スポンサーサイト

上記の広告は1ヶ月以上更新のないブログに表示されています。
新しい記事を書く事で広告が消せます。

RHEL5系用にBIND9.9をrpmbuild

SRPMとして
http://centos.alt.ru/repository/centos/5/SRPMS/bind-9.9.1-4.P3.el5.src.rpm
を元にした。

# rpm -ivh bind-9.9.1-4.P3.el5.src.rpm
# cd /usr/src/redhat/SOURCE
# cp SRC/bind-9.9.2.tar.gz .
# tar zxf bind-9.9.2.tar.gz
# cd bind-9.9.2
# cp configure.in configure.in.orig
# vi configure.in
#AC_C_FLEXIBLE_ARRAY_MEMBER ← コメントアウト

# diff -up configure.in configure.in.orig
--- configure.in.orig   2012-09-27 09:35:19.000000000 +0900
+++ configure.in 2012-10-10 17:34:15.000000000 +0900
@@ -372,7 +372,7 @@ AC_C_CONST
AC_C_INLINE
AC_C_VOLATILE
AC_CHECK_FUNC(sysctlbyname, AC_DEFINE(HAVE_SYSCTLBYNAME))
-AC_C_FLEXIBLE_ARRAY_MEMBER
+#AC_C_FLEXIBLE_ARRAY_MEMBER

#
# Older versions of HP/UX don't define seteuid() and setegid()

# vi ../bind-9.9.0-RHEL.patch
上記をコピペして修正したものを貼り付け(元々あった記述は全削除)。
--- bind-9.9.2/configure.in.orig   2012-09-27 09:35:19.000000000 +0900 ← 「bind-9.9.2/」を付け足し
+++ bind-9.9.2/configure.in 2012-10-10 17:34:15.000000000 +0900 ← 「bind-9.9.2/」を付け足し
@@ -372,7 +372,7 @@ AC_C_CONST
AC_C_INLINE
AC_C_VOLATILE
AC_CHECK_FUNC(sysctlbyname, AC_DEFINE(HAVE_SYSCTLBYNAME))
-AC_C_FLEXIBLE_ARRAY_MEMBER
+#AC_C_FLEXIBLE_ARRAY_MEMBER

#
# Older versions of HP/UX don't define seteuid() and setegid()

# rm -rf bind-9.9.2
# cd ../SPEC
# vi bind9_9.spec

差分だけピックアップすると、
%define PATCHVER P3 ← コメントアウト

%define VERSION %{version} ← 有効化
#%define VERSION %{version}-%{PATCHVER} ← コメントアウト

%{?!SDB: %define SDB 0} ← 0に変更
%{?!GSSTSIG: %define GSSTSIG 0} ← 0に変更
%{?!PKCS11: %define PKCS11 0} ← 0に変更

Version: 9.9.2 ← 変更
Release: %{?dist} ← 変更

コメントアウト

## Common patches
#Patch5: bind-nonexec.patch
#Patch10: bind-9.5-PIE.patch
#Patch16: bind-9.3.2-redhat_doc.patch
#Patch71: bind-9.5-overflow.patch
#Patch72: bind-9.5-dlz-64bit.patch
#Patch87: bind-9.5-parallel-build.patch
#Patch99: bind-96-libtool2.patch
#Patch101:bind-96-old-api.patch
#Patch102:bind-95-rh452060.patch
#Patch106:bind93-rh490837.patch
#Patch107:bind97-dist-pkcs11.patch
#Patch109:bind97-rh478718.patch
#Patch110:bind97-rh507429.patch
#Patch111:bind97-compat-default-keysdir.patch

## SDB patches
#Patch11: bind-9.3.2b2-sdbsrc.patch
#Patch12: bind-9.5-sdb.patch
#Patch62: bind-9.5-sdb-sqlite-bld.patch
#
## needs inpection
#Patch17: bind-9.3.2b1-fix_sdb_ldap.patch
#Patch104: bind-96-dyndb.patch
#
## IDN paches
#Patch73: bind-9.5-libidn.patch
#Patch83: bind-9.5-libidn2.patch
#Patch85: bind-9.5-libidn3.patch
#Patch94: bind95-rh461409.patch

