Improve chroot part, bug 321071. Version bump from bind-9.6.1_p3 to bind-9.6.2_p2. bind-9.7.0_p2 revbump. Add chaos view to files/named.conf-r4.

Package-Manager: portage-2.2_rc67/cvs/Linux x86_64
author: Christian Ruppert <idl0r@gentoo.org> 2010-05-23 20:44:50 +0000
committer: Christian Ruppert <idl0r@gentoo.org> 2010-05-23 20:44:50 +0000
commit: 500811ab523b9ebdcbaf70c3a15f5bc40da330e4 (patch)
tree: 85b611cfc5dab6919e5674ab621080b99380fdfd /net-dns
parent: Force python-2.4 usage #304521 by Domen Kožar. Apply upshader patch from up... (diff)
download: historical-500811ab523b9ebdcbaf70c3a15f5bc40da330e4.tar.gz
historical-500811ab523b9ebdcbaf70c3a15f5bc40da330e4.tar.bz2
historical-500811ab523b9ebdcbaf70c3a15f5bc40da330e4.zip
6 files changed, 185 insertions, 127 deletions
diff --git a/net-dns/bind/ChangeLog b/net-dns/bind/ChangeLog
index 7d63243c5711..d65d30c6581f 100644
--- a/net-dns/bind/ChangeLog
+++ b/net-dns/bind/ChangeLog
@@ -1,6 +1,16 @@
 # ChangeLog for net-dns/bind
 # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/ChangeLog,v 1.274 2010/05/22 09:04:13 jlec Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/ChangeLog,v 1.275 2010/05/23 20:44:50 idl0r Exp $
+
+*bind-9.7.0_p2-r1 (23 May 2010)
+*bind-9.6.2_p2 (23 May 2010)
+
+  23 May 2010; Christian Ruppert <idl0r@gentoo.org>
+  -bind-9.6.1_p3-r1.ebuild, +bind-9.6.2_p2.ebuild, -bind-9.7.0_p2.ebuild,
+  +bind-9.7.0_p2-r1.ebuild, files/named.conf-r4, files/named.init-r7:
+  Improve chroot part, bug 321071. Version bump from bind-9.6.1_p3 to
+  bind-9.6.2_p2. bind-9.7.0_p2 revbump. Add chaos view to
+  files/named.conf-r4.
 
