[arch-commits] Commit in bind/trunk (9 files)

Sébastien Luttringer seblu at archlinux.org
Fri Sep 26 22:44:34 UTC 2014 

    Date: Saturday, September 27, 2014 @ 00:44:34
  Author: seblu
Revision: 223367

upgpkg: bind 9.10.1-2

- implement FS#41808
- implement FS#41809
- fix: FS#41810
- use named default logging setting (=> user journoul, drop logrotate)
- setup user via systemd-sysusers
- run tmpfiles.d after setup
- remove html doc
- remove gcc 4.8 compilation tricks, remove !makeflags
- remove default option from named.conf and cleanup

Added:
  bind/trunk/empty.zone
  bind/trunk/sysusers.conf
  bind/trunk/tmpfiles.conf
    (from rev 223184, bind/trunk/tmpfiles.d)
Modified:
  bind/trunk/PKGBUILD
  bind/trunk/bind.install
  bind/trunk/named.conf
Deleted:
  bind/trunk/01-fix-forgotten-log.patch
  bind/trunk/named.logrotate
  bind/trunk/tmpfiles.d

----------------------------+
 01-fix-forgotten-log.patch |   41 -------------------
 PKGBUILD                   |   45 +++++++++++----------
 bind.install               |   14 ------
 empty.zone                 |    8 +++
 named.conf                 |   91 ++++++++++++++++++++++---------------------
 named.logrotate            |    6 --
 sysusers.conf              |    1 
 tmpfiles.conf              |    1 
 tmpfiles.d                 |    1 
 9 files changed, 84 insertions(+), 124 deletions(-)

Deleted: 01-fix-forgotten-log.patch
===================================================================
--- 01-fix-forgotten-log.patch	2014-09-26 19:45:39 UTC (rev 223366)
+++ 01-fix-forgotten-log.patch	2014-09-26 22:44:34 UTC (rev 223367)
@@ -1,41 +0,0 @@
-# https://lists.isc.org/pipermail/bind-users/2014-May/093124.html
-From 73a2c0ec42c0915bde0275c81861f57645daf683 Mon Sep 17 00:00:00 2001
-From: Tony Finch <dot at dotat.at>
-Date: Thu, 28 Nov 2013 17:23:57 +0000
-Subject: [PATCH] Disable XXXMPA verbose packet logging in EDNS fallback code.
-
----
- lib/dns/resolver.c | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c
-index 11c805f..e50071e 100644
---- a/lib/dns/resolver.c
-+++ b/lib/dns/resolver.c
-@@ -7339,9 +7339,11 @@ resquery_response(isc_task_t *task, isc_event_t *event) {
- 				    sizeof(addrbuf));
- 		snprintf(buf, sizeof(buf), "received packet from %s "
- 			 "(bad edns):\n", addrbuf);
-+/*
- 		dns_message_logpacket(message, buf,
- 			      DNS_LOGCATEGORY_RESOLVER, DNS_LOGMODULE_RESOLVER,
- 			      ISC_LOG_NOTICE, fctx->res->mctx);
-+*/
- 		dns_adb_changeflags(fctx->adb, query->addrinfo,
- 				    DNS_FETCHOPT_NOEDNS0,
- 				    DNS_FETCHOPT_NOEDNS0);
-@@ -7369,9 +7371,11 @@ resquery_response(isc_task_t *task, isc_event_t *event) {
- 				    sizeof(addrbuf));
- 		snprintf(buf, sizeof(buf), "received packet from %s (no opt):\n",
- 			 addrbuf);
-+/*
- 		dns_message_logpacket(message, buf,
- 			      DNS_LOGCATEGORY_RESOLVER, DNS_LOGMODULE_RESOLVER,
- 			      ISC_LOG_NOTICE, fctx->res->mctx);
-+*/
- 		dns_adb_changeflags(fctx->adb, query->addrinfo,
- 				    DNS_FETCHOPT_NOEDNS0,
- 				    DNS_FETCHOPT_NOEDNS0);
--- 
-1.9.1
-