コメントアウト

## Common patches
#%patch5 -p1 -b .nonexec
#%patch10 -p1 -b .PIE
#%patch16 -p1 -b .redhat_doc
#%patch104 -p1 -b .dyndb
#%patch111 -p1 -b .compat-default-keysdir
#%if %{SDB}
#%patch101 -p1 -b .old-api
#mkdir bin/named-sdb
#cp -r bin/named/* bin/named-sdb
#%patch11 -p1 -b .sdbsrc
## SDB ldap
#cp -fp contrib/sdb/ldap/ldapdb.[ch] bin/named-sdb
## SDB postgreSQL
#cp -fp contrib/sdb/pgsql/pgsqldb.[ch] bin/named-sdb
## SDB sqlite
#cp -fp contrib/sdb/sqlite/sqlitedb.[ch] bin/named-sdb
## SDB Berkeley DB - needs to be ported to DB4!
##cp -fp contrib/sdb/bdb/bdb.[ch] bin/named_sdb
## SDB dir
#cp -fp contrib/sdb/dir/dirdb.[ch] bin/named-sdb
## SDB tools
#mkdir -p bin/sdb_tools
#cp -fp %{SOURCE30} bin/sdb_tools/ldap2zone.c
#cp -fp %{SOURCE7} bin/sdb_tools/Makefile.in
##cp -fp contrib/sdb/bdb/zone2bdb.c bin/sdb_tools
#cp -fp contrib/sdb/ldap/{zone2ldap.1,zone2ldap.c} bin/sdb_tools
#cp -fp contrib/sdb/pgsql/zonetodb.c bin/sdb_tools
#cp -fp contrib/sdb/sqlite/zone2sqlite.c bin/sdb_tools
#%patch12 -p1 -b .sdb
#%endif
#%if %{SDB}
#%patch17 -p1 -b .fix_sdb_ldap
#%endif
#%if %{SDB}
#%patch62 -p1 -b .sdb-sqlite-bld
#%endif
##%patch71 -p1 -b .overflow
#%ifnarch alpha ia64
#%patch72 -p1 -b .64bit
#%endif
#%patch73 -p1 -b .libidn
#%patch83 -p1 -b .libidn2
#%patch85 -p1 -b .libidn3
#%patch87 -p1 -b .parallel
#%patch94 -p1 -b .rh461409

コメントアウト

#%patch99 -p1 -b .libtool2
#
#%patch102 -p1 -b .rh452060
#%patch106 -p0 -b .rh490837
#%patch107 -p1 -b .dist-pkcs11
#%patch109 -p1 -b .rh478718
#%patch110 -p1 -b .rh507429

コメントアウト

## Sparc and s390 arches need to use -fPIE
#%ifarch sparcv9 sparc64 s390 s390x
#for i in bin/named{,-sdb}/{,unix}/Makefile.in; do
# sed -i 's|fpie|fPIE|g' $i
#done
#%endif
#
#:;

最終的にはこんな感じ
#
# Red Hat BIND package .spec file
#

#%define PATCHVER P3
#%define PREVER rc2
#%define VERSION %{version}%{PREVER}
%define VERSION %{version}
#%define VERSION %{version}-%{PATCHVER}

%{?!SDB: %define SDB 0}
%{?!test: %define test 0}
%{?!bind_uid: %define bind_uid 25}
%{?!bind_gid: %define bind_gid 25}
%{?!GSSTSIG: %define GSSTSIG 0}
%{?!PKCS11: %define PKCS11 0}
%define bind_dir /var/named
%define chroot_prefix %{bind_dir}/chroot
#
Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server
Name: bind
License: ISC
Version: 9.9.2
Release: %{?dist}
Epoch: 36
Url: http://www.isc.org/products/BIND/
Buildroot:%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Group: System Environment/Daemons
#
Source: ftp://ftp.isc.org/isc/bind9/%{VERSION}/bind-%{VERSION}.tar.gz
Source1: named.sysconfig
Source2: named.init
Source3: named.logrotate
Source4: named.NetworkManager
Source5: rfc1912.txt
Source7: bind-9.3.1rc1-sdb_tools-Makefile.in
Source8: dnszone.schema
Source12: README.sdb_pgsql
Source21: Copyright.caching-nameserver
Source25: named.conf.sample
Source28: config-6.tar.bz2
Source30: ldap2zone.c
Source31: ldap2zone.1
Source32: named-sdb.8
Source33: zonetodb.1
Source34: zone2sqlite.1

## Common patches
#Patch5: bind-nonexec.patch
#Patch10: bind-9.5-PIE.patch
#Patch16: bind-9.3.2-redhat_doc.patch
#Patch71: bind-9.5-overflow.patch
#Patch72: bind-9.5-dlz-64bit.patch
#Patch87: bind-9.5-parallel-build.patch
#Patch99: bind-96-libtool2.patch
#Patch101:bind-96-old-api.patch
#Patch102:bind-95-rh452060.patch
#Patch106:bind93-rh490837.patch
#Patch107:bind97-dist-pkcs11.patch
#Patch109:bind97-rh478718.patch
#Patch110:bind97-rh507429.patch
#Patch111:bind97-compat-default-keysdir.patch

