18526d
%define VERSION %{version}
18526d
18526d
Name:           bind-dyndb-ldap
29882e
Version:        11.1
fd9006
Release:        4%{?dist}
18526d
Summary:        LDAP back-end plug-in for BIND
18526d
18526d
Group:          System Environment/Libraries
18526d
License:        GPLv2+
29882e
URL:            https://releases.pagure.org/bind-dyndb-ldap
29882e
Source0:        https://releases.pagure.org/%{name}/%{name}-%{VERSION}.tar.bz2
29882e
Source1:        https://releases.pagure.org/%{name}/%{name}-%{VERSION}.tar.bz2.asc
29882e
Patch0:         bind-dyndb-ldap-tkrizek-0001-Revert-BIND-9.11-use-new-public-header-isc-errno.h-i.patch
29882e
Patch1:         bind-dyndb-ldap-tkrizek-0002-Revert-BIND-9.11-Add-wrapper-for-new-DB-API-method-n.patch
29882e
Patch2:         bind-dyndb-ldap-tkrizek-0003-Revert-BIND-9.11-Remove-if-blocks-for-older-BIND-ver.patch
29882e
Patch3:         bind-dyndb-ldap-tkrizek-0004-Skip-isc-lib-register.patch
29882e
Patch4:         bind-dyndb-ldap-pemensik-0002-Treat-passwords-like-ordinary-text-bind-does-not-sup.patch
29882e
Patch5:         bind-dyndb-ldap-pemensik-0003-Replace-unsupported-autoreallocating-buffer-by-custo.patch
29882e
Patch6:         bind-dyndb-ldap-tkrizek-0005-Setting-skip-unconfigured-values.patch
29882e
Patch7:         bind-dyndb-ldap-tkrizek-0006-Coverity-fix-REVERSE_INULL-for-pevent-inst.patch
fc93e3
18526d
BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
18526d
fd9006
BuildRequires:  bind-devel >= 32:9.9.4-51, bind-lite-devel >= 32:9.9.4-51
18526d
BuildRequires:  krb5-devel
18526d
BuildRequires:  openldap-devel
fc93e3
BuildRequires:  libuuid-devel
18526d
BuildRequires:  automake, autoconf, libtool
18526d
fd9006
Requires:       bind >= 32:9.9.4-51
f3daad
# https://bugzilla.redhat.com/show_bug.cgi?id=1376851
f3daad
Requires(post,postun): selinux-policy
29882e
Requires(post):  sed
18526d
18526d
%description
18526d
This package provides an LDAP back-end plug-in for BIND. It features
18526d
support for dynamic updates and internal caching, to lift the load
18526d
off of your LDAP server.
18526d
18526d
18526d
%prep
18526d
%setup -q -n %{name}-%{VERSION}
f3daad
%patch0 -p1
f3daad
%patch1 -p1
f3daad
%patch2 -p1
29882e
%patch3 -p1
29882e
%patch4 -p1
29882e
%patch5 -p1
29882e
%patch6 -p1
29882e
%patch7 -p1
18526d
18526d
%build
18526d
autoreconf -fiv
f3daad
%configure --disable-werror
18526d
make %{?_smp_mflags}
18526d
18526d
18526d
%install
18526d
rm -rf %{buildroot}
18526d
make install DESTDIR=%{buildroot}
9600a8
mkdir -m 770 -p %{buildroot}/%{_localstatedir}/named/dyndb-ldap
18526d
18526d
# Remove unwanted files
18526d
rm %{buildroot}%{_libdir}/bind/ldap.la
18526d
rm -r %{buildroot}%{_datadir}/doc/%{name}
18526d
18526d
29882e
%post
9600a8
# SELinux boolean named_write_master_zones has to be enabled
9600a8
# otherwise the plugin will not be able to write to /var/named.
9600a8
# This scriptlet enables the boolean after installation or upgrade.
9600a8
# SELinux is sensitive area so I want to inform user about the change.
9600a8
if [ -x "/usr/sbin/setsebool" ] ; then
9600a8
        echo "Enabling SELinux boolean named_write_master_zones"
9600a8
        /usr/sbin/setsebool -P named_write_master_zones=1 || :
