You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

128 lines
3.4 KiB

%global _hardened_build 1
Name: nsd
Version: 4.2.1
Release: 1%{?dist}
License: BSD
Summary: Fast and lean authoritative DNS Name Server
Url: http://www.nlnetlabs.nl/nsd/
Group: System Environment/Daemons
Source0: http://www.nlnetlabs.nl/downloads/%{name}/%{name}-%{version}.tar.gz
Source1: nsd.conf
Source2: nsd.service
Source3: nsd-keygen.service
Source6: tmpfiles-nsd.conf
BuildRequires: gcc
BuildRequires: flex
BuildRequires: openssl-devel
BuildRequires: libevent-devel
Requires(pre): shadow-utils
BuildRequires: systemd-units
BuildRequires: systemd-devel
Requires(post): systemd-units
Requires(preun): systemd-units
Requires(postun): systemd-units
#workaround for 4.1.24 bug in systemd detection :/
BuildRequires: autoconf automake
%description
NSD is a complete implementation of an authoritative DNS name server.
For further information about what NSD is and what NSD is not please
consult the REQUIREMENTS document which is a part of this distribution.
%prep
%setup -q -n %{name}-%{version}%{?prever}
#workaround for 4.1.24 bug in systemd detection :/
autoreconf
%build
CFLAGS="%{optflags} -fPIE -pie"
LDFLAGS="-Wl,-z,relro,-z,now"
export CFLAGS LDFLAGS
%configure \
--enable-bind8-stats \
--enable-zone-stats \
--enable-checking \
--enable-nsec3 \
--with-pidfile=%{_localstatedir}/run/nsd/nsd.pid \
--with-zonelistfile=%{_sharedstatedir}/nsd/zone.list \
--with-ssl \
--with-user=nsd \
--with-xfrdfile=%{_sharedstatedir}/nsd/ixfr.state \
--with-dbfile="" \
--enable-ratelimit \
--enable-systemd
make %{?_smp_mflags}
%install
make DESTDIR=%{buildroot} install
mkdir -p %{buildroot}%{_unitdir}
install -m 0644 %{SOURCE2} %{SOURCE3} %{buildroot}%{_unitdir}
mkdir -p %{buildroot}%{_tmpfilesdir}
install -m 0644 %{SOURCE6} %{buildroot}%{_tmpfilesdir}/nsd.conf
mkdir -p %{buildroot}%{_localstatedir}/run/nsd
mkdir -p %{buildroot}%{_sharedstatedir}/nsd
# Install ghost files
for name in control server; do
for extension in key pem; do
touch %{buildroot}%{_sysconfdir}/nsd/nsd_${name}.${extension}
done
done
# Take care of the configuration
mkdir -p %{buildroot}%{_sysconfdir}/nsd/conf.d
mkdir -p %{buildroot}%{_sysconfdir}/nsd/server.d
install -m 0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/nsd/nsd.conf
rm %{buildroot}%{_sysconfdir}/nsd/nsd.conf.sample
%files
%doc doc/*
%doc contrib/nsd.zones2nsd.conf
%dir %{_sysconfdir}/nsd
%config(noreplace) %{_sysconfdir}/nsd/nsd.conf
%attr(0640,root,nsd) %ghost %{_sysconfdir}/nsd/nsd_server.key
%attr(0640,root,nsd) %ghost %{_sysconfdir}/nsd/nsd_server.pem
%attr(0640,root,nsd) %ghost %{_sysconfdir}/nsd/nsd_control.key
%attr(0640,root,nsd) %ghost %{_sysconfdir}/nsd/nsd_control.pem
%dir %{_sysconfdir}/nsd/conf.d
%dir %{_sysconfdir}/nsd/server.d
%attr(0644,root,root) %{_unitdir}/nsd.service
%attr(0644,root,root) %{_unitdir}/nsd-keygen.service
%attr(0644,root,root) %{_tmpfilesdir}/nsd.conf
%attr(0755,nsd,nsd) %dir %{_localstatedir}/run/nsd
%attr(0750,nsd,nsd) %dir %{_sharedstatedir}/nsd
%{_sbindir}/*
%{_mandir}/*/*
%pre
getent group nsd >/dev/null || groupadd -r nsd
getent passwd nsd >/dev/null || \
useradd -r -g nsd -d /etc/nsd -s /sbin/nologin \
-c "nsd daemon account" nsd
exit 0
%post
%systemd_post nsd.service
%systemd_post nsd-keygen.serivce
%preun
%systemd_preun nsd.service
%systemd_preun nsd-keygen.serivce
%postun
%systemd_postun_with_restart nsd.service
%systemd_postun nsd-keygen.service
%triggerin -- nsd < 4.0.0-0
chown nsd:nsd %{_sharedstatedir}/nsd/* 2>&1 || :
%changelog