summaryrefslogtreecommitdiff
path: root/contrib
diff options
context:
space:
mode:
authorInternet Software Consortium, Inc <@isc.org>2007-09-07 14:16:14 -0600
committerLaMont Jones <lamont@debian.org>2007-09-07 14:16:14 -0600
commit0d2bbd9fb5842156992e1c07bd94d676c9485147 (patch)
tree30b03242dbd0a0a0b6b7dbbfe55b8e99f7909520 /contrib
parentecfc03fdfa6959f52d12a5b9f961cd592e7c32d9 (diff)
downloadbind9-0d2bbd9fb5842156992e1c07bd94d676c9485147.tar.gz
9.4.0b3
Diffstat (limited to 'contrib')
-rw-r--r--contrib/dbus/Makefile.9.3.2b1 (renamed from contrib/dbus/Makefile)0
-rw-r--r--contrib/dbus/Makefile.9.3.3rc220
-rw-r--r--contrib/dbus/bind-9.3.3rc2-dbus.patch778
-rw-r--r--contrib/dbus/dbus_service.c8
-rw-r--r--contrib/named-bootconf/named-bootconf.sh16
5 files changed, 816 insertions, 6 deletions
diff --git a/contrib/dbus/Makefile b/contrib/dbus/Makefile.9.3.2b1
index 62850344..62850344 100644
--- a/contrib/dbus/Makefile
+++ b/contrib/dbus/Makefile.9.3.2b1
diff --git a/contrib/dbus/Makefile.9.3.3rc2 b/contrib/dbus/Makefile.9.3.3rc2
new file mode 100644
index 00000000..91a0ffe0
--- /dev/null
+++ b/contrib/dbus/Makefile.9.3.3rc2
@@ -0,0 +1,20 @@
+# contrib/dbus/Makefile
+#
+# This Makefile will install D-BUS support into the ISC BIND 9.3.2b1+ source,
+# necessary to support dynamic forwarding table management with D-BUS, for
+# Red Hat NetworkManager support.
+#
+# After running "make" in this directory, simply run make in the top level
+# BIND source directory, and D-BUS support will be enabled.
+#
+
+all:
+ echo 'Enabling D-BUS support...'
+ @ cp -fp dbus_mgr.c dbus_service.c ../../bin/named;
+ @ cp -fp dbus_mgr.h dbus_service.h ../../bin/named/include/named;
+ @ cp -fp README.DBUS ../../doc/misc
+ @ cd ../..; patch -s -p1 -b --suffix=.dbus < contrib/dbus/bind-9.3.3rc2-dbus.patch
+
+install:
+ install -o root -g root -m 640 named-dbus-system.conf /etc/dbus-1/system.d/named.conf
+ install -o root -g root -m 640 named-dbus.service /usr/share/dbus-1/services/named.service
diff --git a/contrib/dbus/bind-9.3.3rc2-dbus.patch b/contrib/dbus/bind-9.3.3rc2-dbus.patch
new file mode 100644
index 00000000..9048db71
--- /dev/null
+++ b/contrib/dbus/bind-9.3.3rc2-dbus.patch
@@ -0,0 +1,778 @@
+--- bind-9.3.3rc2/lib/dns/forward.c.dbus 2005-03-17 04:58:30.000000000 +0100
++++ bind-9.3.3rc2/lib/dns/forward.c 2006-09-18 10:08:37.000000000 +0200
+@@ -200,3 +200,89 @@
+ }
+ isc_mem_put(fwdtable->mctx, forwarders, sizeof(dns_forwarders_t));
+ }
++
++/***
++ *** new D-BUS Dynamic Forwarding Zones functions:
++ ***/
++isc_result_t
++dns_fwdtable_delete(dns_fwdtable_t *fwdtable, dns_name_t *name )
++{
++ isc_result_t result;
++
++ REQUIRE(VALID_FWDTABLE(fwdtable));
++
++ RWLOCK(&fwdtable->rwlock, isc_rwlocktype_write);
++
++ result = dns_rbt_deletename(fwdtable->table, name, ISC_FALSE);
++
++ RWUNLOCK(&fwdtable->rwlock, isc_rwlocktype_write);
++
++ return (result);
++}
++
++isc_result_t
++dns_fwdtable_find_closest(dns_fwdtable_t *fwdtable,
++ dns_name_t *name,
++ dns_name_t *foundname,
++ dns_forwarders_t **forwardersp)
++{
++ isc_result_t result;
++
++ REQUIRE(VALID_FWDTABLE(fwdtable));
++
++ RWLOCK(&fwdtable->rwlock, isc_rwlocktype_read);
++
++ result = dns_rbt_findname(fwdtable->table, name, 0, foundname,
++ (void **)forwardersp);
++
++ if(result == DNS_R_PARTIALMATCH)
++ result = ISC_R_SUCCESS;
++
++ RWUNLOCK(&fwdtable->rwlock, isc_rwlocktype_read);
++
