9 files changed, 578 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/bind/bind-9.18.9/0001-avoid-start-failure-with-bind-user.patch b/meta/recipes-connectivity/bind/bind-9.18.9/0001-avoid-start-failure-with-bind-user.patch
new file mode 100644
index 0000000000..ec1bc7b567
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind-9.18.9/0001-avoid-start-failure-with-bind-user.patch
@@ -0,0 +1,27 @@
+From 31dde3562f287429eea94b77250d184818b49063 Mon Sep 17 00:00:00 2001
+From: Chen Qi <Qi.Chen@windriver.com>
+Date: Mon, 15 Oct 2018 16:55:09 +0800
+Subject: [PATCH] avoid start failure with bind user
+Upstream-Status: Pending
+Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
+---
+ init.d | 1 +
+ 1 file changed, 1 insertion(+)
+diff --git a/init.d b/init.d
+index b2eec60..6e03936 100644
+--- a/init.d
+++ b/init.d
+@@ -57,6 +57,7 @@ case "$1" in
+        modprobe capability >/dev/null 2>&1 || true
+        if [ ! -f /etc/bind/rndc.key ]; then
+            /usr/sbin/rndc-confgen -a -b 512
+           chown root:bind /etc/bind/rndc.key >/dev/null 2>&1 || true
+            chmod 0640 /etc/bind/rndc.key
+        fi
+        if [ -f /var/run/named/named.pid ]; then
+-- 
+2.7.4
diff --git a/meta/recipes-connectivity/bind/bind-9.18.9/0001-named-lwresd-V-and-start-log-hide-build-options.patch b/meta/recipes-connectivity/bind/bind-9.18.9/0001-named-lwresd-V-and-start-log-hide-build-options.patch
new file mode 100644
index 0000000000..4c10f33f04
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind-9.18.9/0001-named-lwresd-V-and-start-log-hide-build-options.patch
@@ -0,0 +1,35 @@
+From 4e83392e840fa7b05e778710b8c202d102477a13 Mon Sep 17 00:00:00 2001
+From: Hongxu Jia <hongxu.jia@windriver.com>
+Date: Mon, 27 Aug 2018 21:24:20 +0800
+Subject: [PATCH] `named/lwresd -V' and start log hide build options
+The build options expose build path directories, so hide them.
+[snip]
+$ named -V
+|built by make with *** (options are hidden)
+[snip]
+Upstream-Status: Inappropriate [oe-core specific]
+Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
+Refreshed for 9.16.0
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+---
+ configure.ac | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+diff --git a/configure.ac b/configure.ac
+index bf20690..c5d330f 100644
+--- a/configure.ac
+++ b/configure.ac
+@@ -35,7 +35,7 @@ AC_DEFINE([PACKAGE_VERSION_EXTRA], ["][bind_VERSION_EXTRA]["], [BIND 9 Extra par
+ AC_DEFINE([PACKAGE_DESCRIPTION], [m4_ifnblank(bind_DESCRIPTION, [" ]bind_DESCRIPTION["], [])], [An extra string to print after PACKAGE_STRING])
+ AC_DEFINE([PACKAGE_SRCID], ["][bind_SRCID]["], [A short hash from git])
+ 
+-bind_CONFIGARGS="${ac_configure_args:-default}"
+bind_CONFIGARGS="(removed for reproducibility)"
+ AC_DEFINE_UNQUOTED([PACKAGE_CONFIGARGS], ["$bind_CONFIGARGS"], [Either 'defaults' or used ./configure options])
+ 
+ AC_DEFINE([PACKAGE_BUILDER], ["make"], [make or Visual Studio])
diff --git a/meta/recipes-connectivity/bind/bind-9.18.9/bind-ensure-searching-for-json-headers-searches-sysr.patch b/meta/recipes-connectivity/bind/bind-9.18.9/bind-ensure-searching-for-json-headers-searches-sysr.patch
new file mode 100644
index 0000000000..f1abd179e8
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind-9.18.9/bind-ensure-searching-for-json-headers-searches-sysr.patch
@@ -0,0 +1,47 @@
+From 246087f89e9434b726c7884e4c0964f71084f091 Mon Sep 17 00:00:00 2001
+From: Paul Gortmaker <paul.gortmaker@windriver.com>
+Date: Tue, 9 Jun 2015 11:22:00 -0400
+Subject: [PATCH] bind: ensure searching for json headers searches sysroot
+Bind can fail configure by detecting headers w/o libs[1], or
+it can fail the host contamination check as per below:
+ERROR: This autoconf log indicates errors, it looked at host include and/or library paths while determining system capabilities.
+Rerun configure task after fixing this. The path was 'build/tmp/work/core2-64-poky-linux/bind/9.10.2-r1/build'
+ERROR: Function failed: do_qa_configure
+ERROR: Logfile of failure stored in: build/tmp/work/core2-64-poky-linux/bind/9.10.2-r1/temp/log.do_configure.5242
+ERROR: Task 5 (meta/recipes-connectivity/bind/bind_9.10.2.bb, do_configure) failed with exit code '1'
+NOTE: Tasks Summary: Attempted 773 tasks of which 768 didn't need to be rerun and 1 failed.
+No currently running tasks (773 of 781)
+Summary: 1 task failed:
+  /meta/recipes-connectivity/bind/bind_9.10.2.bb, do_configure
+One way to fix it would be to unconditionally disable json in bind
+configure[2] but here we fix it by using the path to where we would
+put the header if we had json in the sysroot, in case someone wants
+to make use of the combination some day.
+[1] https://trac.macports.org/ticket/45305
+[2] https://trac.macports.org/changeset/126406
+Upstream-Status: Inappropriate [OE Specific]
+Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
+---
+ configure.ac | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+diff --git a/configure.ac b/configure.ac
+index 10e8bf6..bf20690 100644
+--- a/configure.ac
+++ b/configure.ac
+@@ -814,7 +814,7 @@ AS_CASE([$with_lmdb],
+        [no],[],
+        [auto|yes], [PKG_CHECK_MODULES([LMDB], [lmdb],
+                                       [ac_lib_lmdb_found=yes],
+-                                      [for ac_lib_lmdb_path in /usr /usr/local /opt /opt/local; do
+                                      [for ac_lib_lmdb_path in "${STAGING_INCDIR}"; do
+                                                AX_LIB_LMDB([$ac_lib_lmdb_path],
+                                                            [ac_lib_lmdb_found=yes
+                                                             break])
diff --git a/meta/recipes-connectivity/bind/bind-9.18.9/bind9 b/meta/recipes-connectivity/bind/bind-9.18.9/bind9
new file mode 100644
index 0000000000..968679ff7f
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind-9.18.9/bind9
@@ -0,0 +1,2 @@
+# startup options for the server
+OPTIONS="-u bind"
diff --git a/meta/recipes-connectivity/bind/bind-9.18.9/conf.patch b/meta/recipes-connectivity/bind/bind-9.18.9/conf.patch
new file mode 100644
index 0000000000..aa3642acec
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind-9.18.9/conf.patch
@@ -0,0 +1,330 @@
+Upstream-Status: Inappropriate [configuration]
+the patch is imported from openembedded project
+11/30/2010 - Qing He <qing.he@intel.com>
+diff -urN bind-9.3.1.orig/conf/db.0 bind-9.3.1/conf/db.0
+--- bind-9.3.1.orig/conf/db.0   1970-01-01 01:00:00.000000000 +0100
+++ bind-9.3.1/conf/db.0        2005-07-10 22:14:00.000000000 +0200
+@@ -0,0 +1,12 @@
+;
+; BIND reverse data file for broadcast zone
+;
+$TTL   604800
+@      IN      SOA     localhost. root.localhost. (
+                             1         ; Serial
+                        604800         ; Refresh
+                         86400         ; Retry
+                       2419200         ; Expire
+                        604800 )       ; Negative Cache TTL
+;
+@      IN      NS      localhost.
