From c30533e317916cdbf4fefb28f6365d6b7dcbed3a Mon Sep 17 00:00:00 2001 From: Adam Tkac Date: Mar 12 2007 15:15:37 +0000 Subject: - bind-chroot-admin is now in chroot package - SQLite support in bind-sdb - redhat_doc.patch is always applied --- diff --git a/bind-9.3.2-redhat_doc.patch b/bind-9.3.2-redhat_doc.patch index 48c2590..1d1a87a 100644 --- a/bind-9.3.2-redhat_doc.patch +++ b/bind-9.3.2-redhat_doc.patch @@ -1,8 +1,8 @@ ---- bind-9.3.2/bin/named/named.8.redhat_doc 2005-10-12 22:33:46.000000000 -0400 -+++ bind-9.3.2/bin/named/named.8 2006-02-07 15:56:31.000000000 -0500 -@@ -169,6 +169,75 @@ - .TP +--- bind-9.4.0/bin/named/named.8.redhat_doc 2007-01-30 01:23:44.000000000 +0100 ++++ bind-9.4.0/bin/named/named.8 2007-03-12 15:39:19.000000000 +0100 +@@ -205,6 +205,75 @@ \fI/var/run/named.pid\fR + .RS 4 The default process\-id file. +.PP +.SH "NOTES" @@ -58,7 +58,7 @@ +which is named compiled with the Simplified Database Backend modules that ISC +provides in the "contrib/sdb" directory. +.PP -+The SDB modules for LDAP, PostGreSQL and DirDB are compiled into named_sdb. ++The SDB modules for LDAP, PostGreSQL, DirDB and SQLite are compiled into named_sdb. +.PP +To run named_sdb, set the ENABLE_SDB variable in /etc/sysconfig/named to 1 or "yes", +and then the "service named start" named initscript will run named_sdb instead @@ -73,6 +73,6 @@ +database files. Run the "system-config-bind" command and access the manual +by selecting the Help menu. +.PP + .RE .SH "SEE ALSO" .PP - RFC 1033, diff --git a/bind-9.3.3rc2-dbus.patch b/bind-9.3.3rc2-dbus.patch index 7eda95c..a8fbc97 100644 --- a/bind-9.3.3rc2-dbus.patch +++ b/bind-9.3.3rc2-dbus.patch @@ -725,77 +725,3 @@ .SH "SIGNALS" .PP In routine operation, signals should not be used to control the nameserver; -@@ -195,6 +202,73 @@ - \fBnamed\fR - configuration file is too complex to describe in detail here. A complete description is provided in the - BIND 9 Administrator Reference Manual. -+.PP -+.SH "NOTES" -+.PP -+.TP -+\fBRed Hat SELinux BIND Security Profile:\fR -+.PP -+By default, Red Hat ships BIND with the most secure SELinux policy -+that will not prevent normal BIND operation and will prevent exploitation -+of all known BIND security vulnerabilities . See the selinux(8) man page -+for information about SElinux. -+.PP -+It is not necessary to run named in a chroot environment if the Red Hat -+SELinux policy for named is enabled. When enabled, this policy is far -+more secure than a chroot environment. -+.PP -+With this extra security comes some restrictions: -+.br -+By default, the SELinux policy does not allow named to write any master -+zone database files. Only the root user may create files in the $ROOTDIR/var/named -+zone database file directory (the options { "directory" } option), where -+$ROOTDIR is set in /etc/sysconfig/named. -+.br -+The "named" group must be granted read privelege to -+these files in order for named to be enabled to read them. -+.br -+Any file created in the zone database file directory is automatically assigned -+the SELinux file context named_zone_t . -+.br -+By default, SELinux prevents any role from modifying named_zone_t files; this -+means that files in the zone database directory cannot be modified by dynamic -+DNS (DDNS) updates or zone transfers. -+.br -+The Red Hat BIND distribution and SELinux policy creates two directories where -+named is allowed to create and modify files: $ROOTDIR/var/named/slaves and -+$ROOTDIR/var/named/data. By placing files you want named to modify, such as -+slave or DDNS updateable zone files and database / statistics dump files in -+these directories, named will work normally and no further operator action is -+required. Files in these directories are automatically assigned the 'named_cache_t' -+file context, which SELinux allows named to write. -+.br -+You can enable the named_t domain to write and create named_zone_t files by use -+of the