initial import

bind/127.0.0.zone

@@ -0,0 +1,10 @@
+@                               1D IN SOA   localhost. root.localhost. (
+                                    42    ; serial (yyyymmdd##)
+                                    3H    ; refresh
+                                    15M   ; retry
+                                    1W    ; expiry
+                                    1D )  ; minimum ttl
+
+                                1D  IN  NS      localhost.
+
+1.0.0.127.in-addr.arpa.         1D  IN  PTR     localhost.

bind/PKGBUILD

@@ -0,0 +1,113 @@
+# Maintainer: Jesus E. <heckyel@riseup.net>
+
+pkgbase=bind
+pkgname=(bind bind-tools)
+_pkgver=9.16.48
+pkgver=${_pkgver//-/.}
+pkgrel=1
+url='https://www.isc.org/software/bind/'
+license=('ISC')
+arch=('i686' 'x86_64')
+options=('!emptydirs')
+makedepends=('libcap' 'libxml2' 'zlib' 'krb5' 'e2fsprogs' 'libressl' 'readline'
+             'libidn2' 'libnsl' 'lmdb' 'geoip' 'dnssec-anchors' 'python' 'libuv'
+             'json-c' 'python-ply')
+source=("https://ftp.isc.org/isc/bind9/${_pkgver}/bind-${_pkgver}.tar.xz"
+        "named.conf"
+        "localhost.zone"
+        "localhost.ip6.zone"
+        "127.0.0.zone"
+        "empty.zone"
+        "named.initd"
+        "named.run")
+sha512sums=('83829a5045e2a29dd2b491d3ab72b545f5664023fcd4aa205a44dbb7bcc5c737b4466c0d73f124b8d88fd33c56776871a07dde1ba0530d43eec8e7304a08d353'
+            '693c4aa40efc603f190be5b6cbf16ebb9512928073bab6a27825cae21f92506ba5299661bf0702538ee57abefbc66cf41b2f45029c906f54bc35ba930e1bf54d'
+            '83eb5576a6f0fa1d469ef205e64a56ad296fdf91855b3c89391ae2edfb15bfae1c2fd05f60403cd6f53dd9daddd08ad36d8b2e83af86d6f2dc8efe6d3743828a'
+            '6c02c9d9d81183bae826feba69d5bde9549aa4fb825cc804519b429d302e5cdd0c56e527e7bbb09c8a068eb8831468520cff2fec66c946b4c8e9f8e9a0fe9af7'
+            '8a8824bea352e91329c9621fe60d5475f2a95cda522f72860f22929a73224d912cf51cd179307489bac6178ffad469b4ad7a3737fec2d44bd54ebfea9c479c11'
+            'bb609274e5bdedc9c680acb46c9f16a40cfaf9921fd613d71964047b7232c82aba116d3974010f4ef4b435086dc9f26a65789d65c8e7fd74b2375dfa05188370'
+            '846322856c5e283664d34efeb76a35cb16c88d268bbb988e2eab12ee93ee52a9d32ffd8a2931cbb1b4cd49e6e041fb168299ca358cb460812243239784670dfd'
+            '599fb107b0dba83fe2c5470af3258ed8f9ee80abc0bfdda1e903c72932ac1077034d7e7e48ecb36bd85a5129168f3e76b87ff6f83b77c2e5960167ee60dbb4d5')
+
+prepare() {
+  # no more using source array, lack of versioning.
+  curl -o root.hint https://www.internic.net/zones/named.root
+  [[ -s root.hint ]]
+}
+
+build() {
+  cd bind-$_pkgver
+  # support to chase DNSSEC signature chains
+  CFLAGS+=' -DDIG_SIGCHASE'
+  CFLAGS+=' -fcommon'
+  ./configure \
+    --prefix=/usr \
+    --sysconfdir=/etc \
+    --localstatedir=/var \
+    --disable-static \
+    --enable-fixed-rrset \
+    --enable-full-report \
+    --enable-dnsrps \
+    --enable-geoip \
+    --with-python=/usr/bin/python \
+    --with-openssl \
+    --with-libidn2 \
+    --with-json-c \
+    --with-libxml2 \
+    --with-lmdb \
+    --with-libtool
+  sed -i -e 's/ -shared / -Wl,-O1,--as-needed\0/g' libtool
+  make
+}
+
+package_bind() {
+  pkgdesc='The ISC DNS Server'
+  provides=('dns-server')
+  depends=('glibc' 'libxml2' 'libcap' 'libnsl' 'libidn2' 'lmdb' 'libuv'
+           'libressl' 'geoip' 'json-c' 'bind-tools')
+  optdepends=('logger: message logging support')
+  backup=('etc/named.conf'
+          'var/named/127.0.0.zone'
+          'var/named/localhost.zone'
+          'var/named/localhost.ip6.zone'
+          'var/named/empty.zone')
+  install=bind.install
+
+  cd "bind-$_pkgver"
+  install -Dm644 COPYRIGHT "$pkgdir/usr/share/licenses/$pkgname/COPYRIGHT"
+  for _d in bin/{check,confgen,named,rndc}; do
+    (cd "$_d" && make DESTDIR="$pkgdir" install)
+  done
+
+  cd "$srcdir"
+  install -D -m640 -o 0 -g 40 named.conf "$pkgdir/etc/named.conf"
+
+  install -d -m770 -o 0 -g 40 "$pkgdir/var/named"
+  install    -m640 -o 0 -g 40 root.hint "$pkgdir/var/named"
+  install    -m640 -o 0 -g 40 localhost.zone "$pkgdir/var/named"
+  install    -m640 -o 0 -g 40 localhost.ip6.zone "$pkgdir/var/named"
+  install    -m640 -o 0 -g 40 127.0.0.zone "$pkgdir/var/named"
+  install    -m640 -o 0 -g 40 empty.zone "$pkgdir/var/named"
+
+  install -Dm755 "$srcdir/named.initd" "$pkgdir/etc/init.d/named"
+  install -Dm755 "$srcdir/named.run" "$pkgdir/etc/sv/named/run"
+}
+
+package_bind-tools() {
+  pkgdesc='The ISC DNS tools'
+  depends=('glibc' 'libcap' 'libxml2' 'libnsl' 'libuv' 'libidn2' 'lmdb'
+           'zlib' 'krb5' 'e2fsprogs' 'libressl' 'readline' 'geoip'
+           'dnssec-anchors' 'json-c')
+  optdepends=('python: for python scripts')
+  conflicts=('dnsutils')
+  replaces=('dnsutils' 'host')
+  provides=("dnsutils=$pkgver")
+
+  cd "bind-$_pkgver"
+  install -Dm644 COPYRIGHT "$pkgdir/usr/share/licenses/$pkgname/COPYRIGHT"
+  make DESTDIR="$pkgdir" SUBDIRS="" install
+  (cd lib && make DESTDIR="$pkgdir" install)
+  for _d in bin/{dig,dnssec,delv,nsupdate,python,tools}; do
+    (cd "$_d" && make DESTDIR="$pkgdir" install)
+  done
+}

