net-dns/bind: Drop some insecure versions
authorMikle Kolyada <zlogene@gentoo.org>
Wed, 23 Jan 2019 09:53:59 +0000 (12:53 +0300)
committerMikle Kolyada <zlogene@gentoo.org>
Wed, 23 Jan 2019 09:53:59 +0000 (12:53 +0300)
Signed-off-by: Mikle Kolyada <zlogene@gentoo.org>
Package-Manager: Portage-2.3.51, Repoman-2.3.11

net-dns/bind/Manifest
net-dns/bind/bind-9.12.1_p2-r1.ebuild [deleted file]
net-dns/bind/bind-9.12.2_p1.ebuild [deleted file]
net-dns/bind/bind-9.12.2_p2.ebuild [deleted file]

index 1e233e6b5df46f8f7fc56441959834ee9b7c2503..b31effa9c8f8628f5d92795e37d66ae93ffcef68 100644 (file)
@@ -1,7 +1,5 @@
 DIST bind-9.11.2_p1.tar.gz 9783329 BLAKE2B 5a3bbd87112064231bd5e6b09ebb4014f9d5cf65cb601c03555ff540a22d87aec3990cd8e37ce5ff09e9a149bdf122d20ecb01f87731e6c79d80379a6926014f SHA512 168f27f580e3be2f7ada27afa2f72e715e750eec76831cf01bd32fabc1fa65dc29dab0eb7ed1682b076d3be99269897ddbc2c10551631a3911d9e5ae1aa40597
 DIST bind-9.11.3.tar.gz 9523375 BLAKE2B 978986e02767b8ac9f015b52e87b3bc161a7ea72f59f343dcb23f50fbe8474528c4b27ee4fd54bdbe6bd825ce6e8b164e8ad145260b2cdcd004e8892bacd313b SHA512 1f0da13165d1ee872800fe10bb8b0f69c6c76515f9861c1528fb6005213bb71b21a1270906d2ea9ded3eaf6df1a1bac0f2c80aa511683b8d57dcff4f278d8c35
 DIST bind-9.11.4_p2.tar.gz 9617963 BLAKE2B 409cad7e0976f2e46406d45e87241d61d4d4f00bf08442c4dddbad490ea3d6e42eaad5851fddb83c61a897689a8fdba0cd920aaa0d36329868d26100ba48f946 SHA512 6c01810526fc40485a6c0403d1ddc3b76d2e59b3426b5789436bd671f158d2fa0ea7c0aef2de81998ec715dabd06683fed7b17224d5c794c61e7100a69d4cb60
-DIST bind-9.12.1_p2.tar.gz 9305005 BLAKE2B 6be328e9e14a26d17c2f789aafc1f83a4690db0b0ae2aeac7dcc4b54a0e5d228692475a39160599fc5c6fd7ed8733d2f0bbac65a20c513f5fa7b6b49ad4b09ae SHA512 de47eef272c437316444c4f585a2f98ae9169fc118fd057464a5cd064bb9079ffc07145dabf388cd240f56a5ad6d3ad78cf8d98fc37609681eba5d87e18a4f9a
-DIST bind-9.12.2_p1.tar.gz 9429002 BLAKE2B 1460b4583a28df21490f71993c8cd595dd8f8ee76727cc8798ee34a6deb1f5a4d39706ec2833a42a7e63ce0dcad917ca975c7d725fc179e2dd0450d8d683ceb4 SHA512 22ce084179439518f7d82f0b80544db929bb4ec71d0e7bd7edad9ae915c903300837d6ead698c9fc23741796f0ba9ed3aa384b752ff65c3b9b20c8969d351cba
 DIST bind-9.12.2_p2.tar.gz 9422128 BLAKE2B c7d56f025f381a0136aa67ccd49a3254fcfe566d5e3601410e5cada26ccab32a901fe6e14bc14e6e287fa2b3904a4eee8e3ef63329f9bc4cb11f204590ff3623 SHA512 458adf6b3d0df286e7d345a21c40b639efcb275e76f9e0bf4e40a5d76dcac875016324393e129f29397be326d1017367c506ec9cbb35871c98fad4281bc4e05a
 DIST dyndns-samples.tbz2 22866 BLAKE2B 409890653c6536cb9c0e3ba809d2bfde0e0ae73a2a101b4f229b46c01568466bc022bbbc37712171adbd08c572733e93630feab95a0fcd1ac50a7d37da1d1108 SHA512 83b0bf99f8e9ff709e8e9336d8c5231b98a4b5f0c60c10792f34931e32cc638d261967dfa5a83151ec3740977d94ddd6e21e9ce91267b3e279b88affdbc18cac
diff --git a/net-dns/bind/bind-9.12.1_p2-r1.ebuild b/net-dns/bind/bind-9.12.1_p2-r1.ebuild
deleted file mode 100644 (file)
index 3e1a46c..0000000
+++ /dev/null
@@ -1,400 +0,0 @@
-# Copyright 1999-2018 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-# Re dlz/mysql and threads, needs to be verified..
-# MySQL uses thread local storage in its C api. Thus MySQL
-# requires that each thread of an application execute a MySQL
-# thread initialization to setup the thread local storage.
-# This is impossible to do safely while staying within the DLZ
-# driver API. This is a limitation caused by MySQL, and not the DLZ API.
-# Because of this BIND MUST only run with a single thread when
-# using the MySQL driver.