9600a8
fi
9600a8
9600a8
29882e
# Transform named.conf if it still has old-style API.
29882e
PLATFORM=$(uname -m) 
29882e
29882e
if [ $PLATFORM == "x86_64" ] ; then
29882e
    LIBPATH=/usr/lib64
29882e
else
29882e
    LIBPATH=/usr/lib
29882e
fi
29882e
29882e
# The following sed script:
29882e
#   - scopes the named.conf changes to dynamic-db
29882e
#   - replaces arg "name value" syntax with name "value"
29882e
#   - changes dynamic-db header to dyndb
29882e
#   - uses the new way the define path to the library
29882e
#   - removes no longer supported arguments (library, cache_ttl,
29882e
#       psearch, serial_autoincrement, zone_refresh)
29882e
while read -r PATTERN
29882e
do
29882e
    SEDSCRIPT+="$PATTERN"
29882e
done <
29882e
/^\s*dynamic-db/,/};/ {
29882e
29882e
  s/\(\s*\)arg\s\+\(["']\)\([a-zA-Z_]\+\s\)/\1\3\2/g;
29882e
29882e
  s/^dynamic-db/dyndb/;
29882e
29882e
  s@\(dyndb "[^"]\+"\)@\1 "$LIBPATH/bind/ldap.so"@;
29882e
  s@\(dyndb '[^']\+'\)@\1 '$LIBPATH/bind/ldap.so'@;
29882e
29882e
  /\s*library[^;]\+;/d;
29882e
  /\s*cache_ttl[^;]\+;/d;
29882e
  /\s*psearch[^;]\+;/d;
29882e
  /\s*serial_autoincrement[^;]\+;/d;
29882e
  /\s*zone_refresh[^;]\+;/d;
29882e
}
29882e
EOF
29882e
29882e
sed -i.bak -e "$SEDSCRIPT" /etc/named.conf
29882e
29882e
9600a8
# This scriptlet disables the boolean after uninstallation.
9600a8
%postun
9600a8
if [ "0$1" -eq "0" ] && [ -x "/usr/sbin/setsebool" ] ; then
9600a8
        echo "Disabling SELinux boolean named_write_master_zones"
9600a8
        /usr/sbin/setsebool -P named_write_master_zones=0 || :
9600a8
fi
9600a8
9600a8
18526d
%clean
18526d
rm -rf %{buildroot}
18526d
18526d
18526d
%files
18526d
%defattr(-,root,root,-)
29882e
%doc NEWS README.md COPYING doc/{example,schema}.ldif
9600a8
%dir %attr(770, root, named) %{_localstatedir}/named/dyndb-ldap
18526d
%{_libdir}/bind/ldap.so
18526d
18526d
18526d
%changelog
fd9006
* Wed Jul 12 2017 Tomas Krizek <tkrizek@redhat.com> - 11.1-4
fd9006
- Resolves: #1469984 required bind version doesn't have the dyndb interface
fd9006
29882e
* Wed Apr 26 2017 Tomas Krizek <tkrizek@redhat.com> - 11.1-3
29882e
- resolves: #1436268 crash when server_id is not present in named.conf
29882e
- coverity fixes
29882e
29882e
* Wed Mar 15 2017 Tomas Krizek <tkrizek@redhat.com> - 11.1-2
29882e
- bump NVR to fix bind dependencies
29882e
29882e
* Wed Mar 15 2017 Tomas Krizek <tkrizek@redhat.com> - 11.1-1
29882e
- update to letest upstream version
29882e
- resolves: #1393889 Rebase to bind-dyndb-ldap 11+
29882e
- resolves: #1165796 bind-dyndb-ldap crashes if server is shutting down and connection to LDAP is down
29882e
- resolves: #1413805 bind-dyndb-ldap default schema is shipped with syntax error
29882e
f3daad
* Wed Sep 21 2016 Petr Spacek <pspacek@redhat.com> - 10.0-5
f3daad
- resolves: #1376851 Unable to set named_write_master_zones boolean on upgrade
f3daad
f3daad
* Tue Aug 16 2016 Petr Spacek <pspacek@redhat.com> - 10.0-4
f3daad
- resolves: #1366565 Deletion of DNS root zone breaks global forwarding
f3daad
f3daad
* Thu Jul 28 2016 Petr Spacek <pspacek@redhat.com> - 10.0-3
f3daad