   22 May 2010; Justin Lecher <jlec@gentoo.org> bind-9.7.0_p2.ebuild:
   Removed epause in EAPI=3 ebuilds
diff --git a/net-dns/bind/Manifest b/net-dns/bind/Manifest
index 6b532cd2dcfe..45ffb16d15fe 100644
--- a/net-dns/bind/Manifest
+++ b/net-dns/bind/Manifest
@@ -11,27 +11,27 @@ AUX bind-dlzmysql5-reconnect.patch 1842 RMD160 687f6128b6511dbeecdfc81b197520b1a
 AUX localhost.zone-r3 426 RMD160 b2dfe76923695e6eac49234b7e7f90fef4d1838e SHA1 b84babc535466cacc7001e4c6eb21e22ae11b22d SHA256 3f39e9b5be72435e961cd6f5acdfe396b05640bf370969acf918a939575122bc
 AUX named.cache 2941 RMD160 c29f47291496e67e72c129db488d07172fe244e6 SHA1 b1575428e8b5f513469a90a32cf163e8db46cab5 SHA256 35f7fcf2b177678cf362af7ac942f7f1a1c102c045dc3844991a411fc4c5d277
 AUX named.conf-r3 1317 RMD160 dace9861fb15a7ad415b23f2452fca5eb3ef2604 SHA1 02385c388d4ca99f68354c83f9e4cae2c2bcb034 SHA256 f431592c2441a27205e1112dcff7b9b07655007c460a309b7968c97688c8e7f4
-AUX named.conf-r4 4931 RMD160 e7b4933606d29c684d0124856f086c60e0011e54 SHA1 965f463c506d22290a310b9fa357197598d659f2 SHA256 edd56eb2d0720c683c1ac7674abced5769cd2cfcb54054cbbc2139c1702f4356
+AUX named.conf-r4 5254 RMD160 107e4c5dd5c6dbd1bcdf1c789bc24fd8d2cf5b57 SHA1 646ea61a897ceb32be99ddadb521f0a219b29fef SHA256 b652b156e7ba169c899e08523ea506c3987562c8278db0a8234b3e82f5fce1a6
 AUX named.confd-r2 479 RMD160 0a0452bf9bb6f18d4628ee72abe82a52d484a2cb SHA1 d0b0e2f5d72d43862c5aaff9a226fd8599992323 SHA256 bae05257852ecbc7f66bd30e452162f15b6f6e8c3fc170fb6dfdfa7d22361915
 AUX named.confd-r3 648 RMD160 bb184a1f4d7476e874df37dd0b60638d6da608cb SHA1 21987e0fd4419276efb2d9551d2bde18eece6fb8 SHA256 6daf6f9eddc822eb434dcc651627f3dd8bdfbfa270b1b089724a87dc5fcc559a
 AUX named.init-r5 1620 RMD160 37279362e437241188a07e5f274730e68645827e SHA1 00a14819a322b391183084c79cc9a4dc04d0d484 SHA256 07fb9d653f086319680d04abde0218495ed09d3528087257788bf294252a0bad
-AUX named.init-r7 2731 RMD160 3c6c7ea44bcf355862fdd1afb3bdbd03a9c95c71 SHA1 3745627a36e0c0cabdc9f632a8a39d7694c1d210 SHA256 3ac9f6f8fef5e29e77eb9520f34472775683dfa0f809ff01b03a50d03fad38d9
+AUX named.init-r7 3467 RMD160 e72e8ffd6d983fe38a16334bfc45a6cc012a9a0e SHA1 af42e2d0f3ab1f23c4656bd761c8ce55588d668f SHA256 e44f6b20edfd0a56823fc954096c75f36830b4ab6c9bab3de2daa3816d5f14b5
 DIST bind-9.4.3-P5.tar.gz 6447497 RMD160 680146e4120aaa89f2899d4205c17fee5e9e4aa9 SHA1 9b7f0bd84be0f91fe1085cedc91c7c14f1e0f97a SHA256 7ca93553d1f488af1b21ab26f0297be5c7b7b5920d29ad9743382bf3623b2939
-DIST bind-9.6.1-P3.tar.gz 6508797 RMD160 ff444f39d7cf9673497e43c18c40dd77af121851 SHA1 9cb2bfb933083ab4e85aa884ca0dff7b0ae5cfb2 SHA256 869f5079a900b280c051d4c9cf7eefea000a0e70ccec9e6fcddd79e3caa10198
+DIST bind-9.6.2-P2.tar.gz 6543309 RMD160 0706aa4f4f6cd4927d2e8ff72d5fb8a91be94fa9 SHA1 fce8067d3ff03366d5ee305adf941b5c41e41d07 SHA256 233404ea08c4880eb867ee4e1084d96cff748a2bdd8857014203bef511f17e64
 DIST bind-9.7.0-P2.tar.gz 7125822 RMD160 e77877f9ef7341071f4f458863ebe715e2f6506f SHA1 4b805d4a66075a88c93c5b852b928da96467aa2d SHA256 872906cf729511f725dfef21790b5d54b89dd257e586185135db9221568e3f54
 DIST bind-geoip-1.3-readme.txt 10040 RMD160 073956324ed4780e0e0cdbf40ae259f85ebef9d2 SHA1 e13ea2f458adfed3f1a20f9fe3eb2bfd484fc0b0 SHA256 380ce89f1a614f46571ad59bddf0f268275691aa2d7a7a7bf1c2a3ef4d26e845
 DIST bind-geoip-1.3.patch 54070 RMD160 5d01a20104b572588507aea4b8f6cbf66f68a973 SHA1 8a465d04d5c2d9c7cb881c3331a64e61077e1e3a SHA256 126db2f6e603f0dbe102b3ddfda85e0243fae314b40bb16dce2fd7d4d4bb93b4
 DIST bind-sdb-ldap-1.1.0.tar.bz2 5883 RMD160 ec2f684f278e5fa72158486a14dfce3005a62602 SHA1 fae539a29615fda56a2dcb55a1e01d335835b980 SHA256 afe9cc6a99c20f1dc1929b0a30ff815b0aac509a6c12f8df432853c856d35754
 DIST dyndns-samples.tbz2 22866 RMD160 27d5b2d0edb8e1ff16b3f980c38d7af33ccf0c7d SHA1 0a62e9458d0e16b67a3a2f63ea485ce969f1fb4d SHA256 92fb06a92ca99cbbe96b90bcca229ef9c12397db57ae17e199dad9f1218fdbe8
 EBUILD bind-9.4.3_p5.ebuild 9208 RMD160 6e7ff13da934a07ba7973e886b0ac03aa7033fb0 SHA1 8320223ec6b82e8988ca23f994457175c25caef0 SHA256 ae0e300cc78a666ef49c7f84432c14f4238b7017e7b579054e54397c28946e3e
-EBUILD bind-9.6.1_p3-r1.ebuild 9833 RMD160 9152069d6213e852b990a057c7521181e5a8316b SHA1 7de6d1de13394e66415e321e7c8485d5207acedb SHA256 1359dc52e547955d89232c086cbb7e9cc33e47bf63ff5bb322dfec2a5cfb383e
-EBUILD bind-9.7.0_p2.ebuild 10470 RMD160 8878519343ef37a1a1caaaca1a98586cf49dacdc SHA1 40139c8b89a740676550b567c7b4da5909265851 SHA256 98eaa882900344af9a41c3cc9c712fc29f1e595a4a090aa8536fc1a3f7c1122c
-MISC ChangeLog 44823 RMD160 70222cfb1b821022d8f80a0e06f0f5afe7ccffed SHA1 ef884c8951cadd2cc15007a5a221ed23b6e04b51 SHA256 af67fdecfbb05de07945b6a73bf96c95e26e3b54aaeee9ca6b5c1949c9ee06b0
+EBUILD bind-9.6.2_p2.ebuild 10445 RMD160 94542ddf486c55583118ab66dab35310c1348779 SHA1 94fd3d4ed4e88377b4900203d397035327b95f52 SHA256 86fa0987147d8303700e7d875ba9e2d40a632257ea3efb797a0992d591372baf
+EBUILD bind-9.7.0_p2-r1.ebuild 10470 RMD160 8e4722e32cbdf51268b979b5d7d1d19e3bdb2cc5 SHA1 0d3671675b02cfffb970036571f2d04f8a27a621 SHA256 053ec0d42f7f8825c0f2d19ef63b4f8d0576cc63619f6eb5cf7cdbd792833551
+MISC ChangeLog 45234 RMD160 187d7be09f0e4c20a40848b53a15426716297826 SHA1 0ddda693e9c327d2945cd451086b41e1f093f01b SHA256 fe4a09de78a96c3d396b042b8ab556768ba566077db5c1c0e1062fd46e428183
 MISC metadata.xml 647 RMD160 63aeb182631d45c774bdc08f11901147028f6d7c SHA1 9aff80992005daa758d373c4e3311ff8c3ae3ef9 SHA256 9417c62e0e5817e26d36ab5efd87f126781dbf445d9a1beb3abb899b8cb4806a
 -----BEGIN PGP SIGNATURE-----
-Version: GnuPG v2.0.14 (GNU/Linux)
+Version: GnuPG v2.0.15 (GNU/Linux)
 