+diff -urN bind-9.3.1.orig/conf/db.127 bind-9.3.1/conf/db.127
+--- bind-9.3.1.orig/conf/db.127 1970-01-01 01:00:00.000000000 +0100
+++ bind-9.3.1/conf/db.127      2005-07-10 22:14:00.000000000 +0200
+@@ -0,0 +1,13 @@
+;
+; BIND reverse data file for local loopback interface
+;
+$TTL   604800
+@      IN      SOA     localhost. root.localhost. (
+                             1         ; Serial
+                        604800         ; Refresh
+                         86400         ; Retry
+                       2419200         ; Expire
+                        604800 )       ; Negative Cache TTL
+;
+@      IN      NS      localhost.
+1.0.0  IN      PTR     localhost.
+diff -urN bind-9.3.1.orig/conf/db.empty bind-9.3.1/conf/db.empty
+--- bind-9.3.1.orig/conf/db.empty       1970-01-01 01:00:00.000000000 +0100
+++ bind-9.3.1/conf/db.empty    2005-07-10 22:14:00.000000000 +0200
+@@ -0,0 +1,14 @@
+; BIND reverse data file for empty rfc1918 zone
+;
+; DO NOT EDIT THIS FILE - it is used for multiple zones.
+; Instead, copy it, edit named.conf, and use that copy.
+;
+$TTL   86400
+@      IN      SOA     localhost. root.localhost. (
+                             1         ; Serial
+                        604800         ; Refresh
+                         86400         ; Retry
+                       2419200         ; Expire
+                         86400 )       ; Negative Cache TTL
+;
+@      IN      NS      localhost.
+diff -urN bind-9.3.1.orig/conf/db.255 bind-9.3.1/conf/db.255
+--- bind-9.3.1.orig/conf/db.255 1970-01-01 01:00:00.000000000 +0100
+++ bind-9.3.1/conf/db.255      2005-07-10 22:14:00.000000000 +0200
+@@ -0,0 +1,12 @@
+;
+; BIND reserve data file for broadcast zone
+;
+$TTL   604800
+@      IN      SOA     localhost. root.localhost. (
+                             1         ; Serial
+                        604800         ; Refresh
+                         86400         ; Retry
+                       2419200         ; Expire
+                        604800 )       ; Negative Cache TTL
+;
+@      IN      NS      localhost.
+diff -urN bind-9.3.1.orig/conf/db.local bind-9.3.1/conf/db.local
+--- bind-9.3.1.orig/conf/db.local       1970-01-01 01:00:00.000000000 +0100
+++ bind-9.3.1/conf/db.local    2005-07-10 22:14:00.000000000 +0200
+@@ -0,0 +1,13 @@
+;
+; BIND data file for local loopback interface
+;
+$TTL   604800
+@      IN      SOA     localhost. root.localhost. (
+                             1         ; Serial
+                        604800         ; Refresh
+                         86400         ; Retry
+                       2419200         ; Expire
+                        604800 )       ; Negative Cache TTL
+;
+@      IN      NS      localhost.
+@      IN      A       127.0.0.1
+diff -urN bind-9.3.1.orig/conf/db.root bind-9.3.1/conf/db.root
+--- bind-9.3.1.orig/conf/db.root        1970-01-01 01:00:00.000000000 +0100
+++ bind-9.3.1/conf/db.root     2005-07-10 22:14:00.000000000 +0200
+@@ -0,0 +1,45 @@
+
+; <<>> DiG 9.2.3 <<>> ns . @a.root-servers.net.
+;; global options:  printcmd
+;; Got answer:
+;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18944
+;; flags: qr aa rd; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 13
+
+;; QUESTION SECTION:
+;.                             IN      NS
+
+;; ANSWER SECTION:
+.                      518400  IN      NS      A.ROOT-SERVERS.NET.
