X-Git-Url: http://gitweb.hugovil.com/?a=blobdiff_plain;f=stage3%2Fpkg%2Fbind;h=bed05092c9ab531e77851ee0723073afc398becd;hb=1b6490195147ee6d1098cf255240d60f60c40108;hp=a908d6837c078083626f7a5ca68079a0977d0880;hpb=3dae4c554ec18f465eb6ee5e6efdbdbe8557e13c;p=hvlinux.git diff --git a/stage3/pkg/bind b/stage3/pkg/bind index a908d68..bed0509 100644 --- a/stage3/pkg/bind +++ b/stage3/pkg/bind @@ -1,79 +1,63 @@ -#!/bin/sh -set -o errexit - -# First argument of this script is the package name - -# Reading system configuration informations, functions and package versions. -source ../sysinfos -source ../functions -source ../packages-list - -# Applying patches (if any) -apply_patches ${1} - -groupadd -f named -hv_useradd -c BindOwner -g named -m -s /bin/false named - -cd ${LFS_TMP}/${1} -./configure \ - --prefix=/usr \ - --sysconfdir=/etc \ - --localstatedir=/var \ - --mandir=/usr/share/man \ - --enable-threads \ - --with-libtool -# Use updated address for L.ROOT-SERVERS.NET. -sed -i "s@198.32.64.12@199.7.83.42@" lib/dns/rootns.c -make -make install - -# Enable the execute bit to prevent a warning when using ldd to check library dependencies. -chmod 755 /usr/lib/lib{bind9,isc{,cc,cfg},lwres,dns}.so.*.?.? - -cd doc -install -d -m755 /usr/share/doc/${1}/{arm,draft,misc,rfc} -install -m644 arm/*.html /usr/share/doc/${1}/arm -install -m644 draft/*.txt /usr/share/doc/${1}/draft -install -m644 rfc/* /usr/share/doc/${1}/rfc -install -m644 misc/{dnssec,ipv6,migrat*,options,rfc-compliance,roadmap,sdb} \ - /usr/share/doc/${1}/misc - -# Generation of a key for use in the named.conf and rdnc.conf files using the rndc-confgen command. -BINDKEY=$(rndc-confgen -b 512 | grep -m 1 "secret" | cut -d '"' -f 2) - -cd /home/named -mkdir -p dev etc/namedb/{pz,slave} var/run -rm -f /home/named/dev/null -mknod /home/named/dev/null c 1 3 -rm -f /home/named/dev/random -mknod /home/named/dev/random c 1 8 -chmod 666 /home/named/dev/{null,random} -cp /etc/localtime /home/named/etc - -# Creating the named.conf file from which named will read the location of zone files, -# root name servers and secure DNS keys. -cat > /home/named/etc/named.conf << "EOF" - options { - directory "/etc/namedb"; +#!/bin/bash + +hvconfig_pre() +{ + groupadd --system -f named + hv_useradd --system -c BindOwner -g named -s /bin/false named + install -d -m770 -o named -g named /srv/named +} + +hvbuild_post() +{ + # Enable the execute bit to prevent a warning when using ldd to check + # library dependencies. + chmod -v 0755 /usr/lib/lib{bind9,isc{,cc,cfg},lwres,dns}.so.*.?.? + + cd /srv/named + mkdir -p dev etc/namedb/{pz,slave} usr/lib/engines var/run/named + rm -f /srv/named/dev/null + mknod /srv/named/dev/null c 1 3 + rm -f /srv/named/dev/random + mknod /srv/named/dev/random c 1 8 + chmod 666 /srv/named/dev/{null,random} + cp /etc/localtime etc + touch managed-keys.bind + + # Needed to solve bug: + # initializing DST: openssl failure + cp -a /usr/lib/engines/libgost.so usr/lib/engines + + # Generation of a key for use in the named.conf and rdnc.conf files using + # the rndc-confgen command. + # If the option "-r /dev/random" is specified, the source of randomness is + # the keyboard/mouse and the command will wait forever for input before + # continuing. + # A counterpart to /dev/random is /dev/urandom ("unlocked"/non-blocking + # random) which reuses the internal pool to produce more pseudo-random + # bits. This means that the call will not block, but the output may contain + # less entropy than the corresponding read from /dev/random. + rndc-confgen -b 512 -r /dev/urandom > /etc/rndc.conf + + # Creating the named.conf file from which named will read the location of + # zone files, root name servers and secure DNS keys. + sed '/conf/d;/^#/!d;s:^# ::' /etc/rndc.conf > /srv/named/etc/named.conf + cat >> /srv/named/etc/named.conf << "EOF" +options { + directory "/etc/namedb"; pid-file "/var/run/named.pid"; statistics-file "/var/run/named.stats"; - - }; - controls { - inet 127.0.0.1 allow { localhost; } keys { rndc_key; }; - }; - key "rndc_key" { - algorithm hmac-md5; - secret "_BIND_KEY_"; - }; - zone "." { - type hint; - file "root.hints"; - }; - zone "0.0.127.in-addr.arpa" { - type master; - file "pz/127.0.0"; - }; + +}; + +zone "." { + type hint; + file "root.hints"; +}; + +zone "0.0.127.in-addr.arpa" { + type master; + file "pz/127.0.0"; +}; // Bind 9 now logs by default through syslog (except debug). // These are the default logging rules. @@ -112,22 +96,8 @@ logging { }; }; EOF -sed -i -e "s!_BIND_KEY_!${BINDKEY}!g" /home/named/etc/named.conf - -cat > /etc/rndc.conf << "EOF" -key rndc_key { -algorithm "hmac-md5"; - secret - "_BIND_KEY_"; - }; -options { - default-server localhost; - default-key rndc_key; -}; -EOF -sed -i -e "s!_BIND_KEY_!${BINDKEY}!g" /etc/rndc.conf -cat > /home/named/etc/namedb/pz/127.0.0 << "EOF" + cat > /srv/named/etc/namedb/pz/127.0.0 << "EOF" $TTL 3D @ IN SOA ns.local.domain. hostmaster.local.domain. ( 1 ; Serial @@ -139,7 +109,7 @@ $TTL 3D 1 PTR localhost. EOF -cat > /home/named/etc/namedb/root.hints << "EOF" + cat > /srv/named/etc/namedb/root.hints << "EOF" . 6D IN NS A.ROOT-SERVERS.NET. . 6D IN NS B.ROOT-SERVERS.NET. . 6D IN NS C.ROOT-SERVERS.NET. @@ -168,12 +138,14 @@ L.ROOT-SERVERS.NET. 6D IN A 198.32.64.12 M.ROOT-SERVERS.NET. 6D IN A 202.12.27.33 EOF -chown -R named.named /home/named + chown -R named.named /srv/named -# Bootscript -install -v -m740 ${SCRDIR}/bootscripts/named /etc/rc.d/init.d + # Bootscript + install -v -m740 ${SCRDIR}/bootscripts/named /etc/rc.d/init.d -# script-name start stop -bootscript_add_rc3 named 25 65 + # script-name start stop + bootscript_add_rc3 named 25 65 -exit $? + sed -i -e "s/^\(DNS_SERVER_ENA=\).*/\1\"yes\"/" \ + /etc/sysconfig/network/network-parameters +}