-iEYEARECAAYFAkv3nhIACgkQgAnW8HDreRYQ8QCeMlfLv6guCl9BX7NSwspYBEa4
-k1kAoKVJtEmCOgnpFMlqsAm+8lXKDsxv
-=4Mxy
+iEYEARECAAYFAkv5k80ACgkQixe2jn+ufTjGIQCeKFWqoK4LwrzH88U1AMghesRM
+TxEAn1GrkUnkp3RHY5Vjcq6ApUXhWjY4
+=0bpL
 -----END PGP SIGNATURE-----
diff --git a/net-dns/bind/bind-9.6.1_p3-r1.ebuild b/net-dns/bind/bind-9.6.2_p2.ebuild
index da5f071f11b5..56dafb598643 100644
--- a/net-dns/bind/bind-9.6.1_p3-r1.ebuild
+++ b/net-dns/bind/bind-9.6.2_p2.ebuild
@@ -1,8 +1,8 @@
 # Copyright 1999-2010 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/bind-9.6.1_p3-r1.ebuild,v 1.4 2010/05/13 00:13:32 idl0r Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/bind-9.6.2_p2.ebuild,v 1.1 2010/05/23 20:44:50 idl0r Exp $
 
-EAPI="2"
+EAPI="3"
 
 inherit eutils autotools toolchain-funcs flag-o-matic
 
@@ -93,17 +93,18 @@ src_prepare() {
 	# Upstream URL: http://bind9-ldap.bayour.com/
 	use sdb-ldap && epatch "${WORKDIR}"/sdb-ldap/${PN}-sdb-ldap-${SDB_LDAP_VER}.patch
 
-	use geoip && epatch "${DISTDIR}"/${GEOIP_P}.patch
+	if use geoip; then
+		cp "${DISTDIR}"/${GEOIP_P}.patch "${S}" || die
+		sed -i -e 's/-RELEASEVER=3/-RELEASEVER=2/' \
+			-e 's/+RELEASEVER=3-geoip-1.3/+RELEASEVER=2-geoip-1.3/' \
+			${GEOIP_P}.patch || die
+		epatch ${GEOIP_P}.patch
+	fi
 