+.                      518400  IN      NS      B.ROOT-SERVERS.NET.
+.                      518400  IN      NS      C.ROOT-SERVERS.NET.
+.                      518400  IN      NS      D.ROOT-SERVERS.NET.
+.                      518400  IN      NS      E.ROOT-SERVERS.NET.
+.                      518400  IN      NS      F.ROOT-SERVERS.NET.
+.                      518400  IN      NS      G.ROOT-SERVERS.NET.
+.                      518400  IN      NS      H.ROOT-SERVERS.NET.
+.                      518400  IN      NS      I.ROOT-SERVERS.NET.
+.                      518400  IN      NS      J.ROOT-SERVERS.NET.
+.                      518400  IN      NS      K.ROOT-SERVERS.NET.
+.                      518400  IN      NS      L.ROOT-SERVERS.NET.
+.                      518400  IN      NS      M.ROOT-SERVERS.NET.
+
+;; ADDITIONAL SECTION:
+A.ROOT-SERVERS.NET.    3600000 IN      A       198.41.0.4
+B.ROOT-SERVERS.NET.    3600000 IN      A       192.228.79.201
+C.ROOT-SERVERS.NET.    3600000 IN      A       192.33.4.12
+D.ROOT-SERVERS.NET.    3600000 IN      A       128.8.10.90
+E.ROOT-SERVERS.NET.    3600000 IN      A       192.203.230.10
+F.ROOT-SERVERS.NET.    3600000 IN      A       192.5.5.241
+G.ROOT-SERVERS.NET.    3600000 IN      A       192.112.36.4
+H.ROOT-SERVERS.NET.    3600000 IN      A       128.63.2.53
+I.ROOT-SERVERS.NET.    3600000 IN      A       192.36.148.17
+J.ROOT-SERVERS.NET.    3600000 IN      A       192.58.128.30
+K.ROOT-SERVERS.NET.    3600000 IN      A       193.0.14.129
+L.ROOT-SERVERS.NET.    3600000 IN      A       198.32.64.12
+M.ROOT-SERVERS.NET.    3600000 IN      A       202.12.27.33
+
+;; Query time: 81 msec
+;; SERVER: 198.41.0.4#53(a.root-servers.net.)
+;; WHEN: Sun Feb  1 11:27:14 2004
+;; MSG SIZE  rcvd: 436
+
+diff -urN bind-9.3.1.orig/conf/named.conf bind-9.3.1/conf/named.conf
+--- bind-9.3.1.orig/conf/named.conf     1970-01-01 01:00:00.000000000 +0100
+++ bind-9.3.1/conf/named.conf  2005-07-10 22:33:46.000000000 +0200
+@@ -0,0 +1,49 @@
+// This is the primary configuration file for the BIND DNS server named.
+//
+// If you are just adding zones, please do that in /etc/bind/named.conf.local
+
+include "/etc/bind/named.conf.options";
+
+// prime the server with knowledge of the root servers
+zone "." {
+       type hint;
+       file "/etc/bind/db.root";
+};
+
+// be authoritative for the localhost forward and reverse zones, and for
+// broadcast zones as per RFC 1912
+
+zone "localhost" {
+       type master;
+       file "/etc/bind/db.local";
+};
+
+zone "127.in-addr.arpa" {
+       type master;
+       file "/etc/bind/db.127";
+};
+
+zone "0.in-addr.arpa" {
+       type master;
+       file "/etc/bind/db.0";
+};
+
+zone "255.in-addr.arpa" {
+       type master;
+       file "/etc/bind/db.255";
+};
+
+// zone "com" { type delegation-only; };
+// zone "net" { type delegation-only; };
+
+// From the release notes:
+//  Because many of our users are uncomfortable receiving undelegated answers
+//  from root or top level domains, other than a few for whom that behaviour
+//  has been trusted and expected for quite some length of time, we have now
+//  introduced the "root-delegations-only" feature which applies delegation-only
+//  logic to all top level domains, and to the root domain.  An exception list
+//  should be specified, including "MUSEUM" and "DE", and any other top level
+//  domains from whom undelegated responses are expected and trusted.