++ return (result);
++}
++
++isc_result_t
++dns_fwdtable_find_exact(dns_fwdtable_t *fwdtable, dns_name_t *name,
++ dns_forwarders_t **forwardersp)
++{
++ isc_result_t result;
++
++ REQUIRE(VALID_FWDTABLE(fwdtable));
++
++ REQUIRE(forwardersp != 0L);
++
++ RWLOCK(&fwdtable->rwlock, isc_rwlocktype_read);
++
++ result = dns_rbt_findname(fwdtable->table, name, 0, NULL,
++ (void **)forwardersp);
++
++ if( result != ISC_R_SUCCESS )
++ *forwardersp = 0L;
++
++ RWUNLOCK(&fwdtable->rwlock, isc_rwlocktype_read);
++
++ return (result);
++}
++
++static
++void dns_fwdtable_traverse
++(
++ dns_name_t *name,
++ void *node_data,
++ void *cbp,
++ void *cb_arg
++)
++{
++ dns_fwdtable_callback_t cb = (dns_fwdtable_callback_t) cbp;
++
++ (*cb)( name, node_data, cb_arg);
++}
++
++void dns_fwdtable_foreach(dns_fwdtable_t *fwdtable, dns_fwdtable_callback_t cb, void *cb_arg )
++{
++ REQUIRE(VALID_FWDTABLE(fwdtable));
++
++ dns_rbt_traverse( fwdtable->table, dns_fwdtable_traverse, cb, cb_arg );
++}
+--- bind-9.3.3rc2/lib/dns/include/dns/forward.h.dbus 2005-03-17 04:58:31.000000000 +0100
++++ bind-9.3.3rc2/lib/dns/include/dns/forward.h 2006-09-18 10:08:37.000000000 +0200
+@@ -98,6 +98,37 @@
+ * all memory associated with the forwarding table is freed.
+ */
+
++
++/* These are ONLY used by dbus_mgr :
++ */
++
++isc_result_t
++dns_fwdtable_delete( dns_fwdtable_t *fwdtable, dns_name_t *name );
++/*
++ * Removes an entry from the forwarding table.
++ */
++
++isc_result_t
++dns_fwdtable_find_exact(dns_fwdtable_t *fwdtable, dns_name_t *name,
++ dns_forwarders_t **forwardersp);
++/*
++ * Finds an exact match for "name" in the forwarding table.
++ */
++
++isc_result_t
++dns_fwdtable_find_closest(dns_fwdtable_t *fwdtable, dns_name_t *name, dns_name_t *foundname,
++ dns_forwarders_t **forwardersp);
++/*
++ * Finds the closest match for "*name" in the forwarding table, returning
++ * the actual name matching in *name if different to *name passed in.
++ */
++
++typedef void (*dns_fwdtable_callback_t)( dns_name_t *, dns_forwarders_t *, void *);
++void dns_fwdtable_foreach(dns_fwdtable_t *fwdtable, dns_fwdtable_callback_t cb, void * );
++/* Invoke cb for each member of fwdtable
++ */
++
++
+ ISC_LANG_ENDDECLS
+
+ #endif /* DNS_FORWARD_H */
+--- bind-9.3.3rc2/lib/dns/include/dns/rbt.h.dbus 2004-10-11 07:55:51.000000000 +0200
++++ bind-9.3.3rc2/lib/dns/include/dns/rbt.h 2006-09-18 10:08:37.000000000 +0200
+@@ -833,6 +833,17 @@
+ * <something_else> Any error result from dns_name_concatenate.
+ */
+
++
++typedef void (*dns_rbt_traverse_callback_t)( dns_name_t *name,
++ void *node_data,
++ void *cb_arg1,
++ void *cb_arg2);
++
++void dns_rbt_traverse( dns_rbt_t *rbt, dns_rbt_traverse_callback_t cb, void *cb_arg1, void *cb_arg2 );
++/* tree traversal function (only used by D-BUS dynamic forwarding dbus_mgr at
++ * the moment)
++ */
++
+ ISC_LANG_ENDDECLS
+
+ #endif /* DNS_RBT_H */
+--- bind-9.3.3rc2/lib/dns/rbt.c.dbus 2005-06-18 03:03:24.000000000 +0200
++++ bind-9.3.3rc2/lib/dns/rbt.c 2006-09-18 10:08:37.000000000 +0200
+@@ -2172,6 +2172,47 @@
+ dns_rbt_printtree(rbt->root, NULL, 0);
+ }
+
++static void
++dns_rbt_traverse_tree(dns_rbtnode_t *root, dns_rbt_traverse_callback_t cb, void *cb_arg1, void *cb_arg2 ) {
++/*
++ * This is used ONLY to traverse the forward table by dbus_mgr at the moment.
++ * Since the forward table is not likely to be large, this can be recursive.
