summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity/bind
Commit message (Collapse)AuthorAgeFilesLines
* bind: move libraries to own packageandreas.kling@peiker-cee.de2017-11-081-0/+3
| | | | | | | | (From OE-Core rev: d74ebc91388941295a2321a295cdb06ee87fc38b) Signed-off-by: Andy Kling <andreas.kling@peiker-cee.de> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: Convert from ftp to https urlsRichard Purdie2017-11-071-2/+2
| | | | | | | | | The ftp protocol is dated and problematic. Since https is available, lets use that instead, making new users chances of successful builds higher. (From OE-Core rev: f24a29fcba98ceff08c13b0f029be93995f1deed) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: update to 9.10.6Armin Kuster2017-11-071-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | Security Fixes * An error in TSIG handling could permit unauthorized zone transfers or zone updates. These flaws are disclosed in CVE-2017-3142 and CVE-2017-3143. [RT #45383] * The BIND installer on Windows used an unquoted service path, which can enable privilege escalation. This flaw is disclosed in CVE-2017-3141. [RT #45229] * With certain RPZ configurations, a response with TTL 0 could cause named to go into an infinite query loop. This flaw is disclosed in CVE-2017-3140. [RT #45181] End of Life The end of life for BIND 9.10 is yet to be determined but will not be before BIND 9.12.0 has been released for 6 months. https://www.isc.org/downloads/software-support-policy/ more info see https://lists.isc.org/pipermail/bind-announce/2017-July/001063.html (From OE-Core rev: 96e9adb60320b2e2f0bb7a04d9ed49ddc53649bb) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: Use correct python interpreter pathRichard Purdie2017-08-181-1/+1
| | | | | | | | | The scripts currently reference "python33", fix this so they reference python3. The move the python3 likely broke these. (From OE-Core rev: 1a734f037da37d14f780970a9532d1e2e3683bf8) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: 9.10.3-P3 -> 9.10.5-P3Kai Kang2017-07-1713-2443/+61
| | | | | | | | | | | | | | | Upgrade bind from 9.10.3-P3 to 9.10.5-P3 * Update md5sum of LIC_FILES_CHKSUM that it update year in file COPYRIGHT * Remvoe mips1-not-support-opcode.diff which has been merged * Remove CVE patches that there are backported from upstream * Use python3 for build and make sure install .py files to right directory (From OE-Core rev: 9ee6a0a6599d081767b63382a576e67aed12cf4d) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: build with threads and update configure optionsKai Kang2017-05-292-2/+9
| | | | | | | | | | | | | | | | | | | | | | | Build without threads for bind is inherited from legacy openembedded. All libc's support proper threading on Linux now, so enable threads support for bind. It is also need to disable static library build which cause package dhcp fail to build after enable bind threads support. Options devpoll and epoll are configured to choose most preferable multiplex method for unix socket. The priorities are: epoll > poll > select. When set '--enable-epoll', it just defines a var and include header file that is available for cross compile. So use epoll for bind. Add PACKAGECONFIG 'urandom' that could use /dev/urandom as random device. Update file/directory ownerships to fix daemon start failure. (From OE-Core rev: 598e5da5a2af2bd93ad890687dd32009e348fc85) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: fix upstream version checkAlexander Kanavin2017-05-181-0/+3
| | | | | | | | (From OE-Core rev: 82a47a2748869a20e992b72bcc104ae2ab81a3cc) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: Security fix CVE-2016-6170Yi Zhao2017-04-292-0/+1091
| | | | | | | | | | | | | | | | | | | | | | CVE-2016-6170: ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service (secondary DNS server crash) via a large AXFR response, and possibly allows IXFR servers to cause a denial of service (IXFR client crash) via a large IXFR response and allows remote authenticated users to cause a denial of service (primary DNS server crash) via a large UPDATE message. External References: https://nvd.nist.gov/vuln/detail/CVE-2016-6170 Patch from: https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commit;h=1bbcfe2fc84f57b1e4e075fb3bc2a1dd0a3a851f (From OE-Core rev: 14abd767349bc868ca59838f1af3aaf17dfe4350) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: Security fix CVE-2016-8864Yi Zhao2017-04-292-0/+220