 	# bug #220361
 	rm {aclocal,libtool}.m4
 	WANT_AUTOCONF=2.5 AT_NO_RECURSIVE=1 eautoreconf
 
-	# bug #151839
-	sed -i -e \
-		's:struct isc_socket {:#undef SO_BSDCOMPAT\n\nstruct isc_socket {:' \
-		lib/isc/unix/socket.c || die
-
 	# remove useless c++ checks
 	epunt_cxx
 }
@@ -116,8 +117,8 @@ src_configure() {
 		use postgres && myconf="${myconf} --with-dlz-postgres"
 		use mysql && myconf="${myconf} --with-dlz-mysql"
 		use berkdb && myconf="${myconf} --with-dlz-bdb"
-		use ldap  && myconf="${myconf} --with-dlz-ldap"
-		use odbc  && myconf="${myconf} --with-dlz-odbc"
+		use ldap && myconf="${myconf} --with-dlz-ldap"
+		use odbc && myconf="${myconf} --with-dlz-odbc"
 	}
 
 	if use threads; then
@@ -134,7 +135,6 @@ src_configure() {
 			ewarn
 			myconf="${myconf} --disable-linux-caps --disable-threads"
 			ewarn "Threading support disabled"
-			epause 10
 		else
 			myconf="${myconf} --enable-linux-caps --enable-threads"
 			einfo "Threading support enabled"
@@ -153,7 +153,8 @@ src_configure() {
 
 	# bug #158664
 	gcc-specs-ssp && replace-flags -O[23s] -O
-	export BUILD_CC="${CBUILD}-gcc"
+
+	export BUILD_CC=$(tc-getBUILD_CC)
 	econf \
 		--sysconfdir=/etc/bind \
 		--localstatedir=/var \
@@ -163,6 +164,9 @@ src_configure() {
 		$(use_enable ipv6) \
 		$(use_with xml libxml2) \
 		${myconf}
+
+	# bug #151839
+	echo '#undef SO_BSDCOMPAT' >> config.h
 }
 
 src_install() {
@@ -201,12 +205,8 @@ src_install() {
 
 	use geoip && dodoc "${DISTDIR}"/${GEOIP_P}-readme.txt
 
-	newenvd "${FILESDIR}"/10bind.env 10bind || die
-
-	keepdir /var/bind/sec
-
 	insinto /etc/bind
-	newins "${FILESDIR}"/named.conf-r3 named.conf || die
+	newins "${FILESDIR}"/named.conf-r4 named.conf || die
 
 	# ftp://ftp.rs.internic.net/domain/named.cache:
 	insinto /var/bind
@@ -219,41 +219,49 @@ src_install() {
 	newinitd "${FILESDIR}"/named.init-r7 named || die
 	newconfd "${FILESDIR}"/named.confd-r3 named || die
 
-	dosym /var/bind/named.cache /var/bind/root.cache
-	dosym /var/bind/pri /etc/bind/pri
-	dosym /var/bind/sec /etc/bind/sec
+	newenvd "${FILESDIR}"/10bind.env 10bind || die
 
 	# Let's get rid of those tools and their manpages since they're provided by bind-tools
 	rm -f "${D}"/usr/share/man/man1/{dig,host,nslookup}.1*
 	rm -f "${D}"/usr/share/man/man8/{dnssec-keygen,nsupdate}.8*
 	rm -f "${D}"/usr/bin/{dig,host,nslookup,dnssec-keygen,nsupdate}
 	rm -f "${D}"/usr/sbin/{dig,host,nslookup,dnssec-keygen,nsupdate}
+
+	dosym /var/bind/named.cache /var/bind/root.cache || die
+	dosym /var/bind/pri /etc/bind/pri || die
+	dosym /var/bind/sec /etc/bind/sec || die
+	keepdir /var/bind/sec
+
+	dodir /var/{run,log}/named || die
+
+	fowners root:named /{etc,var}/bind /var/{run,log}/named /var/bind/{sec,pri}
+	fowners root:named /var/bind/named.cache /var/bind/pri/{127,localhost}.zone /etc/bind/named.conf
+	fperms 0640 /var/bind/named.cache /var/bind/pri/{127,localhost}.zone /etc/bind/named.conf
+	fperms 0750 /etc/bind /var/bind/pri
+	fperms 0770 /var/{run,log}/named /var/bind/{,sec}
 }
 
 pkg_postinst() {
 	if [ ! -f '/etc/bind/rndc.key' ]; then
 		if [ -c /dev/urandom ]; then
 			einfo "Using /dev/urandom for generating rndc.key"
-			/usr/sbin/rndc-confgen -r /dev/urandom -a -u named
+			/usr/sbin/rndc-confgen -r /dev/urandom -a
 			echo
 		else
 			einfo "Using /dev/random for generating rndc.key"
-			/usr/sbin/rndc-confgen -a -u named
+			/usr/sbin/rndc-confgen -a
 			echo
 		fi
+		chown root:named /etc/bind/rndc.key
+		chmod 0640 /etc/bind/rndc.key
 	fi
 
