diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2021-09-16 02:52:54 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2021-09-16 09:04:01 +0200 |
| commit | 9a67067c0e13f99bafe0557cc6ff14eff5fdeccd (patch) | |
| tree | 7d2487ea4479f700e2761af53aca28b1e92cb66c /source/n/bind/doinst.sh | |
| parent | 8f7b6e56d5075e27771a02fbbcfe954c91ecb893 (diff) | |
| download | current-9a67067c0e13f99bafe0557cc6ff14eff5fdeccd.tar.gz current-9a67067c0e13f99bafe0557cc6ff14eff5fdeccd.tar.xz | |
Thu Sep 16 02:52:54 UTC 202120210916025254
a/etc-15.0-x86_64-17.txz: Rebuilt.
Added named:named (53:53) user and group.
a/kernel-firmware-20210915_198ac65-noarch-1.txz: Upgraded.
a/kernel-generic-5.14.4-x86_64-1.txz: Upgraded.
a/kernel-huge-5.14.4-x86_64-1.txz: Upgraded.
a/kernel-modules-5.14.4-x86_64-1.txz: Upgraded.
ap/sudo-1.9.8-x86_64-1.txz: Upgraded.
d/kernel-headers-5.14.4-x86-1.txz: Upgraded.
k/kernel-source-5.14.4-noarch-1.txz: Upgraded.
kde/breeze-icons-5.85.0-noarch-2.txz: Rebuilt.
Patched with upstream commit to allow using this icon theme with Xfce.
l/fluidsynth-2.2.3-x86_64-1.txz: Upgraded.
l/python-charset-normalizer-2.0.5-x86_64-1.txz: Upgraded.
l/qca-2.3.4-x86_64-1.txz: Upgraded.
n/NetworkManager-1.32.10-x86_64-3.txz: Rebuilt.
Switch to dhcp=internal to avoid problems swimming upstream.
For those looking for a fix to continue using dhcpcd, a PRIVSEP build
variable was added to the SlackBuild, and you may produce a fully
NetworkManager compatible dhcpcd package with this command:
PRIVSEP=no ./dhcpcd.SlackBuild
Privilege separation remains the dhcpcd package default as we don't want
to weaken security for those using rc.inet1 along with dhcpcd.
Some additional comments about this were added to 00-dhcp-client.conf
mentioning this and the workaround of killing dhcpcd manually when
resuming with the stock dhcpcd package.
n/bind-9.16.21-x86_64-1.txz: Upgraded.
Fixed call to rndc-confgen in the install script.
Make /etc/rndc.key owned by named:named.
Run named as named:named by default (configurable in /etc/default/named).
rc.bind: chown /run/named and /var/named to configured user:group.
Thanks to Ressy for prompting this cleanup. :)
n/curl-7.79.0-x86_64-1.txz: Upgraded.
This update fixes security issues:
clear the leftovers pointer when sending succeeds.
do not ignore --ssl-reqd.
reject STARTTLS server response pipelining.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947
(* Security fix *)
n/links-2.24-x86_64-1.txz: Upgraded.
n/wireguard-tools-1.0.20210914-x86_64-1.txz: Upgraded.
x/libinput-1.19.0-x86_64-1.txz: Upgraded.
xap/gimp-2.10.28-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Diffstat (limited to 'source/n/bind/doinst.sh')
| -rw-r--r-- | source/n/bind/doinst.sh | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/source/n/bind/doinst.sh b/source/n/bind/doinst.sh index afeff946f..0e90be641 100644 --- a/source/n/bind/doinst.sh +++ b/source/n/bind/doinst.sh @@ -18,6 +18,7 @@ if [ -e etc/rc.d/rc.bind ]; then mv etc/rc.d/rc.bind.new.incoming etc/rc.d/rc.bind.new fi +config etc/default/named.new config etc/named.conf.new config etc/rc.d/rc.bind.new @@ -28,9 +29,10 @@ if [ ! -d var/named ]; then fi # Generate /etc/rndc.key if there's none there, -# and there also no /etc/rndc.conf (the other +# and there's also no /etc/rndc.conf (the other # way to set this up). if [ ! -r etc/rndc.key -a ! -r /etc/rndc.conf ]; then chroot . /sbin/ldconfig - chroot . /usr/sbin/rndc-confgen -r /dev/urandom -a 2> /dev/null + chroot . /usr/sbin/rndc-confgen -a 2> /dev/null + chroot . /bin/chown named:named /etc/rndc.key 2> /dev/null fi |