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2014-09-26 19:45:39 UTC (rev 223366)
+++ PKGBUILD	2014-09-26 22:44:34 UTC (rev 223367)
@@ -7,44 +7,53 @@
 pkgname=bind
 _pkgver=9.10.1
 pkgver=${_pkgver//-/.}
-pkgrel=1
+pkgrel=2
 pkgdesc='The ISC BIND nameserver'
 url='http://www.isc.org/software/bind/'
 license=('custom:ISC')
 arch=('i686' 'x86_64')
-options=('!makeflags')
+options=('!emptydirs')
 depends=('openssl' 'krb5' 'libxml2' 'libcap')
 provides=('dns-server')
-backup=('etc/logrotate.d/named'
-        'etc/named.conf')
+backup=('etc/named.conf'
+        'var/named/127.0.0.zone'
+        'var/named/localhost.zone'
+        'var/named/empty.zone')
 install=$pkgname.install
 source=("http://ftp.isc.org/isc/bind9/${_pkgver}/bind-${_pkgver}.tar.gz"{,.asc}
-        'root.hint::http://www.internic.net/zones/named.root'
-        'tmpfiles.d'
+        'tmpfiles.conf'
+        'sysusers.conf'
         'named.conf'
         'named.service'
         'named.logrotate'
         'localhost.zone'
-        '127.0.0.zone')
+        '127.0.0.zone'
+        'empty.zone')
 sha1sums=('96aa28c6112c6a8c33a19efeac98c715f03b35ca'
           'SKIP'
-          '029f89c49550c40ec7a95116b6a33f0e5a041094'
           'c5a2bcd9b0f009ae71f3a03fbdbe012196962a11'
-          'c71a7fc02d4bf0d55e8e29d1e014607ac1d58726'
+          '6bebf4ff8ca4482a83f4d3dbf176d9bffd89eefa'
+          '71e30a3648d695911352c9d663ca216ae3a7d5d6'
           'cb2e81b4cbf9efafb3e81e3752f0154e779cc7ec'
           '3fe1f0b5c1a51dc1db9ebe5e173d18c52c97169b'
           '76a0d4cd1b913db177a5a375bebc47e5956866ec'
-          '53be0f1437ebe595240d8dbdd819939582b97fb9')
+          '53be0f1437ebe595240d8dbdd819939582b97fb9'
+          '792bde1bcc95b30e36970eeb97f5bf02ea37b37c')
 
 prepare() {
   # remove dig to avoid conflict with dnsutils
   sed -i 's/dig//' $pkgname-$_pkgver/bin/Makefile.in
+
+  msg2 'Getting a fresh version of root DNS'
+  # no more using source array, lack of versioning.
+  curl -o root.hint http://www.internic.net/zones/named.root
+  [[ -s root.hint ]]
 }
 
 build() {
   cd bind-$_pkgver
   # for gcc 4.8 rebuild
-  export CFLAGS="-march=${CARCH/_/-} -mtune=generic -O2 -pipe -fstack-protector --param=ssp-buffer-size=4"
+  #export CFLAGS="-march=${CARCH/_/-} -mtune=generic -O2 -pipe -fstack-protector --param=ssp-buffer-size=4"
   ./configure \
     --prefix=/usr \
     --sysconfdir=/etc \
@@ -58,20 +67,15 @@
 }
 
 package() {
-  cd "bind-$_pkgver"
-
+  pushd "bind-$_pkgver"
   install -Dm644 COPYRIGHT "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
-
   make DESTDIR="$pkgdir" install
+  popd
 
-  rmdir "$pkgdir/var/run"
-  install -d "$pkgdir/usr/share/doc/$pkgname"
-  install doc/arm/*.html "$pkgdir/usr/share/doc/$pkgname"
+  install -D -m644 tmpfiles.conf "$pkgdir/usr/lib/tmpfiles.d/$pkgname.conf"
+  install -D -m644 sysusers.conf "$pkgdir/usr/lib/sysusers.d/$pkgname.conf"
 
-  cd "$srcdir"
-  install -D -m644 tmpfiles.d "$pkgdir/usr/lib/tmpfiles.d/named.conf"
   install -D -m644 named.service "$pkgdir/usr/lib/systemd/system/named.service"
-  install -D -m600 named.logrotate "$pkgdir/etc/logrotate.d/named"
   install -D -m640 -o 0 -g 40 named.conf "$pkgdir/etc/named.conf"
 
   install -d -m770 -o 0 -g 40 "$pkgdir/var/named"
@@ -78,6 +82,7 @@
   install    -m640 -o 0 -g 40 root.hint "$pkgdir/var/named"
   install    -m640 -o 0 -g 40 127.0.0.zone "$pkgdir/var/named"
   install    -m640 -o 0 -g 40 localhost.zone "$pkgdir/var/named"
+  install    -m640 -o 0 -g 40 empty.zone "$pkgdir/var/named"
 }
 
 # vim:set ts=2 sw=2 et:

Modified: bind.install
===================================================================
--- bind.install	2014-09-26 19:45:39 UTC (rev 223366)
+++ bind.install	2014-09-26 22:44:34 UTC (rev 223367)
@@ -1,11 +1,7 @@
 post_install() {
-  getent group named &>/dev/null || groupadd -g 40 named
-  getent passwd named &>/dev/null || useradd -u 40 -c 'BIND DNS Server' -g named -d /var/named -s /bin/false named
-  passwd -l named &>/dev/null
+  systemd-sysusers bind.conf
+  systemd-tmpfiles --create bind.conf
 
-  touch var/log/named.log
-  chown named:named var/log/named.log
-
   # create an rndc.key if it doesn't already exist
   if [[ ! -s etc/rndc.key ]]; then
     rndc-confgen -r /dev/urandom -b 256 | head -n 5 >>etc/rndc.key
@@ -14,10 +10,4 @@
   fi
 }
 
-pre_remove() {
-  getent passwd named &>/dev/null && userdel named >/dev/null
-  getent group named &>/dev/null && groupdel named >/dev/null
-  return 0
-}
-
 # vim:set ts=2 sw=2 et:

Added: empty.zone
===================================================================
--- empty.zone	                        (rev 0)
+++ empty.zone	2014-09-26 22:44:34 UTC (rev 223367)
@@ -0,0 +1,8 @@
+@			1D IN SOA	localhost. root.localhost. (
+					42		; serial (yyyymmdd##)
+					3H		; refresh
+					15M		; retry
+					1W		; expiry
+					1D )		; minimum ttl
+
+			1D IN NS	localhost.