| | | | | | | | | | | | | | | | | | | | CVE-2016-8864: named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record in the answer section of a response to a recursive query, related to db.c and resolver.c. External References: https://nvd.nist.gov/vuln/detail/CVE-2016-8864 Patch from: https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commit;h=c1d0599a246f646d1c22018f8fa09459270a44b8 (From OE-Core rev: c06f3a5993c7d63d91840c2a4d5b621e946ef78f) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: fix two CVEsZheng Ruoqin2016-10-153-0/+215
| | | | | | | | | | | | | | Add two CVE patches from upstream git: https://www.isc.org/git/ 1.CVE-2016-2775.patch 2.CVE-2016-2776.patch (From OE-Core rev: 5f4588d675e400f13bb6001df04790c867a95230) Signed-off-by: zhengruoqin <zhengrq.fnst@cn.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: update patch metadataRoss Burton2016-07-082-1/+4
| | | | | | | | | Enforce the correct tag names across all of oe-core for consistency. (From OE-Core rev: 606a43dc38a00cc243f933722db657aea4129f8e) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: switch Python dependency to Python 3.xAlexander Kanavin2016-06-031-2/+2
| | | | | | | (From OE-Core rev: a10fd8722fb7c5f2c5a206203d0c7f4237a86466) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: CVE-2016-2088Jussi Kukkonen2016-04-182-0/+248
| | | | | | | | | | | | | | | | | Duplicate EDNS COOKIE options in a response could trigger an assertion failure: Fix with a backport. bind as built with the oe-core recipe is not at risk: Only servers which are built with DNS cookie support (--enable-sit) are vulnerable to denial of service. Fixes [YOCTO #9438] (From OE-Core rev: da38a9840b32e80464e2938395db5c9167729f7e) Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: CVE-2016-1285 CVE-2016-1286Sona Sarmadi2016-04-144-0/+550
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes following vulnerabilities: CVE-2016-1285 bind: malformed packet sent to rndc can trigger assertion failure CVE-2016-1286 bind: malformed signature records for DNAME records can trigger assertion failure [YOCTO #9400] External References: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1285 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1286 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1285 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1286 References to the Upstream commits and Security Advisories: =========================================================== CVE-2016-1285: https://kb.isc.org/article/AA-01352 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=70037e040e587329cec82123e12b9f4f7c945f67 CVE-2016-1286_1: https://kb.isc.org/article/AA-01353 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=a3d327bf1ceaaeabb20223d8de85166e940b9f12 CVE-2016-1286_2: https://kb.isc.org/article/AA-01353 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=7602be276a73a6eb5431c5acd9718e68a55e8b61 (From OE-Core rev: 080d1a313e4982dd05846b375ebf936c46934d80) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: /var/cache/bindJoe Slater2016-03-251-3/+2
| | | | | | | | | | Change the ownership of /var/cache/bind to bind rather than root. (From OE-Core rev: 6c76c9e5bb4f4bf6adfac7ccece03d7dcdea7f3d) Signed-off-by: Joe Slater <jslater@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: update to 9.10.3-P3Derek Straka2016-01-261-2/+2
| | | | | | | | | | | | | | | | | | | | | | Addresses CVE-2015-8704 and CVE-2015-8705 CVE-2015-8704 Allows remote authenticated users to cause a denial of service via a malformed Address Prefix List record CVE-2015-8705: When debug loggin is enabled, allows remote attackers to cause a denial of service or have possibly unspecified impact via OPT data or ECS option [YOCTO 8966] References: https://kb.isc.org/article/AA-01346/0/BIND-9.10.3-P3-Release-Notes.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8704 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8705 (From OE-Core rev: 58d47cdf91076cf055046ce9ec5f3e2e21dae1c0) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: 9.10.2-P4 -> 9.10.3-P2Kai Kang2015-12-282-9/+20
