Hello community, here is the log from the commit of package bind for openSUSE:Factory checked in at 2014-12-19 09:41:28 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/bind (Old) and /work/SRC/openSUSE:Factory/.bind.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "bind" Changes: -------- --- /work/SRC/openSUSE:Factory/bind/bind.changes 2014-09-15 17:40:45.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.bind.new/bind.changes 2014-12-19 09:40:23.000000000 +0100 @@ -1,0 +2,250 @@ +Thu Dec 11 13:03:30 UTC 2014 - jeng...@inai.de + +- Corrections to baselibs.conf + +------------------------------------------------------------------- +Tue Dec 9 21:45:10 UTC 2014 - lmue...@suse.com + +- Update to version 9.10.1-P1 + - A flaw in delegation handling could be exploited to put named into an + infinite loop. This has been addressed by placing limits on the number of + levels of recursion named will allow (default 7), and the number of + iterative queries that it will send (default 50) before terminating a + recursive query (CVE-2014-8500); (bnc#908994). + The recursion depth limit is configured via the "max-recursion-depth" + option, and the query limit via the "max-recursion-queries" option. + [RT #37580] + - When geoip-directory was reconfigured during named run-time, the + previously loaded GeoIP data could remain, potentially causing wrong ACLs + to be used or wrong results to be served based on geolocation + (CVE-2014-8680). [RT #37720]; (bnc#908995). + - Lookups in GeoIP databases that were not loaded could cause an assertion + failure (CVE-2014-8680). [RT #37679]; (bnc#908995). + - The caching of GeoIP lookups did not always handle address families + correctly, potentially resulting in an assertion failure (CVE-2014-8680). + [RT #37672]; (bnc#908995). + +------------------------------------------------------------------- +Sun Dec 7 16:54:03 UTC 2014 - jeng...@inai.de + +- Convert some hard PreReq to leaner Requires(pre). +- Typographical and orthographic fixes to description texts. + +------------------------------------------------------------------- +Fri Dec 05 19:35:00 UTC 2014 - Led <led...@gmail.com> + +- Fix bashisms in the createNamedConfInclude script. +- Post scripts: remove '-e' option of 'echo' that may be unsupported + in some POSIX-compliant shells. + +------------------------------------------------------------------- +Fri Dec 5 14:54:53 UTC 2014 - lmue...@suse.com + +- Add openssl engines to the lwresd chroot. +- Add /etc/lwresd.conf with attribute ghost to the list of files. +- Add /run/lwresd to the list of files of the lwresd package. +- Shift /run/named from the chroot sub to the main bind package. +- Drop /proc from the chroot as multi CPU systems work fine even without it. + +------------------------------------------------------------------- +Thu Dec 4 18:36:41 UTC 2014 - lmue...@suse.com + +- Add a versioned dependency when obsoleting packages. + +------------------------------------------------------------------- +Thu Dec 4 18:15:01 UTC 2014 - lmue...@suse.com + +- Remove superfluous obsoletes *-64bit in the ifarch ppc64 case; (bnc#437293). + +------------------------------------------------------------------- +Wed Dec 3 16:58:24 UTC 2014 - lmue...@suse.com + +- Fix gssapi_krb configure time header detection. + +------------------------------------------------------------------- +Sun Nov 30 13:52:44 UTC 2014 - lmue...@suse.com + +- Update root zone (dated Nov 5, 2014). + +------------------------------------------------------------------- +Sat Nov 29 19:35:53 UTC 2014 - lmue...