5 files changed, 133 insertions, 19 deletions

diff --git a/source/n/bind/bind.SlackBuild b/source/n/bind/bind.SlackBuild
index 8672c290e..47a606d5b 100755
--- a/source/n/bind/bind.SlackBuild
+++ b/source/n/bind/bind.SlackBuild
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2018, 2019, 2020, 2021  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2018, 2019, 2020, 2021, 2023  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -76,7 +76,7 @@ find . \
  -exec chmod 644 {} \+
 
 # Detect krb5:
-if ls /lib*/libgssapi_krb5* 1> /dev/null 2> /dev/null ; then
+if pkg-config --exists krb5-gssapi 1> /dev/null 2> /dev/null ; then
   GSSAPI=" --with-gssapi "
 else
   GSSAPI=" "
@@ -106,6 +106,10 @@ make install DESTDIR=$PKG || exit 1
 # Don't ship .la files:
 rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
 
+# These probably were not supposed to be installed:
+find . -name .deps -exec rm -rf "{}" \;
+find . -name .libs -exec rm -rf "{}" \;
+
 # We like symlinks.
 ( cd $PKG/usr/sbin
   ln -sf named lwresd
@@ -159,13 +163,18 @@ fi
 
 # Add sample config files for a simple caching nameserver:
 mkdir -p $PKG/var/named/caching-example
-cat $CWD/caching-example/named.conf > $PKG/etc/named.conf.new
-cat $CWD/caching-example/localhost.zone > $PKG/var/named/caching-example/localhost.zone
-cat $CWD/caching-example/named.local > $PKG/var/named/caching-example/named.local
-cat $CWD/caching-example/named.root > $PKG/var/named/caching-example/named.root
+cp -a $CWD/caching-example/named.conf $PKG/etc/named.conf.new
+cp -a $CWD/caching-example/localhost.zone $PKG/var/named/caching-example/localhost.zone
+cp -a $CWD/caching-example/named.local $PKG/var/named/caching-example/named.local
+cp -a $CWD/caching-example/named.root $PKG/var/named/caching-example/named.root
 # This name is deprecated, but having it here doesn't hurt in case
 # an old configuration file wants it:
-cat $CWD/caching-example/named.root > $PKG/var/named/caching-example/named.ca
+cp -a $CWD/caching-example/named.root $PKG/var/named/caching-example/named.ca
+chown root:root $PKG/etc/named.conf.new
+chmod 644 $PKG/var/named/caching-example/*
+
+# Make sure that everything in /var/named is owned by named:named:
+chown -R named:named $PKG/var/named
 
 mkdir -p $PKG/install
 zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh
@@ -173,4 +182,3 @@ cat $CWD/slack-desc > $PKG/install/slack-desc
 