-
-EAPI="5"
-
-PYTHON_COMPAT=( python2_7 python3_{4,5,6} )
-
-inherit python-r1 eutils autotools toolchain-funcs flag-o-matic multilib db-use user systemd
-
-MY_PV="${PV/_p/-P}"
-MY_PV="${MY_PV/_rc/rc}"
-MY_P="${PN}-${MY_PV}"
-
-SDB_LDAP_VER="1.1.0-fc14"
-
-RRL_PV="${MY_PV}"
-
-# SDB-LDAP: http://bind9-ldap.bayour.com/
-
-DESCRIPTION="BIND - Berkeley Internet Name Domain - Name Server"
-HOMEPAGE="http://www.isc.org/software/bind"
-SRC_URI="https://www.isc.org/downloads/file/${MY_P}/?version=tar-gz -> ${P}.tar.gz
-       doc? ( mirror://gentoo/dyndns-samples.tbz2 )"
-#      sdb-ldap? (
-#              http://ftp.disconnected-by-peer.at/pub/bind-sdb-ldap-${SDB_LDAP_VER}.patch.bz2
-#      )"
-
-LICENSE="Apache-2.0 BSD BSD-2 GPL-2 HPND ISC MPL-2.0"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
-# -berkdb by default re bug 602682
-IUSE="-berkdb +caps dlz dnstap doc dnsrps fixed-rrset geoip gost gssapi idn ipv6
-json ldap libressl lmdb mysql odbc postgres python rpz seccomp selinux ssl static-libs
-+threads urandom xml +zlib"
-# sdb-ldap - patch broken
-# no PKCS11 currently as it requires OpenSSL to be patched, also see bug 409687
-
-REQUIRED_USE="postgres? ( dlz )
-       berkdb? ( dlz )
-       mysql? ( dlz !threads )
-       odbc? ( dlz )
-       ldap? ( dlz )
-       gost? ( !libressl ssl )
-       threads? ( caps )
-       dnstap? ( threads )
-       python? ( ${PYTHON_REQUIRED_USE} )"
-# sdb-ldap? ( dlz )
-
-DEPEND="
-       ssl? (
-               !libressl? ( dev-libs/openssl:0[-bindist] )
-               libressl? ( dev-libs/libressl )
-       )
-       mysql? ( >=virtual/mysql-4.0 )
-       odbc? ( >=dev-db/unixODBC-2.2.6 )
-       ldap? ( net-nds/openldap )
-       idn? ( <net-dns/idnkit-2:= )
-       postgres? ( dev-db/postgresql:= )
-       caps? ( >=sys-libs/libcap-2.1.0 )
-       xml? ( dev-libs/libxml2 )
-       geoip? ( >=dev-libs/geoip-1.4.6 )
-       gssapi? ( virtual/krb5 )
-       gost? ( >=dev-libs/openssl-1.0.0:0[-bindist] )
-       seccomp? ( sys-libs/libseccomp )
-       json? ( dev-libs/json-c:= )
-       lmdb? ( dev-db/lmdb )
-       zlib? ( sys-libs/zlib )
-       dnstap? ( dev-libs/fstrm dev-libs/protobuf-c )
-       python? (
-               ${PYTHON_DEPS}
-               dev-python/ply[${PYTHON_USEDEP}]
-       )"
-#      sdb-ldap? ( net-nds/openldap )
-
-RDEPEND="${DEPEND}
-       selinux? ( sec-policy/selinux-bind )
-       || ( sys-process/psmisc >=sys-freebsd/freebsd-ubin-9.0_rc sys-process/fuser-bsd )"
-
-S="${WORKDIR}/${MY_P}"
-
-# bug 479092, requires networking
-RESTRICT="test"
-
-pkg_setup() {
-       ebegin "Creating named group and user"
-       enewgroup named 40
-       enewuser named 40 -1 /etc/bind named
-       eend ${?}
-}
-
-src_prepare() {
-       # Adjusting PATHs in manpages
-       for i in bin/{named/named.8,check/named-checkconf.8,rndc/rndc.8} ; do
-               sed -i \
-                       -e 's:/etc/named.conf:/etc/bind/named.conf:g' \
-                       -e 's:/etc/rndc.conf:/etc/bind/rndc.conf:g' \
-                       -e 's:/etc/rndc.key:/etc/bind/rndc.key:g' \
-                       "${i}" || die "sed failed, ${i} doesn't exist"
-       done
-
-       # bug 657654 / CVE-2018-5738
-       epatch "${FILESDIR}/${P}-CVE-2018-5738.patch"
-
-#      if use dlz; then
-#              # sdb-ldap patch as per  bug #160567
-#              # Upstream URL: http://bind9-ldap.bayour.com/
-#              # New patch take from bug 302735
-#              if use sdb-ldap; then
-#                      epatch "${WORKDIR}"/${PN}-sdb-ldap-${SDB_LDAP_VER}.patch
-#                      cp -fp contrib/sdb/ldap/ldapdb.[ch] bin/named/
-#                      cp -fp contrib/sdb/ldap/{ldap2zone.1,ldap2zone.c} bin/tools/
-#                      cp -fp contrib/sdb/ldap/{zone2ldap.1,zone2ldap.c} bin/tools/
-#              fi
-#      fi
-
-       # should be installed by bind-tools
-       sed -i -r -e "s:(nsupdate|dig|delv) ::g" bin/Makefile.in || die
-
-       # Disable tests for now, bug 406399
-       sed -i '/^SUBDIRS/s:tests::' bin/Makefile.in lib/Makefile.in || die
-
-       # bug #220361
-       rm aclocal.m4
-       rm -rf libtool.m4/
-       eautoreconf
-}
-
-src_configure() {
-       local myconf=""
-
-       if use urandom; then
-               myconf="${myconf} --with-randomdev=/dev/urandom"
-       else
-               myconf="${myconf} --with-randomdev=/dev/random"
-       fi
-
-       use geoip && myconf="${myconf} --with-geoip"
-
-       # bug #158664
-#      gcc-specs-ssp && replace-flags -O[23s] -O
-
-       # To include db.h from proper path
-       use berkdb && append-flags "-I$(db_includedir)"
-
-       export BUILD_CC=$(tc-getBUILD_CC)
-       econf \
-               --sysconfdir=/etc/bind \
-               --localstatedir=/var \
-               --with-libtool \
-               --enable-full-report \
-               --without-readline \
-               $(use_enable caps linux-caps) \
-               $(use_enable dnsrps) \
-               $(use_enable fixed-rrset) \
-               $(use_enable ipv6) \
-               $(use_enable rpz rpz-nsdname) \
-               $(use_enable rpz rpz-nsip) \
-               $(use_enable seccomp) \
-               $(use_enable threads) \
-               $(use_with berkdb dlz-bdb) \
-               $(use_with dlz dlopen) \
-               $(use_with dlz dlz-filesystem) \
-               $(use_with dlz dlz-stub) \
-               $(use_with gost) \
-               $(use_with gssapi) \
-               $(use_with idn) \
-               $(use_with json libjson) \
-               $(use_with ldap dlz-ldap) \
-               $(use_with mysql dlz-mysql) \
-               $(use_with odbc dlz-odbc) \
-               $(use_with postgres dlz-postgres) \
-               $(use_with lmdb) \
-               $(use_with python) \
-               $(use_with ssl ecdsa) \
-               $(use_with ssl openssl "${EPREFIX}"/usr) \
-               $(use_with xml libxml2) \
-               $(use_with zlib) \
-               ${myconf}
-
-       # $(use_enable static-libs static) \
-
-       # bug #151839
-       echo '#undef SO_BSDCOMPAT' >> config.h
-}
-
-src_install() {
-       emake DESTDIR="${D}" install
-
-       dodoc CHANGES README
-
-       if use idn; then
-               dodoc contrib/idn/README.idnkit
-       fi
-
-       if use doc; then
-               dodoc doc/arm/Bv9ARM.pdf
-
-               docinto misc
-               dodoc doc/misc/*
-
-               # might a 'html' useflag make sense?