Modified: named.conf
===================================================================
--- named.conf	2014-09-26 19:45:39 UTC (rev 223366)
+++ named.conf	2014-09-26 22:44:34 UTC (rev 223367)
@@ -1,22 +1,19 @@
-// 
-// /etc/named.conf
-//
+// vim:set ts=4 sw=4 et:
 
 options {
-	directory "/var/named";
-	pid-file "/run/named/named.pid";
-	auth-nxdomain yes;
-	datasize default;
-// Uncomment these to enable IPv6 connections support
-// IPv4 will still work:
-//	listen-on-v6 { any; };
-// Add this for no IPv4:
-//	listen-on { none; };
+    directory "/var/named";
+    pid-file "/run/named/named.pid";
 
-	// Default security settings.
-	allow-recursion { 127.0.0.1; };
-	allow-transfer { none; };
-	allow-update { none; };
+    // Uncomment these to enable IPv6 connections support
+    // IPv4 will still work:
+    //  listen-on-v6 { any; };
+    // Add this for no IPv4:
+    //  listen-on { none; };
+
+    allow-recursion { 127.0.0.1; };
+    allow-transfer { none; };
+    allow-update { none; };
+
     version none;
     hostname none;
     server-id none;
@@ -23,42 +20,48 @@
 };
 
 zone "localhost" IN {
-	type master;
-	file "localhost.zone";
-	allow-transfer { any; };
+    type master;
+    file "localhost.zone";
 };
 
 zone "0.0.127.in-addr.arpa" IN {
-	type master;
-	file "127.0.0.zone";
-	allow-transfer { any; };
+    type master;
+    file "127.0.0.zone";
 };
 
+zone "255.in-addr.arpa" IN {
+    type master;
+    file "empty.zone";
+};
+
+zone "0.in-addr.arpa" IN {
+    type master;
+    file "empty.zone";
+};
+
 zone "." IN {
-	type hint;
-	file "root.hint";
+    type hint;
+    file "root.hint";
 };
 
 //zone "example.org" IN {
-//	type slave;
-//	file "example.zone";
-//	masters {
-//		192.168.1.100; 
-//	};
-//	allow-query { any; };
-//	allow-transfer { any; };
+//    type slave;
+//    file "example.zone";
+//    masters {
+//        192.168.1.100;
+//    };
+//    allow-query { any; };
+//    allow-transfer { any; };
 //};
 
-logging {
-        channel xfer-log {
-                file "/var/log/named.log";
-                print-category yes;
-                print-severity yes;
-                print-time yes;
-                severity info;
-        };
-        category xfer-in { xfer-log; };
-        category xfer-out { xfer-log; };
-        category notify { xfer-log; };
-};
-
+//logging {
+//    channel xfer-log {
+//        file "/var/log/named.log";
+//            print-category yes;
+//            print-severity yes;
+//            severity info;
+//        };
+//        category xfer-in { xfer-log; };
+//        category xfer-out { xfer-log; };
+//        category notify { xfer-log; };
+//};

Deleted: named.logrotate
===================================================================
--- named.logrotate	2014-09-26 19:45:39 UTC (rev 223366)
+++ named.logrotate	2014-09-26 22:44:34 UTC (rev 223367)
@@ -1,6 +0,0 @@
-/var/log/named.log {
-   missingok
-   postrotate
-      /bin/kill -HUP `cat /run/named/named.pid 2>/dev/null` 2>/dev/null || true
-   endscript
-}

Added: sysusers.conf
===================================================================
--- sysusers.conf	                        (rev 0)
+++ sysusers.conf	2014-09-26 22:44:34 UTC (rev 223367)
@@ -0,0 +1 @@
+u named 40 "BIND DNS Server" /var/named

Copied: bind/trunk/tmpfiles.conf (from rev 223184, bind/trunk/tmpfiles.d)
===================================================================
--- tmpfiles.conf	                        (rev 0)
+++ tmpfiles.conf	2014-09-26 22:44:34 UTC (rev 223367)
@@ -0,0 +1 @@
+d /run/named 0750 named named -

Deleted: tmpfiles.d
===================================================================
--- tmpfiles.d	2014-09-26 19:45:39 UTC (rev 223366)
+++ tmpfiles.d	2014-09-26 22:44:34 UTC (rev 223367)
@@ -1 +0,0 @@
-d /run/named 0750 named named -

More information about the arch-commits mailing list