new upstream release 2.4.1

Upstream does not support 1.6 anymore so we have to upgrade. Configuration will be automatically upgraded along with RPM package.
2017-03-10 13:43:19 +01:00 · 2017-03-10 13:43:19 +01:00 · 5bd302fd8b
commit 5bd302fd8b
parent f707469cbb
3 changed files with 160 additions and 40 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,2 +1,3 @@
 /knot-*.tar.gz
 /knot-*.tar.xz
 /knot-2.4.0.tar.xz.asc
 /knot-2.4.1.tar.xz.asc
--- a/knot.spec
+++ b/knot.spec
@ -1,112 +1,230 @@
 %global _hardened_build 1
 %{!?_pkgdocdir: %global _pkgdocdir %{_docdir}/%{name}-%{version}}
-# TODO:
+Summary: High-performance authoritative DNS server
 # - split into subpackages
 # - documentation building
 Summary: An authoritative DNS daemon
 Name: knot
-Version: 1.6.8
+Version: 2.4.1
 Release: 1%{?dist}
 License: GPLv3
 Group: System Environment/Daemons
 URL: http://www.knot-dns.cz
 Source0: http://public.nic.cz/files/knot-dns/%{name}-%{version}.tar.xz
-Source1: %{name}.service
+Source1: http://public.nic.cz/files/knot-dns/%{name}-%{version}.tar.xz.asc
-Source2: %{name}.conf
+Source2: %{name}.service
-Source3: %{name}.tmpfiles
+Source3: %{name}.conf
 Source4: %{name}.tmpfiles
-BuildRequires: flex bison openssl-devel userspace-rcu-devel libcap-ng-devel libidn-devel systemd-devel lmdb-devel
+# Required dependencies
-BuildRequires: protobuf-c-devel fstrm-devel
+BuildRequires: pkgconfig(liburcu) pkgconfig(gnutls) >= 3.0 pkgconfig(nettle) pkgconfig(jansson) lmdb-devel pkgconfig(libedit)
-BuildRequires: systemd-units
+# Optional dependencies
-# ragel is optional, required only if .rl source files are modified
+BuildRequires: pkgconfig(libcap-ng) pkgconfig(libidn) pkgconfig(libsystemd) pkgconfig(libfstrm) pkgconfig(libprotobuf-c)
 #BuildRequires: ragel
-Requires(post): systemd
+BuildRequires: systemd
 Requires(post): systemd %{_sbindir}/runuser
 Requires(preun): systemd
 Requires(postun): systemd
 Requires: %{name}-libs%{?_isa} = %{version}-%{release}
 Obsoletes: %{name} < 2.0.0
 %description
 Knot DNS is a high-performance authoritative DNS server implementation.
 %package libs
 Summary: Libraries used by the Knot DNS server and client applications
 Obsoletes: %{name} < 2.0.0
 Conflicts: %{name} < 2.0.0
 %description libs
 The package contains shared libraries used by the Knot DNS server and
 utilities.
 %package devel
 Summary: Development header files for the Knot DNS libraries
 Requires: %{name}-libs%{?_isa} = %{version}-%{release}
 Obsoletes: %{name} < 2.0.0
 %description devel
 The package contains development header files for the Knot DNS libraries
 included in knot-libs package.
 %package utils
 Summary: DNS client utilities shipped with the Knot DNS server
 Requires: %{name}-libs%{?_isa} = %{version}-%{release}
 Obsoletes: %{name} < 2.0.0
 %description utils
 The package contains DNS client utilities shipped with the Knot DNS server.
 %package doc
 Summary: Documentation for the Knot DNS server
 License: GPLv3 and BSD and MIT
 Obsoletes: %{name} < 2.0.0
 BuildArch: noarch
 %if 0%{?rhel}
 BuildRequires: python-sphinx
 %else
 BuildRequires: python3-sphinx
 %endif
 Provides: bundled(jquery)
 %description doc
 The package contains documentation for the Knot DNS server.
