diff options
Diffstat (limited to 'net-dns')
-rw-r--r-- | net-dns/bind/ChangeLog | 8 | ||||
-rw-r--r-- | net-dns/bind/Manifest | 20 | ||||
-rw-r--r-- | net-dns/bind/bind-9.9.5-r1.ebuild (renamed from net-dns/bind/bind-9.9.5.ebuild) | 16 | ||||
-rw-r--r-- | net-dns/bind/files/named.conf-r7 | 172 | ||||
-rw-r--r-- | net-dns/bind/files/named.init-r13 | 248 |
5 files changed, 446 insertions, 18 deletions
diff --git a/net-dns/bind/ChangeLog b/net-dns/bind/ChangeLog index c499b9d71ead..1011247aad41 100644 --- a/net-dns/bind/ChangeLog +++ b/net-dns/bind/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for net-dns/bind # Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/ChangeLog,v 1.487 2014/01/31 21:14:24 idl0r Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/ChangeLog,v 1.488 2014/01/31 21:24:49 idl0r Exp $ + +*bind-9.9.5-r1 (31 Jan 2014) + + 31 Jan 2014; Christian Ruppert <idl0r@gentoo.org> -bind-9.9.5.ebuild, + +bind-9.9.5-r1.ebuild, +files/named.conf-r7, +files/named.init-r13: + Fix bug 482590 31 Jan 2014; Christian Ruppert <idl0r@gentoo.org> bind-9.9.5.ebuild: Fix static-libs diff --git a/net-dns/bind/Manifest b/net-dns/bind/Manifest index fb7bcc16d038..53f27965189b 100644 --- a/net-dns/bind/Manifest +++ b/net-dns/bind/Manifest @@ -10,8 +10,10 @@ AUX localhost.zone-r3 426 SHA256 3f39e9b5be72435e961cd6f5acdfe396b05640bf370969a AUX named.cache 3048 SHA256 2e19682ad79bee201e3fc0454b73d45d04be7ba7dceb28612ec71fff0add6de4 SHA512 f84a7c83b424fa59126617062c1442dd8fb28905cd082f5f60087da03fe0e10c55a2c20fc398d9c69af7c1f75f7c72f78f4c203503cf51a6c06be22df8132996 WHIRLPOOL 6d3a843535cd0685703b99474be5eb599ba13b81be98d337236ef826e672aa534d4cdf4fe54f3aa0e838c8e7568a4201764c423d3bb490a9f842c446a58c1722 AUX named.conf 31 SHA256 3355e44c498317cfb172177da3d13cef5508f9c1553850240b93ea9279ede848 SHA512 6a5598a44afc454acfdf7285bfa36599469d1385a88a511db910d9575945d1ed60ae7157cd44d625774048ce25c2860ca4805aa23a86c32853cf7d80ab36a8f4 WHIRLPOOL 77275940b39cfbfa08b7a5a43f8b9e92efb183166668a96d9ae1973a0e66578c09140f060311d2521a203775a86798b0a7b3f66864e8453050b91c691c1f5ad5 AUX named.conf-r6 4120 SHA256 6fb9670beeb34a7a2512a608d0ac8d49d7bdba5fd8c67bc0da0291db4fb2f8fc SHA512 ef02d0070faa24f5b55e3c7e0c79c16c2303ece453e9f8849f506b113eb28c64b8fc726c92d73bb7c0087be331ef3b1e04b9999ddf34a2a24f6dc13208fa3e1a WHIRLPOOL 1317b64900bc3324c508cf8f8ca5d4b786623b8fa599946ee9a7fe5d80b267adfef3e0b049a9fdd21a08cf62f234e8e36e53812d51f3b0d0b3e7b28243616a0a +AUX named.conf-r7 4116 SHA256 4aa2617f7990101d3262d0422636c5d967e78be6ee2582568e31680684dd9948 SHA512 3e1cea45ddb9df92658c35948eb00bd823087af0d48102751edf1c248e7d6c1ae03aa2a1b7d1d0ce3d7837219ff4c2e05cbb7f299caaa97688ca876f2b0af80b WHIRLPOOL e26b4be274f4b072485dbe247f4ba226ce379551e285fc133dd21b2e49179c12d0ff32600fd86b0085cc333283d5c6301758a5d929dce65e41c552d6ab6d01c5 