++ */
++ dns_name_t name;
++ dns_offsets_t offsets;
++ char buf[DNS_NAME_MAXWIRE];
++ isc_buffer_t buffer;
++
++ if (root != NULL) {
++
++ if (DOWN(root))
++ dns_rbt_traverse_tree(DOWN(root), cb, cb_arg1, cb_arg2);
++
++ if( LEFT(root) != NULL )
++ dns_rbt_traverse_tree(LEFT(root), cb, cb_arg1, cb_arg2);
++
++ if( RIGHT(root) != NULL )
++ dns_rbt_traverse_tree(RIGHT(root), cb, cb_arg1, cb_arg2);
++
++ if( DATA(root) == 0L )
++ return;
++
++ dns_name_init(&name, offsets);
++ isc_buffer_init(&buffer, buf, DNS_NAME_MAXWIRE);
++ dns_name_setbuffer( &name, &buffer);
++ dns_rbt_fullnamefromnode(root, &name);
++
++ (*cb)(&name, DATA(root), cb_arg1, cb_arg2);
++ }
++}
++
++void dns_rbt_traverse( dns_rbt_t *rbt, dns_rbt_traverse_callback_t cb, void *cb_arg1, void *cb_arg2 )
++{
++ REQUIRE(VALID_RBT(rbt));
++
++ dns_rbt_traverse_tree( rbt->root, cb, cb_arg1, cb_arg2 );
++}
++
+ /*
+ * Chain Functions
+ */
+--- bind-9.3.3rc2/lib/isc/include/isc/socket.h.dbus 2004-03-08 10:04:53.000000000 +0100
++++ bind-9.3.3rc2/lib/isc/include/isc/socket.h 2006-09-18 10:08:37.000000000 +0200
+@@ -136,6 +136,10 @@
+ #define ISC_SOCKEVENT_NEWCONN (ISC_EVENTCLASS_SOCKET + 3)
+ #define ISC_SOCKEVENT_CONNECT (ISC_EVENTCLASS_SOCKET + 4)
+
++#define ISC_SOCKEVENT_READ_READY (ISC_EVENTCLASS_SOCKET + 5)
++#define ISC_SOCKEVENT_WRITE_READY (ISC_EVENTCLASS_SOCKET + 6)
++#define ISC_SOCKEVENT_SELECTED (ISC_EVENTCLASS_SOCKET + 7)
++
+ /*
+ * Internal events.
+ */
+@@ -144,7 +148,8 @@
+
+ typedef enum {
+ isc_sockettype_udp = 1,
+- isc_sockettype_tcp = 2
++ isc_sockettype_tcp = 2,
++ isc_sockettype_fd = 8
+ } isc_sockettype_t;
+
+ /*
+@@ -699,6 +704,30 @@
+ * 'sock' is a valid socket.
+ */
+
++isc_socketevent_t*
++isc_socket_fd_handle_reads( isc_socket_t *sock, isc_socketevent_t *dev );
++/* register the "dev" event to be sent when the isc_sockettype_fd sock
++ * was select()-ed for read. If there is already an event registered, it
++ * is returned, otherwise 0 is returned. If dev is 0, removes any existing
++ * registered event.
++ */
++
++isc_socketevent_t*
++isc_socket_fd_handle_writes( isc_socket_t *sock, isc_socketevent_t *dev );
++/* register the "dev" event to be sent when the isc_sockettype_fd sock
++ * was select()-ed for write. If there is already an event registered, it
++ * is returned, otherwise 0 is returned. If dev is 0, removes any existing
++ * registered event.
++ */
++
++isc_socketevent_t*
++isc_socket_fd_handle_selected( isc_socket_t *sock, isc_socketevent_t *dev );
++/* register the "dev" event to be sent when ALL isc_sockettype_fd sockets
++ * have been select()-ed . If there is already an event registered, it
++ * is returned, otherwise 0 is returned. If dev is 0, removes any existing
++ * registered event.
++ */
++
+ ISC_LANG_ENDDECLS
+
+ #endif /* ISC_SOCKET_H */
+--- bind-9.3.3rc2/lib/isc/unix/socket.c.dbus 2006-05-19 04:53:36.000000000 +0200
++++ bind-9.3.3rc2/lib/isc/unix/socket.c 2006-09-18 10:08:37.000000000 +0200
+@@ -148,6 +148,11 @@
+ ISC_LIST(isc_socketevent_t) recv_list;
+ ISC_LIST(isc_socket_newconnev_t) accept_list;
+ isc_socket_connev_t *connect_ev;
++
++ /* these are used only by isc_sockettype_fd sockets:*/
++ isc_socketevent_t *read_ready_event;
++ isc_socketevent_t *write_ready_event;
++ isc_socketevent_t *selected_event;
+
+ /*
+ * Internal events. Posted when a descriptor is readable or
+@@ -304,7 +309,7 @@
+
+ static void
+ wakeup_socket(isc_socketmgr_t *manager, int fd, int msg) {
+- isc_socket_t *sock;
++ isc_socket_t *sock=0L;
+
+ /*
+ * This is a wakeup on a socket. If the socket is not in the
+@@ -1289,6 +1294,9 @@
+ sock->connected = 0;
+ sock->connecting = 0;
+ sock->bound = 0;
++ sock->read_ready_event = 0L;
++ sock->write_ready_event = 0L;
++ sock->selected_event = 0L;
+
+ /*
+ * initialize the lock
+@@ -1401,13 +1409,16 @@
+ case isc_sockettype_tcp:
+ sock->fd = socket(pf, SOCK_STREAM, IPPROTO_TCP);
+ break;
++
++ case isc_sockettype_fd:
++ sock->fd = pf;
+ }
+
+ #ifdef F_DUPFD
+ /*
+ * Leave a space for stdio to work in.
