Created
May 20, 2015 14:31
-
-
Save t0mmyt/0e3ac565c46527d8cfc4 to your computer and use it in GitHub Desktop.
Spec file for NSD 4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Summary: Fast and lean authoritative DNS Name Server | |
Name: nsd | |
Version: 4.1.1 | |
Release: 1 | |
License: BSD | |
Url: http://www.nlnetlabs.nl/%{name}/ | |
Source: http://www.nlnetlabs.nl/downloads/%{name}/%{name}-%{version}.tar.gz | |
Source1: nsd.init | |
Source2: nsd.cron | |
Source3: nsd.sysconfig | |
Source4: nsd.conf | |
#Patch0: nsd-install.patch | |
#Patch1: nsd-fixlogfile.patch | |
Group: System Environment/Daemons | |
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) | |
BuildRequires: flex, openssl-devel | |
Requires(pre): shadow-utils | |
%global _hardened_build 1 | |
%description | |
NSD is a complete implementation of an authoritative DNS name server. | |
For further information about what NSD is and what NSD is not please | |
consult the REQUIREMENTS document which is a part of this distribution | |
(thanks to Olaf). | |
%prep | |
%setup -q | |
#%patch0 -p1 | |
#%patch1 -p1 | |
%build | |
export LDFLAGS="-Wl,-z,relro,-z,now" | |
export CFLAGS="$RPM_OPT_FLAGS -fPIE -pie" | |
%configure --enable-bind8-stats \ | |
--enable-checking \ | |
--enable-nsec3 \ | |
--with-pidfile=%{_localstatedir}/run/%{name}/%{name}.pid \ | |
--with-ssl \ | |
--with-user=nsd \ | |
--with-difffile=%{_localstatedir}/lib/%{name}/ixfr.db \ | |
--with-xfrdfile=%{_localstatedir}/lib/%{name}/ixfr.state \ | |
--with-dbfile=%{_localstatedir}/lib/%{name}/nsd.db \ | |
--enable-ratelimit --with-max_interfaces=1024 | |
%{__make} %{?_smp_mflags} | |
#convert to utf8 | |
iconv -f iso8859-1 -t utf-8 doc/RELNOTES > doc/RELNOTES.utf8 | |
iconv -f iso8859-1 -t utf-8 doc/CREDITS > doc/CREDITS.utf8 | |
mv -f doc/RELNOTES.utf8 doc/RELNOTES | |
mv -f doc/CREDITS.utf8 doc/CREDITS | |
%install | |
rm -rf %{buildroot} | |
%{__make} DESTDIR=%{buildroot} install | |
install -d -m 0755 %{buildroot}%{_initrddir} | |
install -d -m 0755 $RPM_BUILD_ROOT%{_sysconfdir}/cron.hourly | |
install -c -m 0755 %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/cron.hourly/nsd | |
install -m 0755 %{SOURCE1} %{buildroot}/%{_initrddir}/nsd | |
install -d -m 0755 %{buildroot}%{_localstatedir}/run/%{name} | |
install -d -m 0700 %{buildroot}%{_localstatedir}/lib/%{name} | |
install -d -m 0755 %{buildroot}%{_sysconfdir}/sysconfig | |
install -m 0755 %{SOURCE3} %{buildroot}/%{_sysconfdir}/sysconfig/%{name} | |
rm %{buildroot}%{_sysconfdir}/nsd/nsd.conf.sample | |
cp %{SOURCE4} %{buildroot}%{_sysconfdir}/nsd/nsd.conf | |
%clean | |
rm -rf ${RPM_BUILD_ROOT} | |
%files | |
%defattr(-,root,root,-) | |
%doc doc/* | |
%doc contrib/nsd.zones2nsd.conf | |
%attr(0750,root,nsd) %dir %{_sysconfdir}/nsd | |
%attr(0644,root,nsd) %config(noreplace) %{_sysconfdir}/nsd/nsd.conf | |
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/sysconfig/nsd | |
%attr(0755,root,root) %{_initrddir}/%{name} | |
%{_sysconfdir}/cron.hourly/nsd | |
%ghost %attr(0755,%{name},%{name}) %dir %{_localstatedir}/run/%{name} | |
%attr(0755,%{name},%{name}) %dir %{_localstatedir}/lib/%{name} | |
%{_sbindir}/* | |
%{_mandir}/*/* | |
%pre | |
getent group nsd >/dev/null || groupadd -r nsd | |
getent passwd nsd >/dev/null || \ | |
useradd -r -g nsd -d /etc/nsd -s /sbin/nologin \ | |
-c "nsd daemon account" nsd | |