@suse.com + +- Update to version 9.10.1 + - This release addresses the security flaws described in CVE-2014-3214 and + CVE-2014-3859. +- Update to version 9.10.0 + - DNS Response-rate limiting (DNS RRL), which blunts the impact of + reflection and amplification attacks, is always compiled in and no longer + requires a compile-time option to enable it. + - An experimental "Source Identity Token" (SIT) EDNS option is now available. + - A new zone file format, "map", stores zone data in a + format that can be mapped directly into memory, allowing + significantly faster zone loading. + - "delv" (domain entity lookup and validation) is a new tool with dig-like + semantics for looking up DNS data and performing internal DNSSEC + validation. + - Improved EDNS(0) processing for better resolver performance + and reliability over slow or lossy connections. + - Substantial improvement in response-policy zone (RPZ) performance. Up to + 32 response-policy zones can be configured with minimal performance loss. + - To improve recursive resolver performance, cache records which are still + being requested by clients can now be automatically refreshed from the + authoritative server before they expire, reducing or eliminating the time + window in which no answer is available in the cache. + - New "rpz-client-ip" triggers and drop policies allowing + response policies based on the IP address of the client. + - ACLs can now be specified based on geographic location using the MaxMind + GeoIP databases. Use "configure --with-geoip" to enable. + - Zone data can now be shared between views, allowing multiple views to serve + the same zones authoritatively without storing multiple copies in memory. + - New XML schema (version 3) for the statistics channel includes many new + statistics and uses a flattened XML tree for faster parsing. The older + schema is now deprecated. + - A new stylesheet, based on the Google Charts API, displays XML statistics + in charts and graphs on javascript-enabled browsers. + - The statistics channel can now provide data in JSON format as well as XML. + - New stats counters track TCP and UDP queries received + per zone, and EDNS options received in total. + - The internal and export versions of the BIND libraries (libisc, libdns, + etc) have been unified so that external library clients can use the same + libraries as BIND itself. + - A new compile-time option, "configure --enable-native-pkcs11", allows BIND + 9 cryptography functions to use the PKCS#11 API natively, so that BIND can + drive a cryptographic hardware service module (HSM) directly instead of + using a modified OpenSSL as an intermediary. + - The new "max-zone-ttl" option enforces maximum TTLs for zones. This can + simplify the process of rolling DNSSEC keys by guaranteeing that cached + signatures will have expired within the specified amount of time. + - "dig +subnet" sends an EDNS CLIENT-SUBNET option when querying. + - "dig +expire" sends an EDNS EXPIRE option when querying. + - New "dnssec-coverage" tool to check DNSSEC key coverage for a zone and + report if a lapse in signing coverage has been inadvertently scheduled. + - Signing algorithm flexibility and other improvements + for the "rndc" control channel. + - "named-checkzone" and "named-compilezone" can now read + journal files, allowing them to process dynamic zones. + - Multiple DLZ databases can now be configured. Individual zones can be + configured to be served from a specific DLZ database. DLZ databases now + serve zones of type "master" and "redirect". + - "rndc zonestatus" reports information about a specified zone. + - "named" now listens on IPv6 as well as IPv4 interfaces by default. + - "named" now preserves the capitalization of names + when responding to queries. + - new "dnssec-importkey" command allows the use of offline + DNSSEC keys with automatic DNSKEY management. + - New "named-rrchecker" tool to verify the syntactic + correctness of individual resource records. + - When re-signing a zone, the new "dnssec-signzone -Q" option drops + signatures from keys that are still published but are no longer active. + - "named-checkconf -px" will print the contents of configuration files with + the shared secrets obscured, making it easier to share configuration (e.g. + when submitting a bug report) without revealing private information. + - "rndc scan" causes named to re-scan network interfaces for + changes in local addresses. + - On operating systems with support for routing sockets, network interfaces + are re-scanned automatically whenever they change. + - "tsig-keygen" is now available as an alternate command + name to use for "ddns-confgen". +- Update to version 9.9.6 + New Features + - Support for CAA record types, as described in RFC 6844 "DNS + Certification Authority Authorization (CAA) Resource Record", + was added. [RT#36625] [RT #36737] + - Disallow "request-ixfr" from being specified in zone statements where it + is not valid (it is only valid for slave and redirect zones) [RT #36608] + - Support for CDS and CDNSKEY resource record types was added. For + details see the proposed Informational Internet-Draft "Automating + DNSSEC Delegation Trust Maintenance" at + http://tools.ietf.org/html/draft-ietf-dnsop-delegation-trust-maintainance-14. + [RT #36333] + - Added version printing options to various BIND utilities. [RT #26057] + [RT #10686] + - Added a "no-case-compress" ACL, which causes named to use case-insensitive + compression (disabling change #3645) for specified clients. (This is useful + when dealing with broken client implementations that use case-sensitive + name comparisons, rejecting responses that fail to match the capitalization + of the query that was sent.) [RT #35300] + Feature Changes + - Adds RPZ SOA to the additional section of responses to clearly + indicate the use of RPZ in a manner that is intended to avoid + causing issues for downstream resolvers and forwarders [RT #36507] + - rndc now gives distinct error messages when an unqualified zone + name matches multiple views vs. matching no views [RT #36691] + - Improves the accuracy of dig's reported round trip times. [RT #36611] + - When an SPF record exists in a zone but no equivalent TXT record + does, a warning will be issued. The warning for the reverse + condition is no longer issued. See the check-spf option in the + documentation for details. [RT #36210] + - "named" will now log explicitly when using rndc.key to configure + command channel. [RT #35316] + - The default setting for the -U option (setting the number of UDP + listeners per interface) has been adjusted to improve performance. + [RT #35417] + - Aging of smoothed round-trip time measurements is now limited + to no more than once per second, to improve accuracy in selecting + the best name server. [RT #32909] + - DNSSEC keys that have been marked active but have no publication + date are no longer presumed to be publishable. [RT #35063] + Bug Fixes + - The Makefile in bin/python was changed to work around a bmake + bug in FreeBSD 10 and NetBSD 6. [RT #36993] (**) + - Corrected bugs in the handling of wildcard records by the DNSSEC + validator: invalid wildcard expansions could be treated as valid + if signed, and valid wildcard expansions in NSEC3 opt-out ranges + had the AD bit set incorrectly in responses. [RT #37093] [RT #37072] + - When resigning, dnssec-signzone was removing