+ */
+- if (sock->fd >= 0 && sock->fd < 20) {
++ if ( (type != isc_sockettype_fd) && (sock->fd >= 0) && (sock->fd < 20) ) {
+ int new, tmp;
+ new = fcntl(sock->fd, F_DUPFD, 20);
+ tmp = errno;
+@@ -1461,7 +1472,7 @@
+ }
+ }
+
+- if (make_nonblock(sock->fd) != ISC_R_SUCCESS) {
++ if ((type != isc_sockettype_fd) && (make_nonblock(sock->fd) != ISC_R_SUCCESS)) {
+ (void)close(sock->fd);
+ free_socket(&sock);
+ return (ISC_R_UNEXPECTED);
+@@ -1729,6 +1740,38 @@
+ isc_task_send(ev->ev_sender, (isc_event_t **)&iev);
+ }
+
++static
++isc_event_t *dispatch_read_ready(isc_socketmgr_t *manager, isc_socket_t *sock)
++{
++ isc_event_t *dev = (isc_event_t*)sock->read_ready_event, *ev;
++
++ ev = isc_mem_get(manager->mctx, dev->ev_size);
++ memcpy(ev,dev,dev->ev_size);
++ ISC_LINK_INIT(ev,ev_link);
++ isc_task_send(dev->ev_sender, &ev );
++ return (isc_event_t *)sock->selected_event;
++}
++
++static
++isc_event_t *dispatch_write_ready(isc_socketmgr_t *manager,isc_socket_t *sock)
++{
++ isc_event_t *dev = (isc_event_t*)sock->write_ready_event, *ev;
++ ev = isc_mem_get(manager->mctx, dev->ev_size);
++ memcpy(ev,dev,dev->ev_size);
++ ISC_LINK_INIT(ev,ev_link);
++ isc_task_send(dev->ev_sender, &ev );
++ return (isc_event_t *)sock->selected_event;
++}
++
++static
++void dispatch_selected(isc_socketmgr_t *manager, isc_event_t *dev)
++{ isc_event_t *ev;
++ ev = isc_mem_get(manager->mctx, dev->ev_size);
++ memcpy(ev,dev,dev->ev_size);
++ ISC_LINK_INIT(ev,ev_link);
++ isc_task_send(dev->ev_sender, &ev );
++}
++
+ /*
+ * Dequeue an item off the given socket's read queue, set the result code
+ * in the done event to the one provided, and send it to the task it was
+@@ -2136,6 +2179,7 @@
+ int i;
+ isc_socket_t *sock;
+ isc_boolean_t unlock_sock;
++ isc_event_t *sock_selected = 0L;
+
+ REQUIRE(maxfd <= (int)FD_SETSIZE);
+
+@@ -2169,11 +2213,15 @@
+ unlock_sock = ISC_TRUE;
+ LOCK(&sock->lock);
+ if (!SOCK_DEAD(sock)) {
++ if( sock->type != isc_sockettype_fd )
++ {
+ if (sock->listener)
+ dispatch_accept(sock);
+ else
+ dispatch_recv(sock);
+- }
++ }else
++ sock_selected = dispatch_read_ready(manager,sock);
++ }
+ FD_CLR(i, &manager->read_fds);
+ }
+ check_write:
+@@ -2187,16 +2235,24 @@
+ LOCK(&sock->lock);
+ }
+ if (!SOCK_DEAD(sock)) {
++ if( sock->type != isc_sockettype_fd )
++ {
+ if (sock->connecting)
+ dispatch_connect(sock);
+ else
+ dispatch_send(sock);
++ }else
++ sock_selected = dispatch_write_ready(manager,sock);
+ }
+ FD_CLR(i, &manager->write_fds);
+ }
+ if (unlock_sock)
+ UNLOCK(&sock->lock);
+ }
++ if( sock_selected != 0L )
++ {
++ dispatch_selected(manager, sock_selected);
++ }
+ }
+
+ #ifdef ISC_PLATFORM_USETHREADS
+@@ -2215,7 +2271,7 @@
+ int cc;
+ fd_set readfds;
+ fd_set writefds;
+- int msg, fd;
++ int msg, fd = -1;
+ int maxfd;
+ char strbuf[ISC_STRERRORSIZE];
+
+@@ -3546,3 +3602,55 @@
+ return (ISC_R_SUCCESS);
+ }
+ #endif /* ISC_PLATFORM_USETHREADS */
++
++isc_socketevent_t*
++isc_socket_fd_handle_reads( isc_socket_t *sock, isc_socketevent_t *dev )
++{
++ REQUIRE(VALID_SOCKET(sock));
++ if(dev != 0L)
++ {
++ sock->references=1;
++ sock->read_ready_event = dev;
++ select_poke(sock->manager, sock->fd, SELECT_POKE_READ);
++ }else
++ {
++ dev = sock->read_ready_event ;
++ sock->read_ready_event = 0L ;
++ }
++ return dev;
++}
++
++isc_socketevent_t*
++isc_socket_fd_handle_writes( isc_socket_t *sock, isc_socketevent_t *dev )
