rpms/bind/F-12 named.iscdlv.key, NONE, 1.1 bind.spec, 1.335, 1.336 named.init, 1.76, 1.77

Adam Tkac atkac at fedoraproject.org
Wed Jun 23 15:24:38 UTC 2010 

Author: atkac

Update of /cvs/pkgs/rpms/bind/F-12
In directory cvs01.phx2.fedoraproject.org:/tmp/cvs-serv31393

Modified Files:
	bind.spec named.init 
Added Files:
	named.iscdlv.key 
Log Message:
- obsolete & provide dnssec-conf and add transition %%trigger



--- NEW FILE named.iscdlv.key ---
trusted-keys {
        # NOTE: This key is current as of October 2009.
        # If it fails to initialize correctly, it may have expired;
        # see https://www.isc.org/solutions/dlv for a replacement.
	dlv.isc.org. 257 3 5 "BEAAAAPHMu/5onzrEE7z1egmhg/WPO0+juoZrW3euWEn4MxDCE1+lLy2 brhQv5rN32RKtMzX6Mj70jdzeND4XknW58dnJNPCxn8+jAGl2FZLK8t+ 1uq4W+nnA3qO2+DL+k6BD4mewMLbIYFwe0PG73Te9fZ2kJb56dhgMde5 ymX4BI/oQ+cAK50/xvJv00Frf8kw6ucMTwFlgPe+jnGxPPEmHAte/URk Y62ZfkLoBAADLHQ9IrS2tryAe7mbBZVcOwIeU/Rw/mRx/vwwMCTgNboM QKtUdvNXDrYJDSHZws3xiRXF1Rf+al9UmZfSav/4NWLKjHzpT59k/VSt TDN0YUuWrBNh";
};


Index: bind.spec
===================================================================
RCS file: /cvs/pkgs/rpms/bind/F-12/bind.spec,v
retrieving revision 1.335
retrieving revision 1.336
diff -u -p -r1.335 -r1.336
--- bind.spec	20 May 2010 13:47:40 -0000	1.335
+++ bind.spec	23 Jun 2010 15:24:38 -0000	1.336
@@ -20,7 +20,7 @@ Summary:  The Berkeley Internet Name Dom
 Name:     bind
 License:  ISC
 Version:  9.6.2
-Release:  4.%{PATCHVER}%{?dist}
+Release:  5.%{PATCHVER}%{?dist}
 Epoch:    32
 Url:      http://www.isc.org/products/BIND/
 Buildroot:%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -39,6 +39,7 @@ Source21: Copyright.caching-nameserver
 Source25: named.conf.sample
 Source28: config-4.tar.bz2
 Source30: ldap2zone.c
+Source31: named.iscdlv.key
 
 # Common patches
 Patch5:  bind-nonexec.patch
@@ -77,6 +78,8 @@ Requires(preun):chkconfig
 Requires:       dnssec-conf
 Obsoletes:      bind-config < 30:9.3.2-34.fc6, caching-nameserver < 31:9.4.1-7.fc8
 Provides:       bind-config = 30:9.3.2-34.fc6, caching-nameserver = 31:9.4.1-7.fc8
+Obsoletes:	dnssec-conf < 1.21-9
+Provides:	dnssec-conf = 1.21-9
 BuildRequires:  openssl-devel, libtool, autoconf, pkgconfig, libcap-devel
 BuildRequires:  libidn-devel, libxml2-devel
 %if %{SDB}
@@ -343,6 +346,7 @@ touch ${RPM_BUILD_ROOT}%{_localstatedir}
 tar -C ${RPM_BUILD_ROOT} -xjf %{SOURCE28}
 touch ${RPM_BUILD_ROOT}/etc/rndc.key
 touch ${RPM_BUILD_ROOT}/etc/rndc.conf
+install -m 644 %{SOURCE31} ${RPM_BUILD_ROOT}/etc/named.iscdlv.key
 mkdir ${RPM_BUILD_ROOT}/etc/named
 
 install -m 644 %{SOURCE5}  ./rfc1912.txt
@@ -431,6 +435,36 @@ fi
 %triggerpostun -n bind-libs -p /bin/bash -- bind-libs > 32:9.6.1-0.1.b1
 /sbin/ldconfig
 
