new upstream release 2.4.1

Upstream does not support 1.6 anymore so we have to upgrade. Configuration will be automatically upgraded along with RPM package.
2017-03-10 13:43:19 +01:00 · 2017-03-10 13:43:19 +01:00 · 5bd302fd8b
commit 5bd302fd8b
parent f707469cbb
3 changed files with 160 additions and 40 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,2 +1,3 @@
-/knot-*.tar.gz
 /knot-*.tar.xz
+/knot-2.4.0.tar.xz.asc
+/knot-2.4.1.tar.xz.asc
--- a/knot.spec
+++ b/knot.spec
@ -1,60 +1,122 @@
 %global _hardened_build 1
 %{!?_pkgdocdir: %global _pkgdocdir %{_docdir}/%{name}-%{version}}

-# TODO:
-# - split into subpackages
-# - documentation building
-
-Summary: An authoritative DNS daemon
+Summary: High-performance authoritative DNS server
 Name: knot
-Version: 1.6.8
+Version: 2.4.1
 Release: 1%{?dist}
 License: GPLv3
 Group: System Environment/Daemons
 URL: http://www.knot-dns.cz
 Source0: http://public.nic.cz/files/knot-dns/%{name}-%{version}.tar.xz
-Source1: %{name}.service
-Source2: %{name}.conf
-Source3: %{name}.tmpfiles
+Source1: http://public.nic.cz/files/knot-dns/%{name}-%{version}.tar.xz.asc
+Source2: %{name}.service
+Source3: %{name}.conf
+Source4: %{name}.tmpfiles

-BuildRequires: flex bison openssl-devel userspace-rcu-devel libcap-ng-devel libidn-devel systemd-devel lmdb-devel
-BuildRequires: protobuf-c-devel fstrm-devel
-BuildRequires: systemd-units
-# ragel is optional, required only if .rl source files are modified
-#BuildRequires: ragel
+# Required dependencies
+BuildRequires: pkgconfig(liburcu) pkgconfig(gnutls) >= 3.0 pkgconfig(nettle) pkgconfig(jansson) lmdb-devel pkgconfig(libedit)
+# Optional dependencies
+BuildRequires: pkgconfig(libcap-ng) pkgconfig(libidn) pkgconfig(libsystemd) pkgconfig(libfstrm) pkgconfig(libprotobuf-c)

-Requires(post): systemd
+BuildRequires: systemd
+Requires(post): systemd %{_sbindir}/runuser
 Requires(preun): systemd
 Requires(postun): systemd

+Requires: %{name}-libs%{?_isa} = %{version}-%{release}
+Obsoletes: %{name} < 2.0.0
+
 %description
 Knot DNS is a high-performance authoritative DNS server implementation.

+%package libs
+Summary: Libraries used by the Knot DNS server and client applications
+Obsoletes: %{name} < 2.0.0
+Conflicts: %{name} < 2.0.0
+
+%description libs
+The package contains shared libraries used by the Knot DNS server and
+utilities.
+
+%package devel
+Summary: Development header files for the Knot DNS libraries
+Requires: %{name}-libs%{?_isa} = %{version}-%{release}
+Obsoletes: %{name} < 2.0.0
+
+%description devel
+The package contains development header files for the Knot DNS libraries
+included in knot-libs package.
+
+%package utils
+Summary: DNS client utilities shipped with the Knot DNS server
+Requires: %{name}-libs%{?_isa} = %{version}-%{release}
+Obsoletes: %{name} < 2.0.0
+
+%description utils
+The package contains DNS client utilities shipped with the Knot DNS server.
+
+%package doc
+Summary: Documentation for the Knot DNS server
+License: GPLv3 and BSD and MIT
+Obsoletes: %{name} < 2.0.0
+BuildArch: noarch
+%if 0%{?rhel}
+BuildRequires: python-sphinx
+%else
+BuildRequires: python3-sphinx
+%endif
+Provides: bundled(jquery)
+
+%description doc
+The package contains documentation for the Knot DNS server.
+
 %prep
 %setup -q