-	install -d -o named -g named "${ROOT}"/var/run/named \
-		"${ROOT}"/var/bind/{pri,sec} "${ROOT}"/var/log/named
-	chown -R named:named "${ROOT}"/var/bind
-
 	einfo "The default zone files are now installed as *.zone,"
 	einfo "be careful merging config files if you have modified"
-	einfo "/var/bind/pri/127 or /var/bind/pri/localhost"
+	einfo "/var/bind/pri/127.zone or /var/bind/pri/localhost.zone"
 	einfo
 	einfo "You can edit /etc/conf.d/named to customize named settings"
 	einfo
-	einfo "The BIND ebuild now includes chroot support."
 	einfo "If you like to run bind in chroot AND this is a new install OR"
 	einfo "your bind doesn't already run in chroot, simply run:"
 	einfo "\`emerge --config '=${CATEGORY}/${PF}'\`"
@@ -273,49 +281,55 @@ pkg_postinst() {
 	einfo "	zone "com" IN { type delegation-only; };"
 	einfo "	zone "net" IN { type delegation-only; };"
 
-	ewarn "NOTE: as of 'bind-9.6.1' the chroot part of the init-script got some major changes."
+	CHROOT=$(sed -n 's/^[[:blank:]]\?CHROOT="\([^"]\+\)"/\1/p' /etc/conf.d/named 2>/dev/null)
+	if [[ -n ${CHROOT} && -d ${CHROOT} ]]; then
+		ewarn "NOTE: as of 'bind-9.6.1' the chroot part of the init-script got some major changes."
+	fi
 }
 
 pkg_config() {
-	CHROOT=`sed -n 's/^[[:blank:]]\?CHROOT="\([^"]\+\)"/\1/p' /etc/conf.d/named 2>/dev/null`
-	EXISTS="no"
+	CHROOT=$(sed -n 's/^[[:blank:]]\?CHROOT="\([^"]\+\)"/\1/p' /etc/conf.d/named 2>/dev/null)
 
-	if [ -z "${CHROOT}" -a ! -d "/chroot/dns" ]; then
+	if [ -z "${CHROOT}" ]; then
 		CHROOT="/chroot/dns"
-	elif [ -d ${CHROOT} ]; then
-		eerror; eerror "${CHROOT:-/chroot/dns} already exists. Quitting."; eerror; EXISTS="yes"
+	fi
+	if [[ -d "${CHROOT}" ]]; then
+		ewarn "NOTE: As of 'bind-9.6.1' the chroot part of the init-script got some major changes."
+		ewarn
+		ewarn "${CHROOT} already exists... some things might become overridden"
+		ewarn "press CTRL+C if you don't want to continue"
+		sleep 10
 	fi
 
-	if [ ! "$EXISTS" = yes ]; then
-		einfo ; einfon "Setting up the chroot directory..."
+	echo; einfo "Setting up the chroot directory..."
 
-		mkdir -m 750 -p ${CHROOT}
-		mkdir -p ${CHROOT}/{dev,proc,etc/bind,var/{run,log}/named,var/bind}
-		chown -R named:named ${CHROOT}
-		chown root:named ${CHROOT}
+	mkdir -m 0750 -p ${CHROOT}
+	mkdir -m 0755 -p ${CHROOT}/{dev,etc,var/{run,log}}
+	mkdir -m 0750 -p ${CHROOT}/etc/bind
+	mkdir -m 0770 -p ${CHROOT}/var/{bind,{run,log}/named}
+	chown root:named ${CHROOT} ${CHROOT}/var/{bind,{run,log}/named} ${CHROOT}/etc/bind
 
-		cp /etc/localtime ${CHROOT}/etc/localtime
+	cp /etc/localtime ${CHROOT}/etc/localtime
 
-		mknod ${CHROOT}/dev/zero c 1 5
-		chmod 666 ${CHROOT}/dev/zero
+	mknod ${CHROOT}/dev/null c 1 3
+	chmod 0666 ${CHROOT}/dev/null
 
-		if use urandom; then
-			mknod ${CHROOT}/dev/urandom c 1 9
-			chmod 666 ${CHROOT}/dev/urandom
-		else
-			mknod ${CHROOT}/dev/random c 1 8
-			chmod 666 ${CHROOT}/dev/random
-		fi
+	mknod ${CHROOT}/dev/zero c 1 5
+	chmod 0666 ${CHROOT}/dev/zero
 