 cd $PKG
 /sbin/makepkg -l y -c n $TMP/${PKGNAM}-$(echo $VERSION | tr - _)-$ARCH-$BUILD.txz
-
diff --git a/source/n/bind/caching-example/named.ca b/source/n/bind/caching-example/named.ca
new file mode 100644
index 000000000..6db8239a2
--- /dev/null
+++ b/source/n/bind/caching-example/named.ca
@@ -0,0 +1,92 @@
+;       This file holds the information on root name servers needed to 
+;       initialize cache of Internet domain name servers
+;       (e.g. reference this file in the "cache  .  <file>"
+;       configuration file of BIND domain name servers). 
+; 
+;       This file is made available by InterNIC 
+;       under anonymous FTP as
+;           file                /domain/named.cache 
+;           on server           FTP.INTERNIC.NET
+;       -OR-                    RS.INTERNIC.NET
+;
+;       last update:     October 24, 2023
+;       related version of root zone:     2023102402
+; 
+; FORMERLY NS.INTERNIC.NET 
+;
+.                        3600000      NS    A.ROOT-SERVERS.NET.
+A.ROOT-SERVERS.NET.      3600000      A     198.41.0.4
+A.ROOT-SERVERS.NET.      3600000      AAAA  2001:503:ba3e::2:30
+; 
+; FORMERLY NS1.ISI.EDU 
+;
+.                        3600000      NS    B.ROOT-SERVERS.NET.
+B.ROOT-SERVERS.NET.      3600000      A     199.9.14.201
+B.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:200::b
+; 
+; FORMERLY C.PSI.NET 
+;
+.                        3600000      NS    C.ROOT-SERVERS.NET.
+C.ROOT-SERVERS.NET.      3600000      A     192.33.4.12
+C.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:2::c
+; 
+; FORMERLY TERP.UMD.EDU 
+;
+.                        3600000      NS    D.ROOT-SERVERS.NET.
+D.ROOT-SERVERS.NET.      3600000      A     199.7.91.13
+D.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:2d::d
+; 
+; FORMERLY NS.NASA.GOV
+;
+.                        3600000      NS    E.ROOT-SERVERS.NET.
+E.ROOT-SERVERS.NET.      3600000      A     192.203.230.10
+E.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:a8::e
+; 
+; FORMERLY NS.ISC.ORG
+;
+.                        3600000      NS    F.ROOT-SERVERS.NET.
+F.ROOT-SERVERS.NET.      3600000      A     192.5.5.241
+F.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:2f::f
+; 
+; FORMERLY NS.NIC.DDN.MIL
+;
+.                        3600000      NS    G.ROOT-SERVERS.NET.
+G.ROOT-SERVERS.NET.      3600000      A     192.112.36.4
+G.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:12::d0d
+; 
+; FORMERLY AOS.ARL.ARMY.MIL
+;
+.                        3600000      NS    H.ROOT-SERVERS.NET.
+H.ROOT-SERVERS.NET.      3600000      A     198.97.190.53
+H.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:1::53
+; 
+; FORMERLY NIC.NORDU.NET
+;
+.                        3600000      NS    I.ROOT-SERVERS.NET.
+I.ROOT-SERVERS.NET.      3600000      A     192.36.148.17
+I.ROOT-SERVERS.NET.      3600000      AAAA  2001:7fe::53
+; 
+; OPERATED BY VERISIGN, INC.
+;
+.                        3600000      NS    J.ROOT-SERVERS.NET.
+J.ROOT-SERVERS.NET.      3600000      A     192.58.128.30
+J.ROOT-SERVERS.NET.      3600000      AAAA  2001:503:c27::2:30
+; 
+; OPERATED BY RIPE NCC
+;
+.                        3600000      NS    K.ROOT-SERVERS.NET.
+K.ROOT-SERVERS.NET.      3600000      A     193.0.14.129
+K.ROOT-SERVERS.NET.      3600000      AAAA  2001:7fd::1
+; 
+; OPERATED BY ICANN
+;
+.                        3600000      NS    L.ROOT-SERVERS.NET.
+L.ROOT-SERVERS.NET.      3600000      A     199.7.83.42
+L.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:9f::42
+; 
+; OPERATED BY WIDE
+;
+.                        3600000      NS    M.ROOT-SERVERS.NET.
+M.ROOT-SERVERS.NET.      3600000      A     202.12.27.33
+M.ROOT-SERVERS.NET.      3600000      AAAA  2001:dc3::35
+; End of file
\ No newline at end of file
diff --git a/source/n/bind/caching-example/named.root b/source/n/bind/caching-example/named.root
index dba9ed9ea..280ab0668 100644
--- a/source/n/bind/caching-example/named.root
+++ b/source/n/bind/caching-example/named.root
@@ -8,9 +8,9 @@
 ;           file                /domain/named.cache 
 ;           on server           FTP.INTERNIC.NET
 ;       -OR-                    RS.INTERNIC.NET
-; 
-;       last update:     July 30, 2019 
-;       related version of root zone:     2019073000
+;
+;       last update:     March 25, 2024
+;       related version of root zone:     2024032501
 ; 
 ; FORMERLY NS.INTERNIC.NET 
 ;
@@ -21,8 +21,8 @@ A.ROOT-SERVERS.NET.      3600000      AAAA  2001:503:ba3e::2:30
 ; FORMERLY NS1.ISI.EDU 
 ;
 .                        3600000      NS    B.ROOT-SERVERS.NET.
-B.ROOT-SERVERS.NET.      3600000      A     199.9.14.201
-B.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:200::b
+B.ROOT-SERVERS.NET.      3600000      A     170.247.170.2
+B.ROOT-SERVERS.NET.      3600000      AAAA  2801:1b8:10::b
 ; 
 ; FORMERLY C.PSI.NET 
 ;
diff --git a/source/n/bind/default.named b/source/n/bind/default.named
index 50e18664b..e300250af 100644
--- a/source/n/bind/default.named
+++ b/source/n/bind/default.named
@@ -1,7 +1,7 @@
 # User to run named as:
 NAMED_USER=named
 
-# Group to use for chowning named related files and directories.
+# Group to use for named related files and directories.
 # By default, named will also run as the primary group of $NAMED_USER,
 # which will usually be the same as what's listed below, but not
 # necessarily if something other than the default of "named" is used.
@@ -10,3 +10,15 @@ NAMED_GROUP=named
 # Options to run named with. At least -u $NAMED_USER is required, but
 # additional options may be added if needed.
 NAMED_OPTIONS="-u $NAMED_USER"
+
+# If this is set to YES, then before starting named the startup script
+# will make sure that /etc/rndc.key (if it exists) and the enitre contents
+# of /var/named are chowned to $NAMED_USER:$NAMED_GROUP. If some of these
+# files are improperly owned, named will refuse to start or may not work
+# properly. This is also a useful setting when upgrading from an older BIND
+# package that would run as root.
+#
+# If NAMED_CHOWN is set to anything other than YES (or is unset), then these
+# files will not be chowned automatically and the admin will handle any
+# required file ownerships.
+NAMED_CHOWN=NO
diff --git a/source/n/bind/rc.bind b/source/n/bind/rc.bind
index 169db8126..1b0b4d6fb 100644
--- a/source/n/bind/rc.bind
+++ b/source/n/bind/rc.bind
@@ -42,11 +42,13 @@ bind_start() {
   mkdir -p /var/run/named
   # Make sure that /var/run/named has correct ownership:
   chown -R ${NAMED_USER}:${NAMED_GROUP} /var/run/named
-  # Make sure that /var/named has correct ownership:
-  chown -R ${NAMED_USER}:${NAMED_GROUP} /var/named
-  if [ -r /etc/rndc.key ]; then
-    # Make sure that /etc/rndc.key has correct ownership:
-    chown ${NAMED_USER}:${NAMED_GROUP} /etc/rndc.key
+  if [ "$NAMED_CHOWN" = "YES" ]; then
+    # Make sure that /var/named has correct ownership:
+    chown -R ${NAMED_USER}:${NAMED_GROUP} /var/named
+    if [ -r /etc/rndc.key ]; then
+      # Make sure that /etc/rndc.key has correct ownership:
+      chown ${NAMED_USER}:${NAMED_GROUP} /etc/rndc.key
+    fi
   fi
   # Start named:
   if [ -x /usr/sbin/named ]; then