+# make sure embedded LMDB library is not used
+rm -vr src/contrib/lmdb
+
 %build
 # disable debug code (causes unused warnings)
 CFLAGS="%{optflags} -DNDEBUG -Wno-unused"
-%configure
+
+%ifarch armv7hl i686
+# 32-bit architectures sometimes do not have sufficient amount of
+# contiguous address space to handle default values
+%define configure_db_sizes --with-conf-mapsize=64 --with-timer-mapsize=16
+%endif
+
+%configure %{configure_db_sizes}
 make %{?_smp_mflags}
+make html

 %install
 make install DESTDIR=%{buildroot}

+# install documentation
+mkdir -p %{buildroot}%{_pkgdocdir}
+cp -av doc/_build/html %{buildroot}%{_pkgdocdir}
+[ -r %{buildroot}%{_pkgdocdir}/html/index.html ] || exit 1
+rm -f %{buildroot}%{_pkgdocdir}/html/.buildinfo
+
+# install shell completion scripts
+install -p -m 0644 -D samples/keymgr-completion.sh %{buildroot}%{_datadir}/bash-completion/completions/keymgr
+install -p -m 0644 -D samples/keymgr-completion.zsh %{buildroot}%{_datadir}/zsh/site-functions/_keymgr
+
 # install customized configuration file
 rm %{buildroot}%{_sysconfdir}/%{name}/*
-install -p -m 0644 -D %{SOURCE2} %{buildroot}%{_sysconfdir}/%{name}/%{name}.conf
+install -p -m 0644 -D %{SOURCE3} %{buildroot}%{_sysconfdir}/%{name}/%{name}.conf

 # install service file and create rundir
-install -p -m 0644 -D %{SOURCE1} %{buildroot}%{_unitdir}/%{name}.service
-install -p -m 0644 -D %{SOURCE3} %{buildroot}%{_tmpfilesdir}/%{name}.conf
+install -p -m 0644 -D %{SOURCE2} %{buildroot}%{_unitdir}/%{name}.service
+install -p -m 0644 -D %{SOURCE4} %{buildroot}%{_tmpfilesdir}/%{name}.conf
 install -d -m 0755 %{buildroot}%{_localstatedir}/run/%{name}

 # create storage dir and key dir
 mkdir -p %{buildroot}%{_sharedstatedir}
 install -d -m 0775 %{buildroot}%{_sharedstatedir}/%{name}
-install -d -m 0750 %{buildroot}%{_sharedstatedir}/%{name}/keys
+install -d -m 0770 %{buildroot}%{_sharedstatedir}/%{name}/keys

 # install config samples into docdir
 install -d -m 0755 %{buildroot}%{_pkgdocdir}/samples
@ -62,51 +124,107 @@ for sample_file in knot.sample.conf example.com.zone; do
    install -p -m 0644 samples/${sample_file} %{buildroot}%{_pkgdocdir}/samples
 done

-# remove libarchive files
+# remove static libraries and libarchive files
+rm %{buildroot}%{_libdir}/*.a
 rm %{buildroot}%{_libdir}/*.la

-# remove .so files, the headers are not available
-rm %{buildroot}%{_libdir}/*.so
-
 %check
 make check

 %pre
 getent group knot >/dev/null || groupadd -r knot
-getent passwd knot >/dev/null || \
-useradd -r -g knot -d %{_sysconfdir}/knot -s /sbin/nologin \
-c "Knot DNS server" knot
+getent passwd knot >/dev/null || useradd -r -g knot -d %{_sysconfdir}/knot -s /sbin/nologin -c "Knot DNS server" knot
+if [ $1 -gt 1 ] ; then  # upgrade, try to detect versions 1.x
+	if rpm -q --qf=%%{version} knot | grep -q "^1\." ; then
+		touch %{_localstatedir}/lib/rpm-state/knot.1x.upgrade
+	fi
+fi
 exit 0

 %post
-/sbin/ldconfig
 %systemd_post knot.service
+# initialize/upgrade KASP database
+%{_sbindir}/runuser -u knot -- %{_sbindir}/keymgr --dir %{_sharedstatedir}/%{name}/keys --legacy init
+
+if [ -e %{_localstatedir}/lib/rpm-state/knot.1x.upgrade ] ; then
+	# upgrading from Knot 1.x, convert config file
+	cp /etc/knot/knot.conf /etc/knot/knot.conf.1x.rpmsave
+	rm %{_localstatedir}/lib/rpm-state/knot.1x.upgrade
+	%{_libexecdir}/knot1to2 -i /etc/knot/knot.conf.1x.rpmsave -o /etc/knot/knot.conf
+fi

