%global _hardened_build 1 Name: nsd Version: 4.3.1 Release: 1%{?dist} License: BSD Summary: Fast and lean authoritative DNS Name Server Url: http://www.nlnetlabs.nl/nsd/ Group: System Environment/Daemons Source0: http://www.nlnetlabs.nl/downloads/%{name}/%{name}-%{version}.tar.gz Source1: nsd.conf Source2: nsd.service Source3: nsd-keygen.service Source6: tmpfiles-nsd.conf BuildRequires: gcc BuildRequires: flex BuildRequires: openssl-devel BuildRequires: libevent-devel Requires(pre): shadow-utils BuildRequires: systemd-units BuildRequires: systemd-devel Requires(post): systemd-units Requires(preun): systemd-units Requires(postun): systemd-units #workaround for 4.1.24 bug in systemd detection :/ BuildRequires: autoconf automake %description NSD is a complete implementation of an authoritative DNS name server. For further information about what NSD is and what NSD is not please consult the REQUIREMENTS document which is a part of this distribution. %prep %setup -q -n %{name}-%{version}%{?prever} #workaround for 4.1.24 bug in systemd detection :/ autoreconf %build CFLAGS="%{optflags} -fPIE -pie" LDFLAGS="-Wl,-z,relro,-z,now" export CFLAGS LDFLAGS %configure \ --enable-bind8-stats \ --enable-zone-stats \ --enable-checking \ --enable-nsec3 \ --with-pidfile=%{_localstatedir}/run/nsd/nsd.pid \ --with-zonelistfile=%{_sharedstatedir}/nsd/zone.list \ --with-ssl \ --with-user=nsd \ --with-xfrdfile=%{_sharedstatedir}/nsd/ixfr.state \ --with-dbfile="" \ --enable-ratelimit \ --enable-systemd make %{?_smp_mflags} %install make DESTDIR=%{buildroot} install mkdir -p %{buildroot}%{_unitdir} install -m 0644 %{SOURCE2} %{SOURCE3} %{buildroot}%{_unitdir} mkdir -p %{buildroot}%{_tmpfilesdir} install -m 0644 %{SOURCE6} %{buildroot}%{_tmpfilesdir}/nsd.conf mkdir -p %{buildroot}%{_localstatedir}/run/nsd mkdir -p %{buildroot}%{_sharedstatedir}/nsd # Install ghost files for name in control server; do for extension in key pem; do touch %{buildroot}%{_sysconfdir}/nsd/nsd_${name}.${extension} done done # Take care of the configuration mkdir -p %{buildroot}%{_sysconfdir}/nsd/conf.d mkdir -p %{buildroot}%{_sysconfdir}/nsd/server.d install -m 0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/nsd/nsd.conf rm %{buildroot}%{_sysconfdir}/nsd/nsd.conf.sample %files %doc doc/* %doc contrib/nsd.zones2nsd.conf %dir %{_sysconfdir}/nsd %config(noreplace) %{_sysconfdir}/nsd/nsd.conf %attr(0640,root,nsd) %ghost %{_sysconfdir}/nsd/nsd_server.key %attr(0640,root,nsd) %ghost %{_sysconfdir}/nsd/nsd_server.pem %attr(0640,root,nsd) %ghost %{_sysconfdir}/nsd/nsd_control.key %attr(0640,root,nsd) %ghost %{_sysconfdir}/nsd/nsd_control.pem %dir %{_sysconfdir}/nsd/conf.d %dir %{_sysconfdir}/nsd/server.d %attr(0644,root,root) %{_unitdir}/nsd.service %attr(0644,root,root) %{_unitdir}/nsd-keygen.service %attr(0644,root,root) %{_tmpfilesdir}/nsd.conf %attr(0755,nsd,nsd) %dir %{_localstatedir}/run/nsd %attr(0750,nsd,nsd) %dir %{_sharedstatedir}/nsd %{_sbindir}/* %{_mandir}/*/* %pre getent group nsd >/dev/null || groupadd -r nsd getent passwd nsd >/dev/null || \ useradd -r -g nsd -d /etc/nsd -s /sbin/nologin \ -c "nsd daemon account" nsd exit 0 %post %systemd_post nsd.service %systemd_post nsd-keygen.serivce %preun %systemd_preun nsd.service %systemd_preun nsd-keygen.serivce %postun %systemd_postun_with_restart nsd.service %systemd_postun nsd-keygen.service %triggerin -- nsd < 4.0.0-0 chown nsd:nsd %{_sharedstatedir}/nsd/* 2>&1 || : %changelog