AUX named.confd-r6 1368 SHA256 704ac6954b2bad5d0bab19281dc703e86d9b4fe94d63dd00be1e525a3e64c492 SHA512 074c37ecfa6d59de4ac70782b4722ffbeb3d66fae7cfa66810a67a06a1915d4e73f03b1f497d6005f125749aff61d11adf2927dcdb5a3d4fc4fb407fafa02dd1 WHIRLPOOL 3347b6887f1c516d3a4b2d40eb42195669b7a2ec01d02df21c7c0d4c27fe8984e1a2985d32f7631c1cd31b16c0f5031e69abfe5fd3d9c9debd156fd04d5c6910 AUX named.init-r12 6095 SHA256 953e066b5d77f59917db59365cd2103c5bec19889775bd3f6437b946c9d6d936 SHA512 7a576816fb3306c2a66227f78f23301b55b5376f587e6a521b33c2c90dc1499290751c83d5e0e5bc4961a1413480d993c909bf3c448a05762bf7928b43bf9559 WHIRLPOOL e0973117385b6d5d3bdc83c1777a90849da682e89ce716bf69de92528959edf93edbff264b25aa13ad7f73803f3eb403e89badad996c2c01245c5a0f97247b7f +AUX named.init-r13 6083 SHA256 55024fe0e2b491b5cb490a9f575bad3096d446f20f8d52778d778fd26a415d52 SHA512 9d557b1b30989b21d9ae9c3f4e2a886f59de728cd5893a7538be3bc424bf17b249165ed939c87db02f0b760faf46a5503c5bf523386b84ddfe8128e76f79930b WHIRLPOOL 8566abd7dda75fd3be7f3cf21baec149ce280a78ea400709272e6ad419417c14f6b1bc859ae2809a44c24aab382d6e6d10323c8df430884d306243275c35d77d AUX named.service 555 SHA256 2716ea68363f57b54d272eae70f418a19f3624687753d9249babd272efe5052e SHA512 b97dfe465ee19d8d896e0c1e248c8d47d6b68b2faeb34cc37d5b3750d921ceb2a1e25637e429f16533f387907f164f84201d7a55e1590bac681a5df546afbfe6 WHIRLPOOL 687203e25eac1e15e29a51a243fe41f6a40456e80a4c51f640b65c22e2bbdaccef5fba8e6164679394365e73f38a3cb8d9b8ce368572665cd49b88d724d12a7b DIST bind-9.8.3-P1-geoip-1.3.patch 54137 SHA256 9d5716d661fc3d76b3f201a0bcf563f4c1cd1fedf42c8434e4cce31f666866ff SHA512 33ed5855c1e20681667a7def229a6f6a721d309fb7e4a817825c80e652ce24036c220597c5a0252f6f4a11acaf652319868ae79d8eb3236ca52fb5311298a95a WHIRLPOOL b8e97e15c212710ed6efef508a883cc6adda530c1201263371b8208f85c813389ec9fd6c636d7fcc70ca848cfafea8c4f1edc9195b083995732ad4feef2e7dfe DIST bind-9.8.6.tar.gz 7275769 SHA256 01cc3a0105b47833b99e61b69acd824be4eeefd6557fffa26eced8e03f1249cd SHA512 09e94e1baa78ba05766078e98251e048aacb440487c8fd72d76e369abc1869fd62d8e8f67f7c12cdd06dca823fc98288c38e41602ad394b00dee4e9db01677b6 WHIRLPOOL d2de919082ac78961df3a14c69386a6c42bbcedbd561f5902fcbd920183a7cd171b2e5e69e451fc3df3568985941ce1842fc27a43a44dea0071fe2154f233b02 @@ -29,17 +31,17 @@ DIST rl-9.9.3-P2.patch 104064 SHA256 9aff9d39077160a7a156aa40456f19779b7f5ed2e5b EBUILD bind-9.8.6.ebuild 12997 SHA256 468c62d41326a4d8b11c0e95e45e5b52458aab660c436397654cfb1a9e9ca1bc SHA512 912e65d8ec1771b077ffce6c0cc5ca1471de6b8a6314ea2e0f28b34c7bef3d07c27e9bc8ad76b983d162d1bd25339d0eebf9c771f1e674517bbdedb16e3cc612 WHIRLPOOL 5e2d57b1c0ee7fa6b659c5bb383e6962f28e5a7dbaa6e4c8a2ed64af6dd0c5df9075d2a6465dd9c1c3c8bbbc0a06cbefd2646b555f77a85b6f9b7b9e5e31d333 EBUILD bind-9.9.3_p2.ebuild 13715 SHA256 