exit 0 | |
%post | |
/sbin/chkconfig --add %{name} | |
%preun | |
if [ $1 -eq 0 ]; then | |
/sbin/service %{name} stop >/dev/null 2>&1 | |
/sbin/chkconfig --del %{name} | |
fi | |
%postun | |
if [ "$1" -ge "1" ]; then | |
/sbin/service %{name} condrestart >/dev/null 2>&1 || : | |
fi | |
%changelog | |
* Fri Mar 13 2015 Tom Taylor <tom@tommyt.co.uk> - 4.1.1 | |
- Updated to 4.1.1 | |
* Mon Jul 28 2014 Paul Wouters <pwouters@redhat.com> - 3.2.18-1 | |
- Updated to 3.2.18 - improved TXT parsing, new NSID option | |
* Sun Mar 30 2014 Paul Wouters <pwouters@redhat.com> - 3.2.17-1 | |
- Updated to 3.2.17 | |
- Added --with-max-ips=1024 to support more interfaces/IPs | |
* Wed Jul 31 2013 Paul Wouters <pwouters@redhat.com> - 3.2.16-2 | |
- Avoid AVCs on directory scans, rhbz#989218 | |
* Mon Jul 22 2013 Paul Wouters <pwouters@redhat.com> - 3.2.16-1 | |
- Updated to 3.2.16 | |
- Added new option entries to nsd.conf | |
* Tue Jun 25 2013 Paul Wouters <pwouters@redhat.com> - 3.2.15-5 | |
- Previous update never made it out | |
* Thu Apr 11 2013 Paul Wouters <pwouters@redhat.com> - 3.2.15-4 | |
- Restarting nsd could fail if stopping took too long | |
- "nsdc notify" was not called on "reload", causing slow sync to secondaries | |
- Compile with full relro support (rhbz#953137) | |
* Tue Feb 05 2013 Paul Wouters <pwouters@redhat.com> - 3.2.15-3 | |
- Updated to 3.2.15 which has support for rate limiting | |
- Only run nsdc rebuild hourly cronjob when nsd service is running | |
- Fix nsd.init to return proper return code for 'status' cmd | |
* Fri Nov 23 2012 Paul Wouters <pwouters@redhat.com> - 3.2.14-2 | |
- Updated to 32.14 with minor bugfixes and TCP writev support | |
- Only run nsdc rebuild hourly cronjob when nsd service is running | |
* Fri Jul 27 2012 Paul Wouters <pwouters@redhat.com> - 3.2.13-1 | |
- Updated to 3.2.13, addresses VU#517036 CVE-2012-2979 | |
(note Fedora/EPEL packages are not vulnerable to this) | |
- Add /var/run/nsd via tmpfiles (rhbz#842021) | |
* Thu Jul 19 2012 Paul Wouters <pwouters@redhat.com> - 3.2.12-1 | |
- Upgraded to 3.2.12 which fixes CVE-2012-2978 (rhbz#841268) | |
* Mon Jul 16 2012 Paul Wouters <pwouters@redhat.com> - 3.2.11-1 | |
- Updated to 3.2.11 (support for TLSA, GOST, bugfixes) | |
* Wed Feb 15 2012 Paul Wouters <pwouters@redhat.com> - 3.2.10-1 | |
- Updated to 3.2.10 | |
- Ship our own nsd.conf instead of hacking the nsd.conf.sample | |
- Merge in fixed by Tuomo Soini <tis@foobar.fi> | |
- Fix %%preun and %%postun to be quiet | |
- Fix /etc/nsd permissions to be root:nsd mode 0750 | |
- Cleanup /etc/sysconfig/nsd | |
- Change startup order of nsd so it works with IPv6 on 6to4 | |
- Revert piddir to be owned by user nsd | |
- Initscript cleanup | |
* Tue Jun 7 2011 Paul Wouters <paul@xelerance.com> - 3.2.8-1 | |
- updated to 3.2.8 | |
- fix /var/run/nsd to be owned by root, not nsd | |
- fix init status to work as expected (bz#525107) | |
- fix nsd.conf and nsd.conf.5 to have correct logfile | |
- fix nsd.init syntax error by piddir change | |
- fix initscript to create /var/run/nsd if missing (bz#710376) | |
* Wed Mar 09 2011 Paul Wouters <paul@xelerance.com> - 3.2.7-5 | |
- Updated to 3.2.7 | |
- Fix for nsd.init to report OK/FAILED properly (bz#525107) | |
- Use ghost directive for /var/run/nsd (bz#656642) | |
- Removed obsolete --enable-nsid | |
- Remove bogus chowns for /var/*/nsdhm | |