+# Automatically update configuration from "dnssec-conf-based" to "BIND-based"
+%triggerpostun -n bind -- dnssec-conf
+if [ -r '/etc/named.conf' ]; then
+cp -fp /etc/named.conf /etc/named.conf.rpmsave
+if grep -Eq '/etc/(named.dnssec.keys|pki/dnssec-keys)' /etc/named.conf; then
+  if grep -q 'dlv.isc.org.conf' /etc/named.conf; then
+    # DLV is configured, reconfigure it to new configuration
+    sed -i -e 's/.*dlv.isc.org.conf.*/include "\/etc\/named.iscdlv.key";/' /etc/named.conf
+  fi
+  sed -i -e '/.*named\.dnssec\.keys.*/d' -e '/.*pki\/dnssec-keys.*/d' \
+    /etc/named.conf
+  /sbin/service named try-restart > /dev/null 2>&1 || :;
+fi
+fi
+
+# Ditto for chroot configuration
+if [ -r '/var/named/chroot/etc/named.conf' ]; then
+cp -fp /var/named/chroot/etc/named.conf /var/named/chroot/etc/named.conf.rpmsave
+if grep -Eq '/etc/(named.dnssec.keys|pki/dnssec-keys)' /var/named/chroot/etc/named.conf; then
+  if grep -q 'dlv.isc.org.conf' /var/named/chroot/etc/named.conf; then
+    # DLV is configured, reconfigure it to new configuration
+    sed -i -e 's/.*dlv.isc.org.conf.*/include "\/etc\/named.iscdlv.key";/' \
+	/var/named/chroot/etc/named.conf
+  fi
+  sed -i -e '/.*named\.dnssec\.keys.*/d' -e '/.*pki\/dnssec-keys.*/d' \
+    /var/named/chroot/etc/named.conf
+  /sbin/service named try-restart > /dev/null 2>&1 || :;
+fi
+fi
+
 %post chroot
 if [ "$1" -gt 0 ]; then
   [ -e %{chroot_prefix}/dev/random ] || \
@@ -467,6 +501,7 @@ rm -rf ${RPM_BUILD_ROOT}
 %dir %{_sysconfdir}/named
 %dir %{_localstatedir}/named
 %config(noreplace) %verify(not link) %{_sysconfdir}/named.conf
+%config(noreplace) %verify(not link) %{_sysconfdir}/named.iscdlv.key
 %config(noreplace) %verify(not link) %{_sysconfdir}/named.rfc1912.zones
 %config %verify(not link) %{_localstatedir}/named/named.ca
 %config %verify(not link) %{_localstatedir}/named/named.localhost
@@ -582,6 +617,9 @@ rm -rf ${RPM_BUILD_ROOT}
 %ghost %{chroot_prefix}/etc/localtime
 
 %changelog
+* Wed Jun 23 2010 Adam Tkac <atkac redhat com> 32:9.6.2-5.P2
+- obsolete & provide dnssec-conf and add transition %%trigger
+
 * Thu May 20 2010 Adam Tkac <atkac redhat com> 32:9.6.2-4.P2
 - update to 9.6.2-P2
 


Index: named.init
===================================================================
RCS file: /cvs/pkgs/rpms/bind/F-12/named.init,v
retrieving revision 1.76
retrieving revision 1.77
diff -u -p -r1.76 -r1.77
--- named.init	27 Jan 2010 15:19:24 -0000	1.76
+++ named.init	23 Jun 2010 15:24:38 -0000	1.77
@@ -49,7 +49,7 @@ fi
 
 ROOTDIR_MOUNT='/etc/named /etc/pki/dnssec-keys /var/named /etc/named.conf
 /etc/named.dnssec.keys /etc/named.rfc1912.zones /etc/rndc.conf /etc/rndc.key
-/usr/lib64/bind /usr/lib/bind'
+/usr/lib64/bind /usr/lib/bind /etc/named.iscdlv.key'
 
 mount_chroot_conf()
 {

More information about the scm-commits mailing list