++{
++ REQUIRE(VALID_SOCKET(sock));
++ if(dev != 0L)
++ {
++ sock->references=1;
++ sock->write_ready_event = dev;
++ select_poke(sock->manager, sock->fd, SELECT_POKE_WRITE);
++ }else
++ {
++ dev = sock->write_ready_event;
++ sock->write_ready_event = 0L;
++ }
++ return dev;
++}
++
++isc_socketevent_t*
++isc_socket_fd_handle_selected( isc_socket_t *sock, isc_socketevent_t *dev )
++{
++ REQUIRE(VALID_SOCKET(sock));
++ if(dev != 0L)
++ {
++ sock->references=1;
++ sock->selected_event = dev;
++ }else
++ {
++ dev = sock->selected_event;
++ sock->selected_event = 0L;
++ sock->references=0;
++ destroy(&sock);
++ }
++ return dev;
++}
+--- bind-9.3.3rc2/bin/named/named.8.dbus 2006-06-29 15:02:30.000000000 +0200
++++ bind-9.3.3rc2/bin/named/named.8 2006-09-18 10:08:37.000000000 +0200
+@@ -33,7 +33,7 @@
+ named \- Internet domain name server
+ .SH "SYNOPSIS"
+ .HP 6
+-\fBnamed\fR [\fB\-4\fR] [\fB\-6\fR] [\fB\-c\ \fR\fB\fIconfig\-file\fR\fR] [\fB\-d\ \fR\fB\fIdebug\-level\fR\fR] [\fB\-f\fR] [\fB\-g\fR] [\fB\-n\ \fR\fB\fI#cpus\fR\fR] [\fB\-p\ \fR\fB\fIport\fR\fR] [\fB\-s\fR] [\fB\-t\ \fR\fB\fIdirectory\fR\fR] [\fB\-u\ \fR\fB\fIuser\fR\fR] [\fB\-v\fR] [\fB\-x\ \fR\fB\fIcache\-file\fR\fR]
++\fBnamed\fR [\fB\-4\fR] [\fB\-6\fR] [\fB\-c\ \fR\fB\fIconfig\-file\fR\fR] [\fB\-d\ \fR\fB\fIdebug\-level\fR\fR] [\fB\-f\fR] [\fB\-g\fR] [\fB\-n\ \fR\fB\fI#cpus\fR\fR] [\fB\-p\ \fR\fB\fIport\fR\fR] [\fB\-s\fR] [\fB\-t\ \fR\fB\fIdirectory\fR\fR] [\fB\-u\ \fR\fB\fIuser\fR\fR] [\fB\-v\fR] [\fB\-x\ \fR\fB\fIcache\-file\fR\fR] [\fB\-D\fR]
+ .SH "DESCRIPTION"
+ .PP
+ \fBnamed\fR
+@@ -146,6 +146,13 @@
+ .B "Warning:"
+ This option must not be used. It is only of interest to BIND 9 developers and may be removed or changed in a future release.
+ .RE
++.sp
++.TP
++\fB\-D\fR
++Enable dynamic management of the forwarding table with D-BUS
++messages. This option is required for Red Hat NetworkManager
++support. See doc/README.DBUS .
++.sp
+ .SH "SIGNALS"
+ .PP
+ In routine operation, signals should not be used to control the nameserver;
+@@ -165,6 +172,73 @@
+ \fBnamed\fR
+ configuration file is too complex to describe in detail here. A complete description is provided in the
+ BIND 9 Administrator Reference Manual.
++.PP
++.SH "NOTES"
++.PP
++.TP
++\fBRed Hat SELinux BIND Security Profile:\fR
++.PP
++By default, Red Hat ships BIND with the most secure SELinux policy
++that will not prevent normal BIND operation and will prevent exploitation
++of all known BIND security vulnerabilities . See the selinux(8) man page
++for information about SElinux.
++.PP
++It is not necessary to run named in a chroot environment if the Red Hat
++SELinux policy for named is enabled. When enabled, this policy is far
++more secure than a chroot environment.
++.PP
++With this extra security comes some restrictions:
++.br
++By default, the SELinux policy does not allow named to write any master
++zone database files. Only the root user may create files in the $ROOTDIR/var/named
++zone database file directory (the options { "directory" } option), where
++$ROOTDIR is set in /etc/sysconfig/named.
++.br
++The "named" group must be granted read privelege to
++these files in order for named to be enabled to read them.
++.br
++Any file created in the zone database file directory is automatically assigned
++the SELinux file context named_zone_t .