all signatures from + delegation nodes. It now retains DS and (if applicable) NSEC + signatures. [RT #36946] ++++ 53 more lines (skipped) ++++ between /work/SRC/openSUSE:Factory/bind/bind.changes ++++ and /work/SRC/openSUSE:Factory/.bind.new/bind.changes Old: ---- bind-9.9.5-P1.tar.gz bind-9.9.5-P1.tar.gz.asc pid-path.diff rpz2+rl-9.9.5.patch New: ---- bind-9.10.1-P1.tar.gz bind-9.10.1-P1.tar.gz.asc runidn.diff ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ bind.spec ++++++ ++++ 744 lines (skipped) ++++ between /work/SRC/openSUSE:Factory/bind/bind.spec ++++ and /work/SRC/openSUSE:Factory/.bind.new/bind.spec ++++++ Makefile.in.diff ++++++ --- /var/tmp/diff_new_pack.P5E9Nq/_old 2014-12-19 09:40:26.000000000 +0100 +++ /var/tmp/diff_new_pack.P5E9Nq/_new 2014-12-19 09:40:26.000000000 +0100 @@ -2,7 +2,7 @@ =================================================================== --- bind-9.9.3-P1.orig/bin/named/Makefile.in +++ bind-9.9.3-P1/bin/named/Makefile.in -@@ -176,9 +176,7 @@ installdirs: +@@ -173,9 +173,7 @@ installdirs: install:: named@EXEEXT@ lwresd@EXEEXT@ installdirs ${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} named@EXEEXT@ ${DESTDIR}${sbindir} (cd ${DESTDIR}${sbindir}; rm -f lwresd@EXEEXT@; @LN@ named@EXEEXT@ lwresd@EXEEXT@) ++++++ baselibs.conf ++++++ --- /var/tmp/diff_new_pack.P5E9Nq/_old 2014-12-19 09:40:26.000000000 +0100 +++ /var/tmp/diff_new_pack.P5E9Nq/_new 2014-12-19 09:40:26.000000000 +0100 @@ -1,9 +1,25 @@ -bind-libs - obsoletes "bind-utils-<targettype>" - provides "bind-utils-<targettype>" -arch ppc package bind-devel - requires -bind-<targettype> - requires "bind-libs-<targettype> = <version>" -arch sparcv9 package bind-devel - requires -bind-<targettype> - requires "bind-libs-<targettype> = <version>" +libbind9-140 +libdns146 +libidnkit1 +libidnkitlite1 +libidnkitres1 +libirs141 +libisc142 + obsoletes "bind-libs-<targettype> = <version>" + provides "bind-libs-<targettype> = <version>" +libisccc140 +libisccfg140 +liblwres141 +bind-devel + requires -bind-<targettype> + requires "libbind9-140-<targettype> = <version>" + requires "libdns146-<targettype> = <version>" + requires "libirs141-<targettype> = <version>" + requires "libisc142-<targettype> = <version>" + requires "libisccc140-<targettype> = <version>" + requires "libisccfg140-<targettype> = <version>" + requires "liblwres141-<targettype> = <version>" +idnkit-devel + requires "libdns146-<targettype> = <version>" + requires "libidnkit1-<targettype> = <version>" + requires "libidnkitlite1-<targettype> = <version>" ++++++ bind-9.9.5-P1.tar.gz -> bind-9.10.1-P1.tar.gz ++++++ /work/SRC/openSUSE:Factory/bind/bind-9.9.5-P1.tar.gz /work/SRC/openSUSE:Factory/.bind.new/bind-9.10.1-P1.tar.gz differ: char 5, line 1 ++++++ bind-sdb-ldap.patch ++++++ --- /var/tmp/diff_new_pack.P5E9Nq/_old 2014-12-19 09:40:26.000000000 +0100 +++ /var/tmp/diff_new_pack.P5E9Nq/_new 2014-12-19 09:40:26.000000000 +0100 @@ -19,7 +19,7 @@ =================================================================== --- bin/named/main.c.orig 2013-12-20 01:28:28.000000000 +0100 +++ bin/named/main.c 2014-01-23 18:45:19.059680008 +0100 -@@ -82,6 +82,7 @@ +@@ -85,6 +85,7 @@ * Include header files for database drivers here. */ /* #include "xxdb.h" */ @@ -27,7 +27,7 @@ #ifdef CONTRIB_DLZ /* -@@ -922,6 +923,7 @@ +@@ -1016,6 +1017,7 @@ * Add calls to register sdb drivers here. */ /* xxdb_init(); */ @@ -35,7 +35,7 @@ #ifdef ISC_DLZ_DLOPEN /* -@@ -958,6 +960,7 @@ +@@ -1056,6 +1058,7 @@ * Add calls to unregister sdb drivers here. */ /* xxdb_clear(); */ ++++++ configure.in.diff ++++++ --- /var/tmp/diff_new_pack.P5E9Nq/_old 2014-12-19 09:40:26.000000000 +0100 +++ /var/tmp/diff_new_pack.P5E9Nq/_new 2014-12-19 09:40:26.000000000 +0100 @@ -2,9 +2,9 @@ =================================================================== --- bind-9.9.4-P2.orig/configure.in 2013-12-20 01:28:28.000000000 +0100 +++ bind-9.9.4-P2/configure.in 2014-01-21 17:55:51.063395215 +0100 -@@ -3172,7 +3172,7 @@ +@@ -3839,7 +3839,7 @@ AC_SUBST(DOXYGEN) # empty). The variable VARIABLE will be substituted into output files. - # + # -AC_DEFUN(NOM_PATH_FILE, [ +AC_DEFUN([NOM_PATH_FILE], [ ++++++ named-bootconf.diff ++++++ --- /var/tmp/diff_new_pack.P5E9Nq/_old 2014-12-19 09:40:26.000000000 +0100 +++ /var/tmp/diff_new_pack.P5E9Nq/_new 2014-12-19 09:40:26.000000000 +0100 @@ -1,7 +1,7 @@ Index: contrib/named-bootconf/named-bootconf.sh =================================================================== ---- contrib/named-bootconf/named-bootconf.sh.orig -+++ contrib/named-bootconf/named-bootconf.sh +--- contrib/scripts/named-bootconf.sh.orig ++++ contrib/scripts/named-bootconf.sh @@ -47,7 +47,8 @@ # POSSIBILITY OF SUCH DAMAGE. ++++++ named.root ++++++ --- /var/tmp/diff_new_pack.P5E9Nq/_old 2014-12-19 09:40:26.000000000 +0100 +++ /var/tmp/diff_new_pack.P5E9Nq/_new 2014-12-19 09:40:26.000000000 +0100 @@ -9,30 +9,32 @@ ; on server FTP.INTERNIC.NET ; -OR- RS.INTERNIC.NET ; -; last update: Jan 3, 2013 -; related version of root zone: 2013010300 +; last update: November 05, 2014 +; related version of root zone: 2014110501 ; ; formerly NS.INTERNIC.NET ; -. 3600000 IN NS A.ROOT-SERVERS.NET. +. 3600000 NS A.ROOT-SERVERS.NET. A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 -A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:BA3E::2:30 +A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:ba3e::2:30 ; ; FORMERLY NS1.ISI.EDU ; . 3600000 NS B.ROOT-SERVERS.NET. B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201 +B.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:84::b ; ; FORMERLY C.PSI.NET ; . 3600000 NS C.ROOT-SERVERS.NET. C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12 +C.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2::c ; ; FORMERLY TERP.UMD.EDU ; . 3600000 NS D.ROOT-SERVERS.NET. D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13 -D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2D::D +D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2d::d ; ; FORMERLY NS.NASA.GOV ; @@ -43,7 +45,7 @@ ; . 3600000 NS F.ROOT-SERVERS.NET. F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241 -F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2F::F +F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2f::f ; ; FORMERLY NS.NIC.DDN.MIL ; @@ -54,25 +56,25 @@ ; . 3600000 NS H.ROOT-SERVERS.NET. H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53 -H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::803F:235 +H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::803f:235 ; ; FORMERLY NIC.NORDU.NET ; . 3600000 NS I.ROOT-SERVERS.NET. I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17 -I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7FE::53 +I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fe::53 ; ; OPERATED BY VERISIGN, INC. ; . 3600000 NS J.ROOT-SERVERS.NET. J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30 -J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:C27::2:30 +J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:c27::2:30 ; ; OPERATED BY RIPE NCC ; . 3600000 NS K.ROOT-SERVERS.NET. K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129 -K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7FD::1 +K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fd::1 ; ; OPERATED BY ICANN ; @@ -84,5 +86,5 @@ ; . 