diff options
Diffstat (limited to 'source/n/bind')
-rwxr-xr-x | source/n/bind/bind.SlackBuild | 24 | ||||
-rw-r--r-- | source/n/bind/caching-example/named.ca | 92 | ||||
-rw-r--r-- | source/n/bind/caching-example/named.root | 10 | ||||
-rw-r--r-- | source/n/bind/default.named | 14 | ||||
-rw-r--r-- | source/n/bind/rc.bind | 12 |
5 files changed, 133 insertions, 19 deletions
diff --git a/source/n/bind/bind.SlackBuild b/source/n/bind/bind.SlackBuild index 8672c290e..47a606d5b 100755 --- a/source/n/bind/bind.SlackBuild +++ b/source/n/bind/bind.SlackBuild @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2018, 2019, 2020, 2021 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2018, 2019, 2020, 2021, 2023 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -76,7 +76,7 @@ find . \ -exec chmod 644 {} \+ # Detect krb5: -if ls /lib*/libgssapi_krb5* 1> /dev/null 2> /dev/null ; then +if pkg-config --exists krb5-gssapi 1> /dev/null 2> /dev/null ; then GSSAPI=" --with-gssapi " else GSSAPI=" " @@ -106,6 +106,10 @@ make install DESTDIR=$PKG || exit 1 # Don't ship .la files: rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la +# These probably were not supposed to be installed: +find . -name .deps -exec rm -rf "{}" \; +find . -name .libs -exec rm -rf "{}" \; + # We like symlinks. ( cd $PKG/usr/sbin ln -sf named lwresd @@ -159,13 +163,18 @@ fi # Add sample config files for a simple caching nameserver: mkdir -p $PKG/var/named/caching-example -cat $CWD/caching-example/named.conf > $PKG/etc/named.conf.new -cat $CWD/caching-example/localhost.zone > $PKG/var/named/caching-example/localhost.zone -cat $CWD/caching-example/named.local > $PKG/var/named/caching-example/named.local -cat $CWD/caching-example/named.root > $PKG/var/named/caching-example/named.root +cp -a $CWD/caching-example/named.conf $PKG/etc/named.conf.new +cp -a $CWD/caching-example/localhost.zone $PKG/var/named/caching-example/localhost.zone +cp -a $CWD/caching-example/named.local $PKG/var/named/caching-example/named.local +cp -a $CWD/caching-example/named.root $PKG/var/named/caching-example/named.root # This name is deprecated, but having it here doesn't hurt in case # an old configuration file wants it: -cat $CWD/caching-example/named.root > $PKG/var/named/caching-example/named.ca +cp -a $CWD/caching-example/named.root $PKG/var/named/caching-example/named.ca +chown root:root $PKG/etc/named.conf.new +chmod 644 $PKG/var/named/caching-example/* + +# Make sure that everything in /var/named is owned by named:named: +chown -R named:named $PKG/var/named mkdir -p $PKG/install zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh @@ -173,4 +182,3 @@ cat $CWD/slack-desc > $PKG/install/slack-desc cd $PKG /sbin/makepkg -l y -c n $TMP/${PKGNAM}-$(echo $VERSION | tr - _)-$ARCH-$BUILD.txz - diff --git a/source/n/bind/caching-example/named.ca b/source/n/bind/caching-example/named.ca new file mode 100644 index 000000000..6db8239a2 --- /dev/null +++ b/source/n/bind/caching-example/named.ca @@ -0,0 +1,92 @@ +; This file holds the information on root name servers needed to +; initialize cache of Internet domain name servers +; (e.g. reference this file in the "cache . <file>" +; configuration file of BIND domain name servers). +; +; This file is made available by InterNIC +; under anonymous FTP as +; file /domain/named.cache +; on server FTP.INTERNIC.NET +; -OR- RS.INTERNIC.NET +; +; last update: October 24, 2023 +; related version of root zone: 2023102402 +; +; FORMERLY NS.INTERNIC.NET +; +. 3600000 NS A.ROOT-SERVERS.NET. +A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 +A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:ba3e::2:30 +; +; FORMERLY NS1.ISI.EDU +; +. 3600000 NS B.ROOT-SERVERS.NET. +B.ROOT-SERVERS.NET. 3600000 A 199.9.14.201 +B.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:200::b +; +; FORMERLY C.PSI.NET +; +. 3600000 NS C.ROOT-SERVERS.NET. +C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12 +C.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2::c +; +; FORMERLY TERP.UMD.EDU +; +. 3600000 NS D.ROOT-SERVERS.NET. +D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13 +D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2d::d +; +; FORMERLY NS.NASA.GOV +; +. 3600000 NS E.ROOT-SERVERS.NET. +E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10 +E.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:a8::e +; +; FORMERLY NS.ISC.ORG +; +. 3600000 NS F.ROOT-SERVERS.NET. +F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241 +F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2f::f +; +; FORMERLY NS.NIC.DDN.MIL +; +. 