++.br
++By default, SELinux prevents any role from modifying named_zone_t files; this
++means that files in the zone database directory cannot be modified by dynamic
++DNS (DDNS) updates or zone transfers.
++.br
++The Red Hat BIND distribution and SELinux policy creates two directories where
++named is allowed to create and modify files: $ROOTDIR/var/named/slaves and
++$ROOTDIR/var/named/data. By placing files you want named to modify, such as
++slave or DDNS updateable zone files and database / statistics dump files in
++these directories, named will work normally and no further operator action is
++required. Files in these directories are automatically assigned the 'named_cache_t'
++file context, which SELinux allows named to write.
++.br
++You can enable the named_t domain to write and create named_zone_t files by use
++of the SELinux tunable boolean variable "named_write_master_zones", using the
++setsebool(8) command or the system-config-security GUI . If you do this, you
++must also set the ENABLE_ZONE_WRITE variable in /etc/sysconfig/named to
++1 / yes to set the ownership of files in the $ROOTDIR/var/named directory
++to named:named in order for named to be allowed to write them.
++.PP
++\fBRed Hat BIND named_sdb SDB support:\fR
++.PP
++Red Hat ships the bind-sdb RPM that provides the /usr/sbin/named_sdb program,
++which is named compiled with the Simplified Database Backend modules that ISC
++provides in the "contrib/sdb" directory.
++.br
++The SDB modules for LDAP, PostGreSQL and DirDB are compiled into named_sdb.
++.br
++To run named_sdb, set the ENABLE_SDB variable in /etc/sysconfig/named to 1 or "yes",
++and then the "service named start" named initscript will run named_sdb instead
++of named .
++.br
++See the documentation for the various SDB modules in /usr/share/doc/bind-sdb-*/ .
++.PP
++\fBRed Hat system-config-bind:\fR
++.PP
++Red Hat provides the system-config-bind GUI to configure named.conf and zone
++database files. Run the "system-config-bind" command and access the manual
++by selecting the Help menu.
++.PP
+ .SH "FILES"
+ .TP 3n
+ \fI/etc/named.conf\fR
+--- bind-9.3.3rc2/bin/named/include/named/globals.h.dbus 2006-03-02 01:37:20.000000000 +0100
++++ bind-9.3.3rc2/bin/named/include/named/globals.h 2006-09-18 10:08:37.000000000 +0200
+@@ -112,6 +112,8 @@
+
+ EXTERN int ns_g_listen INIT(3);
+
++EXTERN int ns_g_dbus INIT(0);
++
+ #undef EXTERN
+ #undef INIT
+
+--- bind-9.3.3rc2/bin/named/include/named/log.h.dbus 2004-03-08 05:04:21.000000000 +0100
++++ bind-9.3.3rc2/bin/named/include/named/log.h 2006-09-18 10:08:37.000000000 +0200
+@@ -34,6 +34,7 @@
+ #define NS_LOGCATEGORY_QUERIES (&ns_g_categories[4])
+ #define NS_LOGCATEGORY_UNMATCHED (&ns_g_categories[5])
+ #define NS_LOGCATEGORY_UPDATE_SECURITY (&ns_g_categories[6])
++#define NS_LOGCATEGORY_DBUS (&ns_g_categories[7])
+
+ /*
+ * Backwards compatibility.
+@@ -51,6 +52,7 @@
+ #define NS_LOGMODULE_NOTIFY (&ns_g_modules[8])
+ #define NS_LOGMODULE_CONTROL (&ns_g_modules[9])
+ #define NS_LOGMODULE_LWRESD (&ns_g_modules[10])
++#define NS_LOGMODULE_DBUS (&ns_g_modules[11])
+
+ isc_result_t
+ ns_log_init(isc_boolean_t safe);
+--- bind-9.3.3rc2/bin/named/include/named/server.h.dbus 2006-03-02 01:37:20.000000000 +0100