bind/bind.install

@@ -0,0 +1,40 @@
+post_install() {
+	if ! getent group named &>/dev/null; then
+		groupadd -g 40 named >/dev/null
+	fi
+	if ! getent passwd named &>/dev/null; then
+		useradd -u 40 -c "BIND DNS Server" -g named -G adm -d /var/named -s /bin/nologin named >/dev/null
+	fi
+	passwd -l named >/dev/null
+
+	touch var/log/named.log
+	chown named:named var/log/named.log
+
+	# create an rndc.key if it doesn't already exist
+	if [[ ! -s etc/rndc.key ]]; then
+		usr/sbin/rndc-confgen -r /dev/urandom -b 256 | head -n 5 >>etc/rndc.key
+		chown root:named etc/rndc.key
+		chmod 640 etc/rndc.key
+	fi
+
+	if ! groups named | grep adm &>/dev/null; then
+		gpasswd -a named adm >/dev/null
+	fi
+	named_shell=$(getent passwd named | cut -d: -f7)
+	if [ "$named_shell" != '/bin/nologin' ]; then
+		chsh -s /bin/nologin named &>/dev/null
+	fi
+}
+
+post_upgrade() {
+	post_install
+}
+
+post_remove() {
+	if getent passwd named &>/dev/null; then
+		userdel named >/dev/null
+	fi
+	if getent group clamav &>/dev/null; then
+		groupdel named >/dev/null
+	fi
+}

bind/empty.zone

@@ -0,0 +1,8 @@
+@                               1D IN SOA   localhost. root.localhost. (
+                                    42     ; serial (yyyymmdd##)
+                                    3H     ; refresh
+                                    15M    ; retry
+                                    1W     ; expiry
+                                    1D )   ; minimum ttl
+
+                                1D  IN  NS  localhost.