3600000 NS M.ROOT-SERVERS.NET. M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33 -M.ROOT-SERVERS.NET. 3600000 AAAA 2001:DC3::35 -; End of File +M.ROOT-SERVERS.NET. 3600000 AAAA 2001:dc3::35 +; End of file ++++++ pie_compile.diff ++++++ --- /var/tmp/diff_new_pack.P5E9Nq/_old 2014-12-19 09:40:26.000000000 +0100 +++ /var/tmp/diff_new_pack.P5E9Nq/_new 2014-12-19 09:40:26.000000000 +0100 @@ -49,7 +49,7 @@ =================================================================== --- bin/dig/Makefile.in.orig 2013-07-17 00:13:06.000000000 +0200 +++ bin/dig/Makefile.in 2013-08-06 12:08:19.492457714 +0200 -@@ -69,8 +69,12 @@ +@@ -69,8 +69,12 @@ HTMLPAGES = dig.html host.html nslookup. MANOBJS = ${MANPAGES} ${HTMLPAGES} @@ -61,12 +61,12 @@ + dig@EXEEXT@: dig.@O@ dighost.@O@ ${UOBJS} ${DEPLIBS} export BASEOBJS="dig.@O@ dighost.@O@ ${UOBJS}"; \ - ${FINALBUILDCMD} + export LIBS0="${DNSLIBS}"; \ Index: bin/dnssec/Makefile.in =================================================================== --- bin/dnssec/Makefile.in.orig 2013-07-17 00:13:06.000000000 +0200 +++ bin/dnssec/Makefile.in 2013-08-06 12:08:19.493457729 +0200 -@@ -64,8 +64,12 @@ +@@ -65,8 +65,12 @@ MANOBJS = ${MANPAGES} ${HTMLPAGES} @@ -96,7 +96,7 @@ =================================================================== --- bin/named/Makefile.in.orig 2013-08-06 12:08:17.653432490 +0200 +++ bin/named/Makefile.in 2013-08-06 12:08:19.493457729 +0200 -@@ -115,8 +115,12 @@ +@@ -119,8 +119,12 @@ MANOBJS = ${MANPAGES} ${HTMLPAGES} @@ -158,8 +158,8 @@ =================================================================== --- bin/tools/Makefile.in.orig 2013-07-17 00:13:06.000000000 +0200 +++ bin/tools/Makefile.in 2013-08-06 12:08:19.493457729 +0200 -@@ -53,8 +53,12 @@ - genrandom.html isc-hmac-fixup.html +@@ -54,8 +54,12 @@ HTMLPAGES = arpaname.html named-journalp + nsec3hash.html genrandom.html isc-hmac-fixup.html MANOBJS = ${MANPAGES} ${HTMLPAGES} +EXT_CFLAGS = -fPIE -static @@ -169,8 +169,8 @@ +LDFLAGS += -pie + arpaname@EXEEXT@: arpaname.@O@ ${ISCDEPLIBS} ${DNSDEPLIBS} - ${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} -o $@ arpaname.@O@ \ - ${ISCLIBS} ${LIBS} + ${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} \ + -o $@ arpaname.@O@ ${ISCLIBS} ${LIBS} Index: contrib/idn/idnkit-1.0-src/tools/idnconv/Makefile.in =================================================================== --- contrib/idn/idnkit-1.0-src/tools/idnconv/Makefile.in.orig 2013-07-17 00:13:06.000000000 +0200 @@ -188,8 +188,8 @@ OBJS = idnconv.o util.o selectiveencode.o Index: contrib/zkt/Makefile.in =================================================================== ---- contrib/zkt/Makefile.in.orig 2013-07-17 00:13:06.000000000 +0200 -+++ contrib/zkt/Makefile.in 2013-08-06 12:08:19.494457743 +0200 +--- contrib/zkt-1.1.2/Makefile.in.orig 2013-07-17 00:13:06.000000000 +0200 ++++ contrib/zkt-1.1.2/Makefile.in 2013-08-06 12:08:19.494457743 +0200 @@ -13,11 +13,11 @@ OPTIM = # -O3 -DNDEBUG ++++++ runidn.diff ++++++ From: Jan Engelhardt <jeng...@inai.de> Date: 2014-10-01 19:52:10.339340849 +0200 We do not normally ship the .la files in openSUSE; make runidn work without it. And do it portably (\$LIB), too, which the original runidn can't. --- contrib/idn/idnkit-1.0-src/tools/runidn/runidn.in | 6 ++++++ 1 file changed, 6 insertions(+) Index: bind-9.9.5-P1/contrib/idn/idnkit-1.0-src/tools/runidn/runidn.in =================================================================== --- bind-9.9.5-P1.orig/contrib/idn/idnkit-1.0-src/tools/runidn/runidn.in +++ bind-9.9.5-P1/contrib/idn/idnkit-1.0-src/tools/runidn/runidn.in @@ -79,6 +79,7 @@ if test "$iconv_file" != none; then preload="$iconv_file@PRELOAD_SEP@" fi +if false; then prefix=@prefix@ exec_prefix=@exec_prefix@ libdir=`echo @libdir@` @@ -96,6 +97,11 @@ EOF exit 1 fi preload=$preload$libdir/$dlname +else +prefix=$(echo "@prefix@") +exec_prefix=$(echo "@exec_prefix@") +preload="$exec_prefix/\$LIB/libidnkitres.so.1" +fi # Set @PRELOAD_VAR@. if [ X$@PRELOAD_VAR@ = X ]; then ++++++ vendor-files.