SELinux tunable boolean variable "named_write_master_zones", using the -+setsebool(8) command or the system-config-security GUI . If you do this, you -+must also set the ENABLE_ZONE_WRITE variable in /etc/sysconfig/named to -+1 / yes to set the ownership of files in the $ROOTDIR/var/named directory -+to named:named in order for named to be allowed to write them. -+.PP -+\fBRed Hat BIND named_sdb SDB support:\fR -+.PP -+Red Hat ships the bind-sdb RPM that provides the /usr/sbin/named_sdb program, -+which is named compiled with the Simplified Database Backend modules that ISC -+provides in the "contrib/sdb" directory. -+.br -+The SDB modules for LDAP, PostGreSQL and DirDB are compiled into named_sdb. -+.br -+To run named_sdb, set the ENABLE_SDB variable in /etc/sysconfig/named to 1 or "yes", -+and then the "service named start" named initscript will run named_sdb instead -+of named . -+.br -+See the documentation for the various SDB modules in /usr/share/doc/bind-sdb-*/ . -+.PP -+\fBRed Hat system-config-bind:\fR -+.PP -+Red Hat provides the system-config-bind GUI to configure named.conf and zone -+database files. Run the "system-config-bind" command and access the manual -+by selecting the Help menu. -+.PP - .SH "FILES" - .PP - \fI/etc/named.conf\fR diff --git a/bind-9.3.4-sdb-sqlite-src.patch b/bind-9.3.4-sdb-sqlite-src.patch new file mode 100644 index 0000000..6b84210 --- /dev/null +++ b/bind-9.3.4-sdb-sqlite-src.patch @@ -0,0 +1,729 @@ +--- bind-9.3.4/contrib/sdb/sqlite/sqlitedb.c.sdb-sqlite-src 2007-03-01 23:06:02.000000000 -0500 ++++ bind-9.3.4/contrib/sdb/sqlite/sqlitedb.c 2007-03-01 23:06:02.000000000 -0500 +@@ -0,0 +1,324 @@ ++/* ++ * Copyright (C) 2007 Internet Software Consortium. ++ * ++ * Permission to use, copy, modify, and distribute this software for any ++ * purpose with or without fee is hereby granted, provided that the above ++ * copyright notice and this permission notice appear in all copies. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM ++ * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ++ * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, ++ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING ++ * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, ++ * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION ++ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. ++ */ ++ ++/* $Id: sqlitedb.c Exp $ */ ++ ++#include ++ ++#include ++#include ++#include ++#include ++ ++#include ++ ++#include ++#include ++#include ++#include ++ ++#include ++#include ++ ++#include ++ ++#include "sqlitedb.h" ++ ++/* ++ * A simple database driver that interfaces to a SQLite database. ++ * ++ * The table must contain the fields "name", "rdtype", and "rdata", and ++ * is expected to contain a properly constructed zone. The program "zonetodb" ++ * creates such a table. ++ */ ++ ++static dns_sdbimplementation_t *sqlitedb = NULL; ++ ++typedef struct _dbinfo { ++ sqlite3 *db; ++ char *filename; ++ char *table; ++} dbinfo_t; ++ ++ ++static isc_result_t ++db_connect(dbinfo_t *dbi) ++{ ++ if (sqlite3_open(dbi->filename, &dbi->db) == SQLITE_OK) { ++ return (ISC_R_SUCCESS); ++ } else { ++ /* a connection is returned even if the open fails */ ++ sqlite3_close(dbi->db); ++ dbi->db = NULL; ++ return (ISC_R_FAILURE); ++ } ++} ++ ++ ++typedef struct _lookup_parm_t { ++ int i; ++ dns_sdblookup_t *lookup; ++ isc_result_t result; ++} lookup_parm_t; ++ ++ ++static int ++sqlitedb_lookup_cb(void *p, int cc, char **cv, char **cn) ++{ ++ lookup_parm_t *parm = p; ++ dns_ttl_t ttl; ++ char *endp; ++ ++ /* FIXME - check these(num/names); I'm assuming a mapping for now */ ++ char *ttlstr = cv[0]; ++ char *type = cv[1]; ++ char *data = cv[2]; ++ ++ UNUSED(cc); ++ UNUSED(cn); ++ ++ ttl = strtol(ttlstr, &endp, 10); ++ if (*endp) { ++ parm->result = DNS_R_BADTTL; ++ return 1; ++ } ++ ++ parm->result = dns_sdb_putrr(parm->lookup, type, ttl, data); ++ ++ if (parm->result != ISC_R_SUCCESS) ++ return 1; ++ ++ (parm->i)++; ++ ++ return 0; ++} ++ ++ ++static isc_result_t ++sqlitedb_lookup(const char *zone, ++ const char *name, void *dbdata, ++ dns_sdblookup_t *lookup) ++/* ++ * synchronous absolute name lookup ++ */ ++{ ++ dbinfo_t *dbi = (dbinfo_t *) dbdata; ++ char *sql; ++ lookup_parm_t parm = { 0, lookup, ISC_R_SUCCESS }; ++ char *errmsg = NULL; ++ int result; ++ ++ UNUSED(zone); ++ ++ sql = sqlite3_mprintf( ++ "SELECT TTL,RDTYPE,RDATA FROM \"%q\" WHERE " ++ "lower(NAME) = lower('%q')", ++ dbi->table, name); ++ ++ result = sqlite3_exec(dbi->db, sql, ++ &sqlitedb_lookup_cb, &parm, ++ &errmsg); ++ sqlite3_free(sql); ++ ++ if (result != SQLITE_OK) ++ return (ISC_R_FAILURE); ++ if (parm.i == 0) ++ return (ISC_R_NOTFOUND); ++ ++ return (ISC_R_SUCCESS); ++} ++ ++ ++typedef struct _allnodes_parm_t { ++ int i; ++ dns_sdballnodes_t *allnodes; ++ isc_result_t result; ++} allnodes_parm_t; ++ ++ ++static int ++sqlitedb_allnodes_cb(void *p, int cc, char **cv, char **cn) ++{ ++ allnodes_parm_t *parm = p; ++ dns_ttl_t ttl; ++ char *endp; ++ ++ /* FIXME - check these(num/names); I'm assuming a mapping for now */ ++ char *ttlstr = cv[0]; ++ char *name = cv[1]; ++ char *type = cv[2]; ++ char *data = cv[3]; ++ ++ UNUSED(cc); ++ UNUSED(cn); ++ ++ ttl = strtol(ttlstr, &endp, 10); ++ if (*endp) { ++ parm->result = DNS_R_BADTTL; ++ return 1; ++ } ++ ++ parm->result = dns_sdb_putnamedrr(parm->allnodes, name, type, ttl, data); ++ ++ if (parm->result != ISC_R_SUCCESS) ++ return 1; ++ ++ (parm->i)++; ++ ++ return 0; ++} ++ ++ ++static isc_result_t ++sqlitedb_allnodes(const char *zone, ++ void *dbdata, ++ dns_sdballnodes_t *allnodes) ++{ ++ dbinfo_t *dbi = (dbinfo_t *) dbdata; ++ char *sql; ++ allnodes_parm_t parm = { 0, allnodes, ISC_R_SUCCESS }; ++ char *errmsg = NULL; ++ int result; ++ ++ UNUSED(zone); ++ ++ sql = sqlite3_mprintf( ++ "SELECT TTL,NAME,RDTYPE,RDATA FROM \"%q\" ORDER BY NAME", ++ dbi->table); ++ ++ result = sqlite3_exec(dbi->db, sql, ++ &sqlitedb_allnodes_cb, &parm, ++ &errmsg); ++ sqlite3_free(sql); ++ ++ if (result != SQLITE_OK) ++ return (ISC_R_FAILURE); ++ if (parm.i == 0) ++ return (ISC_R_NOTFOUND); ++ ++ return (ISC_R_SUCCESS); ++} ++ ++ ++static void ++sqlitedb_destroy(const char *zone, void *driverdata, void **dbdata) ++{ ++ dbinfo_t *dbi = *dbdata; ++ ++ UNUSED(zone); ++ UNUSED(driverdata); ++ ++ if (dbi->db != NULL) ++ sqlite3_close(dbi->db); ++ if (dbi->table != NULL) ++ isc_mem_free(ns_g_mctx, dbi->table); ++ if (dbi->filename != NULL) ++ isc_mem_free(ns_g_mctx, dbi->filename); ++ ++ isc_mem_put(ns_g_mctx, dbi, sizeof(dbinfo_t)); ++} ++ ++ ++#define STRDUP_OR_FAIL(target, source) \ ++ do { \ ++ target = isc_mem_strdup(ns_g_mctx, source); \ ++ if (target == NULL) { \ ++ result = ISC_R_NOMEMORY; \ ++ goto cleanup; \ ++ } \ ++ } while (0); ++ ++/* ++ * Create a connection to the database and save any necessary information ++ * in dbdata. ++ * ++ * argv[0] is the name of the database file ++ * argv[1] is the name of the table ++ */ ++static isc_result_t ++sqlitedb_create(const char *zone, ++ int argc, char **argv, ++ void *driverdata, void **dbdata) ++{ ++ dbinfo_t *dbi; ++ isc_result_t result; ++ ++ UNUSED(zone); ++ UNUSED(driverdata); ++ ++ if (argc < 2) ++ return (ISC_R_FAILURE); ++ ++ dbi = isc_mem_get(ns_g_mctx, sizeof(dbinfo_t)); ++ if (dbi == NULL) ++ return (ISC_R_NOMEMORY); ++ dbi->db = NULL; ++ dbi->filename = NULL; ++ dbi->table = NULL; ++ ++ STRDUP_OR_FAIL(dbi->filename, argv[0]); ++ STRDUP_OR_FAIL(dbi->table, argv[1]); ++ ++ result = db_connect(dbi); ++ if (result != ISC_R_SUCCESS) ++ goto cleanup; ++ ++ *dbdata = dbi; ++ return (ISC_R_SUCCESS); ++ ++cleanup: ++ sqlitedb_destroy(zone, driverdata, (void **)&dbi); ++ return (result); ++} ++ ++ ++/* ++ * Since the SQL database corresponds to a zone, the authority data should ++ * be returned by the lookup() function. Therefore the authority() function ++ * is NULL. ++ */ ++static dns_sdbmethods_t sqlitedb_methods = { ++ sqlitedb_lookup, ++ NULL, /* authority */ ++ sqlitedb_allnodes, ++ sqlitedb_create, ++ sqlitedb_destroy ++}; ++ ++ ++/* ++ * Wrapper around dns_sdb_register(). ++ */ ++isc_result_t ++sqlitedb_init(void) ++{ ++ unsigned int flags; ++ flags = 0; ++ return (dns_sdb_register("sqlite", &sqlitedb_methods, NULL, flags, ++ ns_g_mctx, &sqlitedb)); ++} ++ ++ ++/* ++ * Wrapper around dns_sdb_unregister(). ++ */ ++void ++sqlitedb_clear(void) ++{ ++ if (sqlitedb != NULL) ++ dns_sdb_unregister(&sqlitedb); ++} +--- bind-9.3.4/contrib/sdb/sqlite/sqlitedb.h.sdb-sqlite-src 2007-03-01 23:06:02.000000000 -0500 ++++ bind-9.3.4/contrib/sdb/sqlite/sqlitedb.h 2007-03-01 23:06:02.000000000 -0500 +@@ -0,0 +1,25 @@ ++/* ++ * Copyright (C) 2000-2002 Internet Software Consortium. ++ * ++ * Permission to use, copy, modify, and distribute this software for any ++ * purpose with or without fee is hereby granted, provided that the above ++ * copyright notice and this permission notice appear in all copies. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM ++ * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ++ * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, ++ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING ++ * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, ++ * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION ++ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. ++ */ ++ ++/* $Id: pgsqldb.h,v 1.2.4.2 2002/08/05 06:57:07 marka Exp $ */ ++ ++#include ++ ++isc_result_t sqlitedb_init(void); ++ ++void sqlitedb_clear(void); ++ +--- bind-9.3.4/contrib/sdb/sqlite/README.sdb_sqlite.sdb-sqlite-src 2007-03-01 23:06:02.000000000 -0500 ++++ bind-9.3.4/contrib/sdb/sqlite/README.sdb_sqlite 2007-03-01 23:17:01.000000000 -0500 +@@ -0,0 +1,67 @@ ++ SQLite BIND SDB driver ++ ++The SQLite BIND SDB "driver" is intended as an alternative both to the ++pgsqldb and dirdb drivers, for situations that would like the management ++simplicity and convenience of single filesystem files, with the additional ++capability of SQL databases. It is also intended as an alternative to ++the standard dynamic DNS update capability in bind, which effectively ++requires use of DNSSEC keys for authorization, and is limited to 'nsupdate' ++for updates. An sqlite database, by contrast, uses and requires only ++normal filesystem permissions, and may be updated however a typical SQLite ++database might be updated, e.g., via a web service with an SQLite backend. ++ ++This driver is not considered suitable for very high volume public ++nameserver use, while likely useful for smaller private nameserver ++applications, whether or not in a production environment. It should ++generally be suitable wherever SQLite is preferable over larger database ++engines, and not suitable where SQLite is not preferable. ++ ++Usage: ++ ++o Use the named_sdb process ( put ENABLE_SDB=yes in /etc/sysconfig/named ) ++ ++o Edit your named.conf to contain a database zone, eg.: ++ ++zone "mydomain.net." IN { ++ type master; ++ database "sqlite mydomain.db mydomain"; ++ # ^- DB name ^-Table ++}; ++ ++o Create the database zone table ++ The table must contain the columns "name", "rdtype", and "rdata", and ++ is expected to contain a properly constructed zone. The program ++ "zone2sqlite" creates such a table. ++ ++ zone2sqlite usage: ++ ++ zone2sqlite origin zonefile dbfile dbtable ++ ++ where ++ origin : zone origin, eg "mydomain.net." ++ zonefile : master zone database file, eg. mydomain.net.zone ++ dbfile : name of SQLite database file ++ dbtable : name of table in database ++ ++--- ++# mydomain.net.zone: ++$TTL 1H ++@ SOA localhost. root.localhost. ( 1 ++ 3H ++ 1H ++ 1W ++ 1H ) ++ NS localhost. ++host1 A 192.168.2.1 ++host2 A 192.168.2.2 ++host3 A 192.168.2.3 ++host4 A 192.168.2.4 ++host5 A 192.168.2.5 ++host6 A 192.168.2.6 ++host7 A 192.168.2.7 ++--- ++ ++# zone2sqlite mydomain.net. mydomain.net.zone mydomain.net.db mydomain ++ ++will create/update the 'mydomain' table in database file 'mydomain.net.db'. ++ +--- bind-9.3.4/contrib/sdb/sqlite/zone2sqlite.c.sdb-sqlite-src 2007-03-01 23:06:02.000000000 -0500 ++++ bind-9.3.4/contrib/sdb/sqlite/zone2sqlite.c 2007-03-01 23:06:02.000000000 -0500 +@@ -0,0 +1,301 @@ ++/* ++ * Copyright (C) 2007 Internet Software Consortium. ++ * ++ * Permission to use, copy, modify, and distribute this software for any ++ * purpose with or without fee is hereby granted, provided that the above ++ * copyright notice and this permission notice appear in all copies. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM ++ * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ++ * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, ++ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING ++ * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, ++ * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION ++ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. ++ */ ++ ++/* $Id: zonetosqlite.c Exp $ */ ++ ++#include ++#include ++ ++#include ++#include ++#include ++#include ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#include ++ ++#ifndef UNUSED ++#define UNUSED(x) (x) = (x) ++#endif ++ ++/* ++ * Generate an SQLite table from a zone. ++ */ ++ ++typedef struct _dbinfo { ++ sqlite3 *db; ++ char *filename; ++ char *table; ++} dbinfo_t; ++ ++dbinfo_t dbi = { NULL, NULL, NULL }; ++ ++ ++static void ++closeandexit(int status) ++{ ++ if (dbi.db) { ++ sqlite3_close(dbi.db); ++ dbi.db = NULL; ++ } ++ exit(status); ++} ++ ++static void ++check_result(isc_result_t result, const char *message) ++{ ++ if (result != ISC_R_SUCCESS) { ++ fprintf(stderr, "%s: %s\n", message, ++ isc_result_totext(result)); ++ closeandexit(1); ++ } ++} ++ ++static isc_result_t ++db_connect(dbinfo_t *dbi) ++{ ++ if (sqlite3_open(dbi->filename, &dbi->db) == SQLITE_OK) { ++ return (ISC_R_SUCCESS); ++ } else { ++ /* a connection is returned even if the open fails */ ++ sqlite3_close(dbi->db); ++ dbi->db = NULL; ++ return (ISC_R_FAILURE); ++ } ++} ++ ++static int ++add_rdata_cb(void *parm, int cc, char **cv, char **cn) ++{ ++ UNUSED(parm); ++ UNUSED(cc); ++ UNUSED(cv); ++ UNUSED(cn); ++ ++ return 0; ++} ++ ++ ++static void ++addrdata(dns_name_t *name, dns_ttl_t ttl, dns_rdata_t *rdata) ++{ ++ unsigned char namearray[DNS_NAME_MAXTEXT + 1]; ++ unsigned char typearray[20]; ++ unsigned char dataarray[2048]; ++ isc_buffer_t b; ++ isc_result_t result; ++ char *sql; ++ char *errmsg = NULL; ++ int res; ++ ++ isc_buffer_init(&b, namearray, sizeof(namearray) - 1); ++ result = dns_name_totext(name, ISC_TRUE, &b); ++ check_result(result, "dns_name_totext"); ++ namearray[isc_buffer_usedlength(&b)] = 0; ++ ++ isc_buffer_init(&b, typearray, sizeof(typearray) - 1); ++ result = dns_rdatatype_totext(rdata->type, &b); ++ check_result(result, "dns_rdatatype_totext"); ++ typearray[isc_buffer_usedlength(&b)] = 0; ++ ++ isc_buffer_init(&b, dataarray, sizeof(dataarray) - 1); ++ result = dns_rdata_totext(rdata, NULL, &b); ++ check_result(result, "dns_rdata_totext"); ++ dataarray[isc_buffer_usedlength(&b)] = 0; ++ ++ sql = sqlite3_mprintf( ++ "INSERT INTO %q (NAME, TTL, RDTYPE, RDATA)" ++ " VALUES ('%q', %d, '%q', '%q') ", ++ dbi.table, ++ namearray, ttl, typearray, dataarray); ++ printf("%s\n", sql); ++ res = sqlite3_exec(dbi.db, sql, add_rdata_cb, NULL, &errmsg); ++ sqlite3_free(sql); ++ ++ if (result != SQLITE_OK) { ++ fprintf(stderr, "INSERT failed: %s\n", errmsg); ++ closeandexit(1); ++ } ++} ++ ++int ++main(int argc, char *argv[]) ++{ ++ char *sql; ++ int res; ++ char *errmsg = NULL; ++ char *porigin, *zonefile; ++ dns_fixedname_t forigin, fname; ++ dns_name_t *origin, *name; ++ dns_db_t *db = NULL; ++ dns_dbiterator_t *dbiter; ++ dns_dbnode_t *node; ++ dns_rdatasetiter_t *rdsiter; ++ dns_rdataset_t rdataset; ++ dns_rdata_t rdata = DNS_RDATA_INIT; ++ isc_mem_t *mctx = NULL; ++ isc_buffer_t b; ++ isc_result_t result; ++ ++ if (argc != 5) { ++ printf("usage: %s \n", argv[0]); ++ exit(1); ++ } ++ ++ porigin = argv[1]; ++ zonefile = argv[2]; ++ ++ dbi.filename = argv[3]; ++ dbi.table = argv[4]; ++ ++ dns_result_register(); ++ ++ mctx = NULL; ++ result = isc_mem_create(0, 0, &mctx); ++ check_result(result, "isc_mem_create"); ++ ++ isc_buffer_init(&b, porigin, strlen(porigin)); ++ isc_buffer_add(&b, strlen(porigin)); ++ dns_fixedname_init(&forigin); ++ origin = dns_fixedname_name(&forigin); ++ result = dns_name_fromtext(origin, &b, dns_rootname, ISC_FALSE, NULL); ++ check_result(result, "dns_name_fromtext"); ++ ++ db = NULL; ++ result = dns_db_create(mctx, "rbt", origin, dns_dbtype_zone, ++ dns_rdataclass_in, 0, NULL, &db); ++ check_result(result, "dns_db_create"); ++ ++ result = dns_db_load(db, zonefile); ++ if (result == DNS_R_SEENINCLUDE) ++ result = ISC_R_SUCCESS; ++ check_result(result, "dns_db_load"); ++ ++ printf("Connecting to '%s'\n", dbi.filename); ++ ++ if ((result = db_connect(&dbi)) != ISC_R_SUCCESS) { ++ fprintf(stderr, "Connection to database '%s' failed\n", ++ dbi.filename); ++ closeandexit(1); ++ } ++ ++ sql = sqlite3_mprintf("DROP TABLE %q ", dbi.table); ++ printf("%s\n", sql); ++ res = sqlite3_exec(dbi.db, sql, NULL, NULL, &errmsg); ++ sqlite3_free(sql); ++#if 0 ++ if (res != SQLITE_OK) { ++ fprintf(stderr, "DROP TABLE %s failed: %s\n", ++ dbi.table, errmsg); ++ } ++#endif ++ ++#if 0 ++ sql = sqlite3_mprintf(sql, "BEGIN TRANSACTION"); ++ printf("%s\n", sql); ++ res = sqlite3_exec(dbi.db, sql, NULL, NULL, &errmsg); ++ sqlite3_free(sql); ++ if (res != SQLITE_OK) { ++ fprintf(stderr, "BEGIN TRANSACTION failed: %s\n", errmsg); ++ closeandexit(1); ++ } ++#endif ++ ++ sql = sqlite3_mprintf( ++ "CREATE TABLE %q " ++ "(NAME TEXT, TTL INTEGER, RDTYPE TEXT, RDATA TEXT) ", ++ dbi.table); ++ printf("%s\n", sql); ++ res = sqlite3_exec(dbi.db, sql, NULL, NULL, &errmsg); ++ sqlite3_free(sql); ++ if (res != SQLITE_OK) { ++ fprintf(stderr, "CREATE TABLE %s failed: %s\n", ++ dbi.table, errmsg); ++ closeandexit(1); ++ } ++ ++ dbiter = NULL; ++ result = dns_db_createiterator(db, ISC_FALSE, &dbiter); ++ check_result(result, "dns_db_createiterator()"); ++ ++ result = dns_dbiterator_first(dbiter); ++ check_result(result, "dns_dbiterator_first"); ++ ++ dns_fixedname_init(&fname); ++ name = dns_fixedname_name(&fname); ++ dns_rdataset_init(&rdataset); ++ dns_rdata_init(&rdata); ++ ++ while (result == ISC_R_SUCCESS) { ++ node = NULL; ++ result = dns_dbiterator_current(dbiter, &node, name); ++ if (result == ISC_R_NOMORE) ++ break; ++ check_result(result, "dns_dbiterator_current"); ++ ++ rdsiter = NULL; ++ result = dns_db_allrdatasets(db, node, NULL, 0, &rdsiter); ++ check_result(result, "dns_db_allrdatasets"); ++ ++ result = dns_rdatasetiter_first(rdsiter); ++ ++ while (result == ISC_R_SUCCESS) { ++ dns_rdatasetiter_current(rdsiter, &rdataset); ++ result = dns_rdataset_first(&rdataset); ++ check_result(result, "dns_rdataset_first"); ++ while (result == ISC_R_SUCCESS) { ++ dns_rdataset_current(&rdataset, &rdata); ++ addrdata(name, rdataset.ttl, &rdata); ++ dns_rdata_reset(&rdata); ++ result = dns_rdataset_next(&rdataset); ++ } ++ dns_rdataset_disassociate(&rdataset); ++ result = dns_rdatasetiter_next(rdsiter); ++ } ++ dns_rdatasetiter_destroy(&rdsiter); ++ dns_db_detachnode(db, &node); ++ result = dns_dbiterator_next(dbiter); ++ } ++ ++#if 0 ++ sql = sqlite3_mprintf(sql, "COMMIT TRANSACTION "); ++ printf("%s\n", sql); ++ res = sqlite3_exec(dbi.db, sql, NULL, NULL, &errmsg); ++ sqlite3_free(sql); ++ if (res != SQLITE_OK) { ++ fprintf(stderr, "COMMIT TRANSACTION failed: %s\n", errmsg); ++ closeandexit(1); ++ } ++#endif ++ ++ dns_dbiterator_destroy(&dbiter); ++ dns_db_detach(&db); ++ isc_mem_destroy(&mctx); ++ ++ closeandexit(0); ++ ++ exit(0); ++} diff --git a/bind-9.4.0-sdb-sqlite-bld.patch