## SDB patches
#Patch11: bind-9.3.2b2-sdbsrc.patch
#Patch12: bind-9.5-sdb.patch
#Patch62: bind-9.5-sdb-sqlite-bld.patch
#
## needs inpection
#Patch17: bind-9.3.2b1-fix_sdb_ldap.patch
#Patch104: bind-96-dyndb.patch
#
## IDN paches
#Patch73: bind-9.5-libidn.patch
#Patch83: bind-9.5-libidn2.patch
#Patch85: bind-9.5-libidn3.patch
#Patch94: bind95-rh461409.patch

# RHEL 5 compat
Patch999: bind-9.9.0-RHEL.patch
#
Requires: mktemp
Requires(post): grep, chkconfig
Requires(pre): shadow-utils
Requires(preun):chkconfig
Obsoletes: bind-config < 30:9.3.2-34.fc6
Provides: bind-config = 30:9.3.2-34.fc6
Obsoletes: caching-nameserver < 31:9.4.1-7.fc8
Provides: caching-nameserver = 31:9.4.1-7.fc8
Obsoletes: dnssec-conf < 1.22-6
Provides: dnssec-conf = 1.22-5
BuildRequires: openssl-devel, libtool, autoconf, pkgconfig, libcap-devel
BuildRequires: libidn-devel, libxml2-devel
%if %{SDB}
BuildRequires: openldap-devel, postgresql-devel, sqlite-devel, mysql-devel
%endif
%if %{test}
BuildRequires: net-tools
%endif
%if %{GSSTSIG}
BuildRequires: krb5-devel
%endif

%description
BIND (Berkeley Internet Name Domain) is an implementation of the DNS
(Domain Name System) protocols. BIND includes a DNS server (named),
which resolves host names to IP addresses; a resolver library
(routines for applications to use when interfacing with DNS); and
tools for verifying that the DNS server is operating properly.

%if %{PKCS11}
%package pkcs11
Summary: Bind PKCS#11 tools for using DNSSEC
Group: System Environment/Daemons
Requires: engine_pkcs11 opensc
#BuildRequires: opensc-devel

%description pkcs11
This is a set of PKCS#11 utilities that when used together create rsa
keys in a PKCS11 keystore, such as provided by opencryptoki. The keys
will have a label of "zone,zsk|ksk,xxx" and an id of the keytag in hex.
%endif

%if %{SDB}
%package sdb
Summary: BIND server with database backends and DLZ support
Group: System Environment/Daemons
Requires: bind

%description sdb
BIND (Berkeley Internet Name Domain) is an implementation of the DNS
(Domain Name System) protocols. BIND includes a DNS server (named-sdb)
which has compiled-in SDB (Simplified Database Backend) which includes
support for using alternative Zone Databases stored in an LDAP server
(ldapdb), a postgreSQL database (pgsqldb), an sqlite database (sqlitedb),
or in the filesystem (dirdb), in addition to the standard in-memory RBT
(Red Black Tree) zone database. It also includes support for DLZ
(Dynamic Loadable Zones)
%endif

%package libs
Summary: Libraries used by the BIND DNS packages
Group: Applications/System
Obsoletes:bind-libbind-devel < 31:9.3.3-4.fc7
Provides: bind-libbind-devel = 31:9.3.3-4.fc7

%description libs
Contains libraries used by both the bind server package as well as the utils
packages.

%package utils
Summary: Utilities for querying DNS name servers
Group: Applications/System

%description utils
Bind-utils contains a collection of utilities for querying DNS (Domain
Name System) name servers to find out information about Internet
hosts. These tools will provide you with the IP addresses for given
host names, as well as other information about registered domains and
network addresses.

You should install bind-utils if you need to get information from DNS name
servers.

%package devel
Summary: Header files and libraries needed for BIND DNS development
Group: Development/Libraries
Obsoletes:bind-libbind-devel < 31:9.3.3-4.fc7
Provides: bind-libbind-devel = 31:9.3.3-4.fc7

%description devel
The bind-devel package contains all the header files and libraries
required for development with ISC BIND 9 and BIND 8


%package chroot
Summary: A chroot runtime environment for the ISC BIND DNS server, named(8)
Group: System Environment/Daemons
Prefix: %{chroot_prefix}
Requires(post): grep
Requires(preun):grep
Requires: bind = %{epoch}:%{version}-%{release}

%description chroot
This package contains a tree of files which can be used as a
chroot(2) jail for the named(8) program from the BIND package.
Based on the code from Jan "Yenya" Kasprzak <kas@fi.muni.cz>