- Fix misnamed variable NSD_AUTORELOAD which should be NSD_AUTOREBUILD | |
* Wed Jan 06 2010 Paul Wouters <paul@xelerance.com> - 3.2.4-1 | |
- Upgraded to 3.2.4. Minor fixes to cron/init/sysconfig scripts | |
* Fri Aug 21 2009 Tomas Mraz <tmraz@redhat.com> - 3.2.3-3 | |
- rebuilt with new openssl | |
* Thu Aug 20 2009 Ville Mattila <vmattila@csc.fi> - 3.2.3-2 | |
- The 'nsdc patch' and 'nsdc rebuild' commands wrote a %%1 file by mistake | |
* Mon Aug 17 2009 Paul Wouters <paul@xelerance.com> - 3.2.3-1 | |
-Updated to version 3.2.3 | |
* Sat Jul 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.2.2-4 | |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild | |
* Sat Jun 06 2009 Paul Wouters <paul@xelerance.com> - 3.2.2-3 | |
- Fixed /dev/nul which cause a file \%%1 to be written by cron | |
- Bump for EVR. | |
* Mon May 18 2009 Paul Wouters <paul@xelerance.com> - 3.2.2-1 | |
- Upgraded to 3.2.2 security release | |
http://www.nlnetlabs.nl/publications/NSD_vulnerability_announcement.html | |
* Thu Apr 09 2009 Ville Mattila <vmattila@csc.fi> - 3.2.1-6 | |
- Make various file paths used by the nsd.init script configurable | |
from /etc/sysconfig/nsd. | |
- Add template /etc/sysconfig/nsd. | |
* Sun Mar 08 2009 Paul Wouters <paul@xelerance.com> - 3.2.1-5 | |
- nsd used the 'named' subsystem in one call in the init script | |
* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.2.1-4 | |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild | |
* Mon Jan 26 2009 Paul Wouters <paul@xelerance.com> - 3.2.1-3 | |
- Fix init script 'unary operator' error. | |
* Mon Jan 26 2009 Paul Wouters <paul@xelerance.com> - 3.2.1-1 | |
- Updated to new version 3.2.1 | |
* Sat Jan 17 2009 Tomas Mraz <tmraz@redhat.com> - 3.2.0-4 | |
- rebuild with new openssl | |
* Mon Nov 24 2008 Paul Wouters <paul@xelerance.com> - 3.2.0-3 | |
- Updates summary as per Richard Hughes guidelines | |
* Mon Nov 10 2008 Paul Wouters <paul@xelerance.com> - 3.2.0-2 | |
- Bump version after pre-release version correction. | |
* Mon Nov 10 2008 Paul Wouters <paul@xelerance.com> - 3.2.0-1 | |
- 3.2.0-1 | |
* Thu Oct 9 2008 Paul Wouters <paul@xelerance.com> - 3.1.1-1 | |
- updated to 3.1.1 | |
* Mon Aug 11 2008 Tom "spot" Callaway <tcallawa@redhat.com> - 3.1.0-2 | |
- fix license tag | |
- fix static user creation | |
* Mon Jun 30 2008 Paul Wouters <paul@xelerance.com> - 3.1.0-1 | |
- Updated to 3.1.0 | |
* Tue May 6 2008 Paul Wouters <paul@xelerance.com> - 3.0.8-2 | |
- Fix /dev/null redirection [Venkatesh Krishnamurthi] | |
* Tue May 6 2008 Paul Wouters <paul@xelerance.com> - 3.0.8-1 | |
- Updated to 3.0.8 | |
* Tue Feb 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 3.0.7-3 | |
- Autorebuild for GCC 4.3 | |
* Wed Dec 5 2007 Paul Wouters <paul@xelerance.com> - 3.0.7-2 | |
- Rebuild for new libcrypto | |
* Tue Nov 13 2007 Paul Wouters <paul@xelerance.com> - 3.0.7-1 | |
- Updated to new version | |
- fix RELNOTES/README to be utf8 | |
- Fix path to nsd.db in cron job. | |
* Thu Nov 8 2007 Paul Wouters <paul@xelerance.com> - 3.0.6-7 | |
- Modified cron to only rebuild/reload when zone updates | |
have been received | |
* Wed Nov 7 2007 Paul Wouters <paul@xelerance.com> - 3.0.6-6 | |
- Added hourly cron job to do various maintenance tasks | |
- Added nsd rebuild to create the proper nsd.db file on startup | |