+// root-delegation-only exclude { "DE"; "MUSEUM"; };
+
+include "/etc/bind/named.conf.local";
+diff -urN bind-9.3.1.orig/conf/named.conf.local bind-9.3.1/conf/named.conf.local
+--- bind-9.3.1.orig/conf/named.conf.local       1970-01-01 01:00:00.000000000 +0100
+++ bind-9.3.1/conf/named.conf.local    2005-07-10 22:14:06.000000000 +0200
+@@ -0,0 +1,8 @@
+//
+// Do any local configuration here
+//
+
+// Consider adding the 1918 zones here, if they are not used in your
+// organization
+//include "/etc/bind/zones.rfc1918";
+
+diff -urN bind-9.3.1.orig/conf/named.conf.options bind-9.3.1/conf/named.conf.options
+--- bind-9.3.1.orig/conf/named.conf.options     1970-01-01 01:00:00.000000000 +0100
+++ bind-9.3.1/conf/named.conf.options  2005-07-10 22:14:06.000000000 +0200
+@@ -0,0 +1,24 @@
+options {
+       directory "/var/cache/bind";
+
+       // If there is a firewall between you and nameservers you want
+       // to talk to, you might need to uncomment the query-source
+       // directive below.  Previous versions of BIND always asked
+       // questions using port 53, but BIND 8.1 and later use an unprivileged
+       // port by default.
+
+       // query-source address * port 53;
+
+       // If your ISP provided one or more IP addresses for stable 
+       // nameservers, you probably want to use them as forwarders.  
+       // Uncomment the following block, and insert the addresses replacing 
+       // the all-0's placeholder.
+
+       // forwarders {
+       //      0.0.0.0;
+       // };
+
+       auth-nxdomain no;    # conform to RFC1035
+
+};
+
+diff -urN bind-9.3.1.orig/conf/zones.rfc1918 bind-9.3.1/conf/zones.rfc1918
+--- bind-9.3.1.orig/conf/zones.rfc1918  1970-01-01 01:00:00.000000000 +0100
+++ bind-9.3.1/conf/zones.rfc1918       2005-07-10 22:14:10.000000000 +0200
+@@ -0,0 +1,20 @@
+zone "10.in-addr.arpa"      { type master; file "/etc/bind/db.empty"; };
+ 
+zone "16.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "17.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "18.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "19.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "20.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "21.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "22.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "23.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "24.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "25.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "26.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "27.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "28.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "29.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "30.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "31.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+
+zone "168.192.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+diff -urN bind-9.3.1.orig/init.d bind-9.3.1/init.d
+--- bind-9.3.1.orig/init.d      1970-01-01 01:00:00.000000000 +0100
+++ bind-9.3.1/init.d   2005-07-10 23:09:58.000000000 +0200
+@@ -0,0 +1,70 @@
+#!/bin/sh
+
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+
+# for a chrooted server: "-u bind -t /var/lib/named"
+# Don't modify this line, change or create /etc/default/bind9.
+OPTIONS=""
+
+test -f /etc/default/bind9 && . /etc/default/bind9
+
+test -x /usr/sbin/rndc || exit 0
+
+case "$1" in
+    start)
+       echo -n "Starting domain name service: named"
+
+       modprobe capability >/dev/null 2>&1 || true
+       if [ ! -f /etc/bind/rndc.key ]; then
+           /usr/sbin/rndc-confgen -a -b 512
+           chmod 0640 /etc/bind/rndc.key
+       fi
+       if [ -f /var/run/named/named.pid ]; then
+           ps `cat /var/run/named/named.pid` > /dev/null && exit 1
+       fi
+
+       # dirs under /var/run can go away on reboots.