| | | | | | | | | | | | | | Upgrade bind from 9.10.2-P4 to 9.10.3-P2. * update context of 0001-build-use-pkg-config-to-find-libxml2.patch * add PACKAGECONFIGs readline and libedit. They provide same library, so should not be set at same time. (From OE-Core rev: b49751e7febd262b754043e4e523e6690bfbbfaa) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: fix too long error from genRobert Yang2015-09-232-0/+35
| | | | | | | | | | | gen.c uses 512 as the path length which is a little short when build in deep dir, and cause "too long" error, use PATH_MAX if defined. (From OE-Core rev: 10e017fd3de3ff1ab0c1b32ac7a9610a04f8ff13) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: Fix Upstream-Status statementsRoss Burton2015-09-121-1/+1
| | | | | | | | | | Fix a variety of problems such as typos, bad punctuations, or incorrect Upstream-Status values. (From OE-Core rev: bd220fe6ce8c3a0805f13a14706d3130ea872604) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: fix compile failure when building path is longChen Qi2015-09-122-0/+26
| | | | | | | | | | | | | | | | Fix the building path is long, when building bind, we would meet the following error. ".../long/path/to/bind/9.10.2-P3-r0/bind-9.10.2-P3/lib/dns" too long This is because the in gen.c, DIRNAMESIZE is limited to 256. But in OE, the path length limit is more than 400. So we change it to 512. (From OE-Core rev: 2f22eb1ce8083afb929cce432b8dda84682520e8) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: update to 9.10.2-p4Armin Kuster2015-09-091-2/+2
| | | | | | | | | | | | | fixes two secruity issues: CVE-2015-5722 and CVE-2015-5986. see release notes for more information. ftp://ftp.isc.org/isc/bind9/9.10.2-P4/RELEASE-NOTES.bind-9.10.2-P4.html (From OE-Core rev: 0dab62934e69019557ebae392dc8cb25e37748c2) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: remove dependency on bind in bind-devRoss Burton2015-08-291-1/+1
| | | | | | | | | | | | | | | | | | | | bind doesn't ship shared libraries only static libraries, so the default dependency on PN from PN-dev is pointless and means that an image with bind-dev installed (via dhcp-dev's automatic dependency) ends up with named installed and started on boot which is rarely intended. If and when we ship bind's shared libraries we should ensure that the libraries go into a separate package. Also remove an old comment about --enable-exportlib which isn't supported by configure anymore. [ YOCTO #8216 ] (From OE-Core rev: f28757a4b89447ea528cba987f0396b92aa0bbfe) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: upgrade to 9.10.2-p3Roy Li2015-08-101-2/+2
| | | | | | | | | | | | 9.10.2-p3 includes the fix for CVE-2015-5477: BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via TKEY queries. (From OE-Core rev: 5094354a2811825e6d60963f03959daa349cab23) Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: upgrade to 9.10.2-P2Roy Li2015-07-311-4/+2
| | | | | | | | | | | | | | | upgrade to fix CVE-2015-4620: name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) by constructing crafted zone data and then making a query for a name in that zone. (From OE-Core rev: d12befdf03500a0c72b661caf1a8fe81a20b6163) Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: ensure searching for json headers searches sysrootPaul Gortmaker2015-06-112-0/+50
| | | | | | | | | | | | Bind can fail configure by detecting headers w/o libs, or it can fail the host contamination check. More details are within the commit log in the contained patch. (From OE-Core rev: 6fa5671c5cf8e5e88c5ad1e39742d59453e02695) Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: separate B and SRobert Yang2015-05-141-2/+4
| | | | | | | | | | Fix B != S and separate them. (From OE-Core rev: 1938a4435cd77494e539961bdfa907ae32a01147) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: disable the HTTP statistics service by defaultRoss Burton2015-05-091-2/+2
| | | | | | | | | | | Rename the "libxml2" PACKAGECONFIG to "httpstats" so that is is meaningful, and disable it by default as a web frontend to the server statistics shouldn't be enabled by default. (From OE-Core rev: 27ab6150f87bee605dc229a948e737a750559759) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: update libxml2 detection patchRoss Burton2015-05-093-39/+45
| | | | | | | | | | Refresh the libxml2 detection patch to directly call pkg-config instead of attempting to use xml2-config, which will always return an error in OE. (From OE-Core rev: 76c53feaec1b8c1045aaf2a78a9225a732a37f1f) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: upgrade to 9.10.2Roy Li2015-05-097-1096/+6