-               docinto html
-               dohtml -r doc/arm/*
-
-               docinto contrib
-               dodoc contrib/scripts/{nanny.pl,named-bootconf.sh}
-
-               # some handy-dandy dynamic dns examples
-               pushd "${D}"/usr/share/doc/${PF} 1>/dev/null
-               tar xf "${DISTDIR}"/dyndns-samples.tbz2 || die
-               popd 1>/dev/null
-       fi
-
-       insinto /etc/bind
-       newins "${FILESDIR}"/named.conf-r8 named.conf
-
-       # ftp://ftp.rs.internic.net/domain/named.cache:
-       insinto /var/bind
-       newins "${FILESDIR}"/named.cache-r3 named.cache
-
-       insinto /var/bind/pri
-       newins "${FILESDIR}"/localhost.zone-r3 localhost.zone
-
-       newinitd "${FILESDIR}"/named.init-r13 named
-       newconfd "${FILESDIR}"/named.confd-r7 named
-
-       if use gost; then
-               sed -i -e 's/^OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-0}$/OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-1}/' "${D}/etc/init.d/named" || die
-       else
-               sed -i -e 's/^OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-1}$/OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-0}/' "${D}/etc/init.d/named" || die
-       fi
-
-       newenvd "${FILESDIR}"/10bind.env 10bind
-
-       # Let's get rid of those tools and their manpages since they're provided by bind-tools
-       rm -f "${D}"/usr/share/man/man1/{dig,host,nslookup}.1*
-       rm -f "${D}"/usr/share/man/man8/nsupdate.8*
-       rm -f "${D}"/usr/bin/{dig,host,nslookup,nsupdate}
-       rm -f "${D}"/usr/sbin/{dig,host,nslookup,nsupdate}
-       for tool in dsfromkey importkey keyfromlabel keygen \
-         revoke settime signzone verify; do
-               rm -f "${D}"/usr/{,s}bin/dnssec-"${tool}"
-               rm -f "${D}"/usr/share/man/man8/dnssec-"${tool}".8*
-       done
-
-       # bug 405251, library archives aren't properly handled by --enable/disable-static
-       if ! use static-libs; then
-               find "${D}" -type f -name '*.a' -delete || die
-       fi
-
-       # bug 405251
-       find "${D}" -type f -name '*.la' -delete || die
-
-       if use python; then
-               install_python_tools() {
-                       dosbin bin/python/dnssec-{checkds,coverage}
-               }
-               python_foreach_impl install_python_tools
-
-               python_replicate_script "${D}usr/sbin/dnssec-checkds"
-               python_replicate_script "${D}usr/sbin/dnssec-coverage"
-       fi
-
-       # bug 450406
-       dosym named.cache /var/bind/root.cache
-
-       dosym /var/bind/pri /etc/bind/pri
-       dosym /var/bind/sec /etc/bind/sec
-       dosym /var/bind/dyn /etc/bind/dyn
-       keepdir /var/bind/{pri,sec,dyn}
-
-       dodir /var/log/named
-
-       fowners root:named /{etc,var}/bind /var/log/named /var/bind/{sec,pri,dyn}
-       fowners root:named /var/bind/named.cache /var/bind/pri/localhost.zone /etc/bind/{bind.keys,named.conf}
-       fperms 0640 /var/bind/named.cache /var/bind/pri/localhost.zone /etc/bind/{bind.keys,named.conf}
-       fperms 0750 /etc/bind /var/bind/pri
-       fperms 0770 /var/log/named /var/bind/{,sec,dyn}
-
-       systemd_newunit "${FILESDIR}/named.service-r1" named.service
-       systemd_dotmpfilesd "${FILESDIR}"/named.conf
-       exeinto /usr/libexec
-       doexe "${FILESDIR}/generate-rndc-key.sh"
-}
-
-pkg_postinst() {
-       if [ ! -f '/etc/bind/rndc.key' ]; then
-               if use urandom; then
-                       einfo "Using /dev/urandom for generating rndc.key"
-                       /usr/sbin/rndc-confgen -r /dev/urandom -a
-                       echo
-               else
-                       einfo "Using /dev/random for generating rndc.key"
-                       /usr/sbin/rndc-confgen -a
-                       echo
-               fi
-               chown root:named /etc/bind/rndc.key
-               chmod 0640 /etc/bind/rndc.key
-       fi
-
-       einfo
-       einfo "You can edit /etc/conf.d/named to customize named settings"
-       einfo
-       use mysql || use postgres || use ldap && {
-               elog "If your named depends on MySQL/PostgreSQL or LDAP,"
-               elog "uncomment the specified rc_named_* lines in your"
-               elog "/etc/conf.d/named config to ensure they'll start before bind"
-               einfo
-       }
-       einfo "If you'd like to run bind in a chroot AND this is a new"
-       einfo "install OR your bind doesn't already run in a chroot:"
-       einfo "1) Uncomment and set the CHROOT variable in /etc/conf.d/named."
