From e37841faf746895f41627130623196c0bebe0740 Mon Sep 17 00:00:00 2001 From: Hongxu Jia Date: Tue, 19 Aug 2014 18:04:42 +0800 Subject: bind: refer ubuntu/redhat to add bind user/group We refer what ubuntu/redhat did, gave bind a user/group Here is the example in ubuntu 14.04: $ ps -eo user,group,cmd | grep "named" ... bind bind /usr/sbin/named -u bind ... $vim bind9_1%3a9.9.5.dfsg-3_amd64.deb/postinst ... # lets give them a bind user/group in all cases. getent group bind >/dev/null 2>&1 || addgroup --system bind getent passwd bind >/dev/null 2>&1 || adduser --system --home /var/cache/bind --no-create-home \ --disabled-password --ingroup bind bind ... Signed-off-by: Hongxu Jia Signed-off-by: Richard Purdie --- meta/recipes-connectivity/bind/bind/bind9 | 2 ++ meta/recipes-connectivity/bind/bind_9.9.5.bb | 10 +++++++++- 2 files changed, 11 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-connectivity/bind/bind/bind9 (limited to 'meta/recipes-connectivity') diff --git a/meta/recipes-connectivity/bind/bind/bind9 b/meta/recipes-connectivity/bind/bind/bind9 new file mode 100644 index 0000000000..968679ff7f --- /dev/null +++ b/meta/recipes-connectivity/bind/bind/bind9 @@ -0,0 +1,2 @@ +# startup options for the server +OPTIONS="-u bind" diff --git a/meta/recipes-connectivity/bind/bind_9.9.5.bb b/meta/recipes-connectivity/bind/bind_9.9.5.bb index de10eb8029..ebd38effa7 100644 --- a/meta/recipes-connectivity/bind/bind_9.9.5.bb +++ b/meta/recipes-connectivity/bind/bind_9.9.5.bb @@ -15,6 +15,7 @@ SRC_URI = "ftp://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.gz \ file://dont-test-on-host.patch \ file://generate-rndc-key.sh \ file://named.service \ + file://bind9 \ file://init.d-add-support-for-read-only-rootfs.patch \ " @@ -30,7 +31,11 @@ EXTRA_OECONF = " ${ENABLE_IPV6} --with-randomdev=/dev/random --disable-threads \ --with-openssl=${STAGING_LIBDIR}/.. --with-libxml2=${STAGING_LIBDIR}/.. \ --enable-exportlib --with-export-includedir=${includedir} --with-export-libdir=${libdir} \ " -inherit autotools-brokensep update-rc.d systemd +inherit autotools-brokensep update-rc.d systemd useradd + +USERADD_PACKAGES = "${PN}" +USERADD_PARAM_${PN} = "--system --home /var/cache/bind --no-create-home \ + --user-group bind" INITSCRIPT_NAME = "bind" INITSCRIPT_PARAMS = "defaults" @@ -67,6 +72,9 @@ do_install_append() { sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' \ -e 's,@SBINDIR@,${sbindir},g' \ ${D}${systemd_unitdir}/system/named.service + + install -d ${D}${sysconfdir}/default + install -m 0644 ${WORKDIR}/bind9 ${D}${sysconfdir}/default } CONFFILES_${PN} = " \ -- cgit 1.2.3-korg