-		if [ -f '/etc/syslog-ng/syslog-ng.conf' ]; then
-			echo "source jail { unix-stream(\"${CHROOT}/dev/log\"); };" >>/etc/syslog-ng/syslog-ng.conf
-		fi
-
-		grep -q "^#[[:blank:]]\?CHROOT" /etc/conf.d/named ; RETVAL=$?
-		if [ $RETVAL = 0 ]; then
-			sed -i 's/^# \?\(CHROOT.*\)$/\1/' /etc/conf.d/named 2>/dev/null
-		fi
+	if use urandom; then
+		mknod ${CHROOT}/dev/urandom c 1 9
+		chmod 0666 ${CHROOT}/dev/urandom
 	else
-		ewarn "NOTE: as of 'bind-9.6.1' the chroot part of the init-script got some major changes."
+		mknod ${CHROOT}/dev/random c 1 8
+		chmod 0666 ${CHROOT}/dev/random
+	fi
+
+	elog "You may need to add the following line to your syslog-ng.conf:"
+	elog "source jail { unix-stream(\"${CHROOT}/dev/log\"); };"
+
+	grep -q "^#[[:blank:]]\?CHROOT" /etc/conf.d/named ; RETVAL=$?
+	if [ $RETVAL = 0 ]; then
+		sed -i 's/^# \?\(CHROOT.*\)$/\1/' /etc/conf.d/named 2>/dev/null
 	fi
 }
diff --git a/net-dns/bind/bind-9.7.0_p2.ebuild b/net-dns/bind/bind-9.7.0_p2-r1.ebuild
index 6d5c07da30f8..d9ac1fade18e 100644
--- a/net-dns/bind/bind-9.7.0_p2.ebuild
+++ b/net-dns/bind/bind-9.7.0_p2-r1.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2010 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/bind-9.7.0_p2.ebuild,v 1.3 2010/05/22 09:04:13 jlec Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/bind-9.7.0_p2-r1.ebuild,v 1.1 2010/05/23 20:44:50 idl0r Exp $
 
 EAPI="3"
 
@@ -105,11 +105,6 @@ src_prepare() {
 	rm {aclocal,libtool}.m4
 	WANT_AUTOCONF=2.5 AT_NO_RECURSIVE=1 eautoreconf
 
-	# bug #151839
-	sed -i -e \
-		's:struct isc_socket {:#undef SO_BSDCOMPAT\n\nstruct isc_socket {:' \
-		lib/isc/include/isc/socket.h || die
-
 	# remove useless c++ checks
 	epunt_cxx
 }
@@ -169,6 +164,9 @@ src_configure() {
 		$(use_enable ipv6) \
 		$(use_with xml libxml2) \
 		${myconf}
+
+	# bug #151839
+	echo '#undef SO_BSDCOMPAT' >> config.h
 }
 
 src_install() {
@@ -260,11 +258,10 @@ pkg_postinst() {
 
 	einfo "The default zone files are now installed as *.zone,"
 	einfo "be careful merging config files if you have modified"
-	einfo "/var/bind/pri/127 or /var/bind/pri/localhost"
+	einfo "/var/bind/pri/127.zone or /var/bind/pri/localhost.zone"
 	einfo
 	einfo "You can edit /etc/conf.d/named to customize named settings"
 	einfo
-	einfo "The BIND ebuild now includes chroot support."
 	einfo "If you like to run bind in chroot AND this is a new install OR"
 	einfo "your bind doesn't already run in chroot, simply run:"
 	einfo "\`emerge --config '=${CATEGORY}/${PF}'\`"
@@ -284,51 +281,55 @@ pkg_postinst() {
 	einfo "	zone "com" IN { type delegation-only; };"
 	einfo "	zone "net" IN { type delegation-only; };"
 
-	ewarn "NOTE: as of 'bind-9.6.1' the chroot part of the init-script got some major changes."
+	CHROOT=$(sed -n 's/^[[:blank:]]\?CHROOT="\([^"]\+\)"/\1/p' /etc/conf.d/named 2>/dev/null)
+	if [[ -n ${CHROOT} && -d ${CHROOT} ]]; then
+		ewarn "NOTE: as of 'bind-9.6.1' the chroot part of the init-script got some major changes."
+	fi
 }
 
 pkg_config() {
-	CHROOT=`sed -n 's/^[[:blank:]]\?CHROOT="\([^"]\+\)"/\1/p' /etc/conf.d/named 2>/dev/null`
-	EXISTS="no"
+	CHROOT=$(sed -n 's/^[[:blank:]]\?CHROOT="\([^"]\+\)"/\1/p' /etc/conf.d/named 2>/dev/null)
 
-	if [ -z "${CHROOT}" -a ! -d "/chroot/dns" ]; then
+	if [ -z "${CHROOT}" ]; then
 		CHROOT="/chroot/dns"
-	elif [ -d ${CHROOT} ]; then
-		eerror; eerror "${CHROOT:-/chroot/dns} already exists. Quitting."; eerror; EXISTS="yes"
+	fi
+	if [[ -d "${CHROOT}" ]]; then
+		ewarn "NOTE: As of 'bind-9.6.1' the chroot part of the init-script got some major changes."
+		ewarn
+		ewarn "${CHROOT} already exists... some things might become overridden"
+		ewarn "press CTRL+C if you don't want to continue"
+		sleep 10
 	fi
 
-	if [ ! "$EXISTS" = yes ]; then
-		echo; einfo "Setting up the chroot directory..."
-
-		mkdir -m 0750 -p ${CHROOT}
-		mkdir -m 0755 -p ${CHROOT}/{dev,etc,var/{run,log}}
-		mkdir -m 0750 ${CHROOT}/etc/bind
-		mkdir -m 0770 ${CHROOT}/var/{bind,{run,log}/named}
-		chown root:named ${CHROOT} ${CHROOT}/var/{bind,{run,log}/named} ${CHROOT}/etc/bind
+	echo; einfo "Setting up the chroot directory..."
 
