diff options
| author | mat <mat@FreeBSD.org> | 2018-12-13 17:06:50 +0800 |
|---|---|---|
| committer | mat <mat@FreeBSD.org> | 2018-12-13 17:06:50 +0800 |
| commit | 5527cbf1055ffbfabb36ef9a2be55f15b622aea4 (patch) | |
| tree | a4baf885238ce92785b9c87d9a3e05688351bb6a /dns/bind912 | |
| parent | a2a3fee1ece697cfc84140582f6ddde887c3ce44 (diff) | |
| download | freebsd-ports-gnome-5527cbf1055ffbfabb36ef9a2be55f15b622aea4.tar.gz freebsd-ports-gnome-5527cbf1055ffbfabb36ef9a2be55f15b622aea4.tar.zst freebsd-ports-gnome-5527cbf1055ffbfabb36ef9a2be55f15b622aea4.zip | |
Update to 9.11.5-P1, 9.12.3-P1, 9.13.5.
While there:
- Don't disable symbol table generation when building WITH_DEBUG.
- Try and make sure nullfs can really be used in a more robustt and
centralized way.
- Make sure all changes are sync'ed among all BIND9 ports.
Diffstat (limited to 'dns/bind912')
| -rw-r--r-- | dns/bind912/Makefile | 14 | ||||
| -rw-r--r-- | dns/bind912/distinfo | 6 | ||||
| -rw-r--r-- | dns/bind912/files/named.in | 44 |
3 files changed, 42 insertions, 22 deletions
diff --git a/dns/bind912/Makefile b/dns/bind912/Makefile index 29dc7c2a9da0..e1a80702ed85 100644 --- a/dns/bind912/Makefile +++ b/dns/bind912/Makefile @@ -5,10 +5,9 @@ PORTNAME= bind PORTVERSION= ${ISCVERSION:S/-P/P/:S/b/.b/:S/a/.a/:S/rc/.rc/} .if defined(BIND_TOOLS_SLAVE) # dns/bind-tools here -PORTREVISION= 1 +PORTREVISION= 0 .else -# dns/bind912 here -PORTREVISION= 2 +PORTREVISION= 0 .endif CATEGORIES= dns net ipv6 MASTER_SITES= ISC/bind9/${ISCVERSION} @@ -33,7 +32,7 @@ LIB_DEPENDS= libxml2.so:textproc/libxml2 USES= compiler:c11 cpe libedit # ISC releases things like 9.8.0-P1, which our versioning doesn't like -ISCVERSION= 9.12.3 +ISCVERSION= 9.12.3-P1 CPE_VENDOR= isc CPE_VERSION= ${ISCVERSION:C/-.*//} @@ -43,7 +42,6 @@ CPE_UPDATE= ${ISCVERSION:C/.*-//:tl} GNU_CONFIGURE= yes CONFIGURE_ARGS= --localstatedir=/var --disable-linux-caps \ - --disable-symtable \ --with-randomdev=/dev/random \ --with-libxml2=${LOCALBASE} \ --with-readline="-L${LOCALBASE}/lib -ledit" \ @@ -211,6 +209,12 @@ TUNING_LARGE_CONFIGURE_OFF= --with-tuning=default .include <bsd.port.pre.mk> +.if defined(WITH_DEBUG) +CONFIGURE_ARGS+= --enable-symtable +.else +CONFIGURE_ARGS+= --disable-symtable +.endif + .if ${SSL_DEFAULT} == base SUB_LIST+= ENGINES=/usr/lib/engines .else diff --git a/dns/bind912/distinfo b/dns/bind912/distinfo index 1b7837d72911..c199d57e29a3 100644 --- a/dns/bind912/distinfo +++ b/dns/bind912/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1540325569 -SHA256 (bind-9.12.3.tar.gz) = 0e80762631258e1c193552efa7c56c05ec5e8c2f98e4b2a3b91a61fd8d96b938 -SIZE (bind-9.12.3.tar.gz) = 8616664 +TIMESTAMP = 1544687855 +SHA256 (bind-9.12.3-P1.tar.gz) = 6cb79389d787368af27f01c65a9fa09be1fd062eda37c94819a1a0178d5ded73 +SIZE (bind-9.12.3-P1.tar.gz) = 8625693 diff --git a/dns/bind912/files/named.in b/dns/bind912/files/named.in index a2ab7de1d832..a5a18660ac8c 100644 --- a/dns/bind912/files/named.in +++ b/dns/bind912/files/named.in @@ -146,16 +146,13 @@ chroot_autoupdate() # The OpenSSL engines should be present in the chroot, named loads them # after chrooting. if [ -d ${_openssl_engines} ]; then - if [ `${SYSCTL_N} security.jail.jailed` -eq 0 ] || - [ `${SYSCTL_N} security.jail.mount_allowed` -eq 1 ] || - [ `${SYSCTL_N} security.jail.mount_nullfs_allowed` -eq 1 ] ; then - mkdir -p ${named_chrootdir}${_openssl_engines} + mkdir -p ${named_chrootdir}${_openssl_engines} + if can_mount nullfs ; then mount -t nullfs ${_openssl_engines} ${named_chrootdir}${_openssl_engines} else warn "named chroot: cannot nullfs mount OpenSSL" \ "engines into the chroot, will copy the shared" \ "libraries instead." - mkdir -p ${named_chrootdir}${_openssl_engines} cp -f ${_openssl_engines}/*.so ${named_chrootdir}${_openssl_engines} fi fi @@ -241,22 +238,41 @@ named_stop() named_poststop() { - if [ -n "${named_chrootdir}" -a -c ${named_chrootdir}/dev/null ]; then + if [ -n "${named_chrootdir}" ]; then # if using OpenSSL from ports, unmount OpenSSL engines, if they # were not mounted but only copied, do nothing. - if [ -d ${_openssl_engines} -a \( `${SYSCTL_N} security.jail.jailed` -eq 0 -o `${SYSCTL_N} security.jail.mount_allowed` -eq 1 \) ]; then - umount ${named_chrootdir}${_openssl_engines} + if [ -d ${_openssl_engines} ]; then + if can_mount nullfs; then + umount ${named_chrootdir}${_openssl_engines} + fi fi - # unmount /dev - if [ `${SYSCTL_N} security.jail.jailed` -eq 0 ]; then - umount ${named_chrootdir}/dev 2>/dev/null || true - else - warn "named chroot:" \ - "cannot unmount devfs from inside jail!" + if [ -c ${named_chrootdir}/dev/null ]; then + # unmount /dev + if [ `${SYSCTL_N} security.jail.jailed` -eq 0 ]; then + umount ${named_chrootdir}/dev 2>/dev/null || true + else + warn "named chroot:" \ + "cannot unmount devfs from inside jail!" + fi fi fi } +can_mount() +{ + local kld + kld=$1 + if ! load_kld $kld; then + return 1 + fi + if [ `${SYSCTL_N} security.jail.jailed` -eq 0 ] || + [ `${SYSCTL_N} security.jail.mount_allowed` -eq 1 ] || + [ `${SYSCTL_N} security.jail.mount_${kld}_allowed` -eq 1 ] ; then + return 0 + fi + return 1 +} + create_file() { if [ -e "$1" ]; then |