 %prep
 %setup -q
 # make sure embedded LMDB library is not used
 rm -vr src/contrib/lmdb
 %build
 # disable debug code (causes unused warnings)
 CFLAGS="%{optflags} -DNDEBUG -Wno-unused"
-%configure
+
 %ifarch armv7hl i686
 # 32-bit architectures sometimes do not have sufficient amount of
 # contiguous address space to handle default values
 %define configure_db_sizes --with-conf-mapsize=64 --with-timer-mapsize=16
 %endif
 %configure %{configure_db_sizes}
 make %{?_smp_mflags}
 make html
 %install
 make install DESTDIR=%{buildroot}
 # install documentation
 mkdir -p %{buildroot}%{_pkgdocdir}
 cp -av doc/_build/html %{buildroot}%{_pkgdocdir}
 [ -r %{buildroot}%{_pkgdocdir}/html/index.html ] || exit 1
 rm -f %{buildroot}%{_pkgdocdir}/html/.buildinfo
 # install shell completion scripts
 install -p -m 0644 -D samples/keymgr-completion.sh %{buildroot}%{_datadir}/bash-completion/completions/keymgr
 install -p -m 0644 -D samples/keymgr-completion.zsh %{buildroot}%{_datadir}/zsh/site-functions/_keymgr
 # install customized configuration file
 rm %{buildroot}%{_sysconfdir}/%{name}/*
-install -p -m 0644 -D %{SOURCE2} %{buildroot}%{_sysconfdir}/%{name}/%{name}.conf
+install -p -m 0644 -D %{SOURCE3} %{buildroot}%{_sysconfdir}/%{name}/%{name}.conf
 # install service file and create rundir
-install -p -m 0644 -D %{SOURCE1} %{buildroot}%{_unitdir}/%{name}.service
+install -p -m 0644 -D %{SOURCE2} %{buildroot}%{_unitdir}/%{name}.service
-install -p -m 0644 -D %{SOURCE3} %{buildroot}%{_tmpfilesdir}/%{name}.conf
+install -p -m 0644 -D %{SOURCE4} %{buildroot}%{_tmpfilesdir}/%{name}.conf
 install -d -m 0755 %{buildroot}%{_localstatedir}/run/%{name}
 # create storage dir and key dir
 mkdir -p %{buildroot}%{_sharedstatedir}
 install -d -m 0775 %{buildroot}%{_sharedstatedir}/%{name}
-install -d -m 0750 %{buildroot}%{_sharedstatedir}/%{name}/keys
+install -d -m 0770 %{buildroot}%{_sharedstatedir}/%{name}/keys
 # install config samples into docdir
 install -d -m 0755 %{buildroot}%{_pkgdocdir}/samples
 for sample_file in knot.sample.conf example.com.zone; do
-	install -p -m 0644 samples/${sample_file} %{buildroot}%{_pkgdocdir}/samples
+    install -p -m 0644 samples/${sample_file} %{buildroot}%{_pkgdocdir}/samples
 done
-# remove libarchive files
+# remove static libraries and libarchive files
 rm %{buildroot}%{_libdir}/*.a
 rm %{buildroot}%{_libdir}/*.la
 # remove .so files, the headers are not available
 rm %{buildroot}%{_libdir}/*.so
 %check
 make check
 %pre
 getent group knot >/dev/null || groupadd -r knot
-getent passwd knot >/dev/null || \
+getent passwd knot >/dev/null || useradd -r -g knot -d %{_sysconfdir}/knot -s /sbin/nologin -c "Knot DNS server" knot
-useradd -r -g knot -d %{_sysconfdir}/knot -s /sbin/nologin \
+if [ $1 -gt 1 ] ; then  # upgrade, try to detect versions 1.x
-c "Knot DNS server" knot
+	if rpm -q --qf=%%{version} knot | grep -q "^1\." ; then
 		touch %{_localstatedir}/lib/rpm-state/knot.1x.upgrade
 	fi
 fi
 exit 0
 %post
 /sbin/ldconfig
 %systemd_post knot.service
 # initialize/upgrade KASP database
 %{_sbindir}/runuser -u knot -- %{_sbindir}/keymgr --dir %{_sharedstatedir}/%{name}/keys --legacy init
 if [ -e %{_localstatedir}/lib/rpm-state/knot.1x.upgrade ] ; then
 	# upgrading from Knot 1.x, convert config file