bind/localhost.ip6.zone

@@ -0,0 +1,10 @@
+@                               1D IN SOA   localhost. root.localhost. (
+                                    42    ; serial (yyyymmdd##)
+                                    3H    ; refresh
+                                    15M   ; retry
+                                    1W    ; expiry
+                                    1D )  ; minimum ttl
+
+                                1D  IN  NS      localhost.
+
+1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa.   1D  IN  PTR localhost.

bind/localhost.zone

@@ -0,0 +1,11 @@
+@                               1D IN SOA   localhost. root.localhost. (
+                                    42    ; serial (yyyymmdd##)
+                                    3H    ; refresh
+                                    15M   ; retry
+                                    1W    ; expiry
+                                    1D )  ; minimum ttl
+
+                                1D  IN  NS      localhost.
+
+localhost.                      1D  IN  A       127.0.0.1
+localhost.                      1D  IN  AAAA    ::1

bind/named.conf

@@ -0,0 +1,72 @@
+// vim:set ts=4 sw=4 et:
+
+options {
+    directory "/var/named";
+    pid-file "/run/named/named.pid";
+
+    // Uncomment these to enable IPv6 connections support
+    // IPv4 will still work:
+    //  listen-on-v6 { any; };
+    // Add this for no IPv4:
+    //  listen-on { none; };
+
+    allow-recursion { 127.0.0.1; };
+    allow-transfer { none; };
+    allow-update { none; };
+
+    version none;
+    hostname none;
+    server-id none;
+};
+
+zone "localhost" IN {
+    type master;
+    file "localhost.zone";
+};
+
+zone "0.0.127.in-addr.arpa" IN {
+    type master;
+    file "127.0.0.zone";
+};
+
+zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" {
+    type master;
+    file "localhost.ip6.zone";
+};
+
+zone "255.in-addr.arpa" IN {
+    type master;
+    file "empty.zone";
+};
+
+zone "0.in-addr.arpa" IN {
+    type master;
+    file "empty.zone";
+};
+
+zone "." IN {
+    type hint;
+    file "root.hint";
+};
+
+//zone "example.org" IN {
+//    type slave;
+//    file "example.zone";
+//    masters {
+//        192.168.1.100;
+//    };
+//    allow-query { any; };
+//    allow-transfer { any; };
+//};
+
+//logging {
+//    channel xfer-log {
+//        file "/var/log/named.log";
+//            print-category yes;
+//            print-severity yes;
+//            severity info;
+//        };
+//        category xfer-in { xfer-log; };
+//        category xfer-out { xfer-log; };
+//        category notify { xfer-log; };
+//};

bind/named.initd

@@ -0,0 +1,27 @@
+#!/sbin/openrc-run
+# Copyright 2018 Hyperbola Project
+# Distributed under the terms of the GNU General Public License v2
+
+description="BIND service"
+
+command="/usr/sbin/named"
+command_args="-f -u named"
+command_background="yes"
+pidfile="/run/named/named.pid"
+extra_started_commands="reload"
+
+depend() {
+	need net
+	use logger
+	provide dns
+}
+
+start_pre() {
+	checkpath --directory --owner named:named --mode 0750 /var/run/named
+}
+
+reload() {
+	ebegin "Reloading named.conf and zone files"
+		start-stop-daemon --signal HUP exec "${command}" --pidfile "${pidfile}"
+	eend $?
+}

bind/named.run

@@ -0,0 +1,4 @@
+#!/bin/sh
+mkdir -p /var/run/named || exit 1
+chown named:named /var/run/named || exit 1
+exec named -u named -f -c /etc/named/named.conf