| | | | | | | | | | | | | | 1. Remove two unneeded CVE patches, 9.10.2 fixed the CVE-2015-1349 also 2. Remove bind-subdirs-run-serially.patch and cross-build-fix.patch, similar fixes are merged into 9.10.2 3. update the dont-test-on-host.patch 4. update the Copyright file checksum, since the date in it has been changed. 5. replace the hardcode lib dir with $base_libdir in bind-add-crosscripts*.patch (From OE-Core rev: 41d53f0139a9cb29679dbcaaab8311a1364c65f4) Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: remove 5 backport patchesRobert Yang2015-05-035-482/+0
| | | | | | | | | | They are backport patches, and verified that the patches are in the source. (From OE-Core rev: 6e4a10ab030c192e2437592538e4713b1ee2032b) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Revert "bind: fix and enable parallel build"Richard Purdie2015-02-231-0/+1
| | | | | | | | | | This reverts commit b003df03358aea4e9e094ee339a9f6796866961e. We keep seeing parallel make failures on the autobuilder (From OE-Core rev: af46b9f5dd5436b3d48f2fcd7a69f32343b62442) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: Fix parallel make issueRobert Yang2015-02-192-0/+45
| | | | | | | | | | | | | | | | | | Fixed: unix/os.o: file not recognized: File truncated collect2: error: ld returned 1 exit status This is because os.o was built twice: * The implicity rule (depends on unix/os.o) * The "make all" in unix subdir (depends on unix/os.o) Depend on subdirs which is unix only rather than unix/os.o will fix the problem. (From OE-Core rev: 1af699e1af2552659b90a1fadd8de73d780226ba) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: fix and enable parallel buildRobert Yang2015-02-152-1/+36
| | | | | | | (From OE-Core rev: af851c7cdeab0ef53f00866da3da1a96b96bd63a) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: fix typo chown->chmodTing Liu2015-01-292-2/+2
| | | | | | | | (From OE-Core rev: a6ee74222b43d0bb7fe9ef0072ede78f82a5e446) Signed-off-by: Ting Liu <ting.liu@freescale.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: Update libxml2 check to make it deterministic.Noor2015-01-082-2/+42
| | | | | | | | | | | | | | * Firstly configure scritp was testing files from bin folder. In our case we don't copy bin folder to sysroot for target recipes. So added extra check to validate .pc file from lib folder via a patch to configure.in file. * Secondly linxml2 dependency was missing. So added PACKAGECONFIG for libxml2. (From OE-Core rev: b61a2acc321489c3427f0afa3059486dc144a13b) Signed-off-by: Noor Ahsan <noor_ahsan@mentor.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: fix for CVE-2014-8500Sona Sarmadi2014-12-312-0/+991
| | | | | | | | | | | | | | | [From upstream commit: 603a0e2637b35a2da820bc807f69bcf09c682dce] [YOCTO #7098] External References: =================== https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8500 (From OE-Core rev: 7225d6e0c82f264057de40c04b31655f2b0e0c96) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: fix conf.patch to add db.255 configuration fileChen Qi2014-12-251-0/+16
| | | | | | | | | | | Add in conf.patch /etc/bind/db.255 file so that we don't get the following error. zone 255.in-addr.arpa/IN: loading from master file /etc/bind/db.255 failed: file not found (From OE-Core rev: 98caaf4b92bf3350cc74ef66dc9eda35aa7d428a) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: clean host path in isc-config.shShiqun Lin2014-11-251-0/+7
| | | | | | | | | | | * /usr/bin/isc-config.sh * /usr/bin/bind9-config - hardlink to isc-config.sh (From OE-Core rev: c2332d304a2c872e97653c980b090efa2181123b) Signed-off-by: Shiqun Lin <Shiqun.Lin@windriver.com> Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: use PACKAGE_BEFORE_PN instead of PACKAGES_prependRoss Burton2014-11-201-1/+1
| | | | | | | | | | Appending or prepending to PACKAGES breaks when the package is built natively, so use PACKAGE_BEFORE_PN instead. (From OE-Core rev: 23d7223a21582edefc4e30d76f94f8e81a543af9) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: fix to use correct environment file in service fileChen Qi2014-11-041-1/+1
| | | | | | | | | | Use /etc/default/bind9 as the environment file in named.service. (From OE-Core rev: 0ee1fa68a4d749585c43fc706c8da6e849d10857) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: refer ubuntu/redhat to add bind user/groupHongxu Jia2014-08-232-1/+11
