|
|
|
%global _hardened_build 1
|
|
|
|
|
|
|
|
Name: nsd
|
|
|
|
Version: 4.2.4
|
|
|
|
Release: 1%{?dist}
|
|
|
|
License: BSD
|
|
|
|
Summary: Fast and lean authoritative DNS Name Server
|
|
|
|
Url: http://www.nlnetlabs.nl/nsd/
|
|
|
|
Group: System Environment/Daemons
|
|
|
|
Source0: http://www.nlnetlabs.nl/downloads/%{name}/%{name}-%{version}.tar.gz
|
|
|
|
Source1: nsd.conf
|
|
|
|
Source2: nsd.service
|
|
|
|
Source3: nsd-keygen.service
|
|
|
|
Source6: tmpfiles-nsd.conf
|
|
|
|
BuildRequires: gcc
|
|
|
|
BuildRequires: flex
|
|
|
|
BuildRequires: openssl-devel
|
|
|
|
BuildRequires: libevent-devel
|
|
|
|
Requires(pre): shadow-utils
|
|
|
|
BuildRequires: systemd-units
|
|
|
|
BuildRequires: systemd-devel
|
|
|
|
Requires(post): systemd-units
|
|
|
|
Requires(preun): systemd-units
|
|
|
|
Requires(postun): systemd-units
|
|
|
|
#workaround for 4.1.24 bug in systemd detection :/
|
|
|
|
BuildRequires: autoconf automake
|
|
|
|
|
|
|
|
|
|
|
|
%description
|
|
|
|
NSD is a complete implementation of an authoritative DNS name server.
|
|
|
|
For further information about what NSD is and what NSD is not please
|
|
|
|
consult the REQUIREMENTS document which is a part of this distribution.
|
|
|
|
|
|
|
|
|
|
|
|
%prep
|
|
|
|
%setup -q -n %{name}-%{version}%{?prever}
|
|
|
|
#workaround for 4.1.24 bug in systemd detection :/
|
|
|
|
autoreconf
|
|
|
|
|
|
|
|
|
|
|
|
%build
|
|
|
|
CFLAGS="%{optflags} -fPIE -pie"
|
|
|
|
LDFLAGS="-Wl,-z,relro,-z,now"
|
|
|
|
export CFLAGS LDFLAGS
|
|
|
|
%configure \
|
|
|
|
--enable-bind8-stats \
|
|
|
|
--enable-zone-stats \
|
|
|
|
--enable-checking \
|
|
|
|
--enable-nsec3 \
|
|
|
|
--with-pidfile=%{_localstatedir}/run/nsd/nsd.pid \
|
|
|
|
--with-zonelistfile=%{_sharedstatedir}/nsd/zone.list \
|
|
|
|
--with-ssl \
|
|
|
|
--with-user=nsd \
|
|
|
|
--with-xfrdfile=%{_sharedstatedir}/nsd/ixfr.state \
|
|
|
|
--with-dbfile="" \
|
|
|
|
--enable-ratelimit \
|
|
|
|
--enable-systemd
|
|
|
|
|
|
|
|
make %{?_smp_mflags}
|
|
|
|
|
|
|
|
|
|
|
|
%install
|
|
|
|
make DESTDIR=%{buildroot} install
|
|
|
|
mkdir -p %{buildroot}%{_unitdir}
|
|
|
|
install -m 0644 %{SOURCE2} %{SOURCE3} %{buildroot}%{_unitdir}
|
|
|
|
mkdir -p %{buildroot}%{_tmpfilesdir}
|
|
|
|
install -m 0644 %{SOURCE6} %{buildroot}%{_tmpfilesdir}/nsd.conf
|
|
|
|
mkdir -p %{buildroot}%{_localstatedir}/run/nsd
|
|
|
|
mkdir -p %{buildroot}%{_sharedstatedir}/nsd
|
|
|
|
|
|
|
|
# Install ghost files
|
|
|
|
for name in control server; do
|
|
|
|
for extension in key pem; do
|
|
|
|
touch %{buildroot}%{_sysconfdir}/nsd/nsd_${name}.${extension}
|
|
|
|
done
|
|
|
|
done
|
|
|
|
|
|
|
|
# Take care of the configuration
|
|
|
|
mkdir -p %{buildroot}%{_sysconfdir}/nsd/conf.d
|
|
|
|
mkdir -p %{buildroot}%{_sysconfdir}/nsd/server.d
|
|
|
|
install -m 0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/nsd/nsd.conf
|
|
|
|
rm %{buildroot}%{_sysconfdir}/nsd/nsd.conf.sample
|
|
|
|
|
|
|
|
|
|
|
|
%files
|
|
|
|
%doc doc/*
|
|
|
|
%doc contrib/nsd.zones2nsd.conf
|
|
|
|
%dir %{_sysconfdir}/nsd
|
|
|
|
%config(noreplace) %{_sysconfdir}/nsd/nsd.conf
|
|
|
|
%attr(0640,root,nsd) %ghost %{_sysconfdir}/nsd/nsd_server.key
|
|
|
|
%attr(0640,root,nsd) %ghost %{_sysconfdir}/nsd/nsd_server.pem
|
|
|
|
%attr(0640,root,nsd) %ghost %{_sysconfdir}/nsd/nsd_control.key
|
|
|
|
%attr(0640,root,nsd) %ghost %{_sysconfdir}/nsd/nsd_control.pem
|
|
|
|
%dir %{_sysconfdir}/nsd/conf.d
|
|
|
|
%dir %{_sysconfdir}/nsd/server.d
|
|
|
|
%attr(0644,root,root) %{_unitdir}/nsd.service
|
|
|
|
%attr(0644,root,root) %{_unitdir}/nsd-keygen.service
|
|
|
|
%attr(0644,root,root) %{_tmpfilesdir}/nsd.conf
|
|
|
|
%attr(0755,nsd,nsd) %dir %{_localstatedir}/run/nsd
|
|
|
|
%attr(0750,nsd,nsd) %dir %{_sharedstatedir}/nsd
|
|
|
|
%{_sbindir}/*
|
|
|
|
%{_mandir}/*/*
|
|
|
|
|
|
|
|
%pre
|
|
|
|
getent group nsd >/dev/null || groupadd -r nsd
|
|
|
|
getent passwd nsd >/dev/null || \
|
|
|
|
useradd -r -g nsd -d /etc/nsd -s /sbin/nologin \
|
|
|
|
-c "nsd daemon account" nsd
|
|
|
|
exit 0
|
|
|
|
|
|
|
|
%post
|
|
|
|
%systemd_post nsd.service
|
|
|
|
%systemd_post nsd-keygen.serivce
|
|
|
|
|
|
|
|
%preun
|
|
|
|
%systemd_preun nsd.service
|
|
|
|
%systemd_preun nsd-keygen.serivce
|
|
|
|
|
|
|
|
%postun
|
|
|
|
%systemd_postun_with_restart nsd.service
|
|
|
|
%systemd_postun nsd-keygen.service
|
|
|
|
|
|
|
|
%triggerin -- nsd < 4.0.0-0
|
|
|
|
chown nsd:nsd %{_sharedstatedir}/nsd/* 2>&1 || :
|
|
|
|
|
|
|
|
|
|
|
|
%changelog
|