-       einfo "2) Run \`emerge --config '=${CATEGORY}/${PF}'\`"
-       einfo
-
-       CHROOT=$(source /etc/conf.d/named 2>/dev/null; echo ${CHROOT})
-       if [[ -n ${CHROOT} ]]; then
-               elog "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!"
-               elog "To enable the old behaviour (without using mount) uncomment the"
-               elog "CHROOT_NOMOUNT option in your /etc/conf.d/named config."
-               elog "If you decide to use the new/default method, ensure to make backup"
-               elog "first and merge your existing configs/zones to /etc/bind and"
-               elog "/var/bind because bind will now mount the needed directories into"
-               elog "the chroot dir."
-       fi
-}
-
-pkg_config() {
-       CHROOT=$(source /etc/conf.d/named; echo ${CHROOT})
-       CHROOT_NOMOUNT=$(source /etc/conf.d/named; echo ${CHROOT_NOMOUNT})
-       CHROOT_GEOIP=$(source /etc/conf.d/named; echo ${CHROOT_GEOIP})
-
-       if [[ -z "${CHROOT}" ]]; then
-               eerror "This config script is designed to automate setting up"
-               eerror "a chrooted bind/named. To do so, please first uncomment"
-               eerror "and set the CHROOT variable in '/etc/conf.d/named'."
-               die "Unset CHROOT"
-       fi
-       if [[ -d "${CHROOT}" ]]; then
-               ewarn "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!"
-               ewarn "To enable the old behaviour (without using mount) uncomment the"
-               ewarn "CHROOT_NOMOUNT option in your /etc/conf.d/named config."
-               ewarn
-               ewarn "${CHROOT} already exists... some things might become overridden"
-               ewarn "press CTRL+C if you don't want to continue"
-               sleep 10
-       fi
-
-       echo; einfo "Setting up the chroot directory..."
-
-       mkdir -m 0750 -p ${CHROOT}
-       mkdir -m 0755 -p ${CHROOT}/{dev,etc,var/log,run}
-       mkdir -m 0750 -p ${CHROOT}/etc/bind
-       mkdir -m 0770 -p ${CHROOT}/var/{bind,log/named} ${CHROOT}/run/named/
-       # As of bind 9.8.0
-       if has_version net-dns/bind[gost]; then
-               if [ "$(get_libdir)" = "lib64" ]; then
-                       mkdir -m 0755 -p ${CHROOT}/usr/lib64/engines
-                       ln -s lib64 ${CHROOT}/usr/lib
-               else
-                       mkdir -m 0755 -p ${CHROOT}/usr/lib/engines
-               fi
-       fi
-       chown root:named ${CHROOT} ${CHROOT}/var/{bind,log/named} ${CHROOT}/run/named/ ${CHROOT}/etc/bind
-
-       mknod ${CHROOT}/dev/null c 1 3
-       chmod 0666 ${CHROOT}/dev/null
-
-       mknod ${CHROOT}/dev/zero c 1 5
-       chmod 0666 ${CHROOT}/dev/zero
-
-       if use urandom; then
-               mknod ${CHROOT}/dev/urandom c 1 9
-               chmod 0666 ${CHROOT}/dev/urandom
-       else
-               mknod ${CHROOT}/dev/random c 1 8
-               chmod 0666 ${CHROOT}/dev/random
-       fi
-
-       if [ "${CHROOT_NOMOUNT:-0}" -ne 0 ]; then
-               cp -a /etc/bind ${CHROOT}/etc/
-               cp -a /var/bind ${CHROOT}/var/
-       fi
-
-       if [ "${CHROOT_GEOIP:-0}" -eq 1 ]; then
-               mkdir -m 0755 -p ${CHROOT}/usr/share/GeoIP
-       fi
-
-       elog "You may need to add the following line to your syslog-ng.conf:"
-       elog "source jail { unix-stream(\"${CHROOT}/dev/log\"); };"
-}
diff --git a/net-dns/bind/bind-9.12.2_p1.ebuild b/net-dns/bind/bind-9.12.2_p1.ebuild
deleted file mode 100644 (file)
index 1d4cd91..0000000
+++ /dev/null
@@ -1,401 +0,0 @@
-# Copyright 1999-2018 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-# Re dlz/mysql and threads, needs to be verified..
-# MySQL uses thread local storage in its C api. Thus MySQL
-# requires that each thread of an application execute a MySQL
-# thread initialization to setup the thread local storage.
-# This is impossible to do safely while staying within the DLZ
-# driver API. This is a limitation caused by MySQL, and not the DLZ API.
-# Because of this BIND MUST only run with a single thread when
-# using the MySQL driver.