| | | | | | | | | | | | | | | | | | | | | | | | | We refer what ubuntu/redhat did, gave bind a user/group Here is the example in ubuntu 14.04: $ ps -eo user,group,cmd | grep "named" ... bind bind /usr/sbin/named -u bind ... $vim bind9_1%3a9.9.5.dfsg-3_amd64.deb/postinst ... # lets give them a bind user/group in all cases. getent group bind >/dev/null 2>&1 || addgroup --system bind getent passwd bind >/dev/null 2>&1 || adduser --system --home /var/cache/bind --no-create-home \ --disabled-password --ingroup bind bind ... (From OE-Core rev: e37841faf746895f41627130623196c0bebe0740) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Upstream-Status CleanupsSaul Wold2014-04-251-0/+4
| | | | | | | (From OE-Core rev: ea438b58c9a90e4c3147f99d63a9afc66963c5a1) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: add support for read-only rootfsChen Qi2014-04-252-0/+67
| | | | | | | | | | | | This patch adds support for read-only rootfs to the bind service. Basically it just bind mounts several directories so that the bind service could start correctly without reporting any error. (From OE-Core rev: 99cc96eaee28bfde89096689b1296d28937ead88) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Globally replace 'base_contains' calls with 'bb.utils.contains'Otavio Salvador2014-04-251-1/+1
| | | | | | | | | | | The base_contains is kept as a compatibility method and we ought to not use it in OE-Core so we can remove it from base metadata in future. (From OE-Core rev: d83b16dbf0862be387f84228710cb165c6d2b03b) Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: add systemd supportChen Qi2014-04-243-1/+45
| | | | | | | | | Add systemd support for bind. (From OE-Core rev: 812f69fee5fceef853c42960f3d90491bda8378a) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: remove nslookup from FILESRobert Yang2014-03-251-1/+1
| | | | | | | | | | The nslookup had been disabled from 2010 (or earlier), but it still in FILES_${PN}-utils, we need remove it. (From OE-Core rev: 3bf1f39d918a428246df774c8d306bcfe40ddbdd) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: fix no bind-utils packageRobert Yang2014-03-251-1/+1
| | | | | | | | | | Fix the typo: PACKAGES_preprend -> PACKAGES_prepend (From OE-Core rev: 1cb1e5487be04da3af649026e9b66642f3d3ce30) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: Update to 9.9.5Saul Wold2014-03-1112-12/+22
| | | | | | | | | | | | | Remove CVE patches that are in bind Updated COPYRIGHT includes date changes the NetBSD Copyright Modifies the Base BSD License to 3-Clause (removes advertising clause)w Add patch to disable running tests on host Add python-core to RDEPENDS for dnssec-checkds and dnssec-coverage and fix path to python (From OE-Core rev: 041576d6d63ad807ca405dcea9eeecf1c9ccd7fe) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* recipes: bump PRsMartin Jansa2014-03-051-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * resolves following warnings: WARNING: Use of PRINC 17 was detected in the recipe meta-openembedded/meta-systemd/recipes-core/systemd/systemd-machine-units_1.0.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe meta-openembedded/meta-gpe/recipes-support/fbreader/fbreader_0.12.10.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe meta-openembedded/meta-gpe/recipes-support/fbreader/fbreader_git.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe meta-openembedded/meta-multimedia/recipes-multimedia/sox/sox_14.4.0.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe meta-openembedded/meta-oe/recipes-multimedia/mplayer/mplayer-common.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe meta-smartphone/meta-android/recipes-bsp/chroot-script/chroot-script_1.0.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-connectivity/avahi/avahi-ui_0.6.31.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-connectivity/bind/bind_9.8.1.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-core/systemd/systemd-serialgetty.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-core/sysvinit/sysvinit-inittab_2.88dsf.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-extended/screen/screen_4.0.3.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-extended/shadow/shadow-securetty_4.1.4.3.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-extended/shadow/shadow_4.1.4.3.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-graphics/libsdl/libsdl_1.2.15.