--- admin/PlamoBuild-template-20161020 2016-10-20 00:36:22.000000000 +0900 +++ plamo/01_minimum/network.txz/old/bind-20170116/PlamoBuild.bind-9.9.9_P5 2017-01-16 19:46:13.000000000 +0900 @@ -1,15 +1,16 @@ #!/bin/sh ###################################################################### -url="" -pkgbase= -vers= +url="http://ftp.isc.org/isc/bind/9.9.9-P5/bind-9.9.9-P5.tar.gz + http://www.internic.net/domain/named.root" +pkgbase=bind +vers=9.9.9_P5 arch=`uname -m` -build=P1 -src=$pkgbase-$vers +build=P2 +src=$pkgbase-9.9.9-P5 patchfiles="" -OPT_CONFIG="" -DOCS="README" +OPT_CONFIG="--with-libxml2=no --with-libtool" +DOCS="CHANGES COPYRIGHT FAQ HISTORY README" template=20161020 tmplurl=ftp://plamo.linet.gr.jp/pub/Plamo-src/admin ###################################################################### @@ -274,6 +275,102 @@ make install DESTDIR=$P fi done + cat <<- "EOF" > $P/etc/named.conf.new + // CACHING NAME SERVER + options { + directory "/var/named"; + // version statement - inhibited for security + // (avoids hacking any known weaknesses) + version "not currently available"; + // disables all zone transfer requests + allow-transfer { + "none"; + }; + // Closed DNS - permits only local IPs to issue queries + // remove if an Open DNS required to support all users + // or add additional IP ranges + // in this case either allow-query or allow-recursion can be used + allow-query { + 192.168.1.0/24; + }; + }; + + // log to /var/log/named.log events + // from info UP in severity (no debug) + // defaults to use 3 files in rotation + // BIND 8.x logging MUST COME FIRST in this file + // BIND 9.x parses the whole file before using the log + // failure messages up to this point are in (syslog) + // typically /var/log/messages + logging { + channel example_log { + file "/var/log/named.log" versions 3 size 2m; + severity info; + print-severity yes; + print-time yes; + print-category yes; + }; + category default { + example_log; + }; + }; + + // required zone for recursive queries + zone "." { + type hint; + file "named.root"; + }; + + // required local host domain + zone "localhost" in { + type master; + file "master.localhost"; + allow-update { + none; + }; + }; + + // localhost reverse map + zone "0.0.127.in-addr.arpa" in { + type master; + file "localhost.rev"; + allow-update { + none; + }; + }; + EOF + install -d $P/var/named + cat <<- "EOF" | sed 's/^|//' > $P/var/named/master.localhost.new + |$TTL 86400 ; 24 hours could have been written as 24h + |$ORIGIN localhost. + |; line below = localhost 1D IN SOA localhost root.localhost + |@ 1D IN SOA @ root ( + | 2009073001 ; serial + | 3h ; refresh + | 15 ; retry + | 1w ; expire + | 3h ; minimum + | ) + |@ 1D IN NS @ + | 1D IN A 127.0.0.1 + EOF + chmod 600 $P/var/named/master.localhost.new + cat <<- "EOF" | sed 's/^|//' > $P/var/named/localhost.rev.new + |$TTL 86400 + |; could use $ORIGIN 0.0.127.IN-ADDR.ARPA. + |@ IN SOA localhost. root.localhost. ( + | 1997022700 ; serial + | 3h ; refresh + | 15 ; retry + | 1w ; expire + | 3h ; minimum + | ) + | IN NS localhost. + |1 IN PTR localhost. + EOF + chmod 600 $P/var/named/localhost.rev.new + cp -p $W/named.root $P/var/named/named.root.new + chown root.root $P/var/named/named.root.new touch $W/i.et cd $W find $P ! -type l -newer i.st ! -newer i.et \ @@ -311,9 +408,59 @@ ( cd $docdir ; find ${src[$i]} -type d -exec touch -r $W/{} {} \; ) done convert - tar cvpf $pkg.tar -C $P `cd $P ; find usr/bin | tail -n+2` + cat <<- "EOF" >> $P/install/doinst.sh + + named_config() { + mv var/named/$1.new /tmp + if [ -f var/named/$1 ] ; then + mv /tmp/$1.new var/named/$1.dist + else + mv /tmp/$1.new var/named/$1 + fi + } + + mv etc/named.conf.new /tmp + if [ -f etc/named.conf ] ; then + mv /tmp/named.conf.new etc/named.conf.dist + else + mv /tmp/named.conf.new etc/named.conf + fi + for i in master.localhost localhost.rev ; do + named_config $i + done + mv var/named/named.root.new /tmp + if [ -f var/named/named.root ] ; then + if diff -q var/named/named.root.internic var/named/named.root \ + > /dev/null 2>&1 ; then + mv var/named/named.root var/named/named.root.old + mv /tmp/named.root.new var/named/named.root + cp -p var/named/named.root var/named/named.root.internic + echo "New root hint file has been installed." + echo "Old one has been moved to /var/named/named.root.old." + else + mv /tmp/named.root.new var/named/named.root.internic + echo "You might have to update your root hint file." + echo "New one has been installed to /var/named/named.root.internic." + fi + else + mv /tmp/named.root.new var/named/named.root + cp -p var/named/named.root var/named/named.root.internic + echo "New root hint file has been installed." + fi + EOF + touch -t `date '+%m%d0900'` $P/install/doinst.sh + tar cvpf $pkg.tar -C $P `cd $P ; find usr/sbin | tail -n+2` + tar rvpf $pkg.tar -C $P `cd $P ; find usr/bin | tail -n+2` + tar rvpf $pkg.tar -C $P `cd $P ; find usr/$libdir | tail -n+2` + tar rvpf $pkg.tar -C $P `cd $P ; find usr/include -maxdepth 1 | tail -n+2` + tar rvpf $pkg.tar -C $P `cd $P ; find etc | tail -n+2` + tar rvpf $pkg.tar -C $P var/named tar rvpf $pkg.tar -C $P `cd $P ; find usr/share/man/man1 | tail -n+2` + tar rvpf $pkg.tar -C $P `cd $P ; find usr/share/man/man3 | tail -n+2` + tar rvpf $pkg.tar -C $P `cd $P ; find usr/share/man/man5 | tail -n+2` + tar rvpf $pkg.tar -C $P `cd $P ; find usr/share/man/man8 | tail -n+2` tar rvpf $pkg.tar -C $P usr/share/doc/$src + tar rvpf $pkg.tar -C $P install/doinst.sh touch -t `date '+%m%d0900'` $pkg.tar ; xz $pkg.tar ; touch $pkg.tar.xz mv $pkg.tar.xz $pkg.txz read -p "Do you want to keep work files? [y/N] " ans