-
-EAPI="5"
-
-PYTHON_COMPAT=( python2_7 python3_{4,5,6} )
-
-inherit python-r1 eutils autotools toolchain-funcs flag-o-matic multilib db-use user systemd
-
-MY_PV="${PV/_p/-P}"
-MY_PV="${MY_PV/_rc/rc}"
-MY_P="${PN}-${MY_PV}"
-
-SDB_LDAP_VER="1.1.0-fc14"
-
-RRL_PV="${MY_PV}"
-
-# SDB-LDAP: http://bind9-ldap.bayour.com/
-
-DESCRIPTION="BIND - Berkeley Internet Name Domain - Name Server"
-HOMEPAGE="http://www.isc.org/software/bind"
-SRC_URI="https://www.isc.org/downloads/file/${MY_P}/?version=tar-gz -> ${P}.tar.gz
-       doc? ( mirror://gentoo/dyndns-samples.tbz2 )"
-#      sdb-ldap? (
-#              http://ftp.disconnected-by-peer.at/pub/bind-sdb-ldap-${SDB_LDAP_VER}.patch.bz2
-#      )"
-
-LICENSE="Apache-2.0 BSD BSD-2 GPL-2 HPND ISC MPL-2.0"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
-# -berkdb by default re bug 602682
-IUSE="-berkdb +caps dlz dnstap doc dnsrps fixed-rrset geoip gost gssapi idn ipv6
-json ldap libidn2 libressl lmdb mysql odbc postgres python rpz seccomp selinux ssl static-libs
-+threads urandom xml +zlib"
-# sdb-ldap - patch broken
-# no PKCS11 currently as it requires OpenSSL to be patched, also see bug 409687
-
-REQUIRED_USE="idn? ( !libidn2 )
-       libidn2? ( !idn )
-       postgres? ( dlz )
-       berkdb? ( dlz )
-       mysql? ( dlz !threads )
-       odbc? ( dlz )
-       ldap? ( dlz )
-       gost? ( !libressl ssl )
-       threads? ( caps )
-       dnstap? ( threads )
-       python? ( ${PYTHON_REQUIRED_USE} )"
-# sdb-ldap? ( dlz )
-
-DEPEND="
-       ssl? (
-               !libressl? ( dev-libs/openssl:0[-bindist] )
-               libressl? ( dev-libs/libressl )
-       )
-       mysql? ( >=virtual/mysql-4.0 )
-       odbc? ( >=dev-db/unixODBC-2.2.6 )
-       ldap? ( net-nds/openldap )
-       idn? ( <net-dns/idnkit-2:= )
-       libidn2? ( net-dns/libidn2 )
-       postgres? ( dev-db/postgresql:= )
-       caps? ( >=sys-libs/libcap-2.1.0 )
-       xml? ( dev-libs/libxml2 )
-       geoip? ( >=dev-libs/geoip-1.4.6 )
-       gssapi? ( virtual/krb5 )
-       gost? ( >=dev-libs/openssl-1.0.0:0[-bindist] )
-       seccomp? ( sys-libs/libseccomp )
-       json? ( dev-libs/json-c:= )
-       lmdb? ( dev-db/lmdb )
-       zlib? ( sys-libs/zlib )
-       dnstap? ( dev-libs/fstrm dev-libs/protobuf-c )
-       python? (
-               ${PYTHON_DEPS}
-               dev-python/ply[${PYTHON_USEDEP}]
-       )"
-#      sdb-ldap? ( net-nds/openldap )
-
-RDEPEND="${DEPEND}
-       selinux? ( sec-policy/selinux-bind )
-       || ( sys-process/psmisc >=sys-freebsd/freebsd-ubin-9.0_rc sys-process/fuser-bsd )"
-
-S="${WORKDIR}/${MY_P}"
-
-# bug 479092, requires networking
-RESTRICT="test"
-
-pkg_setup() {
-       ebegin "Creating named group and user"
-       enewgroup named 40
-       enewuser named 40 -1 /etc/bind named
-       eend ${?}
-}
-
-src_prepare() {
-       # Adjusting PATHs in manpages
-       for i in bin/{named/named.8,check/named-checkconf.8,rndc/rndc.8} ; do
-               sed -i \
-                       -e 's:/etc/named.conf:/etc/bind/named.conf:g' \
-                       -e 's:/etc/rndc.conf:/etc/bind/rndc.conf:g' \
-                       -e 's:/etc/rndc.key:/etc/bind/rndc.key:g' \
-                       "${i}" || die "sed failed, ${i} doesn't exist"
-       done
-
-#      if use dlz; then
-#              # sdb-ldap patch as per  bug #160567
-#              # Upstream URL: http://bind9-ldap.bayour.com/
-#              # New patch take from bug 302735
-#              if use sdb-ldap; then
-#                      epatch "${WORKDIR}"/${PN}-sdb-ldap-${SDB_LDAP_VER}.patch
-#                      cp -fp contrib/sdb/ldap/ldapdb.[ch] bin/named/
-#                      cp -fp contrib/sdb/ldap/{ldap2zone.1,ldap2zone.c} bin/tools/
-#                      cp -fp contrib/sdb/ldap/{zone2ldap.1,zone2ldap.c} bin/tools/
-#              fi
-#      fi
-
-       # should be installed by bind-tools
-       sed -i -r -e "s:(nsupdate|dig|delv) ::g" bin/Makefile.in || die
-
-       # Disable tests for now, bug 406399
-       sed -i '/^SUBDIRS/s:tests::' bin/Makefile.in lib/Makefile.in || die
-
-       # bug #220361
-       rm aclocal.m4
-       rm -rf libtool.m4/
-       eautoreconf
-}
-
-src_configure() {
-       local myconf=""
-
-       if use urandom; then
-               myconf="${myconf} --with-randomdev=/dev/urandom"
-       else
-               myconf="${myconf} --with-randomdev=/dev/random"
-       fi
-
-       use geoip && myconf="${myconf} --with-geoip"
-
-       # bug #158664
-#      gcc-specs-ssp && replace-flags -O[23s] -O
-
-       # To include db.h from proper path
-       use berkdb && append-flags "-I$(db_includedir)"
-
-       export BUILD_CC=$(tc-getBUILD_CC)
-       econf \
-               --sysconfdir=/etc/bind \
-               --localstatedir=/var \
-               --with-libtool \
-               --enable-full-report \
-               --without-readline \
-               $(use_enable caps linux-caps) \
-               $(use_enable dnsrps) \
-               $(use_enable fixed-rrset) \
-               $(use_enable ipv6) \
-               $(use_enable rpz rpz-nsdname) \
-               $(use_enable rpz rpz-nsip) \
-               $(use_enable seccomp) \
-               $(use_enable threads) \
-               $(use_with berkdb dlz-bdb) \
-               $(use_with dlz dlopen) \
-               $(use_with dlz dlz-filesystem) \
-               $(use_with dlz dlz-stub) \
-               $(use_with gost) \
-               $(use_with gssapi) \
-               $(use_with idn idnkit) \
-               $(use_with libidn2) \
-               $(use_with json libjson) \
-               $(use_with ldap dlz-ldap) \
-               $(use_with mysql dlz-mysql) \
-               $(use_with odbc dlz-odbc) \
-               $(use_with postgres dlz-postgres) \
-               $(use_with lmdb) \
-               $(use_with python) \
-               $(use_with ssl ecdsa) \
-               $(use_with ssl openssl "${EPREFIX}"/usr) \
-               $(use_with xml libxml2) \
-               $(use_with zlib) \
-               ${myconf}
-
-       # $(use_enable static-libs static) \
-
-       # bug #151839
-       echo '#undef SO_BSDCOMPAT' >> config.h
-}
-
-src_install() {
-       emake DESTDIR="${D}" install
-
-       dodoc CHANGES README
-
-       if use idn; then
-               dodoc contrib/idn/README.idnkit
-       fi
-
-       if use doc; then
-               dodoc doc/arm/Bv9ARM.pdf
-
-               docinto misc
-               dodoc doc/misc/*
-
-               # might a 'html' useflag make sense?