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-graphics/packagegroups/packagegroup-core-x11-xserver.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-kernel/modutils-initscripts/modutils-initscripts.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.25.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-support/libcap/libcap_2.22.bb (or one of its .bbappends) WARNING: Use of PRINC 11 was detected in the recipe openembedded-core/meta/recipes-bsp/keymaps/keymaps_1.0.bb (or one of its .bbappends) WARNING: Use of PRINC 11 was detected in the recipe openembedded-core/meta/recipes-core/systemd/systemd-compat-units.bb (or one of its .bbappends) WARNING: Use of PRINC 12 was detected in the recipe openembedded-core/meta/recipes-core/initscripts/initscripts_1.0.bb (or one of its .bbappends) WARNING: Use of PRINC 13 was detected in the recipe openembedded-core/meta/recipes-core/base-files/base-files_3.0.14.bb (or one of its .bbappends) WARNING: Use of PRINC 2 was detected in the recipe meta-openembedded/meta-oe/recipes-navigation/navit/navit_svn.bb (or one of its .bbappends) WARNING: Use of PRINC 2 was detected in the recipe meta-openembedded/meta-oe/recipes-support/lvm2/lvm2_2.02.97.bb (or one of its .bbappends) WARNING: Use of PRINC 2 was detected in the recipe openembedded-core/meta/recipes-connectivity/portmap/portmap_6.0.bb (or one of its .bbappends) WARNING: Use of PRINC 2 was detected in the recipe openembedded-core/meta/recipes-extended/pam/libpam_1.1.6.bb (or one of its .bbappends) WARNING: Use of PRINC 2 was detected in the recipe openembedded-core/meta/recipes-graphics/packagegroups/packagegroup-core-x11.bb (or one of its .bbappends) WARNING: Use of PRINC 3 was detected in the recipe meta-openembedded/meta-efl/recipes-efl/efl/entrance_svn.bb (or one of its .bbappends) WARNING: Use of PRINC 3 was detected in the recipe meta-openembedded/meta-oe/recipes-multimedia/mplayer/mplayer2_git.bb (or one of its .bbappends) WARNING: Use of PRINC 3 was detected in the recipe openembedded-core/meta/recipes-bsp/formfactor/formfactor_0.0.bb (or one of its .bbappends) WARNING: Use of PRINC 3 was detected in the recipe openembedded-core/meta/recipes-connectivity/avahi/avahi_0.6.31.bb (or one of its .bbappends) WARNING: Use of PRINC 3 was detected in the recipe openembedded-core/meta/recipes-connectivity/dhcp/dhcp_4.2.5-P1.bb (or one of its .bbappends) WARNING: Use of PRINC 3 was detected in the recipe openembedded-core/meta/recipes-core/init-ifupdown/init-ifupdown_1.0.bb (or one of its .bbappends) WARNING: Use of PRINC 3 was detected in the recipe openembedded-core/meta/recipes-graphics/xinput-calibrator/pointercal-xinput_0.0.bb (or one of its .bbappends) WARNING: Use of PRINC 5 was detected in the recipe meta-openembedded/meta-oe/recipes-core/meta/distro-feed-configs.bb (or one of its .bbappends) WARNING: Use of PRINC 5 was detected in the recipe openembedded-core/meta/recipes-connectivity/bluez/bluez4_4.101.bb (or one of its .bbappends) WARNING: Use of PRINC 6 was detected in the recipe openembedded-core/meta/recipes-core/packagegroups/packagegroup-base.bb (or one of its .bbappends) WARNING: Use of PRINC 6 was detected in the recipe openembedded-core/meta/recipes-core/packagegroups/packagegroup-core-boot.bb (or one of its .bbappends) WARNING: Use of PRINC 6 was detected in the recipe openembedded-core/meta/recipes-graphics/xorg-xserver/xserver-xf86-config_0.1.bb (or one of its .bbappends) WARNING: Use of PRINC 7 was detected in the recipe meta-openembedded/meta-oe/recipes-navigation/gpsd/gpsd_3.7.bb (or one of its .bbappends) WARNING: Use of PRINC 7 was detected in the recipe openembedded-core/meta/recipes-core/udev/udev-extraconf_1.0.bb (or one of its .bbappends) (From OE-Core rev: c6825ec6e92e20bb64a051d1576f363c16e98d68) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* autotools-brokensep: Mark recipes with broken separate build dir supportRichard Purdie2014-02-281-1/+1
| | | | | | | | | | | | This patch goes through the OE-Core recipes and marks those which use autotools but don't support a separate build directory (${S} != ${B}). A new class, autotools-brokensep is used for this purpose. This doesn't introduce any change in behaviour in its own right. (From OE-Core rev: 006b8a7808a58713af16c326dc37d07765334b12) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>