, please first uncomment" + eerror "and set the CHROOT variable in '/etc/conf.d/named'." + die "Unset CHROOT" + fi + if [[ -d "${CHROOT}" ]]; then + ewarn "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!" + ewarn "To enable the old behaviour (without using mount) uncomment the" + ewarn "CHROOT_NOMOUNT option in your /etc/conf.d/named config." + ewarn + ewarn "${CHROOT} already exists... some things might become overridden" + ewarn "press CTRL+C if you don't want to continue" + sleep 10 + fi + + echo; einfo "Setting up the chroot directory..." + + mkdir -m 0750 -p ${CHROOT} + mkdir -m 0755 -p ${CHROOT}/{dev,etc,var/{run,log}} + mkdir -m 0750 -p ${CHROOT}/etc/bind + mkdir -m 0770 -p ${CHROOT}/var/{bind,{run,log}/named} + chown root:named ${CHROOT} ${CHROOT}/var/{bind,{run,log}/named} ${CHROOT}/etc/bind + + cp /etc/localtime ${CHROOT}/etc/localtime + + mknod ${CHROOT}/dev/null c 1 3 + chmod 0666 ${CHROOT}/dev/null + + mknod ${CHROOT}/dev/zero c 1 5 + chmod 0666 ${CHROOT}/dev/zero + + if use urandom; then + mknod ${CHROOT}/dev/urandom c 1 9 + chmod 0666 ${CHROOT}/dev/urandom + else + mknod ${CHROOT}/dev/random c 1 8 + chmod 0666 ${CHROOT}/dev/random + fi + + if [ "${CHROOT_NOMOUNT:-0}" -ne 0 ]; then + cp -a /etc/bind ${CHROOT}/etc/ + cp -a /var/bind ${CHROOT}/var/ + fi + + if [ "${CHROOT_GEOIP:-0}" -eq 1 ]; then + mkdir -m 0755 -p ${CHROOT}/usr/share/GeoIP + fi + + elog "You may need to add the following line to your syslog-ng.conf:" + elog "source jail { unix-stream(\"${CHROOT}/dev/log\"); };" +} diff --git a/net-dns/bind/bind-9.7.1_p2.ebuild b/net-dns/bind/bind-9.7.2_p3-r2.ebuild index b33088a2be23..3b4c346cd084 100644 --- a/net-dns/bind/bind-9.7.1_p2.ebuild +++ b/net-dns/bind/bind-9.7.2_p3-r2.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2010 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/bind-9.7.1_p2.ebuild,v 1.5 2010/09/23 12:11:05 idl0r Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/bind-9.7.2_p3-r2.ebuild,v 1.1 2010/12/13 22:08:53 idl0r Exp $ EAPI="3" @@ -18,16 +18,16 @@ GEOIP_P="bind-geoip-${GEOIP_PV}" DESCRIPTION="BIND - Berkeley Internet Name Domain - Name Server" HOMEPAGE="http://www.isc.org/software/bind" SRC_URI="ftp://ftp.isc.org/isc/bind9/${MY_PV}/${MY_P}.tar.gz - sdb-ldap? ( mirror://gentoo/bind-sdb-ldap-${SDB_LDAP_VER}.tar.bz2 ) doc? ( mirror://gentoo/dyndns-samples.tbz2 ) geoip? ( ${GEOIP_SRC_URI_BASE}/files/${GEOIP_P}-readme.txt ${GEOIP_SRC_URI_BASE}/files/${GEOIP_P}.patch )" +# sdb-ldap? ( mirror://gentoo/bind-sdb-ldap-${SDB_LDAP_VER}.tar.bz2 ) LICENSE="as-is" SLOT="0" -KEYWORDS="~alpha amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" IUSE="ssl ipv6 doc dlz postgres berkdb mysql odbc ldap selinux idn threads - resolvconf urandom sdb-ldap xml geoip gssapi" + resolvconf urandom xml geoip gssapi" # sdb-ldap DEPEND="ssl? ( >=dev-libs/openssl-0.9.6g ) mysql? ( >=virtual/mysql-4.0 ) @@ -39,6 +39,7 @@ DEPEND="ssl? ( >=dev-libs/openssl-0.9.6g ) xml? ( dev-libs/libxml2 ) geoip? ( >=dev-libs/geoip-1.4.6 ) gssapi? ( virtual/krb5 )" +# sdb-ldap? ( net-nds/openldap ) RDEPEND="${DEPEND} selinux? ( sec-policy/selinux-bind ) @@ -74,7 +75,9 @@ src_prepare() { if use dlz; then # bind fails to reconnect to MySQL5 databases, bug #180720, patch by Nicolas Brousse # (http://www.shell-tips.com/2007/09/04/bind-950-patch-dlz-mysql-5-for-auto-reconnect/) - use mysql && has_version ">=dev-db/mysql-5" && epatch "${FILESDIR}"/bind-dlzmysql5-reconnect.patch + if use mysql && has_version ">=dev-db/mysql-5"; then + epatch "${FILESDIR}"/bind-dlzmysql5-reconnect.patch + fi fi # should be installed by bind-tools @@ -82,12 +85,13 @@ src_prepare() { # sdb-ldap patch as per bug #160567 # Upstream URL: http://bind9-ldap.bayour.com/ - use sdb-ldap && epatch "${WORKDIR}"/sdb-ldap/${PN}-sdb-ldap-${SDB_LDAP_VER}.patch + # FIXME: bug 302735 +# use sdb-ldap && epatch "${WORKDIR}"/sdb-ldap/${PN}-sdb-ldap-${SDB_LDAP_VER}.patch if use geoip; then cp "${DISTDIR}"/${GEOIP_P}.patch "${S}" || die - sed -i -e 's/-RELEASEVER=3/-RELEASEVER=2/' \ - -e 's/+RELEASEVER=3-geoip-1.3/+RELEASEVER=2-geoip-1.3/' \ + sed -i -e 's/-RELEASEVER=2/-RELEASEVER=3/' \ + -e 's/+RELEASEVER=2-geoip-1.3/+RELEASEVER=3-geoip-1.3/' \ ${GEOIP_P}.patch || die epatch ${GEOIP_P}.patch fi @@ -162,11 +166,9 @@ src_configure() { } src_install() { - local init_deps= - emake DESTDIR="${D}" install || die - dodoc CHANGES FAQ README || die + dodoc CHANGES FAQ README if use idn; then dodoc contrib/idn/README.idnkit || die @@ -200,7 +202,7 @@ src_install() { use geoip && dodoc "${DISTDIR}"/${GEOIP_P}-readme.txt insinto /etc/bind - newins "${FILESDIR}"/named.conf-r4 named.conf || die + newins "${FILESDIR}"/named.conf-r5 named.conf || die # ftp://ftp.rs.internic.net/domain/named.cache: insinto /var/bind @@ -210,18 +212,8 @@ src_install() { newins "${FILESDIR}"/127.zone-r1 127.zone || die newins "${FILESDIR}"/localhost.zone-r3 localhost.zone || die - newinitd "${FILESDIR}"/named.init-r7 named || die - # bug 295260 - use mysql && init_deps="${init_deps} mysql" - use ldap && init_deps="${init_deps} ldap" - use postgres && init_deps="${init_deps} postgresql pg_autovacuum" - if [[ -n $init_deps ]]; then - sed -i -e "s:after .*:after ${init_deps}:" "${D}/etc/init.d/named" || die - else - sed -i -e 's:after .*::' "${D}/etc/init.d/named" || die - fi - - newconfd "${FILESDIR}"/named.confd-r3 named || die + newinitd "${FILESDIR}"/named.init-r9 named || die + newconfd "${FILESDIR}"/named.confd-r5 named || die newenvd "${FILESDIR}"/10bind.env 10bind || die @@ -247,7 +239,7 @@ src_install() { pkg_postinst() { if [ ! -f '/etc/bind/rndc.key' ]; then - if [ -c /dev/urandom ]; then + if use urandom; then einfo "Using /dev/urandom for generating rndc.key" /usr/sbin/rndc-confgen -r /dev/urandom -a echo @@ -260,12 +252,15 @@ pkg_postinst() { chmod 0640 /etc/bind/rndc.key fi - einfo "The default zone files are now installed as *.zone," - einfo "be careful merging config files if you have modified" - einfo "/var/bind/pri/127.zone or /var/bind/pri/localhost.zone" einfo einfo "You can edit /etc/conf.d/named to customize named settings" einfo + use mysql || use postgres || use ldap && { + elog "If your named depends on MySQL/PostgreSQL or LDAP," + elog "uncomment the specified rc_named_* lines in your" + elog "/etc/conf.d/named config to ensure they'll start before bind" + einfo + } einfo "If you'd like to run bind in a chroot AND this is a new" einfo "install OR your bind doesn't already run in a chroot:" einfo "1) Uncomment and set the CHROOT variable in /etc/conf.d/named." @@ -273,8 +268,14 @@ pkg_postinst() { einfo CHROOT=$(source /etc/conf.d/named 2>/dev/null; echo ${CHROOT}) - if [[ -n ${CHROOT} && -d ${CHROOT} ]]; then - ewarn "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!" + if [[ -n ${CHROOT} ]]; then + elog "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!" + elog "To enable the old behaviour (without using mount) uncomment the" + elog "CHROOT_NOMOUNT option in your /etc/conf.d/named config." + elog "If you decide to use the new/default method, ensure to make backup" + elog "first and merge your existing configs/zones to /etc/bind and" + elog "/var/bind because bind will now mount the needed directories into" + elog "the chroot dir." fi ewarn @@ -292,7 +293,9 @@ pkg_postinst() { } pkg_config() { - CHROOT=$(source /etc/conf.d/named 2>/dev/null; echo ${CHROOT}) + CHROOT=$(source /etc/conf.d/named; echo ${CHROOT}) + CHROOT_NOMOUNT=$(source /etc/conf.d/named; echo ${CHROOT_NOMOUNT}) + CHROOT_GEOIP=$(source /etc/conf.d/named; echo ${CHROOT_GEOIP}) if [[ -z "${CHROOT}" ]]; then eerror "This config script is designed to automate setting up" @@ -302,6 +305,8 @@ pkg_config() { fi if [[ -d "${CHROOT}" ]]; then ewarn "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!" + ewarn "To enable the old behaviour (without using mount) uncomment the" + ewarn "CHROOT_NOMOUNT option in your /etc/conf.d/named config." ewarn ewarn "${CHROOT} already exists... some things might become overridden" ewarn "press CTRL+C if you don't want to continue" @@ -332,6 +337,15 @@ pkg_config() { chmod 0666 ${CHROOT}/dev/random fi + if [ "${CHROOT_NOMOUNT:-0}" -ne 0 ]; then + cp -a /etc/bind ${CHROOT}/etc/ + cp -a /var/bind ${CHROOT}/var/ + fi + + if [ "${CHROOT_GEOIP:-0}" -eq 1 ]; then + mkdir -m 0755 -p ${CHROOT}/usr/share/GeoIP + fi + elog "You may need to add the following line to your syslog-ng.conf:" elog "source jail { unix-stream(\"${CHROOT}/dev/log\"); };" } diff --git a/net-dns/bind/files/named.confd-r5 b/net-dns/bind/files/named.confd-r5 new file mode 100644 index 000000000000..631ac19db6c8 --- /dev/null +++ b/net-dns/bind/files/named.confd-r5 @@ -0,0 +1,44 @@ +# Set various named options here. +# +#OPTIONS="" + +# Set this to the number of processors you want bind to use. +# Leave this unchanged if you want bind to automatically detect the number +#CPU="1" + +# If you wish to run bind in a chroot: +# 1) un-comment the CHROOT= assignment, below. You may use +# a different chroot directory but MAKE SURE it's empty. +# 2) run: emerge --config =<bind-version> +# +#CHROOT="/chroot/dns" + +# Uncomment to enable binmount of /usr/share/GeoIP +#CHROOT_GEOIP="1" + +# Uncomment the line below to avoid that the init script mounts the needed paths +# into the chroot directory. +# You have to copy all needed config files by hand if you say CHROOT_NOMOUNT="1". +#CHROOT_NOMOUNT="1" + +# Default pid file location +PIDFILE="${CHROOT}/var/run/named/named.pid" + +# Scheduling priority: 19 is the lowest and -20 is the highest. +# Default: 0 +#NAMED_NICELEVEL="0" + +# Uncomment rc_named_use/rc_named_after for the database you need. +# Its necessary to ensure the database backend will be started before named. + +# MySQL +#rc_named_use="mysql" +#rc_named_after="mysql" + +# PostgreSQL +#rc_named_use="pg_autovacuum postgresql" +#rc_named_after="pg_autovacuum postgresql" + +# LDAP +#rc_named_use="ldap" +#rc_named_after="ldap" diff --git a/net-dns/bind/files/named.init-r9 b/net-dns/bind/files/named.init-r9 new file mode 100644 index 000000000000..be4d7b224525 --- /dev/null +++ b/net-dns/bind/files/named.init-r9 @@ -0,0 +1,203 @@ +#!/sbin/runscript +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/files/named.init-r9,v 1.1 2010/12/13 22:08:54 idl0r Exp $ + +opts="start stop reload restart checkconfig checkzones" + +depend() { + need net + use logger + provide dns +} + +NAMED_CONF=${CHROOT}/etc/bind/named.conf + +_mount() { + local from + local to + local opts + + if [ "${#}" -lt 3 ]; then + eerror "_mount(): to few arguments" + return 1 + fi + + from=$1 + to=$2 + shift 2 + + opts="${*}" + shift $# + + if [ -z "$(awk "\$2 == \"${to}\" { print \$2 }" /proc/mounts)" ]; then + einfo "mounting ${from} to ${to}" + mount ${from} ${to} ${opts} || return 1 + fi + + return 0 +} + +_umount() { + local dir=$1 + + if [ -n "$(awk "\$2 == \"${dir}\" { print \$2 }" /proc/mounts)" ]; then + einfo "umount ${dir}" + umount ${dir} || return 1 + fi + + return 0 +} + +_get_pidfile() { + # as suggested in bug #107724, bug 335398#c17 + [ -n "${PIDFILE}" ] || PIDFILE=${CHROOT}$(\ + /usr/sbin/named-checkconf -p ${CHROOT:+-t} ${CHROOT} ${NAMED_CONF/${CHROOT}} | grep 'pid-file' | cut -d\" -f2) + [ -z "${PIDFILE}" ] && PIDFILE=${CHROOT}/var/run/named/named.pid +} + +check_chroot() { + if [ -n "${CHROOT}" ]; then + [ ! -d "${CHROOT}" ] && return 1 + [ ! -d "${CHROOT}/dev" ] || [ ! -d "${CHROOT}/etc" ] || [ ! -d "${CHROOT}/var" ] && return 1 + [ ! -d "${CHROOT}/var/run" ] || [ ! -d "${CHROOT}/var/log" ] && return 1 + [ ! -d "${CHROOT}/etc/bind" ] || [ ! -d "${CHROOT}/var/bind" ] && return 1 + [ ! -d "${CHROOT}/var/log/named" ] && return 1 + [ ! -e "${CHROOT}/etc/localtime" ] && return 1 + [ ! -c "${CHROOT}/dev/null" ] || [ ! -c "${CHROOT}/dev/zero" ] && return 1 + [ ! -c "${CHROOT}/dev/random" ] && [ ! -c "${CHROOT}/dev/urandom" ] && return 1 + [ "${CHROOT_GEOIP:-0}" -eq 1 ] && [ ! -d "${CHROOT}/usr/share/GeoIP" ] && return 1 + fi + + return 0 +} + +checkconfig() { + ebegin "Checking named configuration" + + if [ ! -f "${NAMED_CONF}" ] ; then + eerror "No ${NAMED_CONF} file