blob: c2459452e8b77289b3c1fa16b6b47ac9b01e8e4c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
|
%global _hardened_build 1
%{!?_pkgdocdir: %global _pkgdocdir %{_docdir}/%{name}}
%define GPG_CHECK 0
%define BASE_VERSION %(echo "%{version}" | sed 's/^\\([^.]\\+\\.[^.]\\+\\).*/\\1/')
%define repodir %{_builddir}/%{name}-%{version}
Summary: High-performance authoritative DNS server
Name: knot
Version: {{ version }}
Release: cznic.{{ release }}%{?dist}
License: GPL-3.0-or-later
URL: https://www.knot-dns.cz
Source0: %{name}-%{version}.tar.xz
%if 0%{?GPG_CHECK}
Source1: https://secure.nic.cz/files/knot-dns/%{name}-%{version}.tar.xz.asc
# PGP keys used to sign upstream releases
# Export with --armor using command from https://fedoraproject.org/wiki/PackagingDrafts:GPGSignatures
# Don't forget to update %%prep section when adding/removing keys
Source100: gpgkey-742FA4E95829B6C5EAC6B85710BB7AF6FEBBD6AB.gpg.asc
BuildRequires: gnupg2
%endif
# Test fails on F30+ aarch/s390x for unknown reason, but it is not neccassary for Knot DNS
Patch1: 01-test_net-disable-udp-send-on-unconnected.patch
# Required dependencies
BuildRequires: autoconf
BuildRequires: automake
BuildRequires: libtool
BuildRequires: make
BuildRequires: gcc
BuildRequires: pkgconfig(liburcu)
BuildRequires: pkgconfig(gnutls) >= 3.3
BuildRequires: pkgconfig(libedit)
# Optional dependencies
BuildRequires: pkgconfig(libcap-ng)
BuildRequires: pkgconfig(libidn2)
BuildRequires: pkgconfig(libmnl)
BuildRequires: pkgconfig(libnghttp2)
BuildRequires: pkgconfig(libsystemd)
BuildRequires: pkgconfig(systemd)
# dnstap dependencies
BuildRequires: pkgconfig(libfstrm)
BuildRequires: pkgconfig(libprotobuf-c)
# geoip dependencies
BuildRequires: pkgconfig(libmaxminddb)
# XDP dependencies
BuildRequires: pkgconfig(libbpf)
# Distro-dependent dependencies
%if 0%{?suse_version}
BuildRequires: python3-Sphinx
BuildRequires: lmdb-devel
BuildRequires: protobuf-c
Requires(pre): pwdutils
%if 0%{?sle_version} != 150400
BuildRequires: pkgconfig(libxdp)
%endif
%endif
%if 0%{?fedora} || 0%{?rhel}
BuildRequires: python3-sphinx
BuildRequires: pkgconfig(lmdb)
%if 0%{?fedora}
BuildRequires: pkgconfig(libxdp)
%endif
%endif
%if 0%{?rhel} >= 9 || 0%{?suse_version} || 0%{?fedora}
%define configure_quic --enable-quic=yes
%endif
Requires(post): systemd %{_sbindir}/runuser
Requires(preun): systemd
Requires(postun): systemd
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
%description
Knot DNS is a high-performance authoritative DNS server implementation.
%package libs
Summary: Libraries used by the Knot DNS server and client applications
# Knot DNS 3.2+ isn't compatible with earlier knot-resolver
Conflicts: knot-resolver < 5.5.2
%description libs
The package contains shared libraries used by the Knot DNS server and
utilities.
%package devel
Summary: Development header files for the Knot DNS libraries
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
%description devel
The package contains development header files for the Knot DNS libraries
included in knot-libs package.
%package utils
Summary: DNS client utilities shipped with the Knot DNS server
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
# Debian package compat
Provides: %{name}-dnsutils = %{version}-%{release}
%description utils
The package contains DNS client utilities shipped with the Knot DNS server.
%package dnssecutils
Summary: DNSSEC tools shipped with the Knot DNS server
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
%description dnssecutils
The package contains DNSSEC tools shipped with the Knot DNS server.
%package module-dnstap
Summary: dnstap module for Knot DNS
Requires: %{name} = %{version}-%{release}
%description module-dnstap
The package contains dnstap Knot DNS module for logging DNS traffic.
%package module-geoip
Summary: geoip module for Knot DNS
Requires: %{name} = %{version}-%{release}
%description module-geoip
The package contains geoip Knot DNS module for geography-based responses.
%package doc
Summary: Documentation for the Knot DNS server
BuildArch: noarch
Provides: bundled(jquery)
%description doc
The package contains documentation for the Knot DNS server.