-		cp /etc/localtime ${CHROOT}/etc/localtime
+	mkdir -m 0750 -p ${CHROOT}
+	mkdir -m 0755 -p ${CHROOT}/{dev,etc,var/{run,log}}
+	mkdir -m 0750 -p ${CHROOT}/etc/bind
+	mkdir -m 0770 -p ${CHROOT}/var/{bind,{run,log}/named}
+	chown root:named ${CHROOT} ${CHROOT}/var/{bind,{run,log}/named} ${CHROOT}/etc/bind
 
-		mknod ${CHROOT}/dev/zero c 1 5
-		chmod 0666 ${CHROOT}/dev/zero
+	cp /etc/localtime ${CHROOT}/etc/localtime
 
-		if use urandom; then
-			mknod ${CHROOT}/dev/urandom c 1 9
-			chmod 0666 ${CHROOT}/dev/urandom
-		else
-			mknod ${CHROOT}/dev/random c 1 8
-			chmod 0666 ${CHROOT}/dev/random
-		fi
+	mknod ${CHROOT}/dev/null c 1 3
+	chmod 0666 ${CHROOT}/dev/null
 
-		if [ -f '/etc/syslog-ng/syslog-ng.conf' ]; then
-			elog "You should add the following line to your syslog-ng.conf:"
-			elog "source jail { unix-stream(\"${CHROOT}/dev/log\"); };"
-		fi
+	mknod ${CHROOT}/dev/zero c 1 5
+	chmod 0666 ${CHROOT}/dev/zero
 
-		grep -q "^#[[:blank:]]\?CHROOT" /etc/conf.d/named ; RETVAL=$?
-		if [ $RETVAL = 0 ]; then
-			sed -i 's/^# \?\(CHROOT.*\)$/\1/' /etc/conf.d/named 2>/dev/null
-		fi
+	if use urandom; then
+		mknod ${CHROOT}/dev/urandom c 1 9
+		chmod 0666 ${CHROOT}/dev/urandom
 	else
-		ewarn "NOTE: as of 'bind-9.6.1' the chroot part of the init-script got some major changes."
+		mknod ${CHROOT}/dev/random c 1 8
+		chmod 0666 ${CHROOT}/dev/random
+	fi
+
+	elog "You may need to add the following line to your syslog-ng.conf:"
+	elog "source jail { unix-stream(\"${CHROOT}/dev/log\"); };"
+
+	grep -q "^#[[:blank:]]\?CHROOT" /etc/conf.d/named ; RETVAL=$?
+	if [ $RETVAL = 0 ]; then
+		sed -i 's/^# \?\(CHROOT.*\)$/\1/' /etc/conf.d/named 2>/dev/null
 	fi
 }
diff --git a/net-dns/bind/files/named.conf-r4 b/net-dns/bind/files/named.conf-r4
index 9c41c68c62d1..c82d13b06ced 100644
--- a/net-dns/bind/files/named.conf-r4
+++ b/net-dns/bind/files/named.conf-r4
@@ -30,8 +30,8 @@ options {
 	directory "/var/bind";
 	pid-file "/var/run/named/named.pid";
 
-	/* https://www.isc.org/solutions/dlv */
-	bindkeys-file "/etc/bind/bind.keys";
+	/* https://www.isc.org/solutions/dlv >=bind-9.7.x only */
+	//bindkeys-file "/etc/bind/bind.keys";
 
 	listen-on-v6 { none; };
 	listen-on { 127.0.0.1; };
@@ -126,6 +126,8 @@ view "internal" in {
 		file "pri/localhost.zone";
 		allow-update { none; };
 		notify no;
+		allow-query { any; };
+		allow-transfer { none; }; 
 	};
 
 	zone "127.in-addr.arpa" IN {
@@ -133,6 +135,8 @@ view "internal" in {
 		file "pri/127.zone";
 		allow-update { none; };
 		notify no;
+		allow-query { any; };
+		allow-transfer { none; };
 	};
 