- rebuild against redhat-rpm-config-9.1.0-71.el7 to fix /usr/share/doc naming
f3daad
- related: #1057327
f3daad
f3daad
* Wed Jul 27 2016 Petr Spacek <pspacek@redhat.com> - 10.0-2
f3daad
- resolves: #1359220 prevent crash while reloading previously invalid
f3daad
  but now valid DNS zone
f3daad
f3daad
* Tue Jun 21 2016 Petr Spacek <pspacek@redhat.com> - 10.0-1
f3daad
- update to latest upstream version
f3daad
- resolves: #1292145 Rebase bind-dyndb-ldap to latest upstream version
f3daad
f3daad
* Thu May 12 2016 Petr Spacek <pspacek@redhat.com> - 9.0-1
f3daad
- update to latest upstream version
f3daad
- related: #1292145 Rebase bind-dyndb-ldap to latest upstream version
f3daad
fc93e3
* Tue Jun 23 2015 Petr Spacek <pspacek redhat com> - 8.0-1
fc93e3
- update to latest upstream version
fc93e3
- resolves: #1204110 Rebase bind-dyndb-ldap to latest upstream version
fc93e3
fc93e3
* Mon Jun 08 2015 Petr Spacek <pspacek redhat com> - 7.99-1
fc93e3
- preliminary update to latests snapshot of upstream Git: 158e95e (#1204110)
fc93e3
- resolves: #829395  DNSSEC support
fc93e3
- resolves: #1139776 LDAP MODRDN (rename) is not supported
fc93e3
- resolves: #1139778 Records deleted when connection to LDAP is down are not refreshed properly
fc93e3
- resolves: #1184065 PTR record synchronization for A/AAAA record tuple can fail mysteriously
fc93e3
- resolves: #1207539 Add support for TLSA resource records (DANE)
fc93e3
- resolves: #1207540 Plugin will crash if idnsForwardZone object is in the wrong place
fc93e3
- resolves: #1207541 Generic support for unknown DNS RR types (RFC 3597)
fc93e3
9600a8
* Tue Dec 02 2014 Petr Spacek <pspacek redhat com> - 6.0-2
9600a8
- fix bug 1161635: send DNS NOTIFY message after any modification to the zone
9600a8
- fix bug 1168131: crash caused by interaction between forward and master zones
9600a8
9600a8
* Tue Sep 23 2014 Petr Spacek <pspacek redhat com> - 6.0-1
9600a8
- update to 6.0
9600a8
- resolves bugs 1138317, 1144599, 1142176
9600a8
9600a8
* Fri Sep 12 2014 Petr Spacek <pspacek redhat com> - 5.3-1
9600a8
- update to 5.3
9600a8
- fixes several random crashes
9600a8
9600a8
* Mon Sep 08 2014 Petr Spacek <pspacek redhat com> - 5.2-1
9600a8
- update to 5.2
9600a8
- adds DNSSEC support and supports root zone in LDAP
9600a8
- idnsZoneActive attribute is not supported anymore
9600a8
6ab539
* Fri Jan 24 2014 Daniel Mach <dmach@redhat.com> - 3.5-4
6ab539
- Mass rebuild 2014-01-24
6ab539
6ab539
* Fri Dec 27 2013 Daniel Mach <dmach@redhat.com> - 3.5-3
6ab539
- Mass rebuild 2013-12-27
6ab539
18526d
* Tue Sep 24 2013 Tomas Hozza <thozza@redhat.com> 3.5-2
18526d
- rebuild against new bind (Related: #1010200) (#1011118)
18526d
18526d
* Thu Jul 18 2013 Petr Spacek <pspacek redhat com> 3.5-1
18526d
- update to 3.5
18526d
18526d
* Tue Jun 25 2013 Petr Spacek <pspacek redhat com> 3.4-1
18526d
- update to 3.4
18526d
18526d
* Tue Jun 04 2013 Petr Spacek <pspacek redhat com> 3.3-1
18526d
- update to 3.3
18526d
- patch bind-dyndb-ldap-tbabej-0001-Build-fixes-for-Fedora-19.patch merged
18526d
18526d
* Tue May 14 2013 Petr Spacek <pspacek redhat com> 3.2-1
18526d