On-line version is available on https://www.knot-dns.cz/documentation/
%prep
%if 0%{?GPG_CHECK}
export GNUPGHOME=./gpg-keyring
[ -d ${GNUPGHOME} ] && rm -r ${GNUPGHOME}
mkdir --mode=700 ${GNUPGHOME}
gpg2 --import %{SOURCE100}
gpg2 --verify %{SOURCE1} %{SOURCE0}
%endif
%autosetup -p1
%build
# disable debug code (causes unused warnings)
CFLAGS="%{optflags} -DNDEBUG -Wno-unused"
%ifarch armv7hl i686
# 32-bit architectures sometimes do not have sufficient amount of
# contiguous address space to handle default values
%define configure_db_sizes --with-conf-mapsize=64
%endif
%configure \
--sysconfdir=/etc \
--localstatedir=/var/lib \
--libexecdir=/usr/lib/knot \
--with-rundir=/run/knot \
--with-moduledir=%{_libdir}/knot/modules-%{BASE_VERSION} \
--with-storage=/var/lib/knot \
%{?configure_db_sizes} \
%{?configure_quic} \
--disable-static \
--enable-dnstap=yes \
--with-module-dnstap=shared \
--with-module-geoip=shared
make %{?_smp_mflags}
make html
%install
make install DESTDIR=%{buildroot}
# install documentation
install -d -m 0755 %{buildroot}%{_pkgdocdir}/samples
install -p -m 0644 -t %{buildroot}%{_pkgdocdir}/samples samples/*.zone*
install -p -m 0644 NEWS README.md %{buildroot}%{_pkgdocdir}
cp -av doc/_build/html %{buildroot}%{_pkgdocdir}
[ -r %{buildroot}%{_pkgdocdir}/html/index.html ] || exit 1
rm -f %{buildroot}%{_pkgdocdir}/html/.buildinfo
# install daemon and dbus configuration files
rm %{buildroot}%{_sysconfdir}/%{name}/*
install -p -m 0644 -D %{repodir}/samples/%{name}.sample.conf %{buildroot}%{_sysconfdir}/%{name}/%{name}.conf
%if 0%{?fedora} || 0%{?rhel} > 7
install -p -m 0644 -D %{repodir}/distro/common/cz.nic.knotd.conf %{buildroot}%{_sysconfdir}/dbus-1/system.d/cz.nic.knotd.conf
%endif
# install systemd files
install -p -m 0644 -D %{repodir}/distro/common/%{name}.service %{buildroot}%{_unitdir}/%{name}.service
%if 0%{?suse_version}
ln -s service %{buildroot}/%{_sbindir}/rcknot
%endif
# create storage dir
install -d %{buildroot}%{_sharedstatedir}
install -d -m 0770 -D %{buildroot}%{_sharedstatedir}/knot
# remove libarchive files
find %{buildroot} -type f -name "*.la" -delete -print
%check
V=1 make check
%pre
getent group knot >/dev/null || groupadd -r knot
getent passwd knot >/dev/null || \
useradd -r -g knot -d %{_sharedstatedir}/knot -s /sbin/nologin \
-c "Knot DNS server" knot
%if 0%{?suse_version}
%service_add_pre knot.service
%endif
%post
%if 0%{?suse_version}
%service_add_post knot.service
%else
%systemd_post knot.service
%endif
%preun
%if 0%{?suse_version}
%service_del_preun knot.service
%else
%systemd_preun knot.service
%endif
%postun
%if 0%{?suse_version}
%service_del_postun knot.service
%else
%systemd_postun_with_restart knot.service
%endif
%if 0%{?fedora} || 0%{?rhel} > 7
# https://fedoraproject.org/wiki/Changes/Removing_ldconfig_scriptlets
%else
%post libs -p /sbin/ldconfig
%postun libs -p /sbin/ldconfig
%endif
%files
%license COPYING
%doc %{_pkgdocdir}
%exclude %{_pkgdocdir}/html
%attr(750,root,knot) %dir %{_sysconfdir}/knot
%config(noreplace) %attr(640,root,knot) %{_sysconfdir}/knot/knot.conf
%if 0%{?fedora} || 0%{?rhel} > 7
%config(noreplace) %attr(644,root,root) %{_sysconfdir}/dbus-1/system.d/cz.nic.knotd.conf
%endif
%attr(770,root,knot) %dir %{_sharedstatedir}/knot
%dir %{_libdir}/knot
%dir %{_libdir}/knot/modules-*
%{_unitdir}/knot.service
%{_sbindir}/kcatalogprint
%{_sbindir}/kjournalprint
%{_sbindir}/keymgr
%{_sbindir}/knotc
%{_sbindir}/knotd
%if 0%{?suse_version}
%{_sbindir}/rcknot
%endif
%{_mandir}/man5/knot.conf.*
%{_mandir}/man8/kcatalogprint.*
%{_mandir}/man8/kjournalprint.*
%{_mandir}/man8/keymgr.*
%{_mandir}/man8/knotc.*
%{_mandir}/man8/knotd.*
%ghost %attr(770,root,knot) %dir %{_rundir}/knot
%files utils
%{_bindir}/kdig
%{_bindir}/khost
%{_bindir}/knsupdate
%{_sbindir}/kxdpgun
%{_mandir}/man8/kxdpgun.*
%{_mandir}/man1/kdig.*
%{_mandir}/man1/khost.*
%{_mandir}/man1/knsupdate.*
%files dnssecutils
%{_bindir}/knsec3hash
%{_bindir}/kzonecheck
%{_bindir}/kzonesign
%{_mandir}/man1/knsec3hash.*
%{_mandir}/man1/kzonecheck.*
%{_mandir}/man1/kzonesign.*
%files module-dnstap
%{_libdir}/knot/modules-*/dnstap.so
%files module-geoip
%{_libdir}/knot/modules-*/geoip.so
%files libs
%license COPYING
%doc NEWS
%doc README.md
%{_libdir}/libdnssec.so.*
%{_libdir}/libknot.so.*
%{_libdir}/libzscanner.so.*
%files devel
%{_includedir}/libdnssec
%{_includedir}/knot
%{_includedir}/libknot
%{_includedir}/libzscanner
%{_libdir}/libdnssec.so
%{_libdir}/libknot.so
%{_libdir}/libzscanner.so
%{_libdir}/pkgconfig/knotd.pc
%{_libdir}/pkgconfig/libdnssec.pc
%{_libdir}/pkgconfig/libknot.pc
%{_libdir}/pkgconfig/libzscanner.pc
%files doc
%dir %{_pkgdocdir}
%doc %{_pkgdocdir}/html
%changelog
* {{ now }} Knot DNS <knot-dns@labs.nic.cz> - {{ version }}-{{ release }}
- upstream package
- see https://www.knot-dns.cz
|