- Added nsd patch on shutdown to ensure zonefiles are up to date | |
* Tue Oct 2 2007 Paul Wouters <paul@xelerance.com> - 3.0.6-5 | |
- nsdc update and nsdc notify are no longer needed in initscript. | |
* Mon Sep 24 2007 Jesse Keating <jkeating@redhat.com> - 3.0.6-4 | |
- Bump release for upgrade path. | |
* Fri Sep 14 2007 Paul Wouters <paul@xelerance.com> 3.0.6-3 | |
- Do not include examples from nsd.conf.sample that causes | |
bogus network traffic. | |
* Fri Sep 14 2007 Paul Wouters <paul@xelerance.com> 3.0.6-2 | |
- Change locations of ixfr.db and xfrd.state to /var/lib/nsd | |
- Enable NSEC3 | |
- Delay running nsdc update until after nsd has started | |
- Delete xfrd.state on nsd stop | |
- Run nsdc notify in the background, since it can take | |
a very long time when remote servers are unavailable. | |
* Tue Sep 11 2007 Paul Wouters <paul@xelerance.com> 3.0.6-1 | |
- Upgraded to 3.0.6 | |
- Do not include bind2nsd, since it didn't compile for me | |
* Fri Jul 13 2007 Paul Wouters <paul@xelerance.com> 3.0.5-2 | |
- Fix init script, bug #245546 | |
* Fri Mar 23 2007 Paul Wouters <paul@xelerance.com> 3.0.5-1 | |
- Upgraded to 3.0.5 | |
* Thu Dec 7 2006 Paul Wouters <paul@xelerance.com> 3.0.3-1 | |
- Upgraded to 3.0.3 | |
* Mon Nov 27 2006 Paul Wouters <paul@xelerance.com> 3.0.2-1 | |
- Upgraded to 3.0.2. | |
- Use new configuration file nsd.conf. Still needs migration script. | |
patch from Farkas Levente <lfarkas@bppiac.hu> | |
* Mon Oct 16 2006 Paul Wouters <paul@xelerance.com> 2.3.6-2 | |
- Bump version for upgrade path | |
* Thu Oct 12 2006 Paul Wouters <paul@xelerance.com> 2.3.6-1 | |
- Upgraded to 2.3.6 | |
- Removed obsolete workaround in nsd.init | |
- Fixed spec file so daemon gets properly restarted on upgrade | |
* Mon Sep 11 2006 Paul Wouters <paul@xelerance.com> 2.3.5-4 | |
- Rebuild requested for PT_GNU_HASH support from gcc | |
- Removed dbaccess.c from doc section | |
* Mon Jun 26 2006 Paul Wouters <paul@xelerance.com> - 2.3.5-3 | |
- Bump version for FC-x upgrade path | |
* Mon Jun 26 2006 Paul Wouters <paul@xelerance.com> - 2.3.5-1 | |
- Upgraded to nsd-2.3.5 | |
* Sun May 7 2006 Paul Wouters <paul@xelerance.com> - 2.3.4-3 | |
- Upgraded to nsd-2.3.4. | |
- Removed manual install targets because DESTDIR is now supported | |
- Re-enabled --checking, checking patch no longer needed and removed. | |
- Work around in nsd.init for nsd failing to start when there is no ipv6 | |
* Thu Dec 15 2005 Paul Wouters <paul@xelerance.com> - 2.3.3-7 | |
- chkconfig and attribute changes as proposed by Dmitry Butskoy | |
* Thu Dec 15 2005 Paul Wouters <paul@xelerance.com> - 2.3.3-6 | |
- Moved pid file to /var/run/nsd/nsd.pid. | |
- Use _localstatedir instead of "/var" | |
* Tue Dec 13 2005 Paul Wouters <paul@xelerance.com> - 2.3.3-5 | |
- Added BuildRequires for openssl-devel, removed Requires for openssl. | |
* Mon Dec 12 2005 Paul Wouters <paul@xelerance.com> - 2.3.3-4 | |
- upgraded to nsd-2.3.3 | |
* Wed Dec 7 2005 Tom "spot" Callaway <tcallawa@redhat.com> - 2.3.2-2 | |
- minor cleanups | |
* Mon Dec 5 2005 Paul Wouters <paul@xelerance.com> - 2.3.2-1 | |
- Upgraded to 2.3.2. Changed post scripts to comply to Fedora | |
Extras policies (eg do not start daemon on fresh install) | |
* Tue Oct 4 2005 Paul Wouters <paul@xelerance.com> - 2.3.1-1 | |
- Initial version |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment