summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity/bind/bind-9.16.25
diff options
context:
space:
mode:
authorAlexander Kanavin <alex.kanavin@gmail.com>2022-01-27 11:19:50 +0100
committerRichard Purdie <richard.purdie@linuxfoundation.org>2022-02-01 07:31:17 +0000
commitcaaae859a691e89f0f7122ca7f5188e602a9fc61 (patch)
tree338d2d11ad8df5af802a8c2284cd20ebe1e55b37 /meta/recipes-connectivity/bind/bind-9.16.25
parentf2666fbc7f644451dd4cf2ef16c18cbf2444f431 (diff)
downloadpoky-caaae859a691e89f0f7122ca7f5188e602a9fc61.tar.gz
bind: upgrade 9.16.24 -> 9.16.25
License-Update: copyright years (From OE-Core rev: 4a7f6cdc7292df5d3154192e65dcb9681ec8ffcb) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-connectivity/bind/bind-9.16.25')
-rw-r--r--meta/recipes-connectivity/bind/bind-9.16.25/0001-avoid-start-failure-with-bind-user.patch27
-rw-r--r--meta/recipes-connectivity/bind/bind-9.16.25/0001-named-lwresd-V-and-start-log-hide-build-options.patch37
-rw-r--r--meta/recipes-connectivity/bind/bind-9.16.25/bind-ensure-searching-for-json-headers-searches-sysr.patch47
-rw-r--r--meta/recipes-connectivity/bind/bind-9.16.25/bind92
-rw-r--r--meta/recipes-connectivity/bind/bind-9.16.25/conf.patch330
-rw-r--r--meta/recipes-connectivity/bind/bind-9.16.25/generate-rndc-key.sh8
-rw-r--r--meta/recipes-connectivity/bind/bind-9.16.25/init.d-add-support-for-read-only-rootfs.patch65
-rw-r--r--meta/recipes-connectivity/bind/bind-9.16.25/make-etc-initd-bind-stop-work.patch42
-rw-r--r--meta/recipes-connectivity/bind/bind-9.16.25/named.service22
9 files changed, 580 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/bind/bind-9.16.25/0001-avoid-start-failure-with-bind-user.patch b/meta/recipes-connectivity/bind/bind-9.16.25/0001-avoid-start-failure-with-bind-user.patch
new file mode 100644
index 0000000000..ec1bc7b567
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind-9.16.25/0001-avoid-start-failure-with-bind-user.patch
@@ -0,0 +1,27 @@
1From 31dde3562f287429eea94b77250d184818b49063 Mon Sep 17 00:00:00 2001
2From: Chen Qi <Qi.Chen@windriver.com>
3Date: Mon, 15 Oct 2018 16:55:09 +0800
4Subject: [PATCH] avoid start failure with bind user
5
6Upstream-Status: Pending
7
8Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
9---
10 init.d | 1 +
11 1 file changed, 1 insertion(+)
12
13diff --git a/init.d b/init.d
14index b2eec60..6e03936 100644
15--- a/init.d
16+++ b/init.d
17@@ -57,6 +57,7 @@ case "$1" in
18 modprobe capability >/dev/null 2>&1 || true
19 if [ ! -f /etc/bind/rndc.key ]; then
20 /usr/sbin/rndc-confgen -a -b 512
21+ chown root:bind /etc/bind/rndc.key >/dev/null 2>&1 || true
22 chmod 0640 /etc/bind/rndc.key
23 fi
24 if [ -f /var/run/named/named.pid ]; then
25--
262.7.4
27
diff --git a/meta/recipes-connectivity/bind/bind-9.16.25/0001-named-lwresd-V-and-start-log-hide-build-options.patch b/meta/recipes-connectivity/bind/bind-9.16.25/0001-named-lwresd-V-and-start-log-hide-build-options.patch
new file mode 100644
index 0000000000..4dc6a5a2ae
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind-9.16.25/0001-named-lwresd-V-and-start-log-hide-build-options.patch
@@ -0,0 +1,37 @@
1From f5761bbaf743d291f3e7e859e69ebe61a1718cbf Mon Sep 17 00:00:00 2001
2From: Hongxu Jia <hongxu.jia@windriver.com>
3Date: Mon, 27 Aug 2018 21:24:20 +0800
4Subject: [PATCH] `named/lwresd -V' and start log hide build options
5
6The build options expose build path directories, so hide them.
7[snip]
8$ named -V
9|built by make with *** (options are hidden)
10[snip]
11
12Upstream-Status: Inappropriate [oe-core specific]
13
14Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
15
16Refreshed for 9.16.0
17Signed-off-by: Armin Kuster <akuster@mvista.com>
18---
19 bin/named/include/named/globals.h | 2 +-
20 1 file changed, 1 insertion(+), 1 deletion(-)
21
22diff --git a/bin/named/include/named/globals.h b/bin/named/include/named/globals.h
23index 0572154..3147e04 100644
24--- a/bin/named/include/named/globals.h
25+++ b/bin/named/include/named/globals.h
26@@ -69,7 +69,7 @@ EXTERN const char *named_g_version INIT(VERSION);
27 EXTERN const char *named_g_product INIT(PRODUCT);
28 EXTERN const char *named_g_description INIT(DESCRIPTION);
29 EXTERN const char *named_g_srcid INIT(SRCID);
30-EXTERN const char *named_g_configargs INIT(CONFIGARGS);
31+EXTERN const char *named_g_configargs INIT("*** (options are hidden)");
32 EXTERN const char *named_g_builder INIT(BUILDER);
33 EXTERN in_port_t named_g_port INIT(0);
34 EXTERN isc_dscp_t named_g_dscp INIT(-1);
35--
362.20.1
37
diff --git a/meta/recipes-connectivity/bind/bind-9.16.25/bind-ensure-searching-for-json-headers-searches-sysr.patch b/meta/recipes-connectivity/bind/bind-9.16.25/bind-ensure-searching-for-json-headers-searches-sysr.patch
new file mode 100644
index 0000000000..f9cdc7ca4d
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind-9.16.25/bind-ensure-searching-for-json-headers-searches-sysr.patch
@@ -0,0 +1,47 @@
1From edda20fb5a6e88548f85e39d34d6c074306e15bc Mon Sep 17 00:00:00 2001
2From: Paul Gortmaker <paul.gortmaker@windriver.com>
3Date: Tue, 9 Jun 2015 11:22:00 -0400
4Subject: [PATCH] bind: ensure searching for json headers searches sysroot
5
6Bind can fail configure by detecting headers w/o libs[1], or
7it can fail the host contamination check as per below:
8
9ERROR: This autoconf log indicates errors, it looked at host include and/or library paths while determining system capabilities.
10Rerun configure task after fixing this. The path was 'build/tmp/work/core2-64-poky-linux/bind/9.10.2-r1/build'
11ERROR: Function failed: do_qa_configure
12ERROR: Logfile of failure stored in: build/tmp/work/core2-64-poky-linux/bind/9.10.2-r1/temp/log.do_configure.5242
13ERROR: Task 5 (meta/recipes-connectivity/bind/bind_9.10.2.bb, do_configure) failed with exit code '1'
14NOTE: Tasks Summary: Attempted 773 tasks of which 768 didn't need to be rerun and 1 failed.
15No currently running tasks (773 of 781)
16
17Summary: 1 task failed:
18 /meta/recipes-connectivity/bind/bind_9.10.2.bb, do_configure
19
20One way to fix it would be to unconditionally disable json in bind
21configure[2] but here we fix it by using the path to where we would
22put the header if we had json in the sysroot, in case someone wants
23to make use of the combination some day.
24
25[1] https://trac.macports.org/ticket/45305
26[2] https://trac.macports.org/changeset/126406
27
28Upstream-Status: Inappropriate [OE Specific]
29Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
30
31---
32 configure.ac | 2 +-
33 1 file changed, 1 insertion(+), 1 deletion(-)
34
35Index: bind-9.16.4/configure.ac
36===================================================================
37--- bind-9.16.4.orig/configure.ac
38+++ bind-9.16.4/configure.ac
39@@ -1232,7 +1232,7 @@ case "$use_lmdb" in
40 LMDB_LIBS=""
41 ;;
42 auto|yes)
43- for d in /usr /usr/local /opt/local
44+ for d in "${STAGING_INCDIR}"
45 do
46 if test -f "${d}/include/lmdb.h"
47 then
diff --git a/meta/recipes-connectivity/bind/bind-9.16.25/bind9 b/meta/recipes-connectivity/bind/bind-9.16.25/bind9
new file mode 100644
index 0000000000..968679ff7f
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind-9.16.25/bind9
@@ -0,0 +1,2 @@
1# startup options for the server
2OPTIONS="-u bind"
diff --git a/meta/recipes-connectivity/bind/bind-9.16.25/conf.patch b/meta/recipes-connectivity/bind/bind-9.16.25/conf.patch
new file mode 100644
index 0000000000..aa3642acec
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind-9.16.25/conf.patch
@@ -0,0 +1,330 @@
1Upstream-Status: Inappropriate [configuration]
2
3the patch is imported from openembedded project
4
511/30/2010 - Qing He <qing.he@intel.com>
6
7diff -urN bind-9.3.1.orig/conf/db.0 bind-9.3.1/conf/db.0
8--- bind-9.3.1.orig/conf/db.0 1970-01-01 01:00:00.000000000 +0100
9+++ bind-9.3.1/conf/db.0 2005-07-10 22:14:00.000000000 +0200
10@@ -0,0 +1,12 @@
11+;
12+; BIND reverse data file for broadcast zone
13+;
14+$TTL 604800
15+@ IN SOA localhost. root.localhost. (
16+ 1 ; Serial
17+ 604800 ; Refresh
18+ 86400 ; Retry
19+ 2419200 ; Expire
20+ 604800 ) ; Negative Cache TTL
21+;
22+@ IN NS localhost.
23diff -urN bind-9.3.1.orig/conf/db.127 bind-9.3.1/conf/db.127
24--- bind-9.3.1.orig/conf/db.127 1970-01-01 01:00:00.000000000 +0100
25+++ bind-9.3.1/conf/db.127 2005-07-10 22:14:00.000000000 +0200
26@@ -0,0 +1,13 @@
27+;
28+; BIND reverse data file for local loopback interface
29+;
30+$TTL 604800
31+@ IN SOA localhost. root.localhost. (
32+ 1 ; Serial
33+ 604800 ; Refresh
34+ 86400 ; Retry
35+ 2419200 ; Expire
36+ 604800 ) ; Negative Cache TTL
37+;
38+@ IN NS localhost.
39+1.0.0 IN PTR localhost.
40diff -urN bind-9.3.1.orig/conf/db.empty bind-9.3.1/conf/db.empty
41--- bind-9.3.1.orig/conf/db.empty 1970-01-01 01:00:00.000000000 +0100
42+++ bind-9.3.1/conf/db.empty 2005-07-10 22:14:00.000000000 +0200
43@@ -0,0 +1,14 @@
44+; BIND reverse data file for empty rfc1918 zone
45+;
46+; DO NOT EDIT THIS FILE - it is used for multiple zones.
47+; Instead, copy it, edit named.conf, and use that copy.
48+;
49+$TTL 86400
50+@ IN SOA localhost. root.localhost. (
51+ 1 ; Serial
52+ 604800 ; Refresh
53+ 86400 ; Retry
54+ 2419200 ; Expire
55+ 86400 ) ; Negative Cache TTL
56+;
57+@ IN NS localhost.
58diff -urN bind-9.3.1.orig/conf/db.255 bind-9.3.1/conf/db.255
59--- bind-9.3.1.orig/conf/db.255 1970-01-01 01:00:00.000000000 +0100
60+++ bind-9.3.1/conf/db.255 2005-07-10 22:14:00.000000000 +0200
61@@ -0,0 +1,12 @@
62+;
63+; BIND reserve data file for broadcast zone
64+;
65+$TTL 604800
66+@ IN SOA localhost. root.localhost. (
67+ 1 ; Serial
68+ 604800 ; Refresh
69+ 86400 ; Retry
70+ 2419200 ; Expire
71+ 604800 ) ; Negative Cache TTL
72+;
73+@ IN NS localhost.
74diff -urN bind-9.3.1.orig/conf/db.local bind-9.3.1/conf/db.local
75--- bind-9.3.1.orig/conf/db.local 1970-01-01 01:00:00.000000000 +0100
76+++ bind-9.3.1/conf/db.local 2005-07-10 22:14:00.000000000 +0200
77@@ -0,0 +1,13 @@
78+;
79+; BIND data file for local loopback interface
80+;
81+$TTL 604800
82+@ IN SOA localhost. root.localhost. (
83+ 1 ; Serial
84+ 604800 ; Refresh
85+ 86400 ; Retry
86+ 2419200 ; Expire
87+ 604800 ) ; Negative Cache TTL
88+;
89+@ IN NS localhost.
90+@ IN A 127.0.0.1
91diff -urN bind-9.3.1.orig/conf/db.root bind-9.3.1/conf/db.root
92--- bind-9.3.1.orig/conf/db.root 1970-01-01 01:00:00.000000000 +0100
93+++ bind-9.3.1/conf/db.root 2005-07-10 22:14:00.000000000 +0200
94@@ -0,0 +1,45 @@
95+
96+; <<>> DiG 9.2.3 <<>> ns . @a.root-servers.net.
97+;; global options: printcmd
98+;; Got answer:
99+;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18944
100+;; flags: qr aa rd; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 13
101+
102+;; QUESTION SECTION:
103+;. IN NS
104+
105+;; ANSWER SECTION:
106+. 518400 IN NS A.ROOT-SERVERS.NET.
107+. 518400 IN NS B.ROOT-SERVERS.NET.
108+. 518400 IN NS C.ROOT-SERVERS.NET.
109+. 518400 IN NS D.ROOT-SERVERS.NET.
110+. 518400 IN NS E.ROOT-SERVERS.NET.
111+. 518400 IN NS F.ROOT-SERVERS.NET.
112+. 518400 IN NS G.ROOT-SERVERS.NET.
113+. 518400 IN NS H.ROOT-SERVERS.NET.
114+. 518400 IN NS I.ROOT-SERVERS.NET.
115+. 518400 IN NS J.ROOT-SERVERS.NET.
116+. 518400 IN NS K.ROOT-SERVERS.NET.
117+. 518400 IN NS L.ROOT-SERVERS.NET.
118+. 518400 IN NS M.ROOT-SERVERS.NET.
119+
120+;; ADDITIONAL SECTION:
121+A.ROOT-SERVERS.NET. 3600000 IN A 198.41.0.4
122+B.ROOT-SERVERS.NET. 3600000 IN A 192.228.79.201
123+C.ROOT-SERVERS.NET. 3600000 IN A 192.33.4.12
124+D.ROOT-SERVERS.NET. 3600000 IN A 128.8.10.90
125+E.ROOT-SERVERS.NET. 3600000 IN A 192.203.230.10
126+F.ROOT-SERVERS.NET. 3600000 IN A 192.5.5.241
127+G.ROOT-SERVERS.NET. 3600000 IN A 192.112.36.4
128+H.ROOT-SERVERS.NET. 3600000 IN A 128.63.2.53
129+I.ROOT-SERVERS.NET. 3600000 IN A 192.36.148.17
130+J.ROOT-SERVERS.NET. 3600000 IN A 192.58.128.30
131+K.ROOT-SERVERS.NET. 3600000 IN A 193.0.14.129
132+L.ROOT-SERVERS.NET. 3600000 IN A 198.32.64.12
133+M.ROOT-SERVERS.NET. 3600000 IN A 202.12.27.33
134+
135+;; Query time: 81 msec
136+;; SERVER: 198.41.0.4#53(a.root-servers.net.)
137+;; WHEN: Sun Feb 1 11:27:14 2004
138+;; MSG SIZE rcvd: 436
139+
140diff -urN bind-9.3.1.orig/conf/named.conf bind-9.3.1/conf/named.conf
141--- bind-9.3.1.orig/conf/named.conf 1970-01-01 01:00:00.000000000 +0100
142+++ bind-9.3.1/conf/named.conf 2005-07-10 22:33:46.000000000 +0200
143@@ -0,0 +1,49 @@
144+// This is the primary configuration file for the BIND DNS server named.