 	/*
@@ -144,6 +148,19 @@ view "internal" in {
 	 * include "/etc/bind/zones.cfg";
 	 * for "internal" and "public" view.
 	 */
+
+	/*
+	 * Briefly, a zone which has been declared delegation-only will be effectively
+	 * limited to containing NS RRs for subdomains, but no actual data beyond its
+	 * own apex (for example, its SOA RR and apex NS RRset). This can be used to
+	 * filter out "wildcard" or "synthesized" data from NAT boxes or from
+	 * authoritative name servers whose undelegated (in-zone) data is of no
+	 * interest.
+	 * See http://www.isc.org/software/bind/delegation-only for more info
+	 */
+
+	//zone "COM" { type delegation-only; };
+	//zone "NET" { type delegation-only; };
 };
 
 view "public" in {
@@ -167,6 +184,7 @@ view "public" in {
 	//	type master;
 	//	file "/var/bind/pri/YOUR-DOMAIN.TLD.zone";
 	//	allow-query { any; };
+	//	allow-transfer { xfer; };
 	//};
 
 	//zone "YOUR-SLAVE.TLD" {
@@ -182,17 +200,14 @@ view "public" in {
 	//	allow-notify { <MASTER>; };
 	//	notify no;
 	//};
+};
 
-	/*
-	 * Briefly, a zone which has been declared delegation-only will be effectively
-	 * limited to containing NS RRs for subdomains, but no actual data beyond its
-	 * own apex (for example, its SOA RR and apex NS RRset). This can be used to
-	 * filter out "wildcard" or "synthesized" data from NAT boxes or from
-	 * authoritative name servers whose undelegated (in-zone) data is of no
-	 * interest.
-	 * See http://www.isc.org/products/BIND/delegation-only.html for more info
-	 */
-
-	//zone "COM" { type delegation-only; };
-	//zone "NET" { type delegation-only; };
+/* Hide the bind version */
+view "chaos" chaos {
+	match-clients { any; };
+	allow-query { none; };
+	zone "." {
+		type hint;
+		file "/dev/null";  // or any empty file
+	};
 };
diff --git a/net-dns/bind/files/named.init-r7 b/net-dns/bind/files/named.init-r7
index b722db4f78ba..177be7647240 100644
--- a/net-dns/bind/files/named.init-r7
+++ b/net-dns/bind/files/named.init-r7
@@ -1,7 +1,7 @@
 #!/sbin/runscript
-# Copyright 1999-2009 Gentoo Foundation
+# Copyright 1999-2010 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/files/named.init-r7,v 1.2 2010/02/25 19:03:31 robbat2 Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/files/named.init-r7,v 1.3 2010/05/23 20:44:50 idl0r Exp $
 
 opts="start stop reload restart"
 
@@ -47,6 +47,20 @@ _umount() {
 	fi
 }
 
+check_chroot() {
+	if [[ -n ${CHROOT} ]]; then
+		[[ ! -d ${CHROOT} ]] && return 1
+		[[ ! -d ${CHROOT}/dev || ! -d ${CHROOT}/etc || ! -d ${CHROOT}/var ]] && return 1
+		[[ ! -d ${CHROOT}/var/run || ! -d ${CHROOT}/var/log ]] && return 1
+		[[ ! -d ${CHROOT}/etc/bind || ! -d ${CHROOT}/var/bind ]] && return 1
+		[[ ! -d ${CHROOT}/var/run/named || ! -d ${CHROOT}/var/log/named ]] && return 1
+		[[ ! -e ${CHROOT}/etc/localtime ]] && return 1
+		[[ ! -c ${CHROOT}/dev/null || ! -c ${CHROOT}/dev/zero ]] && return 1
+		[[ ! -c ${CHROOT}/dev/random && ! -c ${CHROOT}/dev/urandom ]] && return 1	
+	fi
+	return 0
+}
+
 checkconfig() {
 	if [ ! -f ${CHROOT}/etc/bind/named.conf ] ; then
 		eerror "No ${CHROOT}/etc/bind/named.conf file exists!"
@@ -74,6 +88,10 @@ start() {
 
 	if [[ -n ${CHROOT} ]];
 	then
+		check_chroot || {
+			eerror "Your chroot dir ${CHROOT} is inconsistent, please run 'emerge --config net-dns/bind' first"
+			return 1
+		}
 		einfo "Mounting chroot dirs"
 		_mount /etc/bind ${CHROOT}/etc/bind -o bind
 		_mount /var/bind ${CHROOT}/var/bind -o bind
author	Christian Ruppert <idl0r@gentoo.org>	2010-05-23 20:44:50 +0000
committer	Christian Ruppert <idl0r@gentoo.org>	2010-05-23 20:44:50 +0000
commit	500811ab523b9ebdcbaf70c3a15f5bc40da330e4 (patch)
tree	85b611cfc5dab6919e5674ab621080b99380fdfd /net-dns
parent	Force python-2.4 usage #304521 by Domen Kožar. Apply upshader patch from up... (diff)
download	historical-500811ab523b9ebdcbaf70c3a15f5bc40da330e4.tar.gz historical-500811ab523b9ebdcbaf70c3a15f5bc40da330e4.tar.bz2 historical-500811ab523b9ebdcbaf70c3a15f5bc40da330e4.zip