%prep
%setup -q -n %{name}-%{VERSION}

## Common patches
#%patch5 -p1 -b .nonexec
#%patch10 -p1 -b .PIE
#%patch16 -p1 -b .redhat_doc
#%patch104 -p1 -b .dyndb
#%patch111 -p1 -b .compat-default-keysdir
#%if %{SDB}
#%patch101 -p1 -b .old-api
#mkdir bin/named-sdb
#cp -r bin/named/* bin/named-sdb
#%patch11 -p1 -b .sdbsrc
## SDB ldap
#cp -fp contrib/sdb/ldap/ldapdb.[ch] bin/named-sdb
## SDB postgreSQL
#cp -fp contrib/sdb/pgsql/pgsqldb.[ch] bin/named-sdb
## SDB sqlite
#cp -fp contrib/sdb/sqlite/sqlitedb.[ch] bin/named-sdb
## SDB Berkeley DB - needs to be ported to DB4!
##cp -fp contrib/sdb/bdb/bdb.[ch] bin/named_sdb
## SDB dir
#cp -fp contrib/sdb/dir/dirdb.[ch] bin/named-sdb
## SDB tools
#mkdir -p bin/sdb_tools
#cp -fp %{SOURCE30} bin/sdb_tools/ldap2zone.c
#cp -fp %{SOURCE7} bin/sdb_tools/Makefile.in
##cp -fp contrib/sdb/bdb/zone2bdb.c bin/sdb_tools
#cp -fp contrib/sdb/ldap/{zone2ldap.1,zone2ldap.c} bin/sdb_tools
#cp -fp contrib/sdb/pgsql/zonetodb.c bin/sdb_tools
#cp -fp contrib/sdb/sqlite/zone2sqlite.c bin/sdb_tools
#%patch12 -p1 -b .sdb
#%endif
#%if %{SDB}
#%patch17 -p1 -b .fix_sdb_ldap
#%endif
#%if %{SDB}
#%patch62 -p1 -b .sdb-sqlite-bld
#%endif
##%patch71 -p1 -b .overflow
#%ifnarch alpha ia64
#%patch72 -p1 -b .64bit
#%endif
#%patch73 -p1 -b .libidn
#%patch83 -p1 -b .libidn2
#%patch85 -p1 -b .libidn3
#%patch87 -p1 -b .parallel
#%patch94 -p1 -b .rh461409
#
## XXX due new libtool. Not sure about proper upstream approach yet.
mkdir m4
#%patch99 -p1 -b .libtool2
#
#%patch102 -p1 -b .rh452060
#%patch106 -p0 -b .rh490837
#%patch107 -p1 -b .dist-pkcs11
#%patch109 -p1 -b .rh478718
#%patch110 -p1 -b .rh507429
# RHEL 5 compat
%patch999 -p1 -b .compat

## Sparc and s390 arches need to use -fPIE
#%ifarch sparcv9 sparc64 s390 s390x
#for i in bin/named{,-sdb}/{,unix}/Makefile.in; do
# sed -i 's|fpie|fPIE|g' $i
#done
#%endif
#
#:;

%build
export CFLAGS="$CFLAGS $RPM_OPT_FLAGS"
export CPPFLAGS="$CPPFLAGS -DDIG_SIGCHASE"
export STD_CDEFINES="$CPPFLAGS"

sed -i -e \
's/RELEASEVER=\(.*\)/RELEASEVER=\1-RedHat-%{version}-%{release}/' \
version

libtoolize -c -f; aclocal -I m4 --force; autoconf -f

%configure \
--with-libtool \
--localstatedir=/var \
--enable-threads \
--enable-ipv6 \
--with-pic \
--disable-static \
--disable-openssl-version-check \
%if %{PKCS11}
--with-pkcs11=yes \
%endif
%if %{SDB}
--with-dlz-ldap=yes \
--with-dlz-postgres=yes \
--with-dlz-mysql=yes \
--with-dlz-filesystem=yes \
%endif
%if %{GSSTSIG}
--with-gssapi=yes \
--disable-isc-spnego \
%endif
;
make %{?_smp_mflags}

%if %{test}
%check
if [ "`whoami`" = 'root' ]; then
set -e
chmod -R a+rwX .
pushd bin/tests
pushd system
./ifconfig.sh up
popd
make test
e=$?
pushd system
./ifconfig.sh down
popd
popd
if [ "$e" -ne 0 ]; then
echo "ERROR: this build of BIND failed 'make test'. Aborting."
exit $e;
fi;
else
echo 'only root can run the tests (they require an ifconfig).'
%endif