145+//
146+// If you are just adding zones, please do that in /etc/bind/named.conf.local
147+
148+include "/etc/bind/named.conf.options";
149+
150+// prime the server with knowledge of the root servers
151+zone "." {
152+ type hint;
153+ file "/etc/bind/db.root";
154+};
155+
156+// be authoritative for the localhost forward and reverse zones, and for
157+// broadcast zones as per RFC 1912
158+
159+zone "localhost" {
160+ type master;
161+ file "/etc/bind/db.local";
162+};
163+
164+zone "127.in-addr.arpa" {
165+ type master;
166+ file "/etc/bind/db.127";
167+};
168+
169+zone "0.in-addr.arpa" {
170+ type master;
171+ file "/etc/bind/db.0";
172+};
173+
174+zone "255.in-addr.arpa" {
175+ type master;
176+ file "/etc/bind/db.255";
177+};
178+
179+// zone "com" { type delegation-only; };
180+// zone "net" { type delegation-only; };
181+
182+// From the release notes:
183+// Because many of our users are uncomfortable receiving undelegated answers
184+// from root or top level domains, other than a few for whom that behaviour
185+// has been trusted and expected for quite some length of time, we have now
186+// introduced the "root-delegations-only" feature which applies delegation-only
187+// logic to all top level domains, and to the root domain. An exception list
188+// should be specified, including "MUSEUM" and "DE", and any other top level
189+// domains from whom undelegated responses are expected and trusted.
190+// root-delegation-only exclude { "DE"; "MUSEUM"; };
191+
192+include "/etc/bind/named.conf.local";
193diff -urN bind-9.3.1.orig/conf/named.conf.local bind-9.3.1/conf/named.conf.local
194--- bind-9.3.1.orig/conf/named.conf.local 1970-01-01 01:00:00.000000000 +0100
195+++ bind-9.3.1/conf/named.conf.local 2005-07-10 22:14:06.000000000 +0200
196@@ -0,0 +1,8 @@
197+//
198+// Do any local configuration here
199+//
200+
201+// Consider adding the 1918 zones here, if they are not used in your
202+// organization
203+//include "/etc/bind/zones.rfc1918";
204+
205diff -urN bind-9.3.1.orig/conf/named.conf.options bind-9.3.1/conf/named.conf.options
206--- bind-9.3.1.orig/conf/named.conf.options 1970-01-01 01:00:00.000000000 +0100
207+++ bind-9.3.1/conf/named.conf.options 2005-07-10 22:14:06.000000000 +0200
208@@ -0,0 +1,24 @@
209+options {
210+ directory "/var/cache/bind";
211+
212+ // If there is a firewall between you and nameservers you want
213+ // to talk to, you might need to uncomment the query-source
214+ // directive below. Previous versions of BIND always asked
215+ // questions using port 53, but BIND 8.1 and later use an unprivileged
216+ // port by default.
217+
218+ // query-source address * port 53;
219+
220+ // If your ISP provided one or more IP addresses for stable
221+ // nameservers, you probably want to use them as forwarders.
222+ // Uncomment the following block, and insert the addresses replacing
223+ // the all-0's placeholder.
224+
225+ // forwarders {
226+ // 0.0.0.0;
227+ // };
228+
229+ auth-nxdomain no; # conform to RFC1035
230+
231+};
232+
233diff -urN bind-9.3.1.orig/conf/zones.rfc1918 bind-9.3.1/conf/zones.rfc1918
234--- bind-9.3.1.orig/conf/zones.rfc1918 1970-01-01 01:00:00.000000000 +0100
235+++ bind-9.3.1/conf/zones.rfc1918 2005-07-10 22:14:10.000000000 +0200
236@@ -0,0 +1,20 @@
237+zone "10.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
238+
239+zone "16.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
240+zone "17.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
241+zone "18.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
242+zone "19.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
243+zone "20.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
244+zone "21.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
245+zone "22.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
246+zone "23.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
247+zone "24.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
248+zone "25.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
249+zone "26.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
250+zone "27.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
251+zone "28.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
252+zone "29.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
253+zone "30.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
254+zone "31.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
255+
256+zone "168.192.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
257diff -urN bind-9.3.1.orig/init.d bind-9.3.1/init.d
258--- bind-9.3.1.orig/init.d 1970-01-01 01:00:00.000000000 +0100
259+++ bind-9.3.1/init.d 2005-07-10 23:09:58.000000000 +0200
260@@ -0,0 +1,70 @@
261+#!/bin/sh
262+
263+PATH=/sbin:/bin:/usr/sbin:/usr/bin
264+
265+# for a chrooted server: "-u bind -t /var/lib/named"
266+# Don't modify this line, change or create /etc/default/bind9.