+       mkdir -p /var/run/named
+       mkdir -p /var/cache/bind
+       chmod 775 /var/run/named
+       chown root:bind /var/run/named >/dev/null 2>&1 || true
+
+       if [ ! -x /usr/sbin/named ]; then
+           echo "named binary missing - not starting"
+           exit 1
+       fi
+       if start-stop-daemon --start --quiet --exec /usr/sbin/named \
+               --pidfile /var/run/named/named.pid -- $OPTIONS; then
+           if [ -x /sbin/resolvconf ] ; then
+               echo "nameserver 127.0.0.1" | /sbin/resolvconf -a lo
+           fi
+       fi
+       echo "."        
+    ;;
+
+    stop)
+       echo -n "Stopping domain name service: named"
+       if [ -x /sbin/resolvconf ]; then
+           /sbin/resolvconf -d lo
+       fi
+       /usr/sbin/rndc stop >/dev/null 2>&1
+       echo "."        
+    ;;
+
+    reload)
+       /usr/sbin/rndc reload
+    ;;
+
+    restart|force-reload)
+       $0 stop
+       sleep 2
+       $0 start
+    ;;
+    
+    *)
+       echo "Usage: /etc/init.d/bind {start|stop|reload|restart|force-reload}" >&2
+       exit 1
+    ;;
+esac
+
+exit 0
diff --git a/meta/recipes-connectivity/bind/bind-9.18.9/generate-rndc-key.sh b/meta/recipes-connectivity/bind/bind-9.18.9/generate-rndc-key.sh
new file mode 100644
index 0000000000..633e29c0e6
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind-9.18.9/generate-rndc-key.sh
@@ -0,0 +1,8 @@
+#!/bin/sh
+if [ ! -s /etc/bind/rndc.key ]; then
+    echo -n "Generating /etc/bind/rndc.key:"
+    /usr/sbin/rndc-confgen -a -b 512
+    chown root:bind /etc/bind/rndc.key
+    chmod 0640 /etc/bind/rndc.key
+fi
diff --git a/meta/recipes-connectivity/bind/bind-9.18.9/init.d-add-support-for-read-only-rootfs.patch b/meta/recipes-connectivity/bind/bind-9.18.9/init.d-add-support-for-read-only-rootfs.patch
new file mode 100644
index 0000000000..11db95ede1
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind-9.18.9/init.d-add-support-for-read-only-rootfs.patch
@@ -0,0 +1,65 @@
+Subject: init.d: add support for read-only rootfs
+Upstream-Status: Inappropriate [oe specific]
+Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
+---
+ init.d |   40 ++++++++++++++++++++++++++++++++++++++++
+ 1 file changed, 40 insertions(+)
+diff --git a/init.d b/init.d
+index 0111ed4..24677c8 100644
+--- a/init.d
+++ b/init.d
+@@ -6,8 +6,48 @@ PATH=/sbin:/bin:/usr/sbin:/usr/bin
+ # Don't modify this line, change or create /etc/default/bind9.
+ OPTIONS=""
+ 
+test -f /etc/default/rcS && . /etc/default/rcS
+ test -f /etc/default/bind9 && . /etc/default/bind9
+ 
+# This function is here because it's possible that /var and / are on different partitions.