%install
rm -rf ${RPM_BUILD_ROOT}

# We don't want these
rm -f doc/rfc/fetch

cp --preserve=timestamps %{SOURCE5} doc/rfc
#gzip -9 doc/rfc/*

# Build directory hierarchy
mkdir -p ${RPM_BUILD_ROOT}/etc/{rc.d/init.d,logrotate.d,NetworkManager/dispatcher.d}
mkdir -p ${RPM_BUILD_ROOT}%{_libdir}/bind
mkdir -p ${RPM_BUILD_ROOT}/var/named/{slaves,data,dynamic}
mkdir -p ${RPM_BUILD_ROOT}%{_mandir}/{man1,man5,man8}
mkdir -p ${RPM_BUILD_ROOT}/var/run/named
mkdir -p ${RPM_BUILD_ROOT}/var/log

#chroot
mkdir -p ${RPM_BUILD_ROOT}/%{chroot_prefix}/{dev,etc,var}
mkdir -p ${RPM_BUILD_ROOT}/%{chroot_prefix}/var/{log,named,run/named,tmp}
mkdir -p ${RPM_BUILD_ROOT}/%{chroot_prefix}/etc/{pki/dnssec-keys,named}
mkdir -p ${RPM_BUILD_ROOT}/%{chroot_prefix}/%{_libdir}/bind
# these are required to prevent them being erased during upgrade of previous
# versions that included them (bug #130121):
touch ${RPM_BUILD_ROOT}/%{chroot_prefix}/dev/null
touch ${RPM_BUILD_ROOT}/%{chroot_prefix}/dev/random
touch ${RPM_BUILD_ROOT}/%{chroot_prefix}/dev/zero
touch ${RPM_BUILD_ROOT}/%{chroot_prefix}/etc/localtime

touch ${RPM_BUILD_ROOT}/%{chroot_prefix}/etc/named.conf
#end chroot

make DESTDIR=${RPM_BUILD_ROOT} install

# Remove unwanted files
rm -f ${RPM_BUILD_ROOT}/etc/bind.keys

install -m 755 %SOURCE2 ${RPM_BUILD_ROOT}/etc/rc.d/init.d/named
install -m 644 %SOURCE3 ${RPM_BUILD_ROOT}/etc/logrotate.d/named
install -m 755 %SOURCE4 ${RPM_BUILD_ROOT}/etc/NetworkManager/dispatcher.d/13-named
mkdir -p ${RPM_BUILD_ROOT}%{_sysconfdir}/sysconfig
install -m 644 %{SOURCE1} ${RPM_BUILD_ROOT}%{_sysconfdir}/sysconfig/named
%if %{SDB}
mkdir -p ${RPM_BUILD_ROOT}/etc/openldap/schema
install -m 644 %{SOURCE8} ${RPM_BUILD_ROOT}/etc/openldap/schema/dnszone.schema
install -m 644 %{SOURCE12} contrib/sdb/pgsql/
%endif

# Files required to run test-suite outside of build tree:
cp -fp config.h ${RPM_BUILD_ROOT}/%{_includedir}/bind9
cp -fp lib/dns/include/dns/forward.h ${RPM_BUILD_ROOT}/%{_includedir}/dns
cp -fp lib/isc/unix/include/isc/keyboard.h ${RPM_BUILD_ROOT}/%{_includedir}/isc

# Remove libtool .la files:
find ${RPM_BUILD_ROOT}/%{_libdir} -name '*.la' -exec '/bin/rm' '-f' '{}' ';';
# /usr/lib/rpm/brp-compress
#

# SDB manpages
%if %{SDB}
install -m 644 %{SOURCE31} ${RPM_BUILD_ROOT}%{_mandir}/man1/ldap2zone.1
install -m 644 %{SOURCE32} ${RPM_BUILD_ROOT}%{_mandir}/man8/named-sdb.8
install -m 644 %{SOURCE33} ${RPM_BUILD_ROOT}%{_mandir}/man1/zonetodb.1
install -m 644 %{SOURCE34} ${RPM_BUILD_ROOT}%{_mandir}/man1/zone2sqlite.1
%endif