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vendor-files/init/lwresd new/vendor-files/init/lwresd --- old/vendor-files/init/lwresd 2012-01-02 18:05:09.000000000 +0100 +++ new/vendor-files/init/lwresd 2014-12-06 14:44:10.000000000 +0100 @@ -1,8 +1,8 @@ #! /bin/sh -# Copyright (c) 2004 SUSE Linux AG, Nuernberg, Germany. +# Copyright (c) 2004-2014 SUSE Linux GmbH, Nuernberg, Germany. # All rights reserved. # -# Author: Lars Mueller <lmue...@suse.de> +# Author: Lars Mueller <lmue...@suse.com> # # /etc/init.d/lwresd # and its symbolic link @@ -98,13 +98,19 @@ test ! -L /var/run/named && \ ln -s ${CHROOT_PREFIX}/var/run/named /var/run/named + # mount /proc for multicore CPUs (bnc#470828) + if [ ! -e "${CHROOT_PREFIX}/proc/meminfo" ]; then + mkdir -p "${CHROOT_PREFIX}/proc" + mount -tproc -oro,nosuid,nodev,noexec proc ${CHROOT_PREFIX}/proc 2>/dev/null + fi; + for configfile in /etc/{localtime,lwresd.conf,resolv.conf,rndc.key}; do if [ ! -e ${configfile} ]; then case ${configfile} in # Don't complain if we don't have a lwresd.conf /etc/lwresd.conf) - rm -f "${CHROOT_PREFIX}/${configfile}" # clean chroot env. - continue ;; + rm -f "${CHROOT_PREFIX}/${configfile}" # clean chroot env. + continue ;; # Don't complain if we don't have a key. /etc/rndc.key) continue ;; *) @@ -114,9 +120,11 @@ esac fi makeDestDir - rm -f ${CHROOT_PREFIX}/${configfile} + rm -f ${CHROOT_PREFIX}/${configfile} cp -a -L ${configfile} ${CHROOT_PREFIX}/${configfile%/*} done + mkdir -p ${CHROOT_PREFIX}/___lib__ + cp -r /___lib__/engines ${CHROOT_PREFIX}/___lib__/ else # NAMED_RUN_CHROOTED != yes test -L /var/run/named && rm /var/run/named @@ -191,7 +199,7 @@ ;; status) echo -n "Checking for service Lightweight resolver daemon " - checkproc -p ${LWRESD_PID} ${LWRESD_BIN} + checkproc -p ${LWRESD_PID} ${LWRESD_BIN} rc_status -v ;; probe) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vendor-files/init/named new/vendor-files/init/named --- old/vendor-files/init/named 2013-08-07 17:19:06.000000000 +0200 +++ new/vendor-files/init/named 2014-12-05 21:51:27.000000000 +0100 @@ -1,8 +1,8 @@ #! /bin/sh -# Copyright (c) 1995-2004 SUSE Linux AG, Nuernberg, Germany +# Copyright (c) 1995-2014 SUSE Linux GmbH, Nuernberg, Germany # All rights reserved. # -# Author: Lars Mueller <lmue...@suse.de> +# Author: Lars Mueller <lmue...@suse.com> # # /etc/init.d/named # and its symbolic link @@ -170,34 +170,22 @@ test ! -L /var/run/named && \ ln -s ${CHROOT_PREFIX}/var/run/named /var/run/named - # mount /proc for multicore CPUs (bnc#470828) - if [ ! -e "${CHROOT_PREFIX}/proc/meminfo" ]; then - mkdir -p "${CHROOT_PREFIX}/proc" - mount -tproc -oro,nosuid,nodev,noexec proc ${CHROOT_PREFIX}/proc 2>/dev/null - fi; - - NAMED_D="/etc/named.d" - # delete old named.d - test -z "${CHROOT_PREFIX}${NAMED_D}" || rm -rf ${CHROOT_PREFIX}${NAMED_D} - # copy new - cp -a -L ${NAMED_D} ${CHROOT_PREFIX}${NAMED_D%/*} + NAMED_D="/etc/named.d" + # delete old named.d + test -z "${CHROOT_PREFIX}${NAMED_D}" || rm -rf ${CHROOT_PREFIX}${NAMED_D} + # copy new + cp -a -L ${NAMED_D} ${CHROOT_PREFIX}${NAMED_D%/*} for configfile in ${NAMED_CONF_INCLUDE_FILES} "${NAMED_CONF}" "${NAMED_CONF_META_INCLUDE_FILE}" /etc/{localtime,rndc.key,ssl/openssl.cnf}; do if [ ! -e ${configfile} ]; then warnMessage "File ${configfile} not found. Skipping." continue fi