exists!" + return 1 + fi + + /usr/sbin/named-checkconf ${CHROOT:+-t} ${CHROOT} ${NAMED_CONF/${CHROOT}} || { + eerror "named-checkconf failed! Please fix your config first." + return 1 + } + + eend 0 + return 0 +} + +checkzones() { + ebegin "Checking named configuration and zones" + /usr/sbin/named-checkconf -z -j ${CHROOT:+-t} ${CHROOT} ${NAMED_CONF/${CHROOT}} + eend $? +} + +start() { + local piddir + + ebegin "Starting ${CHROOT:+chrooted }named" + + if [ -n "${CHROOT}" ]; then + check_chroot || { + eend 1 + eerror "Your chroot dir ${CHROOT} is inconsistent, please run 'emerge --config net-dns/bind' first" + return 1 + } + + if [ "${CHROOT_NOMOUNT:-0}" -eq 0 ]; then + einfo "Mounting chroot dirs" + _mount /etc/bind ${CHROOT}/etc/bind -o bind + _mount /var/bind ${CHROOT}/var/bind -o bind + _mount /var/log/named ${CHROOT}/var/log/named -o bind + if [ "${CHROOT_GEOIP:-0}" -eq 1 ]; then + _mount /usr/share/GeoIP ${CHROOT}/usr/share/GeoIP -o bind + fi + fi + fi + + checkconfig || { eend 1; return 1; } + + # create piddir (usually /var/run/named) if necessary, bug 334535 + _get_pidfile + piddir="${PIDFILE%/*}" + if [ ! -d "${piddir}" ]; then + checkpath -q -d -o root:named -m 0770 "${piddir}" || { + eend 1 + return 1 + } + fi + + # In case someone have $CPU set in /etc/conf.d/named + if [ -n "${CPU}" ] && [ "${CPU}" -gt 0 ]; then + CPU="-n ${CPU}" + fi + + start-stop-daemon --start --pidfile ${PIDFILE} \ + --nicelevel ${NAMED_NICELEVEL:-0} \ + --exec /usr/sbin/named \ + -- -u named ${CPU} ${OPTIONS} ${CHROOT:+-t} ${CHROOT} + eend $? +} + +stop() { + local reported=0 + + ebegin "Stopping ${CHROOT:+chrooted }named" + + # Workaround for now, until openrc's restart has been fixed. + # openrc doesn't care about a restart() function in init scripts. + if [ "${RC_CMD}" = "restart" ]; then + checkconfig || { eend 1; return 1; } + fi + + # -R 10, bug 335398 + _get_pidfile + start-stop-daemon --stop --retry 10 --pidfile $PIDFILE \ + --exec /usr/sbin/named + + if [ -n "${CHROOT}" ] && [ "${CHROOT_NOMOUNT:-0}" -eq 0 ]; then + ebegin "Umounting chroot dirs" + + # just to be sure everything gets clean + while [ -n "$(fuser ${CHROOT} 2>/dev/null)" ]; do + if [ "${reported}" -eq 0 ]; then + einfo "Waiting until all named processes are stopped" + reported=1 + fi + sleep 1 + done + + [ "${CHROOT_GEOIP:-0}" -eq 1 ] && _umount ${CHROOT}/usr/share/GeoIP + _umount ${CHROOT}/etc/bind + _umount ${CHROOT}/var/log/named + _umount ${CHROOT}/var/bind + fi + + eend $? +} + +reload() { + local ret + + ebegin "Reloading named.conf and zone files" + + checkconfig || { eend 1; return 1; } + + _get_pidfile + if [ -n "${PIDFILE}" ]; then + # FIXME: Remove --stop and --oknodo as soon as baselayout-1 has been removed... finally... + start-stop-daemon --stop --oknodo --pidfile $PIDFILE --signal HUP --exec /usr/sbin/named + ret=$? + else + ewarn "Unable to determine the pidfile... this is" + ewarn "a fallback mode. Please check your installation!" + + $RC_SERVICE restart + ret=$? + fi + + eend $ret +} |