- update to 3.2
18526d
18526d
* Tue Apr 16 2013 Adam Tkac <atkac redhat com> 3.1-2
18526d
- rebuild against new bind
18526d
- build with --disable-werror
18526d
18526d
* Fri Apr 12 2013 Petr Spacek <pspacek redhat com> 3.1-1
18526d
- update to 3.1
18526d
18526d
* Tue Apr 02 2013 Petr Spacek <pspacek redhat com> 3.0-1
18526d
- update to 3.0
18526d
18526d
* Tue Mar 26 2013 Petr Spacek <pspacek redhat com> 2.6-1
18526d
- update to 2.6
18526d
18526d
* Mon Feb 04 2013 Petr Spacek <pspacek redhat com> 2.5-1
18526d
- update to 2.5
18526d
18526d
* Tue Jan 15 2013 Petr Spacek <pspacek redhat com> 2.4-1
18526d
- update to 2.4
18526d
18526d
* Thu Nov  8 2012 Petr Spacek <pspacek redhat com> 2.3-2
18526d
- rebuild with proper changelog
18526d
18526d
* Thu Nov  8 2012 Petr Spacek <pspacek redhat com> 2.3-1
18526d
- update to 2.3
18526d
18526d
* Mon Oct 29 2012 Adam Tkac <atkac redhat com> 2.1-1
18526d
- update to 2.1
18526d
18526d
* Thu Oct 11 2012 Adam Tkac <atkac redhat com> 2.0-0.3.20121009git6a86b1
18526d
- rebuild against new bind-libs
18526d
18526d
* Tue Oct  9 2012 Petr Spacek <pspacek redhat com> 2.0-0.2.20121009git6a86b1
18526d
- update to the latest master
18526d
18526d
* Fri Sep 21 2012 Adam Tkac <atkac redhat com> 2.0-0.1.20120921git7710d89
18526d
- update to the latest master
18526d
- bind-dyndb-ldap110-master.patch was merged
18526d
18526d
* Thu Aug 16 2012 Adam Tkac <atkac redhat com> 1.1.0-0.16.rc1
18526d
- update to the latest git
18526d
18526d
* Thu Aug 02 2012 Adam Tkac <atkac redhat com> 1.1.0-0.15.rc1
18526d
- update to the latest git
18526d
  - fix for CVE-2012-3429 has been merged
18526d
18526d
* Thu Aug 02 2012 Adam Tkac <atkac redhat com> 1.1.0-0.14.rc1
18526d
- fix CVE-2012-3429
18526d
18526d
* Wed Jul 18 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.1.0-0.13.rc1
18526d
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
18526d
18526d
* Thu Jun 07 2012 Adam Tkac <atkac redhat com> - 1.1.0-0.12.rc1
18526d
- update to the latest master (#827401)
18526d
18526d
* Thu Apr 26 2012 Adam Tkac <atkac redhat com> - 1.1.0-0.11.rc1
18526d
- update to 1.1.0rc1 (CVE-2012-2134)
18526d
18526d
* Tue Mar 27 2012 Adam Tkac <atkac redhat com> - 1.1.0-0.10.b2
18526d
- update to 1.1.0b2
18526d
18526d
* Tue Mar 06 2012 Adam Tkac <atkac redhat com> - 1.1.0-0.9.b1
18526d
- update to 1.1.0b1
18526d
18526d
* Mon Feb 13 2012 Adam Tkac <atkac redhat com> - 1.1.0-0.8.a2
18526d
- update to 1.1.0a2
18526d
18526d
* Thu Feb 02 2012 Adam Tkac <atkac redhat com> - 1.1.0-0.7.a1
18526d
- rebuild against new bind
18526d
18526d
* Wed Jan 18 2012 Adam Tkac <atkac redhat com> - 1.1.0-0.6.a1
18526d
- update to 1.1.0a1
18526d
18526d
* Thu Jan 12 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.0-0.5.rc1
18526d
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
18526d
18526d
* Mon Nov 14 2011 Adam Tkac <atkac redhat com> - 1.0.0-0.4.rc1
18526d
- update to 1.0.0rc1
18526d
18526d
* Mon Nov 14 2011 Adam Tkac <atkac redhat com> - 1.0.0-0.3.b1
18526d
- rebuild against new bind
18526d
18526d
* Fri Sep 09 2011 Adam Tkac <atkac redhat com> - 1.0.0-0.2.b1
18526d
