[nsd/el6] * Thu Apr 11 2013 Paul Wouters <pwouters at redhat.com> - 3.2.15-4 - Restarting nsd could fail if stopp
Paul Wouters
pwouters at fedoraproject.org
Thu Apr 18 18:30:55 UTC 2013
commit e8535d3312338a6e7b61a25bebf014bc272ef2b0
Author: Paul Wouters <pwouters at redhat.com>
Date: Thu Apr 18 14:30:25 2013 -0400
* Thu Apr 11 2013 Paul Wouters <pwouters at redhat.com> - 3.2.15-4
- Restarting nsd could fail if stopping took too long
- "nsdc notify" was not called on "reload", causing slow sync to secondaries
- Compile with full relro support (rhbz#953137)
nsd.cron | 4 ++--
nsd.init | 41 +++++++++++++++++++----------------------
nsd.spec | 11 ++++++++++-
3 files changed, 31 insertions(+), 25 deletions(-)
---
diff --git a/nsd.cron b/nsd.cron
index e5d5de3..38bbaf3 100644
--- a/nsd.cron
+++ b/nsd.cron
@@ -37,8 +37,8 @@ case "$NSD_AUTOREBUILD" in
if [ $zonefile -nt $database ]
then
echo "Zone $zonefile update requires database rebuild"
- $NSDC_PROG -c $NSD_CONF rebuild > /dev/null 2>&1
- $NSDC_PROG -c $NSD_CONF reload > /dev/null 2>&1
+ # use service not nsdc, as we do rebuild+reload+notify
+ /sbin/service nsd reload > /dev/null 2>&1
break
fi
done
diff --git a/nsd.init b/nsd.init
index d662026..9263b3c 100755
--- a/nsd.init
+++ b/nsd.init
@@ -66,16 +66,12 @@ stop() {
echo -n $"Stopping nsd: "
# save state to zonefiles
${NSDC_PROG} -c ${NSD_CONF} patch > /dev/null 2>&1
- ${NSDC_PROG} -c ${NSD_CONF} stop
+ killproc -p ${NSD_PIDFILE} ${NSD_PROG}
RETVAL=$?
- # was nsdc successful?
- if [ "$RETVAL" -gt 0 ]; then
- killproc -p ${NSD_PIDFILE} ${NSD_PROG}
- fi
if [ $RETVAL -eq 0 ] ; then
- rm -f ${NSD_PIDFILE}
+ # nsd should do this rm -f ${NSD_PIDFILE}
rm -f /var/lock/subsys/nsd
- # ensure notifies are sent at startup
+ # ensure notifies are sent at startup
rm -f ${NSD_XFRDFILE}
success
else
@@ -104,7 +100,7 @@ case "$1" in
restart
;;
condrestart|try-restart)
- [ -f /var/lock/subsys/nsd ] && restart || :
+ [ -f /var/lock/subsys/nsd ] && restart || :
;;
status)
status -p ${NSD_PIDFILE} ${NSD_PROG}
@@ -113,25 +109,26 @@ case "$1" in
reload)
echo -n $"Rebuilding zonefiles:"
${NSDC_PROG} -c ${NSD_CONF} rebuild >/dev/null 2>&1
- RETVAL=$?
- if [ $RETVAL -eq 0 ] ; then
- success
- else
- failure
- fi
- echo
+ RETVAL=$?
+ if [ $RETVAL -eq 0 ] ; then
+ success
+ else
+ failure
+ fi
+ echo
echo -n $"Reloading nsd:"
${NSDC_PROG} -c ${NSD_CONF} reload
- RETVAL=$?
- if [ $RETVAL -eq 0 ] ; then
- success
- else
- failure
- fi
+ RETVAL=$?
+ ${NSDC_PROG} -c ${NSD_CONF} notify >/dev/null 2>&1 </dev/null &
+ if [ $RETVAL -eq 0 ] ; then
+ success
+ else
+ failure
+ fi
echo
;;
stats|rebuild|running|update|notify)
- ${NSDC_PROG} -c ${NSD_CONF} $1
+ ${NSDC_PROG} -c ${NSD_CONF} $1
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|stats|notify|reload|rebuild|running|update}"
diff --git a/nsd.spec b/nsd.spec
index 31e7910..2108970 100644
--- a/nsd.spec
+++ b/nsd.spec
@@ -1,7 +1,7 @@
Summary: Fast and lean authoritative DNS Name Server
Name: nsd
Version: 3.2.15
-Release: 3%{?dist}
+Release: 4%{?dist}
License: BSD
Url: http://www.nlnetlabs.nl/%{name}/
Source: http://www.nlnetlabs.nl/downloads/%{name}/%{name}-%{version}.tar.gz
@@ -16,6 +16,8 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: flex, openssl-devel
Requires(pre): shadow-utils
+%global _hardened_build 1
+
%description
NSD is a complete implementation of an authoritative DNS name server.
For further information about what NSD is and what NSD is not please
@@ -28,6 +30,8 @@ consult the REQUIREMENTS document which is a part of this distribution
%patch1 -p1
%build
+export LDFLAGS="-Wl,-z,relro,-z,now"
+export CFLAGS="$RPM_OPT_FLAGS -fPIE -pie"
%configure --enable-bind8-stats \
--enable-checking \
--enable-nsec3 \
@@ -101,6 +105,11 @@ if [ "$1" -ge "1" ]; then
fi
%changelog
+* Thu Apr 11 2013 Paul Wouters <pwouters at redhat.com> - 3.2.15-4
+- Restarting nsd could fail if stopping took too long
+- "nsdc notify" was not called on "reload", causing slow sync to secondaries
+- Compile with full relro support (rhbz#953137)
+
* Tue Feb 05 2013 Paul Wouters <pwouters at redhat.com> - 3.2.15-3
- Updated to 3.2.15 which has support for rate limiting
- Only run nsdc rebuild hourly cronjob when nsd service is running
More information about the scm-commits
mailing list