# Ghost config files:
touch ${RPM_BUILD_ROOT}%{_localstatedir}/log/named.log

# configuration files:
tar -C ${RPM_BUILD_ROOT} -xjf %{SOURCE28}
touch ${RPM_BUILD_ROOT}/etc/rndc.key
touch ${RPM_BUILD_ROOT}/etc/rndc.conf
mkdir ${RPM_BUILD_ROOT}/etc/named
install -m 644 bind.keys ${RPM_BUILD_ROOT}/etc/named.iscdlv.key

install -m 644 %{SOURCE5} ./rfc1912.txt
install -m 644 %{SOURCE21} ./Copyright

# sample bind configuration files for %%doc:
mkdir -p sample/etc sample/var/named/{data,slaves}
install -m 644 %{SOURCE25} sample/etc/named.conf
# Copy default configuration to %%doc to make it usable from system-config-bind
install -m 644 ${RPM_BUILD_ROOT}/etc/named.conf named.conf.default
install -m 644 ${RPM_BUILD_ROOT}/etc/named.rfc1912.zones sample/etc/named.rfc1912.zones
install -m 644 ${RPM_BUILD_ROOT}/var/named/{named.ca,named.localhost,named.loopback,named.empty} sample/var/named
for f in my.internal.zone.db slaves/my.slave.internal.zone.db slaves/my.ddns.internal.zone.db my.external.zone.db; do
echo '@ in soa localhost. root 1 3H 15M 1W 1D
ns localhost.' > sample/var/named/$f;
done
:;

%pre
if [ "$1" -eq 1 ]; then
/usr/sbin/groupadd -g %{bind_gid} -f -r named >/dev/null 2>&1 || :;
/usr/sbin/useradd -u %{bind_uid} -r -M -g named -s /sbin/nologin -d /var/named -c Named named >/dev/null 2>&1 || :;
fi;
:;

%post
/sbin/ldconfig
/sbin/chkconfig --add named
if [ "$1" -eq 1 ]; then
if [ ! -e /etc/rndc.key ]; then
/usr/sbin/rndc-confgen -a > /dev/null 2>&1
fi
[ -x /sbin/restorecon ] && /sbin/restorecon /etc/rndc.* /etc/named.* >/dev/null 2>&1 ;
# rndc.key has to have correct perms and ownership, CVE-2007-6283
[ -e /etc/rndc.key ] && chown root:named /etc/rndc.key
[ -e /etc/rndc.key ] && chmod 0640 /etc/rndc.key
fi
:;

%preun
if [ "$1" -eq 0 ]; then
/sbin/service named stop >/dev/null 2>&1 || :;
/sbin/chkconfig --del named || :;
fi;
:;

%postun
/sbin/ldconfig
if [ "$1" -ge 1 ]; then
/sbin/service named try-restart >/dev/null 2>&1 || :;
fi;
:;

%if %{SDB}
%post sdb
/sbin/service named try-restart > /dev/null 2>&1 || :;

%postun sdb
/sbin/service named try-restart > /dev/null 2>&1 || :;
%endif

%triggerpostun -n bind -- bind <= 32:9.5.0-20.b1
if [ "$1" -gt 0 ]; then
[ -e /etc/rndc.key ] && chown root:named /etc/rndc.key
[ -e /etc/rndc.key ] && chmod 0640 /etc/rndc.key
fi
:;

%post libs -p /sbin/ldconfig

%postun libs
/sbin/ldconfig

# Automatically update configuration from "dnssec-conf-based" to "BIND-based"
%triggerpostun -n bind -- dnssec-conf
if [ -r '/etc/named.conf' ]; then
cp -fp /etc/named.conf /etc/named.conf.rpmsave
if grep -Eq '/etc/(named.dnssec.keys|pki/dnssec-keys)' /etc/named.conf; then
if grep -q 'dlv.isc.org.conf' /etc/named.conf; then
# DLV is configured, reconfigure it to new configuration
sed -i -e 's/.*dnssec-lookaside.*dlv\.isc\.org\..*/dnssec-lookaside auto;\
bindkeys-file "\/etc\/named.iscdlv.key";\
managed-keys-directory "\/var\/named\/dynamic";/' /etc/named.conf
fi
sed -i -e '/.*named\.dnssec\.keys.*/d' -e '/.*pki\/dnssec-keys.*/d' \
/etc/named.conf
/sbin/service named try-restart > /dev/null 2>&1 || :;
fi
fi

# Ditto for chroot
if [ -r '/var/named/chroot/etc/named.conf' ]; then
cp -fp /var/named/chroot/etc/named.conf /var/named/chroot/etc/named.conf.rpmsave
if grep -Eq '/etc/(named.dnssec.keys|pki/dnssec-keys)' /var/named/chroot/etc/named.conf; then
if grep -q 'dlv.isc.org.conf' /var/named/chroot/etc/named.conf; then
# DLV is configured, reconfigure it to new configuration
sed -i -e 's/.*dnssec-lookaside.*dlv\.isc\.org\..*/dnssec-lookaside auto;\
bindkeys-file "\/etc\/named.iscdlv.key";\
managed-keys-directory "\/var\/named\/dynamic";/' /var/named/chroot/etc/named.conf
fi
sed -i -e '/.*named\.dnssec\.keys.*/d' -e '/.*pki\/dnssec-keys.*/d' \
/var/named/chroot/etc/named.conf
/sbin/service named try-restart > /dev/null 2>&1 || :;
fi
fi