++++ bind-9.3.3rc2/bin/named/include/named/server.h 2006-09-18 10:08:37.000000000 +0200
+@@ -91,7 +91,8 @@
+ ns_controls_t * controls; /* Control channels */
+ unsigned int dispatchgen;
+ ns_dispatchlist_t dispatches;
+-
++
++ ns_dbus_mgr_t * dbus_mgr;
+ };
+
+ #define NS_SERVER_MAGIC ISC_MAGIC('S','V','E','R')
+--- bind-9.3.3rc2/bin/named/include/named/types.h.dbus 2004-03-06 11:21:26.000000000 +0100
++++ bind-9.3.3rc2/bin/named/include/named/types.h 2006-09-18 10:08:37.000000000 +0200
+@@ -38,4 +38,6 @@
+ typedef struct ns_dispatch ns_dispatch_t;
+ typedef ISC_LIST(ns_dispatch_t) ns_dispatchlist_t;
+
++typedef struct ns_dbus_mgr ns_dbus_mgr_t ;
++
+ #endif /* NAMED_TYPES_H */
+--- bind-9.3.3rc2/bin/named/log.c.dbus 2005-05-25 01:58:17.000000000 +0200
++++ bind-9.3.3rc2/bin/named/log.c 2006-09-18 10:08:37.000000000 +0200
+@@ -41,6 +41,7 @@
+ { "queries", 0 },
+ { "unmatched", 0 },
+ { "update-security", 0 },
++ { "dbus", 0 },
+ { NULL, 0 }
+ };
+
+@@ -60,6 +61,7 @@
+ { "notify", 0 },
+ { "control", 0 },
+ { "lwresd", 0 },
++ { "dbus", 0 },
+ { NULL, 0 }
+ };
+
+--- bind-9.3.3rc2/bin/named/main.c.dbus 2006-01-06 01:01:42.000000000 +0100
++++ bind-9.3.3rc2/bin/named/main.c 2006-09-18 10:08:37.000000000 +0200
+@@ -239,7 +239,8 @@
+ "usage: named [-4|-6] [-c conffile] [-d debuglevel] "
+ "[-f|-g] [-n number_of_cpus]\n"
+ " [-p port] [-s] [-t chrootdir] [-u username]\n"
+- " [-m {usage|trace|record}]\n");
++ " [-m {usage|trace|record}]\n"
++ " [-D ]\n");
+ }
+
+ static void
+@@ -345,7 +346,7 @@
+
+ isc_commandline_errprint = ISC_FALSE;
+ while ((ch = isc_commandline_parse(argc, argv,
+- "46c:C:d:fgi:lm:n:N:p:P:st:u:vx:")) != -1) {
++ "46c:C:d:fgi:lm:n:N:p:P:st:u:vx:D")) != -1) {
+ switch (ch) {
+ case '4':
+ if (disable4)
+@@ -434,6 +435,9 @@
+ case 'v':
+ printf("BIND %s\n", ns_g_version);
+ exit(0);
++ case 'D':
++ ns_g_dbus = 1;
++ break;
+ case '?':
+ usage();
+ ns_main_earlyfatal("unknown option '-%c'",
+--- bind-9.3.3rc2/bin/named/server.c.dbus 2006-05-24 06:30:24.000000000 +0200
++++ bind-9.3.3rc2/bin/named/server.c 2006-09-18 10:08:37.000000000 +0200
+@@ -86,6 +86,8 @@
+ #include <stdlib.h>
+ #endif
+
++#include <named/dbus_mgr.h>
++
+ /*
+ * Check an operation for failure. Assumes that the function
+ * using it has a 'result' variable and a 'cleanup' label.
+@@ -1495,12 +1497,12 @@
+ if (result != ISC_R_SUCCESS) {
+ char namebuf[DNS_NAME_FORMATSIZE];
+ dns_name_format(origin, namebuf, sizeof(namebuf));
+- cfg_obj_log(forwarders, ns_g_lctx, ISC_LOG_WARNING,
+- "could not set up forwarding for domain '%s': %s",
++ cfg_obj_log(forwarders, ns_g_lctx, ISC_LOG_NOTICE,
++ "setting up forwarding failed for domain '%s': %s",
+ namebuf, isc_result_totext(result));
+ goto cleanup;
+ }
+-
++
+ result = ISC_R_SUCCESS;
+
+ cleanup:
+@@ -2875,6 +2877,20 @@
+
+ CHECKFATAL(load_zones(server, ISC_FALSE), "loading zones");
+
++ server->dbus_mgr = 0L;
++ if( ns_g_dbus )
++ if( dbus_mgr_create
++ ( ns_g_mctx, ns_g_taskmgr, ns_g_socketmgr, ns_g_timermgr,
++ &server->dbus_mgr
++ ) != ISC_R_SUCCESS
++ )
++ {
++ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
++ NS_LOGMODULE_SERVER, ISC_LOG_WARNING,
++ "dbus_mgr initialization failed. D-BUS service is disabled."