-               docinto html
-               dohtml -r doc/arm/*
-
-               docinto contrib
-               dodoc contrib/scripts/{nanny.pl,named-bootconf.sh}
-
-               # some handy-dandy dynamic dns examples
-               pushd "${D}"/usr/share/doc/${PF} 1>/dev/null
-               tar xf "${DISTDIR}"/dyndns-samples.tbz2 || die
-               popd 1>/dev/null
-       fi
-
-       insinto /etc/bind
-       newins "${FILESDIR}"/named.conf-r8 named.conf
-
-       # ftp://ftp.rs.internic.net/domain/named.cache:
-       insinto /var/bind
-       newins "${FILESDIR}"/named.cache-r3 named.cache
-
-       insinto /var/bind/pri
-       newins "${FILESDIR}"/localhost.zone-r3 localhost.zone
-
-       newinitd "${FILESDIR}"/named.init-r13 named
-       newconfd "${FILESDIR}"/named.confd-r7 named
-
-       if use gost; then
-               sed -i -e 's/^OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-0}$/OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-1}/' "${D}/etc/init.d/named" || die
-       else
-               sed -i -e 's/^OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-1}$/OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-0}/' "${D}/etc/init.d/named" || die
-       fi
-
-       newenvd "${FILESDIR}"/10bind.env 10bind
-
-       # Let's get rid of those tools and their manpages since they're provided by bind-tools
-       rm -f "${D}"/usr/share/man/man1/{dig,host,nslookup}.1*
-       rm -f "${D}"/usr/share/man/man8/nsupdate.8*
-       rm -f "${D}"/usr/bin/{dig,host,nslookup,nsupdate}
-       rm -f "${D}"/usr/sbin/{dig,host,nslookup,nsupdate}
-       for tool in dsfromkey importkey keyfromlabel keygen \
-         revoke settime signzone verify; do
-               rm -f "${D}"/usr/{,s}bin/dnssec-"${tool}"
-               rm -f "${D}"/usr/share/man/man8/dnssec-"${tool}".8*
-       done
-
-       # bug 405251, library archives aren't properly handled by --enable/disable-static
-       if ! use static-libs; then
-               find "${D}" -type f -name '*.a' -delete || die
-       fi
-
-       # bug 405251
-       find "${D}" -type f -name '*.la' -delete || die
-
-       if use python; then
-               install_python_tools() {
-                       dosbin bin/python/dnssec-{checkds,coverage}
-               }
-               python_foreach_impl install_python_tools
-
-               python_replicate_script "${D}usr/sbin/dnssec-checkds"
-               python_replicate_script "${D}usr/sbin/dnssec-coverage"
-       fi
-
-       # bug 450406
-       dosym named.cache /var/bind/root.cache
-
-       dosym /var/bind/pri /etc/bind/pri
-       dosym /var/bind/sec /etc/bind/sec
-       dosym /var/bind/dyn /etc/bind/dyn
-       keepdir /var/bind/{pri,sec,dyn}
-
-       dodir /var/log/named
-
-       fowners root:named /{etc,var}/bind /var/log/named /var/bind/{sec,pri,dyn}
-       fowners root:named /var/bind/named.cache /var/bind/pri/localhost.zone /etc/bind/{bind.keys,named.conf}
-       fperms 0640 /var/bind/named.cache /var/bind/pri/localhost.zone /etc/bind/{bind.keys,named.conf}
-       fperms 0750 /etc/bind /var/bind/pri
-       fperms 0770 /var/log/named /var/bind/{,sec,dyn}
-
-       systemd_newunit "${FILESDIR}/named.service-r1" named.service
-       systemd_dotmpfilesd "${FILESDIR}"/named.conf
-       exeinto /usr/libexec
-       doexe "${FILESDIR}/generate-rndc-key.sh"
-}
-
-pkg_postinst() {
-       if [ ! -f '/etc/bind/rndc.key' ]; then
-               if use urandom; then
-                       einfo "Using /dev/urandom for generating rndc.key"
-                       /usr/sbin/rndc-confgen -r /dev/urandom -a
-                       echo
-               else
-                       einfo "Using /dev/random for generating rndc.key"
-                       /usr/sbin/rndc-confgen -a
-                       echo
-               fi
-               chown root:named /etc/bind/rndc.key
-               chmod 0640 /etc/bind/rndc.key
-       fi
-
-       einfo
-       einfo "You can edit /etc/conf.d/named to customize named settings"
-       einfo
-       use mysql || use postgres || use ldap && {
-               elog "If your named depends on MySQL/PostgreSQL or LDAP,"
-               elog "uncomment the specified rc_named_* lines in your"
-               elog "/etc/conf.d/named config to ensure they'll start before bind"
-               einfo
-       }
-       einfo "If you'd like to run bind in a chroot AND this is a new"
-       einfo "install OR your bind doesn't already run in a chroot:"
-       einfo "1) Uncomment and set the CHROOT variable in /etc/conf.d/named."