%post chroot
if [ "$1" -gt 0 ]; then
[ -e %{chroot_prefix}/dev/random ] || \
/bin/mknod %{chroot_prefix}/dev/random c 1 8
[ -e %{chroot_prefix}/dev/zero ] || \
/bin/mknod %{chroot_prefix}/dev/zero c 1 5
[ -e %{chroot_prefix}/dev/zero ] || \
/bin/mknod %{chroot_prefix}/dev/null c 1 3
rm -f %{chroot_prefix}/etc/localtime
cp /etc/localtime %{chroot_prefix}/etc/localtime
if ! grep -q '^ROOTDIR=' /etc/sysconfig/named; then
echo 'ROOTDIR=/var/named/chroot' >> /etc/sysconfig/named
/sbin/service named try-restart > /dev/null 2>&1 || :;
fi
fi;
:;

%posttrans chroot
if [ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled; then
[ -x /sbin/restorecon ] && /sbin/restorecon %{chroot_prefix}/dev/* > /dev/null 2>&1;
fi;
:;

%preun chroot
if [ "$1" -eq 0 ]; then
rm -f %{chroot_prefix}/dev/{random,zero,null}
rm -f %{chroot_prefix}/etc/localtime
if grep -q '^ROOTDIR=' /etc/sysconfig/named; then
# NOTE: Do NOT call `service named try-restart` because chroot
# files will remain mounted.
START=no
[ -e /var/lock/subsys/named ] && START=yes
/sbin/service named stop > /dev/null 2>&1 || :;
sed -i -e '/^ROOTDIR=.*/d' /etc/sysconfig/named
if [ "x$START" = xyes ]; then
/sbin/service named start > /dev/null 2>&1 || :;
fi
fi
fi
:;

%clean
rm -rf ${RPM_BUILD_ROOT}
:;

%files
%defattr(-,root,root,-)
%{_libdir}/bind
%config(noreplace) %{_sysconfdir}/sysconfig/named
%config(noreplace) %attr(-,root,named) %{_sysconfdir}/named.iscdlv.key
%{_sysconfdir}/rc.d/init.d/named
%{_sysconfdir}/NetworkManager/dispatcher.d/13-named
%{_sbindir}/arpaname
%{_sbindir}/ddns-confgen
%{_sbindir}/genrandom
%{_sbindir}/named-journalprint
%{_sbindir}/nsec3hash
%{_sbindir}/dnssec*
%{_sbindir}/named-check*
%{_sbindir}/lwresd
%{_sbindir}/named
%{_sbindir}/rndc*
%{_sbindir}/named-compilezone
%{_sbindir}/isc-hmac-fixup
%{_mandir}/man1/arpaname.1*
%{_mandir}/man5/named.conf.5*
%{_mandir}/man5/rndc.conf.5*
%{_mandir}/man8/rndc.8*
%{_mandir}/man8/named.8*
%{_mandir}/man8/lwresd.8*
%{_mandir}/man8/dnssec*.8*
%{_mandir}/man8/named-checkconf.8*
%{_mandir}/man8/named-checkzone.8*
%{_mandir}/man8/named-compilezone.8*
%{_mandir}/man8/rndc-confgen.8*
%{_mandir}/man8/ddns-confgen.8*
%{_mandir}/man8/genrandom.8*
%{_mandir}/man8/named-journalprint.8*
%{_mandir}/man8/nsec3hash.8*
%{_mandir}/man8/isc-hmac-fixup.8*
%doc CHANGES COPYRIGHT README named.conf.default
%doc doc/arm doc/misc doc/rfc
%doc sample/
%doc Copyright
%doc rfc1912.txt

# Hide configuration
%defattr(0640,root,named,0750)
%dir %{_sysconfdir}/named
%dir %{_localstatedir}/named
%config(noreplace) %verify(not link) %{_sysconfdir}/named.conf
%config(noreplace) %verify(not link) %{_sysconfdir}/named.rfc1912.zones
%config %verify(not link) %{_localstatedir}/named/named.ca
%config %verify(not link) %{_localstatedir}/named/named.localhost
%config %verify(not link) %{_localstatedir}/named/named.loopback
%config %verify(not link) %{_localstatedir}/named/named.empty
%defattr(0660,named,named,0770)
%dir %{_localstatedir}/named/slaves
%dir %{_localstatedir}/named/data
%dir %{_localstatedir}/named/dynamic
%ghost %{_localstatedir}/log/named.log
%defattr(0640,root,named,0750)
%ghost %config(noreplace) %{_sysconfdir}/rndc.key
# ^- rndc.key now created on first install only if it does not exist
# %verify(not size,not md5) %config(noreplace) %attr(0640,root,named) /etc/rndc.conf
# ^- Let the named internal default rndc.conf be used -
# rndc.conf not required unless it differs from default.
%ghost %config(noreplace) %{_sysconfdir}/rndc.conf
# ^- The default rndc.conf which uses rndc.key is in named's default internal config -
# so rndc.conf is not necessary.
%config(noreplace) %{_sysconfdir}/logrotate.d/named
%defattr(-,named,named,-)
%dir %{_localstatedir}/run/named