- rebuild against new bind
18526d
18526d
* Wed Aug 31 2011 Adam Tkac <atkac redhat com> - 1.0.0-0.1.b1
18526d
- update to 1.0.0b1 (psearch + bugfixes)
18526d
- bind-dyndb-ldap-rh727856.patch merged
18526d
18526d
* Wed Aug 03 2011 Adam Tkac <atkac redhat com> - 0.2.0-4
18526d
- fix race condition in semaphore_wait (#727856)
18526d
18526d
* Mon Feb 21 2011 Adam Tkac <atkac redhat com> - 0.2.0-3
18526d
- rebuild against new bind
18526d
18526d
* Mon Feb 07 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.2.0-2
18526d
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
18526d
18526d
* Wed Jan 12 2011 Adam Tkac <atkac redhat com> - 0.2.0-1
18526d
- update to 0.2.0
18526d
- patches merged
18526d
  - 0001-Bugfix-Improve-LDAP-schema-to-be-loadable-by-OpenLDA.patch
18526d
  - 0004-Bugfix-Fix-loading-of-child-zones-from-LDAP.patch
18526d
18526d
* Wed Dec 15 2010 Adam Tkac <atkac redhat com> - 0.1.0-0.17.b
18526d
- fix LDAP schema (#622604)
18526d
- load child zones from LDAP correctly (#622617)
18526d
18526d
* Fri Oct 22 2010 Adam Tkac <atkac redhat com> - 0.1.0-0.16.b
18526d
- build with correct RPM_OPT_FLAGS (#645529)
18526d
18526d
* Wed Oct 20 2010 Adam Tkac <atkac redhat com> - 0.1.0-0.15.b
18526d
- use "isc-config.sh" utility to get correct BIND9 CFLAGS
18526d
18526d
* Thu Sep 30 2010 Adam Tkac <atkac redhat com> - 0.1.0-0.14.b
18526d
- rebuild against new bind
18526d
18526d
* Fri Aug 27 2010 Adam Tkac <atkac redhat com> - 0.1.0-0.13.b
18526d
- rebuild against new bind
18526d
18526d
* Tue Aug 17 2010 Adam Tkac <atkac redhat com> - 0.1.0-0.12.b
18526d
- rebuild against new bind
18526d
18526d
* Tue Aug 03 2010 Adam Tkac <atkac redhat com> - 0.1.0-0.11.b
18526d
- rebuild against new bind
18526d
18526d
* Mon May 31 2010 Adam Tkac <atkac redhat com> - 0.1.0-0.10.b
18526d
- rebuild against new bind
18526d
18526d
* Wed Mar 24 2010 Martin Nagy <mnagy@redhat.com> - 0.1.0-0.9.b
18526d
- update to the latest upstream release
18526d
18526d
* Thu Jan 28 2010 Adam Tkac <atkac redhat com> - 0.1.0-0.8.a1.20091210git
18526d
- rebuild against new bind
18526d
18526d
* Tue Dec 15 2009 Adam Tkac <atkac redhat com> - 0.1.0-0.7.a1.20091210git
18526d
- rebuild against new bind
18526d
18526d
* Thu Dec 10 2009 Martin Nagy <mnagy@redhat.com> - 0.1.0-0.6.a1.20091210git
18526d
- update to the latest git snapshot
18526d
- change upstream URL, project moved to fedorahosted
18526d
- change license to GPL version 2 or later
18526d
- add epoch to versioned requires
18526d
- add krb5-devel to the list of build requires
18526d
18526d
* Tue Dec 01 2009 Adam Tkac <atkac redhat com> - 0.1.0-0.5.a1
18526d
- rebuild against new bind
18526d
18526d
* Thu Nov 26 2009 Adam Tkac <atkac redhat com> - 0.1.0-0.4.a1
18526d
- rebuild against new bind
18526d
18526d
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.1.0-0.3.a1
18526d
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
18526d
18526d
* Fri Jun 19 2009 Caolán McNamara <caolanm@redhat.com> - 0.1.0-0.2.a1
18526d
- rebuild for dependencies
18526d
18526d
* Sun May 03 2009 Martin Nagy <mnagy@redhat.com> - 0.1.0-0.1.a1
18526d
- initial packaging