+is_on_read_only_partition () {
+    DIRECTORY=$1
+    dir=`readlink -f $DIRECTORY`
+    while true; do
+       if [ ! -d "$dir" ]; then
+           echo "ERROR: $dir is not a directory"
+           exit 1
+       else
+           for flag in `awk -v dir=$dir '{ if ($2 == dir) { print "FOUND"; split($4,FLAGS,",") } }; \
+               END { for (f in FLAGS) print FLAGS[f] }' < /proc/mounts`; do
+               [ "$flag" = "FOUND" ] && partition="read-write"
+               [ "$flag" = "ro" ] && { partition="read-only"; break; }
+           done
+           if [ "$dir" = "/" -o -n "$partition" ]; then
+               break
+           else
+               dir=`dirname $dir`
+           fi
+       fi
+    done
+    [ "$partition" = "read-only" ] && echo "yes" || echo "no"
+}
+
+bind_mount () {
+    olddir=$1
+    newdir=$2
+    mkdir -p $olddir
+    cp -a $newdir/* $olddir
+    mount --bind $olddir $newdir
+}
+
+# Deal with read-only rootfs
+if [ "$ROOTFS_READ_ONLY" = "yes" ]; then
+    [ "$VERBOSE" != "no" ] && echo "WARN: start bind service in read-only rootfs"
+    [ `is_on_read_only_partition /etc/bind` = "yes" ] && bind_mount /var/volatile/bind/etc /etc/bind
+    [ `is_on_read_only_partition /var/named` = "yes" ] && bind_mount /var/volatile/bind/named /var/named
+fi
+
+ test -x /usr/sbin/rndc || exit 0
+ 
+ case "$1" in
+-- 
+1.7.9.5
diff --git a/meta/recipes-connectivity/bind/bind-9.18.9/make-etc-initd-bind-stop-work.patch b/meta/recipes-connectivity/bind/bind-9.18.9/make-etc-initd-bind-stop-work.patch
new file mode 100644
index 0000000000..146f3e35db
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind-9.18.9/make-etc-initd-bind-stop-work.patch
@@ -0,0 +1,42 @@
+bind: make "/etc/init.d/bind stop" work
+Upstream-Status: Inappropriate [configuration]
+Add some configurations, make rndc command be able to controls
+the named daemon.
+Signed-off-by: Roy Li <rongqing.li@windriver.com>
+---
+ conf/named.conf |    5 +++++
+ conf/rndc.conf  |    5 +++++
+ 2 files changed, 10 insertions(+), 0 deletions(-)
+ create mode 100644 conf/rndc.conf
+diff --git a/conf/named.conf b/conf/named.conf
+index 95829cf..c8899e7 100644
+--- a/conf/named.conf
+++ b/conf/named.conf
+@@ -47,3 +47,8 @@ zone "255.in-addr.arpa" {
+ // root-delegation-only exclude { "DE"; "MUSEUM"; };
+ 
+ include "/etc/bind/named.conf.local";
+include "/etc/bind/rndc.key" ;
+controls {
+       inet 127.0.0.1 allow { localhost; }
+       keys { rndc-key; };
+};
+diff --git a/conf/rndc.conf b/conf/rndc.conf
+new file mode 100644
+index 0000000..a0b481d
+--- /dev/null
+++ b/conf/rndc.conf
+@@ -0,0 +1,5 @@
+include "/etc/bind/rndc.key";
+options {
+       default-server  localhost;
+       default-key     rndc-key;
+};
+-- 
+1.7.5.4
diff --git a/meta/recipes-connectivity/bind/bind-9.18.9/named.service b/meta/recipes-connectivity/bind/bind-9.18.9/named.service
new file mode 100644
index 0000000000..cda56ef015
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind-9.18.9/named.service
@@ -0,0 +1,22 @@
+[Unit]
+Description=Berkeley Internet Name Domain (DNS)
+Wants=nss-lookup.target
+Before=nss-lookup.target
+After=network.target
+[Service]
+Type=forking
+EnvironmentFile=-/etc/default/bind9
+PIDFile=/run/named/named.pid
+ExecStartPre=@SBINDIR@/generate-rndc-key.sh
+ExecStart=@SBINDIR@/named $OPTIONS
+ExecReload=@BASE_BINDIR@/sh -c '@SBINDIR@/rndc reload > /dev/null 2>&1 || @BASE_BINDIR@/kill -HUP $MAINPID'
+ExecStop=@BASE_BINDIR@/sh -c '@SBINDIR@/rndc stop > /dev/null 2>&1 || @BASE_BINDIR@/kill -TERM $MAINPID'
+PrivateTmp=true
+[Install]
+WantedBy=multi-user.target