 %preun
 %systemd_preun knot.service

 %postun
-/sbin/ldconfig
-%systemd_postun
+%systemd_postun_with_restart knot.service
+
+%post libs -p /sbin/ldconfig
+
+%postun libs -p /sbin/ldconfig

 %files
-%doc COPYING AUTHORS NEWS README THANKS
+%{_pkgdocdir}/samples
 %dir %attr(750,root,knot) %{_sysconfdir}/%{name}
 %config(noreplace) %attr(640,root,knot) %{_sysconfdir}/%{name}/%{name}.conf
 %dir %attr(775,root,knot) %{_sharedstatedir}/%{name}
-%dir %attr(750,root,knot) %{_sharedstatedir}/%{name}/keys
+%dir %attr(770,root,knot) %{_sharedstatedir}/%{name}/keys
 %dir %attr(-,knot,knot) %{_localstatedir}/run/%{name}
 %{_unitdir}/%{name}.service
 %{_tmpfilesdir}/%{name}.conf
-%{_bindir}/*
-%{_sbindir}/*
+%{_libexecdir}/knot1to2
+%{_bindir}/kjournalprint
+%{_bindir}/kzonecheck
+%{_sbindir}/keymgr
+%{_sbindir}/knotc
+%{_sbindir}/knotd
+%{_mandir}/man1/knot1to2.*
+%{_mandir}/man1/kjournalprint.*
+%{_mandir}/man1/kzonecheck.*
+%{_mandir}/man5/knot.conf.*
+%{_mandir}/man8/keymgr.*
+%{_mandir}/man8/knotc.*
+%{_mandir}/man8/knotd.*
+%{_datadir}/bash-completion/completions/keymgr
+%{_datadir}/zsh/site-functions/_keymgr
+
+%files utils
+%{_bindir}/kdig
+%{_bindir}/khost
+%{_bindir}/knsec3hash
+%{_bindir}/knsupdate
+%{_mandir}/man1/kdig.*
+%{_mandir}/man1/khost.*
+%{_mandir}/man1/knsec3hash.*
+%{_mandir}/man1/knsupdate.*
+
+%files libs
+%doc COPYING AUTHORS NEWS THANKS
+%{_libdir}/libdnssec.so.*
 %{_libdir}/libknot.so.*
 %{_libdir}/libzscanner.so.*
-%{_mandir}/man1/*
-%{_mandir}/man5/*
-%{_mandir}/man8/*
+
+%files devel
+%{_includedir}/dnssec
+%{_includedir}/libknot
+%{_includedir}/zscanner
+%{_libdir}/libdnssec.so
+%{_libdir}/libknot.so
+%{_libdir}/libzscanner.so
+%{_libdir}/pkgconfig/libdnssec.pc
+%{_libdir}/pkgconfig/libknot.pc
+%{_libdir}/pkgconfig/libzscanner.pc
+
+%files doc
+%dir %{_pkgdocdir}
+%{_pkgdocdir}/html

 %changelog
+* Mon Feb 27 2017 Petr Spacek <petr.spacek@nic.cz> - 2.4.1-1
+- new upstream release 2.4.1 replaces old 1.6.x series which is not supported
+- configuration should be upgraded automatically using knot1to2 tool
+- make sure you reviewed the new configuration in /etc/knot directory!
+
 * Tue Aug 09 2016 Jan Vcelak <jvcelak@fedoraproject.org> - 1.6.8-1
 - new upstream release:
  + feature: Zone size limit restriction for DDNS, AXFR, and IXFR (CVE-2016-6171)
--- a/3
+++ b/3
@ -1 +1,2 @@
-b32b90b9b79e0c7d36263aaaa9a83c14  knot-1.6.8.tar.xz
+SHA512 (knot-2.4.1.tar.xz.asc) = c2c7fede20592922c4ec79bfbc05f7662f0fd68420d8e085cf20112f99392fb358db5896c008fae73d15671815f028504ac5ac335ffdee99d2ff40f2d2f3904f
+SHA512 (knot-2.4.1.tar.xz) = 2b3e6c1a187538b218e3e915aaa91bc38ad4cdecb0f03f31b29bfa83c620d117c169a580ddcc8a33e6422109b422c72f3cf79f2a8d1e10e613edfe4437b4b29c