072961fe58945c3e40d5344542bf013ba276b8dc33ce24d9a073f8fe88588b74 SHA512 4668304a32b14489569cae921de7b01033f99168f54e667aed3a71f93d9378e75a8fc5bb38ac663cabfd852621189576c3f133fa9881540e388531e9571f4412 WHIRLPOOL 37dfa4879e49198fa75073c9eb38b6d6d85d295d742417327757202ee59b559ad5ca6546038f15e513ad3690eb711a9bf657890a8d286543d4c9f144f02b46e4 EBUILD bind-9.9.4_p2.ebuild 13754 SHA256 15664e078b4db7588f7481d61479fb5ac2366f2135fe004010277d1d00ef5bef SHA512 7b8afe341275a57b617787a74e6bcec0f35ee36a5857d80744b00e4ea302a1b2afa582b0c8f6f64f44186ba5a7a0bae1e86b609966248652f4f289faa76a24b9 WHIRLPOOL 7dd7a5cd422372a8fc5b07219e1da05e7f514eaee1ed4ff4c848070f33182af39ab61d11f1f5f04f6cefff4f2b8b6305e39451e3749bdb4b7c5d2d9af47a1f07 -EBUILD bind-9.9.5.ebuild 13863 SHA256 fa593e11450b9b50ff839effe28a275fc1caea780b1df415a8fe1e5a290c1cad SHA512 efc09d172b7880efc448653b06b05b6aa69c9ca2a6e1e1ba69fe549f96ff9043dda84787ee3788178d52d06f6dae402dba880ec6e07e50e464a1cd0658ad9a9d WHIRLPOOL 836cb9ec5e1d115b761ba13f1688ba07b7ef182463911c8a5645628a8e49d8b0b9ec27943bf76a61d8178b632f0a905bbf9ec861ab76863d0a6400dc68bac6ab -MISC ChangeLog 77974 SHA256 163ec9d5bc1a905261202af3a45505d684aa2b7eaf640f0c35fc628a7a855ee7 SHA512 aa4455046bbd8fb16e40a319cdd3ad76fc2fec72335296bfb4386938f229a19fec1690b092561a6332ec900d9bfe24b0bdbdb70f3db3a501a9ed94aa1b3fa9e5 WHIRLPOOL d7fe338a46d33faeea80cc037dc8a4ebdb22080ed200a2b6fcbbc86db912f3677a68c18d9a05761e343b77adf26e1ec6aea3dcad31cab3fa4ed1918e59ccda7c +EBUILD bind-9.9.5-r1.ebuild 13906 SHA256 3851a86949dc66a49acb1527c55d9eaa173df02d696ac01ce312b9c2995b7a2e SHA512 522fc9ea18924fa51c1bac64cb2ed74ebd2cc25038c94ce4915331fa55f5e496e925713ea9076c2d09dc3b86bca2b2750005cf2313fde3eb2aac20a96a4f2876 WHIRLPOOL 0346fb7e111bb125f2c2e95ff64f0cab7886693bd6d06abcbc26d59d1a2ecb4a3d514023224400a137eee3de497e2ff43f18188743796e4c78fb51c00e6f502a +MISC ChangeLog 78164 SHA256 c6bfc88bdd9f373a00df609fd8f7c833cbe4e7c393f0df576b33769c50d35831 SHA512 e2ba6f102e25d58ecd0af3db9396e0b5f50a015f3e757cd608d0ebbee1d04627ce630825f3123fb3d07c3bd2bc666de6b6b0fe5652e08a9793aa73e204b43b1d WHIRLPOOL 9509b7b2793bd8a70ba75d33eb1203084d386800c3bc94369f9603bf866ccd8adeecd3612d1ca27d4e04e6235983aba4f7c483e0233d36af807ca00e5aab3ebe MISC metadata.xml 927 SHA256 d2d095b814e2df50ca39c1493c5d4315ad1d5b4b37aec7b34385771d10ae5d9d SHA512 6ac8c5a70b5cc01d0fac54118066a9ea626d089f9e5a2d45ea4b1b9cedacfafa46e5da60717c2d6f872657f8bc780ea223149afbaa51bdeaa3effef1e01dd218 WHIRLPOOL 7ede42b528d5132c0f0e5d6a3c765154ead764d590975472960cee48fce2f23e6e9687c6fc64f610101758c09b50da61c10f00267582dc708fd57e7f7f984e8f -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) -iQEcBAEBCAAGBQJS7BIxAAoJEMOx0zmdw4Z1UjwH/20sJZmOzR/7GSvwQziYkZ6p -NljxCM880P4KKQzB4G5jo89LoDq8bKg0pZuRHnYqIOcXlq9YteZ05ZGt7yQuRxgV -SAtJqBOd7yNf1h++Cx5YRlEuxnkfPkD+GZtuSNWRXBCK+RI6Al+/FrHJnilnrvuw -vN6E9oCjj4UY5nkfi8Zz53W9Qp6VQ6f8n5iDWZEunoxj77DvNlKQUPS4rcFVa79B -xLUFQms4ppZ/POHPTvwYqqAMz4GN4wpSFprQNOse0MVhsw2OVWA28iGbPfFqkaGw -sNGnDojc4UBpZ9Tna2MPDbE4hvgswEGE/L6knR9E+r64dWyp7wNDkzqYPOEcfLY= -=uaxY +iQEcBAEBCAAGBQJS7BSiAAoJEMOx0zmdw4Z1SFoH/jEh18/m+d+wRkTtawKEuzfM +7nn4UjPExervAHcmCrkeZJ3EunWDfEG5/p80vWONA2cmBTX3HDDxhDbAXbtMDERs +9MlhOxlyNEvk5Xqs2rGzr9Ujv3xso/kGfqhbgLSzdwluexq4eEaf8UTysPgOAZnF +sSYePOjZc3MRTIascCmkCBalKxByHdcld3hO4VPj129kdAh6WSXchZHm8Uv+Jq36 ++W/6GIB+aoyUfsVJI8ewJtRgwwqkyIXHf3AN2+X2nnmk3QfA6X/IO5S4MhYOcOR1 +yNGkmrtBViQrg6MHfMgQnJZq97IrZjmh0lFWznlBEg7KhjL/UbL4a/rtslBqU7g= +=oWcL -----END PGP SIGNATURE----- diff --git a/net-dns/bind/bind-9.9.5.ebuild b/net-dns/bind/bind-9.9.5-r1.ebuild index e453165412f3..a05d2287cf36 100644 --- a/net-dns/bind/bind-9.9.5.ebuild +++ b/net-dns/bind/bind-9.9.5-r1.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2014 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/bind-9.9.5.ebuild,v 1.2 2014/01/31 21:14:24 idl0r Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/bind-9.9.5-r1.ebuild,v 1.1 2014/01/31 21:24:49 idl0r Exp $ # Re dlz/mysql and threads, needs to be verified.. # MySQL uses thread local storage in its C api. Thus MySQL @@ -244,7 +244,7 @@ src_install() { use geoip && dodoc "${DISTDIR}"/${GEOIP_DOC_A} insinto /etc/bind - newins "${FILESDIR}"/named.conf-r6 named.conf + newins "${FILESDIR}"/named.conf-r7 named.conf # ftp://ftp.rs.internic.net/domain/named.cache: insinto /var/bind @@ -254,7 +254,7 @@ src_install() { newins "${FILESDIR}"/127.zone-r1 127.zone newins "${FILESDIR}"/localhost.zone-r3 localhost.zone - newinitd "${FILESDIR}"/named.init-r12 named + newinitd "${FILESDIR}"/named.init-r13 named newconfd "${FILESDIR}"/named.confd-r6 named if use gost; then @@ -362,11 +362,11 @@ pkg_postinst() { ewarn ewarn "NOTE: If you upgrade from <net-dns/bind-9.4.3_p5-r1, you may encounter permission problems" ewarn "To fix the permissions do:" - ewarn "chown root:named /{etc,var}/bind /var/{run,log}/named /var/bind/{sec,pri,dyn}" + ewarn "chown root:named /{etc,var}/bind /run/named/ /var/log/named /var/bind/{sec,pri,dyn}" ewarn "chown root:named /var/bind/named.cache /var/bind/pri/{127,localhost}.zone /etc/bind/{bind.keys,named.conf}" ewarn "chmod 0640 /var/bind/named.cache /var/bind/pri/{127,localhost}.zone /etc/bind/{bind.keys,named.conf}" ewarn "chmod 0750 /etc/bind /var/bind/pri" - ewarn "chmod 0770 /var/{run,log}/named /var/bind/{,sec,dyn}" + ewarn "chmod 0770 /run/named/ /var/log/named /var/bind/{,sec,dyn}" ewarn } @@ -394,9 +394,9 @@ pkg_config() { echo; einfo "Setting up the chroot directory..." mkdir -m 0750 -p ${CHROOT} - mkdir -m 0755 -p ${CHROOT}/{dev,etc,var/{run,log}} + mkdir -m 0755 -p ${CHROOT}/{dev,etc,var/log,run} mkdir -m 0750 -p ${CHROOT}/etc/bind - mkdir -m 0770 -p ${CHROOT}/var/{bind,{run,log}/named} + mkdir -m 0770 -p ${CHROOT}/var/{bind,log/named} ${CHROOT}/run/named/ # As of bind 9.8.0 if has_version net-dns/bind[gost]; then if [ "$(get_libdir)" = "lib64" ]; then @@ -406,7 +406,7 @@ pkg_config() { mkdir -m 0755 -p ${CHROOT}/usr/lib/engines fi fi - chown root:named ${CHROOT} ${CHROOT}/var/{bind,{run,log}/named} ${CHROOT}/etc/bind + chown root:named ${CHROOT} ${CHROOT}/var/{bind,log/named} ${CHROOT}/run/named/ ${CHROOT}/etc/bind mknod ${CHROOT}/dev/null c 1 3 chmod 0666 ${CHROOT}/dev/null diff --git a/net-dns/bind/files/named.conf-r7 b/net-dns/bind/files/named.conf-r7 new file mode 100644 index 000000000000..5b9c1cdc209a --- /dev/null +++ b/net-dns/bind/files/named.conf-r7 @@ -0,0 +1,172 @@ +/* + * Refer to the named.conf(5) and named(8) man pages, and the documentation + * in /usr/share/doc/bind-9 for more details. + * Online versions of the documentation can be found here: + * http://www.isc.org/software/bind/documentation + * + * If you are going to set up an authoritative server, make sure you + * understand the hairy details of how DNS works. Even with simple mistakes, + * you can break connectivity for affected parties, or cause huge amounts of + * useless Internet traffic. + */ + +acl "xfer" { + /* Deny transfers by default except for the listed hosts. + * If we have other name servers, place them here. + */ + none; +}; + +/* + * You might put in here some ips which are allowed to use the cache or + * recursive queries + */ +acl "trusted" { + 127.0.0.0/8; + ::1/128; +}; + +options { + directory "/var/bind"; + pid-file "/run/named/named.pid"; + + /* https://www.isc.org/solutions/dlv >=bind-9.7.x only */ + //bindkeys-file "/etc/bind/bind.keys"; + + listen-on-v6 { ::1; }; + listen-on { 127.0.0.1; }; + + allow-query { + /* + * Accept queries from our "trusted" ACL. We will + * allow anyone to query our master zones below. + * This prevents us from becoming a free DNS server + * to the masses. + */ + trusted; + }; + + allow-query-cache { + /* Use the cache for the "trusted" ACL. */ + trusted; + }; + + allow-recursion { + /* Only trusted addresses are allowed to use recursion. */ + trusted; + }; + + allow-transfer { + /* Zone tranfers are denied by default. */ + none; + }; + + allow-update { + /* Don't allow updates, e.g. via nsupdate. */ + none; + }; + + /* + * If you've got a DNS server around at your upstream provider, enter its + * IP address here, and enable the line below. This will make you benefit + * from its cache, thus reduce overall DNS traffic in the Internet. + * + * Uncomment the following lines to turn on DNS forwarding, and change + * and/or update the forwarding ip address(es): + */ +/* + forward first; + forwarders { + // 123.123.123.123; // Your ISP NS + // 124.124.124.124; // Your ISP NS + // 4.2.2.1; // Level3 Public DNS + // 