b/bind-9.4.0-sdb-sqlite-bld.patch new file mode 100644 index 0000000..b61c9e8 --- /dev/null +++ b/bind-9.4.0-sdb-sqlite-bld.patch @@ -0,0 +1,99 @@ +--- bind-9.4.0/bin/named_sdb/main.c.sdb-sqlite-bld 2007-03-12 14:00:05.000000000 +0100 ++++ bind-9.4.0/bin/named_sdb/main.c 2007-03-12 14:02:34.000000000 +0100 +@@ -74,6 +74,7 @@ + /* #include "xxdb.h" */ + #include "ldapdb.h" + #include "pgsqldb.h" ++#include "sqlitedb.h" + #include "dirdb.h" + + /* +@@ -648,6 +649,7 @@ + + ldapdb_clear(); + pgsqldb_clear(); ++ sqlitedb_clear(); + dirdb_clear(); + + isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN, +@@ -737,6 +739,23 @@ + ISC_LOG_NOTICE, "SDB postgreSQL DB zone database module loaded." + ); + ++ result = sqlitedb_init(); ++ if (result != ISC_R_SUCCESS) ++ { ++ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN, ++ ISC_LOG_ERROR, ++ "SDB sqlite3 module initialisation failed: %s.", ++ isc_result_totext(result) ++ ); ++ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN, ++ ISC_LOG_ERROR, ++ "SDB sqlite3 zone database will be unavailable." ++ ); ++ }else ++ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN, ++ ISC_LOG_NOTICE, "SDB sqlite3 DB zone database module loaded." ++ ); ++ + result = dirdb_init(); + if (result != ISC_R_SUCCESS) + { +@@ -781,6 +800,7 @@ + + ldapdb_clear(); + pgsqldb_clear(); ++ sqlitedb_clear(); + dirdb_clear(); + + isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN, +--- bind-9.4.0/bin/named_sdb/Makefile.in.sdb-sqlite-bld 2007-03-12 14:00:05.000000000 +0100 ++++ bind-9.4.0/bin/named_sdb/Makefile.in 2007-03-12 14:00:05.000000000 +0100 +@@ -26,10 +26,10 @@ + # + # Add database drivers here. + # +-DBDRIVER_OBJS = ldapdb.o pgsqldb.o dirdb.o +-DBDRIVER_SRCS = ldapdb.c pgsqldb.c dirdb.c ++DBDRIVER_OBJS = ldapdb.o pgsqldb.o sqlitedb.o dirdb.o ++DBDRIVER_SRCS = ldapdb.c pgsqldb.c sqlitedb.c dirdb.c + DBDRIVER_INCLUDES = +-DBDRIVER_LIBS = -lldap -llber -lpq ++DBDRIVER_LIBS = -lldap -llber -lpq -lsqlite3 + + DLZ_DRIVER_DIR = ${top_srcdir}/contrib/dlz/drivers + +--- bind-9.4.0/bin/sdb_tools/Makefile.in.sdb-sqlite-bld 2007-03-12 14:00:05.000000000 +0100 ++++ bind-9.4.0/bin/sdb_tools/Makefile.in 2007-03-12 14:00:05.000000000 +0100 +@@ -30,11 +30,11 @@ + LIBS = ${LWRESLIBS} ${DNSLIBS} ${BIND9LIBS} \ + ${ISCCFGLIBS} ${ISCCCLIBS} ${ISCLIBS} ${DBDRIVER_LIBS} @LIBS@ + +-TARGETS = zone2ldap@EXEEXT@ ldap2zone@EXEEXT@ zonetodb@EXEEXT@ ++TARGETS = zone2ldap@EXEEXT@ ldap2zone@EXEEXT@ zonetodb@EXEEXT@ zone2sqlite@EXEEXT@ + +-OBJS = zone2ldap.o ldap2zone.o zonetodb.o ++OBJS = zone2ldap.o ldap2zone.o zonetodb.o zone2sqlite + +-SRCS = zone2ldap.c ldap2zone.c zonetodb.c ++SRCS = zone2ldap.c ldap2zone.c zonetodb.c zone2sqlite.c + + MANPAGES = zone2ldap.1 + +@@ -54,6 +54,9 @@ + zonetodb: zonetodb.o ${DEPLIBS} + ${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} -o $@ zonetodb.o -lpq ${LIBS} + ++zone2sqlite: zone2sqlite.o ${DEPLIBS} ++ ${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} -o $@ zone2sqlite.o -lsqlite3 -lssl ${LIBS} ++ + ldap2zone: ldap2zone.o ${DEPLIBS} + ${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} -o $@ ldap2zone.o -lldap -llber ${LIBS} + +@@ -68,4 +71,5 @@ + ${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} zone2ldap ${DESTDIR}${sbindir} + ${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} ldap2zone ${DESTDIR}${sbindir} + ${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} zonetodb ${DESTDIR}${sbindir} ++ ${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} zone2sqlite ${DESTDIR}${sbindir} + ${INSTALL_DATA} ${srcdir}/zone2ldap.1 ${DESTDIR}${mandir}/man1/zone2ldap.1 diff --git a/bind.spec b/bind.spec index 2f6696a..db95b7b 100644 --- a/bind.spec +++ b/bind.spec @@ -17,7 +17,7 @@ Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv Name: bind License: BSD-like Version: 9.4.0 -Release: 1%{?dist} +Release: 2%{?dist} Epoch: 31 Url: http://www.isc.org/products/BIND/ Buildroot: %{_tmppath}/%{name}-root @@ -74,6 +74,8 @@ Patch22: bind-9.3.1-sdb_dbus.patch Patch23: bind-9.3.1-dbus_archdep_libdir.patch Patch32: bind-9.3.2-prctl_set_dumpable.patch Patch52: bind-9.3.3-edns.patch +Patch61: bind-9.3.4-sdb-sqlite-src.patch +Patch62: bind-9.4.0-sdb-sqlite-bld.patch # Requires: bind-libs = %{epoch}:%{version}-%{release}, glibc >= 2.2, mktemp Requires(post): bash, coreutils, sed, grep, chkconfig >= 1.3.26 @@ -84,7 +86,7 @@ Requires(post): policycoreutils %endif BuildRequires: gcc, glibc-devel >= 2.2.5-26, glibc-kernheaders >= 2.4-7.10, openssl-devel, libtool, autoconf, pkgconfig %if %{SDB} -BuildRequires: openldap-devel, postgresql-devel +BuildRequires: openldap-devel, postgresql-devel, sqlite-devel %endif %if %{WITH_DBUS} BuildRequires: dbus-devel @@ -205,9 +207,9 @@ tools for verifying that the DNS server is operating properly. BIND SDB (Simplified Database Backend) provides named_sdb, the DNS name server compiled to include support for using alternative Zone Databases -stored in an LDAP server (ldapdb), a postgreSQL database (pgsqldb), or in the -filesystem (dirdb), in addition to the standard in-memory RBT (Red Black Tree) -zone database. +stored in an LDAP server (ldapdb), a postgreSQL database (pgsqldb), an +sqlite database (sqlitedb), or in the filesystem (dirdb), in addition +to the standard in-memory RBT (Red Black Tree) zone database. %endif @@ -223,12 +225,15 @@ zone database. %patch10 -p1 -b .PIE %if %{SDB} %patch11 -p1 -b .sdbsrc +%patch61 -p1 -b .sdb-sqlite-src # BUILD 'Simplified Database Backend' (SDB) version of named: named_sdb cp -rfp bin/named bin/named_sdb # SDB ldap cp -fp contrib/sdb/ldap/ldapdb.[ch] bin/named_sdb # SDB postgreSQL cp -fp contrib/sdb/pgsql/pgsqldb.[ch] bin/named_sdb +# SDB sqlite +cp -fp contrib/sdb/sqlite/sqlitedb.[ch] bin/named_sdb # SDB Berkeley DB - needs to be ported to DB4! #cp -fp contrib/sdb/bdb/bdb.[ch] bin/named_sdb # SDB dir @@ -239,20 +244,20 @@ cp -fp %{SOURCE7} bin/sdb_tools/Makefile.in #cp -fp contrib/sdb/bdb/zone2bdb.c bin/sdb_tools cp -fp contrib/sdb/ldap/{zone2ldap.1,zone2ldap.c} bin/sdb_tools cp -fp contrib/sdb/pgsql/zonetodb.c bin/sdb_tools +cp -fp contrib/sdb/sqlite/zone2sqlite.c bin/sdb_tools %patch12 -p1 -b .sdb %endif %if %{LIBBIND} %patch13 -p1 -b .fix_libbind_includedir %patch14 -p1 -b .fix_h_errno %endif +%patch16 -p1 -b .redhat_doc %if %{WITH_DBUS} %patch15 -p1 -b .dbus %if %{SDB} %patch22 -p1 -b .sdb_dbus %endif %patch23 -p1 -b .dbus_archdep_libdir -%else -%patch16 -p1 -b .redhat_doc %endif %if %{SDB} %patch17 -p1 -b .fix_sdb_ldap @@ -274,6 +279,9 @@ cp -fp bin/named/include/named/{globals.h,server.h,log.h,types.h} bin/named_sdb/ %endif %patch32 -p1 -b .prctl_set_dumpable %patch52 -p1 -b .edns +%if %{SDB} +%patch62 -p1 -b .sdb-sqlite-bld +%endif :; @@ -480,7 +488,6 @@ chmod 0755 ${RPM_BUILD_ROOT}%{_libdir}/lib*so.* %{_sbindir}/named %{_sbindir}/named-bootconf %{_sbindir}/rndc* -%{_sbindir}/bind-chroot-admin %{_sbindir}/named-compilezone %defattr(0644,root,root,0755) %{_mandir}/man5/named.conf.5* @@ -593,6 +600,8 @@ chmod 0755 ${RPM_BUILD_ROOT}%{_libdir}/lib*so.* %ghost %prefix/dev/null %ghost %prefix/dev/random %ghost %prefix/dev/zero +%defattr(0750,root,root,0755) +%{_sbindir}/bind-chroot-admin %if %{SDB} @@ -602,6 +611,7 @@ chmod 0755 ${RPM_BUILD_ROOT}%{_libdir}/lib*so.* %{_sbindir}/zone2ldap %{_sbindir}/ldap2zone %{_sbindir}/zonetodb +%{_sbindir}/zone2sqlite %defattr(0644,root,root,0755) %config(noreplace) /etc/openldap/schema/dnszone.schema %defattr(0644,root,named,0755) @@ -746,6 +756,11 @@ rm -rf ${RPM_BUILD_ROOT} :; %changelog +* Mon Mar 12 2007 Adam Tkac 31:9.4.0-2.fc7 +- added experimental SQLite support (written by John Boyd ) +- moved bind-chroot-admin script to chroot package +- bind-9.3.2-redhat_doc.patch is always applied (#231738) + * Tue Mar 06 2007 Adam Tkac 31:9.4.0-1.fc7 - updated to 9.4.0 - bind-chroot-admin now sets EAs correctly (#213926)