%if %{SDB}
%files sdb
%defattr(-,root,root,-)
%{_mandir}/man1/ldap2zone.1*
%{_mandir}/man1/zonetodb.1*
%{_mandir}/man1/zone2sqlite.1*
%{_mandir}/man8/named-sdb.8*
%{_mandir}/man1/zone2ldap.1*
%doc contrib/sdb/ldap/README.ldap contrib/sdb/ldap/INSTALL.ldap contrib/sdb/pgsql/README.sdb_pgsql
%dir %{_sysconfdir}/openldap/schema
%config(noreplace) %{_sysconfdir}/openldap/schema/dnszone.schema
%{_sbindir}/named-sdb
%{_sbindir}/zone2ldap
%{_sbindir}/ldap2zone
%{_sbindir}/zonetodb
%{_sbindir}/zone2sqlite
%endif

%files libs
%defattr(-,root,root,-)
%{_libdir}/*so.*

%files utils
%defattr(-,root,root,-)
%{_bindir}/dig
%{_bindir}/host
%{_bindir}/nslookup
%{_bindir}/nsupdate
%{_mandir}/man1/host.1*
%{_mandir}/man1/nsupdate.1*
%{_mandir}/man1/dig.1*
%{_mandir}/man1/nslookup.1*

%files devel
%defattr(-,root,root,-)
%{_libdir}/*so
%{_includedir}/bind9
%{_includedir}/dns
%{_includedir}/dst
%{_includedir}/isc
%{_includedir}/isccc
%{_includedir}/isccfg
%{_includedir}/lwres
%{_mandir}/man1/isc-config.sh.1*
%{_mandir}/man3/lwres*
%{_bindir}/isc-config.sh

%files chroot
%defattr(-,root,root,-)
%ghost %{chroot_prefix}/dev/null
%ghost %{chroot_prefix}/dev/random
%ghost %{chroot_prefix}/dev/zero
%ghost %{chroot_prefix}/etc/localtime
%defattr(0640,root,named,0750)
%dir %{chroot_prefix}
%dir %{chroot_prefix}/dev
%dir %{chroot_prefix}/etc
%dir %{chroot_prefix}/etc/named
%dir %{chroot_prefix}/etc/pki/dnssec-keys
%dir %{chroot_prefix}/var
%dir %{chroot_prefix}/var/run
%dir %{chroot_prefix}/var/named
%dir %{chroot_prefix}/%{_libdir}/bind
%ghost %config(noreplace) %{chroot_prefix}/etc/named.conf
%defattr(0660,named,named,0770)
%dir %{chroot_prefix}/var/run/named
%dir %{chroot_prefix}/var/tmp
%dir %{chroot_prefix}/var/log

%if %{PKCS11}
%files pkcs11
%defattr(-,root,root,-)
%{_sbindir}/pkcs11-destroy
%{_sbindir}/pkcs11-keygen
%{_sbindir}/pkcs11-list
%{_mandir}/man8/pkcs11*
%endif

%changelog
以下略

このままrpmbuildすると{?%dist}が空だと言われた。

# rpmbuild --showrc | more
で適用されるmacroのファイルが見られる
macrofiles            : /usr/lib/rpm/macros:/usr/lib/rpm/ia32e-linux/macros:/usr/lib/rpm/redhat/macros:/etc/rpm/macros.*:/etc/rpm/macros:/etc/rpm/ia32e-linux/macros:~/.rpmmacros

そこで、
/etc/rpm/macros.dist
を作成

# vi /etc/rpm/macros.dist
%dist el5

最後に

# rpmbuild -bb bind9_9.spec

この記事のトラックバックURL

http://ysmt.blog21.fc2.com/tb.php/367-25501cbd

コメント

コメントする

管理者にだけ表示を許可する

Template Designed by DW99

上記広告は1ヶ月以上更新のないブログに表示されています。新しい記事を書くことで広告を消せます。