4.2.2.2; // Level3 Public DNS + 8.8.8.8; // Google Open DNS + 8.8.4.4; // Google Open DNS + }; + +*/ + + //dnssec-enable yes; + //dnssec-validation yes; + + /* + * As of bind 9.8.0: + * "If the root key provided has expired, + * named will log the expiration and validation will not work." + */ + //dnssec-validation auto; + + /* if you have problems and are behind a firewall: */ + //query-source address * port 53; +}; + +/* +logging { + channel default_log { + file "/var/log/named/named.log" versions 5 size 50M; + print-time yes; + print-severity yes; + print-category yes; + }; + + category default { default_log; }; + category general { default_log; }; +}; +*/ + +include "/etc/bind/rndc.key"; +controls { + inet 127.0.0.1 port 953 allow { 127.0.0.1/32; ::1/128; } keys { "rndc-key"; }; +}; + +zone "." in { + type hint; + file "/var/bind/named.cache"; +}; + +zone "localhost" IN { + type master; + file "pri/localhost.zone"; + notify no; +}; + +zone "127.in-addr.arpa" IN { + type master; + file "pri/127.zone"; + notify no; +}; + +/* + * Briefly, a zone which has been declared delegation-only will be effectively + * limited to containing NS RRs for subdomains, but no actual data beyond its + * own apex (for example, its SOA RR and apex NS RRset). This can be used to + * filter out "wildcard" or "synthesized" data from NAT boxes or from + * authoritative name servers whose undelegated (in-zone) data is of no + * interest. + * See http://www.isc.org/software/bind/delegation-only for more info + */ + +//zone "COM" { type delegation-only; }; +//zone "NET" { type delegation-only; }; + +//zone "YOUR-DOMAIN.TLD" { +// type master; +// file "/var/bind/pri/YOUR-DOMAIN.TLD.zone"; +// allow-query { any; }; +// allow-transfer { xfer; }; +//}; + +//zone "YOUR-SLAVE.TLD" { +// type slave; +// file "/var/bind/sec/YOUR-SLAVE.TLD.zone"; +// masters { <MASTER>; }; + + /* Anybody is allowed to query but transfer should be controlled by the master. */ +// allow-query { any; }; +// allow-transfer { none; }; + + /* The master should be the only one who notifies the slaves, shouldn't it? */ +// allow-notify { <MASTER>; }; +// notify no; +//}; diff --git a/net-dns/bind/files/named.init-r13 b/net-dns/bind/files/named.init-r13 new file mode 100644 index 000000000000..7f4955327429 --- /dev/null +++ b/net-dns/bind/files/named.init-r13 @@ -0,0 +1,248 @@ +#!/sbin/runscript +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/files/named.init-r13,v 1.1 2014/01/31 21:24:49 idl0r Exp $ + +extra_commands="checkconfig checkzones" +extra_started_commands="reload" + +depend() { + need net + use logger + provide dns +} + +NAMED_CONF=${CHROOT}/etc/bind/named.conf + +OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-0} +MOUNT_CHECK_TIMEOUT=${MOUNT_CHECK_TIMEOUT:-60} + +_mount() { + local from + local to + local opts + local ret=0 + + if [ "${#}" -lt 3 ]; then + eerror "_mount(): to few arguments" + return 1 + fi + + from=$1 + to=$2 + shift 2 + + opts="${*}" + shift $# + + if [ -z "$(awk "\$2 == \"${to}\" { print \$2 }" /proc/mounts)" ]; then + einfo "mounting ${from} to ${to}" + mount ${from} ${to} ${opts} + ret=$? + + eend $ret + return $ret + fi + + return 0 +} + +_umount() { + local dir=$1 + local ret=0 + + if [ -n "$(awk "\$2 == \"${dir}\" { print \$2 }" /proc/mounts)" ]; then + ebegin "umounting ${dir}" + umount ${dir} + ret=$? + + eend $ret + return $ret + fi + + return 0 +} + +_get_pidfile() { + # as suggested in bug #107724, bug 335398#c17 + [ -n "${PIDFILE}" ] || PIDFILE=${CHROOT}$(\ + /usr/sbin/named-checkconf -p ${CHROOT:+-t} ${CHROOT} ${NAMED_CONF#${CHROOT}} | grep 'pid-file' | cut -d\" -f2) + [ -z "${PIDFILE}" ] && PIDFILE=${CHROOT}/run/named/named.pid +} + +check_chroot() { + if [ -n "${CHROOT}" ]; then + [ ! -d "${CHROOT}" ] && return 1 + [ ! -d "${CHROOT}/dev" ] || [ ! -d "${CHROOT}/etc" ] || [ ! -d "${CHROOT}/var" ] && return 1 + [ ! -d "${CHROOT}/run" ] || [ ! -d "${CHROOT}/var/log" ] && return 1 + [ ! -d "${CHROOT}/etc/bind" ] || [ ! -d "${CHROOT}/var/bind" ] && return 1 + [ ! -d "${CHROOT}/var/log/named" ] && return 1 + [ ! -c "${CHROOT}/dev/null" ] || [ ! -c "${CHROOT}/dev/zero" ] && return 1 + [ ! -c "${CHROOT}/dev/random" ] && [ ! -c "${CHROOT}/dev/urandom" ] && return 1 + [ "${CHROOT_GEOIP:-0}" -eq 1 ] && [ ! -d "${CHROOT}/usr/share/GeoIP" ] && return 1 + if [ ${OPENSSL_LIBGOST:-0} -eq 1 ]; then + if [ -d "/usr/lib64" ]; then + [ ! -d "${CHROOT}/usr/lib64/engines" ] && return 1 + elif [ -d "/usr/lib" ]; then + [ ! -d "${CHROOT}/usr/lib/engines" ] && return 1 + fi + fi + fi + + return 0 +} + +checkconfig() { + ebegin "Checking named configuration" + + if [ ! -f "${NAMED_CONF}" ] ; then + eerror "No ${NAMED_CONF} file exists!" + return 1 + fi + + /usr/sbin/named-checkconf ${CHROOT:+-t} ${CHROOT} ${NAMED_CONF#${CHROOT}} || { + eerror "named-checkconf failed! Please fix your config first." + return 1 + } + + eend 0 + return 0 +} + +checkzones() { + ebegin "Checking named configuration and zones" + /usr/sbin/named-checkconf -z -j ${CHROOT:+-t} ${CHROOT} ${NAMED_CONF#${CHROOT}} + eend $? +} + +start() { + local piddir + + ebegin "Starting ${CHROOT:+chrooted }named" + + if [ -n "${CHROOT}" ]; then + if [ ${CHROOT_NOCHECK:-0} -eq 0 ]; then + check_chroot || { + eend 1 + eerror "Your chroot dir ${CHROOT} is inconsistent, please run 'emerge --config net-dns/bind' first" + return 1 + } + fi + + if [ ${OPENSSL_LIBGOST:-0} -eq 1 ]; then + if [ ! -e /usr/lib/engines/libgost.so ]; then + eend 1 + eerror "Couldn't find /usr/lib/engines/libgost.so but bind has been built with openssl and libgost support" + return 1 + fi + cp -Lp /usr/lib/engines/libgost.so "${CHROOT}/usr/lib/engines/libgost.so" || { + eend 1 + eerror "Couldn't copy /usr/lib/engines/libgost.so into '${CHROOT}/usr/lib/engines/'" + return 1 + } + fi + cp -Lp /etc/localtime "${CHROOT}/etc/localtime" + + if [ "${CHROOT_NOMOUNT:-0}" -eq 0 ]; then + einfo "Mounting chroot dirs" + _mount /etc/bind ${CHROOT}/etc/bind -o bind + _mount /var/bind ${CHROOT}/var/bind -o bind + _mount /var/log/named ${CHROOT}/var/log/named -o bind + if [ "${CHROOT_GEOIP:-0}" -eq 1 ]; then + _mount /usr/share/GeoIP ${CHROOT}/usr/share/GeoIP -o bind + fi + fi + fi + + checkconfig || { eend 1; return 1; } + + # create piddir (usually /run/named) if necessary, bug 334535 + _get_pidfile + piddir="${PIDFILE%/*}" + checkpath -q -d -o root:named -m 0770 "${piddir}" || { + eend 1 + return 1 + } + + # In case someone have $CPU set in /etc/conf.d/named + if [ -n "${CPU}" ] && [ "${CPU}" -gt 0 ]; then + CPU="-n ${CPU}" + fi + + start-stop-daemon --start --pidfile ${PIDFILE} \ + --nicelevel ${NAMED_NICELEVEL:-0} \ + --exec /usr/sbin/named \ + -- -u named ${CPU} ${OPTIONS} ${CHROOT:+-t} ${CHROOT} + eend $? +} + +stop() { + local reported=0 + + ebegin "Stopping ${CHROOT:+chrooted }named" + + # Workaround for now, until openrc's restart has been fixed. + # openrc doesn't care about a restart() function in init scripts. + if [ "${RC_CMD}" = "restart" ]; then + if [ -n "${CHROOT}" -a ${CHROOT_NOCHECK:-0} -eq 0 ]; then + check_chroot || { + eend 1 + eerror "Your chroot dir ${CHROOT} is inconsistent, please run 'emerge --config net-dns/bind' first" + return 1 + } + fi + + checkconfig || { eend 1; return 1; } + fi + + # -R 10, bug 335398 + _get_pidfile + start-stop-daemon --stop --retry 10 --pidfile $PIDFILE \ + --exec /usr/sbin/named + + if [ -n "${CHROOT}" ] && [ "${CHROOT_NOMOUNT:-0}" -eq 0 ]; then + ebegin "Umounting chroot dirs" + + # just to be sure everything gets clean + while fuser -s ${CHROOT} 2>/dev/null; do + if [ "${reported}" -eq 0 ]; then + einfo "Waiting until all named processes are stopped (max. ${MOUNT_CHECK_TIMEOUT} seconds)" + elif [ "${reported}" -eq "${MOUNT_CHECK_TIMEOUT}" ]; then + eerror "Waiting until all named processes are stopped failed!" + eend 1 + break + fi + sleep 1 + reported=$((reported+1)) + done + + [ "${CHROOT_GEOIP:-0}" -eq 1 ] && _umount ${CHROOT}/usr/share/GeoIP + _umount ${CHROOT}/etc/bind + _umount ${CHROOT}/var/log/named + _umount ${CHROOT}/var/bind + fi + + eend $? +} + +reload() { + local ret + + ebegin "Reloading named.conf and zone files" + + checkconfig || { eend 1; return 1; } + + _get_pidfile + if [ -n "${PIDFILE}" ]; then + start-stop-daemon --pidfile $PIDFILE --signal HUP + ret=$? + else + ewarn "Unable to determine the pidfile... this is" + ewarn "a fallback mode. Please check your installation!" + + $RC_SERVICE restart + ret=$? + fi + + eend $ret +} |