267+OPTIONS=""
268+
269+test -f /etc/default/bind9 && . /etc/default/bind9
270+
271+test -x /usr/sbin/rndc || exit 0
272+
273+case "$1" in
274+ start)
275+ echo -n "Starting domain name service: named"
276+
277+ modprobe capability >/dev/null 2>&1 || true
278+ if [ ! -f /etc/bind/rndc.key ]; then
279+ /usr/sbin/rndc-confgen -a -b 512
280+ chmod 0640 /etc/bind/rndc.key
281+ fi
282+ if [ -f /var/run/named/named.pid ]; then
283+ ps `cat /var/run/named/named.pid` > /dev/null && exit 1
284+ fi
285+
286+ # dirs under /var/run can go away on reboots.
287+ mkdir -p /var/run/named
288+ mkdir -p /var/cache/bind
289+ chmod 775 /var/run/named
290+ chown root:bind /var/run/named >/dev/null 2>&1 || true
291+
292+ if [ ! -x /usr/sbin/named ]; then
293+ echo "named binary missing - not starting"
294+ exit 1
295+ fi
296+ if start-stop-daemon --start --quiet --exec /usr/sbin/named \
297+ --pidfile /var/run/named/named.pid -- $OPTIONS; then
298+ if [ -x /sbin/resolvconf ] ; then
299+ echo "nameserver 127.0.0.1" | /sbin/resolvconf -a lo
300+ fi
301+ fi
302+ echo "."
303+ ;;
304+
305+ stop)
306+ echo -n "Stopping domain name service: named"
307+ if [ -x /sbin/resolvconf ]; then
308+ /sbin/resolvconf -d lo
309+ fi
310+ /usr/sbin/rndc stop >/dev/null 2>&1
311+ echo "."
312+ ;;
313+
314+ reload)
315+ /usr/sbin/rndc reload
316+ ;;
317+
318+ restart|force-reload)
319+ $0 stop
320+ sleep 2
321+ $0 start
322+ ;;
323+
324+ *)
325+ echo "Usage: /etc/init.d/bind {start|stop|reload|restart|force-reload}" >&2
326+ exit 1
327+ ;;
328+esac
329+
330+exit 0
diff --git a/meta/recipes-connectivity/bind/bind-9.16.25/generate-rndc-key.sh b/meta/recipes-connectivity/bind/bind-9.16.25/generate-rndc-key.sh
new file mode 100644
index 0000000000..633e29c0e6
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind-9.16.25/generate-rndc-key.sh
@@ -0,0 +1,8 @@
1#!/bin/sh
2
3if [ ! -s /etc/bind/rndc.key ]; then
4 echo -n "Generating /etc/bind/rndc.key:"
5 /usr/sbin/rndc-confgen -a -b 512
6 chown root:bind /etc/bind/rndc.key
7 chmod 0640 /etc/bind/rndc.key
8fi
diff --git a/meta/recipes-connectivity/bind/bind-9.16.25/init.d-add-support-for-read-only-rootfs.patch b/meta/recipes-connectivity/bind/bind-9.16.25/init.d-add-support-for-read-only-rootfs.patch
new file mode 100644
index 0000000000..11db95ede1
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind-9.16.25/init.d-add-support-for-read-only-rootfs.patch
@@ -0,0 +1,65 @@
1Subject: init.d: add support for read-only rootfs
2
3Upstream-Status: Inappropriate [oe specific]
4
5Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
6---
7 init.d | 40 ++++++++++++++++++++++++++++++++++++++++
8 1 file changed, 40 insertions(+)
9
10diff --git a/init.d b/init.d
11index 0111ed4..24677c8 100644
12--- a/init.d
13+++ b/init.d
14@@ -6,8 +6,48 @@ PATH=/sbin:/bin:/usr/sbin:/usr/bin
15 # Don't modify this line, change or create /etc/default/bind9.
16 OPTIONS=""
17
18+test -f /etc/default/rcS && . /etc/default/rcS
19 test -f /etc/default/bind9 && . /etc/default/bind9
20
21+# This function is here because it's possible that /var and / are on different partitions.
