rpms/bind/devel bind.spec,1.304,1.305 named.init,1.69,1.70

Mon Mar 9 20:36:04 UTC 2009

Author: atkac

Update of /cvs/pkgs/rpms/bind/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv7259

Modified Files:
	bind.spec named.init 
Log Message:
- add DNSSEC support to initscript, enabled it per default
- add requires dnssec-conf



Index: bind.spec
===================================================================
RCS file: /cvs/pkgs/rpms/bind/devel/bind.spec,v
retrieving revision 1.304
retrieving revision 1.305
diff -u -r1.304 -r1.305

--- bind.spec	9 Mar 2009 14:35:56 -0000	1.304
+++ bind.spec	9 Mar 2009 20:35:34 -0000	1.305
@@ -20,7 +20,7 @@
 Name:     bind
 License:  ISC
 Version:  9.6.0
-Release:  8.%{PATCHVER}%{?dist}
+Release:  9.%{PATCHVER}%{?dist}
 Epoch:    32
 Url:      http://www.isc.org/products/BIND/
 Buildroot:%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -36,7 +36,6 @@
 Source8:  dnszone.schema
 Source12: README.sdb_pgsql
 Source21: Copyright.caching-nameserver
-Source24: libbind.pc
 Source25: named.conf.sample
 Source28: config-4.tar.bz2
 Source30: ldap2zone.c
@@ -77,6 +76,7 @@
 Requires(post): grep, chkconfig
 Requires(pre):  shadow-utils
 Requires(preun):chkconfig
+Requires:       dnssec-conf
 Obsoletes:      bind-config < 30:9.3.2-34.fc6, caching-nameserver < 31:9.4.1-7.fc8
 Provides:       bind-config = 30:9.3.2-34.fc6, caching-nameserver = 31:9.4.1-7.fc8
 BuildRequires:  openssl-devel, libtool, autoconf, pkgconfig, libcap-devel
@@ -377,6 +377,9 @@
   # rndc.key has to have correct perms and ownership, CVE-2007-6283
   [ -e /etc/rndc.key ] && chown root:named /etc/rndc.key
   [ -e /etc/rndc.key ] && chmod 0640 /etc/rndc.key
+  # Enable DNSSEC per default
+  [ -x /usr/sbin/dnssec-configure ] && \
+    dnssec-configure -b --norestart --dnssec=on --dlv=off > /dev/null 2>&1
 fi
 :;
 
@@ -561,6 +564,10 @@
 %ghost %{chroot_prefix}/etc/localtime
 
 %changelog
+* Mon Mar 09 2009 Adam Tkac <atkac redhat com> 32:9.6.0-9.P1
+- add DNSSEC support to initscript, enabled it per default
+- add requires dnssec-conf
+
 * Mon Mar 09 2009 Adam Tkac <atkac redhat com> 32:9.6.0-8.P1
 - fire away libbind, it is now separate package
 


Index: named.init
===================================================================
RCS file: /cvs/pkgs/rpms/bind/devel/named.init,v
retrieving revision 1.69
retrieving revision 1.70
diff -u -r1.69 -r1.70
--- named.init	10 Nov 2008 16:36:47 -0000	1.69
+++ named.init	9 Mar 2009 20:35:34 -0000	1.70
@@ -22,6 +22,7 @@
 . /etc/rc.d/init.d/functions
 
 [ -r /etc/sysconfig/named ] && . /etc/sysconfig/named
+[ -r /etc/sysconfig/dnssec ] && . /etc/sysconfig/dnssec
 
 RETVAL=0
 export KRB5_KTNAME=${KEYTAB_FILE:-/etc/named.keytab}
@@ -42,6 +43,10 @@
    fi;
 fi
 
+[ -x /usr/sbin/dnssec-configure ] && [ -r /etc/named.conf ] && \
+  [ /etc/sysconfig/dnssec -nt /etc/named.conf ] && \
+   /usr/sbin/dnssec-configure -b --norestart --dnssec="$DNSSEC" --dlv="$DLV"
+
 # Check if all what named needs running
 start()
 {