-       einfo "2) Run \`emerge --config '=${CATEGORY}/${PF}'\`"
-       einfo
-
-       CHROOT=$(source /etc/conf.d/named 2>/dev/null; echo ${CHROOT})
-       if [[ -n ${CHROOT} ]]; then
-               elog "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!"
-               elog "To enable the old behaviour (without using mount) uncomment the"
-               elog "CHROOT_NOMOUNT option in your /etc/conf.d/named config."
-               elog "If you decide to use the new/default method, ensure to make backup"
-               elog "first and merge your existing configs/zones to /etc/bind and"
-               elog "/var/bind because bind will now mount the needed directories into"
-               elog "the chroot dir."
-       fi
-}
-
-pkg_config() {
-       CHROOT=$(source /etc/conf.d/named; echo ${CHROOT})
-       CHROOT_NOMOUNT=$(source /etc/conf.d/named; echo ${CHROOT_NOMOUNT})
-       CHROOT_GEOIP=$(source /etc/conf.d/named; echo ${CHROOT_GEOIP})
-
-       if [[ -z "${CHROOT}" ]]; then
-               eerror "This config script is designed to automate setting up"
-               eerror "a chrooted bind/named. To do so, please first uncomment"
-               eerror "and set the CHROOT variable in '/etc/conf.d/named'."
-               die "Unset CHROOT"
-       fi
-       if [[ -d "${CHROOT}" ]]; then
-               ewarn "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!"
-               ewarn "To enable the old behaviour (without using mount) uncomment the"
-               ewarn "CHROOT_NOMOUNT option in your /etc/conf.d/named config."
-               ewarn
-               ewarn "${CHROOT} already exists... some things might become overridden"
-               ewarn "press CTRL+C if you don't want to continue"
-               sleep 10
-       fi
-
-       echo; einfo "Setting up the chroot directory..."
-
-       mkdir -m 0750 -p ${CHROOT}
-       mkdir -m 0755 -p ${CHROOT}/{dev,etc,var/log,run}
-       mkdir -m 0750 -p ${CHROOT}/etc/bind
-       mkdir -m 0770 -p ${CHROOT}/var/{bind,log/named} ${CHROOT}/run/named/
-       # As of bind 9.8.0
-       if has_version net-dns/bind[gost]; then
-               if [ "$(get_libdir)" = "lib64" ]; then
-                       mkdir -m 0755 -p ${CHROOT}/usr/lib64/engines
-                       ln -s lib64 ${CHROOT}/usr/lib
-               else
-                       mkdir -m 0755 -p ${CHROOT}/usr/lib/engines
-               fi
-       fi
-       chown root:named ${CHROOT} ${CHROOT}/var/{bind,log/named} ${CHROOT}/run/named/ ${CHROOT}/etc/bind
-
-       mknod ${CHROOT}/dev/null c 1 3
-       chmod 0666 ${CHROOT}/dev/null
-
-       mknod ${CHROOT}/dev/zero c 1 5
-       chmod 0666 ${CHROOT}/dev/zero
-
-       if use urandom; then
-               mknod ${CHROOT}/dev/urandom c 1 9
-               chmod 0666 ${CHROOT}/dev/urandom
-       else
-               mknod ${CHROOT}/dev/random c 1 8
-               chmod 0666 ${CHROOT}/dev/random
-       fi
-
-       if [ "${CHROOT_NOMOUNT:-0}" -ne 0 ]; then
-               cp -a /etc/bind ${CHROOT}/etc/
-               cp -a /var/bind ${CHROOT}/var/
-       fi
-
-       if [ "${CHROOT_GEOIP:-0}" -eq 1 ]; then
-               mkdir -m 0755 -p ${CHROOT}/usr/share/GeoIP
-       fi
-
-       elog "You may need to add the following line to your syslog-ng.conf:"
-       elog "source jail { unix-stream(\"${CHROOT}/dev/log\"); };"
-}
diff --git a/net-dns/bind/bind-9.12.2_p2.ebuild b/net-dns/bind/bind-9.12.2_p2.ebuild
deleted file mode 100644 (file)
index 37870df..0000000
+++ /dev/null
@@ -1,407 +0,0 @@
-# Copyright 1999-2018 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-# Re dlz/mysql and threads, needs to be verified..
-# MySQL uses thread local storage in its C api. Thus MySQL
-# requires that each thread of an application execute a MySQL
-# thread initialization to setup the thread local storage.
-# This is impossible to do safely while staying within the DLZ
-# driver API. This is a limitation caused by MySQL, and not the DLZ API.
-# Because of this BIND MUST only run with a single thread when
-# using the MySQL driver.