 	cp /etc/knot/knot.conf /etc/knot/knot.conf.1x.rpmsave
 	rm %{_localstatedir}/lib/rpm-state/knot.1x.upgrade
 	%{_libexecdir}/knot1to2 -i /etc/knot/knot.conf.1x.rpmsave -o /etc/knot/knot.conf
 fi
 %preun
 %systemd_preun knot.service
 %postun
-/sbin/ldconfig
+%systemd_postun_with_restart knot.service
-%systemd_postun
+
 %post libs -p /sbin/ldconfig
 %postun libs -p /sbin/ldconfig
 %files
-%doc COPYING AUTHORS NEWS README THANKS
+%{_pkgdocdir}/samples
 %dir %attr(750,root,knot) %{_sysconfdir}/%{name}
 %config(noreplace) %attr(640,root,knot) %{_sysconfdir}/%{name}/%{name}.conf
 %dir %attr(775,root,knot) %{_sharedstatedir}/%{name}
-%dir %attr(750,root,knot) %{_sharedstatedir}/%{name}/keys
+%dir %attr(770,root,knot) %{_sharedstatedir}/%{name}/keys
 %dir %attr(-,knot,knot) %{_localstatedir}/run/%{name}
 %{_unitdir}/%{name}.service
 %{_tmpfilesdir}/%{name}.conf
-%{_bindir}/*
+%{_libexecdir}/knot1to2
-%{_sbindir}/*
+%{_bindir}/kjournalprint
 %{_bindir}/kzonecheck
 %{_sbindir}/keymgr
 %{_sbindir}/knotc
 %{_sbindir}/knotd
 %{_mandir}/man1/knot1to2.*
 %{_mandir}/man1/kjournalprint.*
 %{_mandir}/man1/kzonecheck.*
 %{_mandir}/man5/knot.conf.*
 %{_mandir}/man8/keymgr.*
 %{_mandir}/man8/knotc.*
 %{_mandir}/man8/knotd.*
 %{_datadir}/bash-completion/completions/keymgr
 %{_datadir}/zsh/site-functions/_keymgr
 %files utils
 %{_bindir}/kdig
 %{_bindir}/khost
 %{_bindir}/knsec3hash
 %{_bindir}/knsupdate
 %{_mandir}/man1/kdig.*
 %{_mandir}/man1/khost.*
 %{_mandir}/man1/knsec3hash.*
 %{_mandir}/man1/knsupdate.*
 %files libs
 %doc COPYING AUTHORS NEWS THANKS
 %{_libdir}/libdnssec.so.*
 %{_libdir}/libknot.so.*
 %{_libdir}/libzscanner.so.*
-%{_mandir}/man1/*
+
-%{_mandir}/man5/*
+%files devel
-%{_mandir}/man8/*
+%{_includedir}/dnssec
 %{_includedir}/libknot
 %{_includedir}/zscanner
 %{_libdir}/libdnssec.so
 %{_libdir}/libknot.so
 %{_libdir}/libzscanner.so
 %{_libdir}/pkgconfig/libdnssec.pc
 %{_libdir}/pkgconfig/libknot.pc
 %{_libdir}/pkgconfig/libzscanner.pc
 %files doc
 %dir %{_pkgdocdir}
 %{_pkgdocdir}/html
 %changelog
 * Mon Feb 27 2017 Petr Spacek <petr.spacek@nic.cz> - 2.4.1-1
 - new upstream release 2.4.1 replaces old 1.6.x series which is not supported
 - configuration should be upgraded automatically using knot1to2 tool
 - make sure you reviewed the new configuration in /etc/knot directory!
 * Tue Aug 09 2016 Jan Vcelak <jvcelak@fedoraproject.org> - 1.6.8-1
 - new upstream release:
  + feature: Zone size limit restriction for DDNS, AXFR, and IXFR (CVE-2016-6171)
--- a/3
+++ b/3
@ -1 +1,2 @@
-b32b90b9b79e0c7d36263aaaa9a83c14  knot-1.6.8.tar.xz
+SHA512 (knot-2.4.1.tar.xz.asc) = c2c7fede20592922c4ec79bfbc05f7662f0fd68420d8e085cf20112f99392fb358db5896c008fae73d15671815f028504ac5ac335ffdee99d2ff40f2d2f3904f
 SHA512 (knot-2.4.1.tar.xz) = 2b3e6c1a187538b218e3e915aaa91bc38ad4cdecb0f03f31b29bfa83c620d117c169a580ddcc8a33e6422109b422c72f3cf79f2a8d1e10e613edfe4437b4b29c
`@ -1 +1,2 @@`
	`b32b90b9b79e0c7d36263aaaa9a83c14 knot-1.6.8.tar.xz`	`SHA512 (knot-2.4.1.tar.xz.asc) = c2c7fede20592922c4ec79bfbc05f7662f0fd68420d8e085cf20112f99392fb358db5896c008fae73d15671815f028504ac5ac335ffdee99d2ff40f2d2f3904f`
		`SHA512 (knot-2.4.1.tar.xz) = 2b3e6c1a187538b218e3e915aaa91bc38ad4cdecb0f03f31b29bfa83c620d117c169a580ddcc8a33e6422109b422c72f3cf79f2a8d1e10e613edfe4437b4b29c`