3600000 NS G.ROOT-SERVERS.NET. +G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4 +G.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:12::d0d +; +; FORMERLY AOS.ARL.ARMY.MIL +; +. 3600000 NS H.ROOT-SERVERS.NET. +H.ROOT-SERVERS.NET. 3600000 A 198.97.190.53 +H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::53 +; +; FORMERLY NIC.NORDU.NET +; +. 3600000 NS I.ROOT-SERVERS.NET. +I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17 +I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fe::53 +; +; OPERATED BY VERISIGN, INC. +; +. 3600000 NS J.ROOT-SERVERS.NET. +J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30 +J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:c27::2:30 +; +; OPERATED BY RIPE NCC +; +. 3600000 NS K.ROOT-SERVERS.NET. +K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129 +K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fd::1 +; +; OPERATED BY ICANN +; +. 3600000 NS L.ROOT-SERVERS.NET. +L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42 +L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:9f::42 +; +; OPERATED BY WIDE +; +. 3600000 NS M.ROOT-SERVERS.NET. +M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33 +M.ROOT-SERVERS.NET. 3600000 AAAA 2001:dc3::35 +; End of file
\ No newline at end of file diff --git a/source/n/bind/caching-example/named.root b/source/n/bind/caching-example/named.root index dba9ed9ea..280ab0668 100644 --- a/source/n/bind/caching-example/named.root +++ b/source/n/bind/caching-example/named.root @@ -8,9 +8,9 @@ ; file /domain/named.cache ; on server FTP.INTERNIC.NET ; -OR- RS.INTERNIC.NET -; -; last update: July 30, 2019 -; related version of root zone: 2019073000 +; +; last update: March 25, 2024 +; related version of root zone: 2024032501 ; ; FORMERLY NS.INTERNIC.NET ; @@ -21,8 +21,8 @@ A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:ba3e::2:30 ; FORMERLY NS1.ISI.EDU ; . 3600000 NS B.ROOT-SERVERS.NET. -B.ROOT-SERVERS.NET. 3600000 A 199.9.14.201 -B.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:200::b +B.ROOT-SERVERS.NET. 3600000 A 170.247.170.2 +B.ROOT-SERVERS.NET. 3600000 AAAA 2801:1b8:10::b ; ; FORMERLY C.PSI.NET ; diff --git a/source/n/bind/default.named b/source/n/bind/default.named index 50e18664b..e300250af 100644 --- a/source/n/bind/default.named +++ b/source/n/bind/default.named @@ -1,7 +1,7 @@ # User to run named as: NAMED_USER=named -# Group to use for chowning named related files and directories. +# Group to use for named related files and directories. # By default, named will also run as the primary group of $NAMED_USER, # which will usually be the same as what's listed below, but not # necessarily if something other than the default of "named" is used. @@ -10,3 +10,15 @@ NAMED_GROUP=named # Options to run named with. At least -u $NAMED_USER is required, but # additional options may be added if needed. NAMED_OPTIONS="-u $NAMED_USER" + +# If this is set to YES, then before starting named the startup script +# will make sure that /etc/rndc.key (if it exists) and the enitre contents +# of /var/named are chowned to $NAMED_USER:$NAMED_GROUP. If some of these +# files are improperly owned, named will refuse to start or may not work +# properly. This is also a useful setting when upgrading from an older BIND +# package that would run as root. +# +# If NAMED_CHOWN is set to anything other than YES (or is unset), then these +# files will not be chowned automatically and the admin will handle any +# required file ownerships. +NAMED_CHOWN=NO diff --git a/source/n/bind/rc.bind b/source/n/bind/rc.bind index 169db8126..1b0b4d6fb 100644 --- a/source/n/bind/rc.bind +++ b/source/n/bind/rc.bind @@ -42,11 +42,13 @@ bind_start() { mkdir -p /var/run/named # Make sure that /var/run/named has correct ownership: chown -R ${NAMED_USER}:${NAMED_GROUP} /var/run/named - # Make sure that /var/named has correct ownership: - chown -R ${NAMED_USER}:${NAMED_GROUP} /var/named - if [ -r /etc/rndc.key ]; then - # Make sure that /etc/rndc.key has correct ownership: - chown ${NAMED_USER}:${NAMED_GROUP} /etc/rndc.key + if [ "$NAMED_CHOWN" = "YES" ]; then + # Make sure that /var/named has correct ownership: + chown -R ${NAMED_USER}:${NAMED_GROUP} /var/named + if [ -r /etc/rndc.key ]; then + # Make sure that /etc/rndc.key has correct ownership: + chown ${NAMED_USER}:${NAMED_GROUP} /etc/rndc.key + fi fi # Start named: if [ -x /usr/sbin/named ]; then |