22+is_on_read_only_partition () {
23+ DIRECTORY=$1
24+ dir=`readlink -f $DIRECTORY`
25+ while true; do
26+ if [ ! -d "$dir" ]; then
27+ echo "ERROR: $dir is not a directory"
28+ exit 1
29+ else
30+ for flag in `awk -v dir=$dir '{ if ($2 == dir) { print "FOUND"; split($4,FLAGS,",") } }; \
31+ END { for (f in FLAGS) print FLAGS[f] }' < /proc/mounts`; do
32+ [ "$flag" = "FOUND" ] && partition="read-write"
33+ [ "$flag" = "ro" ] && { partition="read-only"; break; }
34+ done
35+ if [ "$dir" = "/" -o -n "$partition" ]; then
36+ break
37+ else
38+ dir=`dirname $dir`
39+ fi
40+ fi
41+ done
42+ [ "$partition" = "read-only" ] && echo "yes" || echo "no"
43+}
44+
45+bind_mount () {
46+ olddir=$1
47+ newdir=$2
48+ mkdir -p $olddir
49+ cp -a $newdir/* $olddir
50+ mount --bind $olddir $newdir
51+}
52+
53+# Deal with read-only rootfs
54+if [ "$ROOTFS_READ_ONLY" = "yes" ]; then
55+ [ "$VERBOSE" != "no" ] && echo "WARN: start bind service in read-only rootfs"
56+ [ `is_on_read_only_partition /etc/bind` = "yes" ] && bind_mount /var/volatile/bind/etc /etc/bind
57+ [ `is_on_read_only_partition /var/named` = "yes" ] && bind_mount /var/volatile/bind/named /var/named
58+fi
59+
60 test -x /usr/sbin/rndc || exit 0
61
62 case "$1" in
63--
641.7.9.5
65
diff --git a/meta/recipes-connectivity/bind/bind-9.16.25/make-etc-initd-bind-stop-work.patch b/meta/recipes-connectivity/bind/bind-9.16.25/make-etc-initd-bind-stop-work.patch
new file mode 100644
index 0000000000..146f3e35db
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind-9.16.25/make-etc-initd-bind-stop-work.patch
@@ -0,0 +1,42 @@
1bind: make "/etc/init.d/bind stop" work
2
3Upstream-Status: Inappropriate [configuration]
4
5Add some configurations, make rndc command be able to controls
6the named daemon.
7
8Signed-off-by: Roy Li <rongqing.li@windriver.com>
9---
10 conf/named.conf | 5 +++++
11 conf/rndc.conf | 5 +++++
12 2 files changed, 10 insertions(+), 0 deletions(-)
13 create mode 100644 conf/rndc.conf
14
15diff --git a/conf/named.conf b/conf/named.conf
16index 95829cf..c8899e7 100644
17--- a/conf/named.conf
18+++ b/conf/named.conf
19@@ -47,3 +47,8 @@ zone "255.in-addr.arpa" {
20 // root-delegation-only exclude { "DE"; "MUSEUM"; };
21
22 include "/etc/bind/named.conf.local";
23+include "/etc/bind/rndc.key" ;
24+controls {
25+ inet 127.0.0.1 allow { localhost; }
26+ keys { rndc-key; };
27+};
28diff --git a/conf/rndc.conf b/conf/rndc.conf
29new file mode 100644
30index 0000000..a0b481d
31--- /dev/null
32+++ b/conf/rndc.conf
33@@ -0,0 +1,5 @@
34+include "/etc/bind/rndc.key";
35+options {
36+ default-server localhost;
37+ default-key rndc-key;
38+};
39
40--
411.7.5.4
42
diff --git a/meta/recipes-connectivity/bind/bind-9.16.25/named.service b/meta/recipes-connectivity/bind/bind-9.16.25/named.service
new file mode 100644
index 0000000000..cda56ef015
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind-9.16.25/named.service
@@ -0,0 +1,22 @@
1[Unit]
2Description=Berkeley Internet Name Domain (DNS)
3Wants=nss-lookup.target
4Before=nss-lookup.target
5After=network.target
6
7[Service]
8Type=forking
9EnvironmentFile=-/etc/default/bind9
10PIDFile=/run/named/named.pid
11
12ExecStartPre=@SBINDIR@/generate-rndc-key.sh
13ExecStart=@SBINDIR@/named $OPTIONS
14
15ExecReload=@BASE_BINDIR@/sh -c '@SBINDIR@/rndc reload > /dev/null 2>&1 || @BASE_BINDIR@/kill -HUP $MAINPID'
16
17ExecStop=@BASE_BINDIR@/sh -c '@SBINDIR@/rndc stop > /dev/null 2>&1 || @BASE_BINDIR@/kill -TERM $MAINPID'
18
19PrivateTmp=true
20
21[Install]
22WantedBy=multi-user.target