++ );
++ }
++
+ ns_os_started();
+ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER,
+ ISC_LOG_NOTICE, "running");
+@@ -2937,6 +2953,9 @@
+
+ dns_db_detach(&server->in_roothints);
+
++ if( server->dbus_mgr != 0L )
++ dbus_mgr_shutdown(server->dbus_mgr);
++
+ isc_task_endexclusive(server->task);
+
+ isc_task_detach(&server->task);
+--- bind-9.3.3rc2/bin/named/Makefile.in.dbus 2004-09-06 23:47:25.000000000 +0200
++++ bind-9.3.3rc2/bin/named/Makefile.in 2006-09-18 10:10:58.000000000 +0200
+@@ -35,7 +35,8 @@
+ ${LWRES_INCLUDES} ${DNS_INCLUDES} ${BIND9_INCLUDES} \
+ ${ISCCFG_INCLUDES} ${ISCCC_INCLUDES} ${ISC_INCLUDES} \
+ ${DBDRIVER_INCLUDES}
+-
++DBUS_INCLUDES = \
++ -I/usr/lib/dbus-1.0/include -I/usr/include/dbus-1.0
+ CDEFINES =
+ CWARNINGS =
+
+@@ -52,6 +53,7 @@
+ ISCDEPLIBS = ../../lib/isc/libisc.@A@
+ LWRESDEPLIBS = ../../lib/lwres/liblwres.@A@
+ BIND9DEPLIBS = ../../lib/bind9/libbind9.@A@
++DBUSLIBS= -ldbus-1
+
+ DEPLIBS = ${LWRESDEPLIBS} ${DNSDEPLIBS} ${BIND9DEPLIBS} \
+ ${ISCCFGDEPLIBS} ${ISCCCDEPLIBS} ${ISCDEPLIBS}
+@@ -71,6 +73,7 @@
+ zoneconf.@O@ \
+ lwaddr.@O@ lwresd.@O@ lwdclient.@O@ lwderror.@O@ lwdgabn.@O@ \
+ lwdgnba.@O@ lwdgrbn.@O@ lwdnoop.@O@ lwsearch.@O@ \
++ dbus_service.@O@ dbus_mgr.@O@ \
+ $(DBDRIVER_OBJS)
+
+ UOBJS = unix/os.@O@
+@@ -83,6 +86,7 @@
+ zoneconf.c \
+ lwaddr.c lwresd.c lwdclient.c lwderror.c lwdgabn.c \
+ lwdgnba.c lwdgrbn.c lwdnoop.c lwsearch.c \
++ dbus_service.c dbus_mgr.c \
+ $(DBDRIVER_SRCS)
+
+ MANPAGES = named.8 lwresd.8 named.conf.5
+@@ -105,9 +109,14 @@
+ -DNS_LOCALSTATEDIR=\"${localstatedir}\" \
+ -c ${srcdir}/config.c
+
++dbus_service.o: dbus_service.c
++ ${LIBTOOL_MODE_COMPILE} ${CC} ${ALL_CFLAGS} \
++ ${DBUS_INCLUDES} \
++ -c ${srcdir}/dbus_service.c
++
+ named@EXEEXT@: ${OBJS} ${UOBJS} ${DEPLIBS}
+ ${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} -o $@ \
+- ${OBJS} ${UOBJS} ${LIBS}
++ ${OBJS} ${UOBJS} ${LIBS} ${DBUSLIBS}
+
+ lwresd@EXEEXT@: named@EXEEXT@
+ rm -f lwresd@EXEEXT@
diff --git a/contrib/dbus/dbus_service.c b/contrib/dbus/dbus_service.c
index 85965d88..bb9dabaf 100644
--- a/contrib/dbus/dbus_service.c
+++ b/contrib/dbus/dbus_service.c
@@ -1081,7 +1081,13 @@ dbus_svc_init
switch
( dbus_bus_request_name
- ( connection, name, DBUS_NAME_FLAG_PROHIBIT_REPLACEMENT , &error
+ ( connection, name,
+#ifdef DBUS_NAME_FLAG_PROHIBIT_REPLACEMENT
+ DBUS_NAME_FLAG_PROHIBIT_REPLACEMENT ,
+#else
+ 0 ,
+#endif
+ &error
)
)
{
diff --git a/contrib/named-bootconf/named-bootconf.sh b/contrib/named-bootconf/named-bootconf.sh
index bbde36ed..ea2dd8c3 100644
--- a/contrib/named-bootconf/named-bootconf.sh
+++ b/contrib/named-bootconf/named-bootconf.sh
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# Portions Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
+# Portions Copyright (C) 2004, 2006 Internet Systems Consortium, Inc. ("ISC")
# Portions Copyright (C) 1999-2001 Internet Software Consortium.
#
# Permission to use, copy, modify, and distribute this software for any
@@ -15,7 +15,7 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
-# $Id: named-bootconf.sh,v 1.8 2004/03/05 05:04:25 marka Exp $
+# $Id: named-bootconf.sh,v 1.8.18.2 2006/10/11 02:33:29 marka Exp $
# $NetBSD: named-bootconf.sh,v 1.5 1998/12/15 01:00:53 tron Exp $
#
@@ -54,9 +54,14 @@
# POSSIBILITY OF SUCH DAMAGE.
if [ ${OPTIONFILE-X} = X ]; then
- OPTIONFILE=/tmp/.options.`date +%s`.$$
- ZONEFILE=/tmp/.zones.`date +%s`.$$
- COMMENTFILE=/tmp/.comments.`date +%s`.$$
+ WORKDIR=/tmp/`date +%s`.$$
+ ( umask 077 ; mkdir $WORKDIR ) || {
+ echo "unable to create work directory '$WORKDIR'" >&2
+ exit 1
+ }
+ OPTIONFILE=$WORKDIR/options
+ ZONEFILE=$WORKDIR/zones
+ COMMENTFILE=$WORKDIR/comments
export OPTIONFILE ZONEFILE COMMENTFILE
touch $OPTIONFILE $ZONEFILE $COMMENTFILE
DUMP=1
@@ -303,6 +308,7 @@ if [ $DUMP -eq 1 ]; then
cat $ZONEFILE $COMMENTFILE
rm -f $OPTIONFILE $ZONEFILE $COMMENTFILE
+ rmdir $WORKDIR
fi
exit 0