makeDestDir - rm -f ${CHROOT_PREFIX}/${configfile} + rm -f ${CHROOT_PREFIX}/${configfile} cp -a -L ${configfile} ${CHROOT_PREFIX}/${configfile%/*} done - if [ -d /lib/engines ]; then - mkdir -p ${CHROOT_PREFIX}/lib - cp -r /lib/engines ${CHROOT_PREFIX}/lib/ - fi - if [ -d /lib64/engines ]; then - mkdir -p ${CHROOT_PREFIX}/lib64 - cp -r /lib64/engines ${CHROOT_PREFIX}/lib64/ - fi + mkdir -p ${CHROOT_PREFIX}/___lib__ + cp -r /___lib__/engines ${CHROOT_PREFIX}/___lib__/ else # NAMED_RUN_CHROOTED != yes test -L /var/run/named && rm /var/run/named @@ -228,7 +216,7 @@ start) echo -n "Starting name server BIND " if [ ! -e /etc/named.conf.include ]; then - touch /etc/named.conf.include + touch /etc/named.conf.include fi if [ ! -e /etc/named.d/forwarders.conf ]; then touch /etc/named.d/forwarders.conf @@ -280,8 +268,8 @@ sleep 2 fi done - if [ -e "/var/lib/named/proc/meminfo" ] ; then - umount "/var/lib/named/proc" + if [ -e "/var/lib/named/proc/meminfo" ] ; then + umount "/var/lib/named/proc" fi; rc_status -v ;; @@ -290,7 +278,7 @@ echo "${attn} Use try-restart ${done}(LSB)${attn} rather than condrestart ${warn}(RH)${norm}" fi if [ ! -e /etc/named.conf.include ]; then - touch /etc/named.conf.include + touch /etc/named.conf.include fi if [ ! -e /etc/named.d/forwarders.conf ]; then touch /etc/named.d/forwarders.conf @@ -306,7 +294,7 @@ ;; restart) if [ ! -e /etc/named.conf.include ]; then - touch /etc/named.conf.include + touch /etc/named.conf.include fi if [ ! -e /etc/named.d/forwarders.conf ]; then touch /etc/named.d/forwarders.conf @@ -341,13 +329,13 @@ ;; status) echo -n "Checking for nameserver BIND " - checkproc -p ${NAMED_PID} ${NAMED_BIN} - v=$? + checkproc -p ${NAMED_PID} ${NAMED_BIN} + v=$? if [ $v -ne 0 ]; then - rc_failed $v + rc_failed $v else test "${RNDC_BIN}" && echo && ${RNDC_BIN} status && echo -en "${esc}[1A" - true + true fi rc_status -v ;; @@ -367,4 +355,3 @@ ;; esac rc_exit - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vendor-files/tools/createNamedConfInclude new/vendor-files/tools/createNamedConfInclude --- old/vendor-files/tools/createNamedConfInclude 2013-12-09 12:29:30.000000000 +0100 +++ new/vendor-files/tools/createNamedConfInclude 2014-12-05 22:53:02.000000000 +0100 @@ -1,9 +1,9 @@ #!/bin/sh # -# Copyright (c) 2003 SuSE Linux AG Nuernberg, Germany. +# Copyright (c) 2003-2014 SUSE Linux GmbH, Nuernberg, Germany. # All rights reserved. # -# Authors: Lars Mueller <lmue...@suse.de> +# Authors: Lars Mueller <lmue...@suse.com> # @@ -11,6 +11,7 @@ # check if we are started as root # only one of UID and USER must be set correctly # +[ -n "$UID" ] || UID="$(id -ru)" if test "$UID" != 0 -a "$USER" != root; then echo "You must be root to start $0." exit 1 @@ -19,20 +20,20 @@ BASENAME=$( basename $0) NAMED_CHECKCONF_BIN="/usr/sbin/named-checkconf" -function warnMessage() +warnMessage() { tput bold - echo -en "Warning: " + echo -n "Warning: " tput sgr0 - echo -e $1 + echo $1 } -function errorMessage() +errorMessage() { tput bold - echo -en "Error: " + echo -n "Error: " tput sgr0 - echo -e $1 + echo $1 } MD5DIR="/var/adm/bind/md5" @@ -118,7 +119,7 @@ # # find the next unused file descriptor # -declare -i fd=3 +fd=3 while [ -t ${fd} ]; do fd=$(( ${fd} + 1 )) done @@ -144,7 +145,10 @@ includeUsed="no" for file in ${NAMED_CONF_INCLUDE_FILES}; do # prepend the default include directory if the filename is relative - test "${file:0:1}" = "/" || file="/etc/named.d/${file}" + case "$file" in + /*) ;; + *) file="/etc/named.d/${file}" ;; + esac if [ ! -f "${file}" ]; then warnMessage "File, ${file} to include not found! Skipping." continue -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org