-
-EAPI=7
-
-PYTHON_COMPAT=( python2_7 python3_{4,5,6,7} )
-
-inherit python-r1 eutils autotools toolchain-funcs flag-o-matic multilib db-use user systemd
-
-MY_PV="${PV/_p/-P}"
-MY_PV="${MY_PV/_rc/rc}"
-MY_P="${PN}-${MY_PV}"
-
-SDB_LDAP_VER="1.1.0-fc14"
-
-RRL_PV="${MY_PV}"
-
-# SDB-LDAP: http://bind9-ldap.bayour.com/
-
-DESCRIPTION="BIND - Berkeley Internet Name Domain - Name Server"
-HOMEPAGE="http://www.isc.org/software/bind"
-SRC_URI="https://www.isc.org/downloads/file/${MY_P}/?version=tar-gz -> ${P}.tar.gz
-       doc? ( mirror://gentoo/dyndns-samples.tbz2 )"
-#      sdb-ldap? (
-#              http://ftp.disconnected-by-peer.at/pub/bind-sdb-ldap-${SDB_LDAP_VER}.patch.bz2
-#      )"
-
-LICENSE="Apache-2.0 BSD BSD-2 GPL-2 HPND ISC MPL-2.0"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
-# -berkdb by default re bug 602682
-IUSE="-berkdb +caps dlz dnstap doc dnsrps fixed-rrset geoip gost gssapi idn ipv6
-json ldap libidn2 libressl lmdb mysql odbc postgres python rpz seccomp selinux ssl static-libs
-+threads urandom xml +zlib"
-# sdb-ldap - patch broken
-# no PKCS11 currently as it requires OpenSSL to be patched, also see bug 409687
-
-REQUIRED_USE="idn? ( !libidn2 )
-       libidn2? ( !idn )
-       postgres? ( dlz )
-       berkdb? ( dlz )
-       mysql? ( dlz !threads )
-       odbc? ( dlz )
-       ldap? ( dlz )
-       gost? ( !libressl ssl )
-       threads? ( caps )
-       dnstap? ( threads )
-       python? ( ${PYTHON_REQUIRED_USE} )"
-# sdb-ldap? ( dlz )
-
-DEPEND="
-       ssl? (
-               !libressl? ( dev-libs/openssl:0[-bindist] )
-               libressl? ( dev-libs/libressl )
-       )
-       mysql? ( >=virtual/mysql-4.0 )
-       odbc? ( >=dev-db/unixODBC-2.2.6 )
-       ldap? ( net-nds/openldap )
-       idn? ( <net-dns/idnkit-2:= )
-       libidn2? ( net-dns/libidn2 )
-       postgres? ( dev-db/postgresql:= )
-       caps? ( >=sys-libs/libcap-2.1.0 )
-       xml? ( dev-libs/libxml2 )
-       geoip? ( >=dev-libs/geoip-1.4.6 )
-       gssapi? ( virtual/krb5 )
-       gost? ( >=dev-libs/openssl-1.0.0:0[-bindist] )
-       seccomp? ( sys-libs/libseccomp )
-       json? ( dev-libs/json-c:= )
-       lmdb? ( dev-db/lmdb )
-       zlib? ( sys-libs/zlib )
-       dnstap? ( dev-libs/fstrm dev-libs/protobuf-c )
-       python? (
-               ${PYTHON_DEPS}
-               dev-python/ply[${PYTHON_USEDEP}]
-       )"
-#      sdb-ldap? ( net-nds/openldap )
-
-RDEPEND="${DEPEND}
-       selinux? ( sec-policy/selinux-bind )
-       || ( sys-process/psmisc >=sys-freebsd/freebsd-ubin-9.0_rc sys-process/fuser-bsd )"
-
-S="${WORKDIR}/${MY_P}"
-
-# bug 479092, requires networking
-RESTRICT="test"
-
-pkg_setup() {
-       ebegin "Creating named group and user"
-       enewgroup named 40
-       enewuser named 40 -1 /etc/bind named
-       eend ${?}
-}
-
-src_prepare() {
-       default
-
-       # Adjusting PATHs in manpages
-       for i in bin/{named/named.8,check/named-checkconf.8,rndc/rndc.8} ; do
-               sed -i \
-                       -e 's:/etc/named.conf:/etc/bind/named.conf:g' \
-                       -e 's:/etc/rndc.conf:/etc/bind/rndc.conf:g' \
-                       -e 's:/etc/rndc.key:/etc/bind/rndc.key:g' \
-                       "${i}" || die "sed failed, ${i} doesn't exist"
-       done
-
-#      if use dlz; then
-#              # sdb-ldap patch as per  bug #160567
-#              # Upstream URL: http://bind9-ldap.bayour.com/
-#              # New patch take from bug 302735
-#              if use sdb-ldap; then
-#                      epatch "${WORKDIR}"/${PN}-sdb-ldap-${SDB_LDAP_VER}.patch
-#                      cp -fp contrib/sdb/ldap/ldapdb.[ch] bin/named/
-#                      cp -fp contrib/sdb/ldap/{ldap2zone.1,ldap2zone.c} bin/tools/
-#                      cp -fp contrib/sdb/ldap/{zone2ldap.1,zone2ldap.c} bin/tools/
-#              fi
-#      fi
-
-       # should be installed by bind-tools
-       sed -i -r -e "s:(nsupdate|dig|delv) ::g" bin/Makefile.in || die
-
-       # Disable tests for now, bug 406399
-       sed -i '/^SUBDIRS/s:tests::' bin/Makefile.in lib/Makefile.in || die
-
-       # bug #220361
-       rm aclocal.m4
-       rm -rf libtool.m4/
-       eautoreconf
-}
-
-src_configure() {
-       local myeconfargs=(
-               --sysconfdir=/etc/bind
-               --localstatedir=/var
-               --with-libtool
-               --enable-full-report
-               --without-readline
-               $(use_enable caps linux-caps)
-               $(use_enable dnsrps)
-               $(use_enable fixed-rrset)
-               $(use_enable ipv6)
-               $(use_enable rpz rpz-nsdname)
-               $(use_enable rpz rpz-nsip)
-               $(use_enable seccomp)
-               # $(use_enable static-libs static)
-               $(use_enable threads)
-               $(use_with berkdb dlz-bdb)
-               $(use_with dlz dlopen)
-               $(use_with dlz dlz-filesystem)
-               $(use_with dlz dlz-stub)
-               $(use_with gost)
-               $(use_with gssapi)
-               $(use_with idn idnkit)
-               $(use_with libidn2)
-               $(use_with json libjson)
-               $(use_with ldap dlz-ldap)
-               $(use_with mysql dlz-mysql)
-               $(use_with odbc dlz-odbc)
-               $(use_with postgres dlz-postgres)
-               $(use_with lmdb)
-               $(use_with python)
-               $(use_with ssl ecdsa)
-               $(use_with ssl openssl "${EPREFIX}"/usr)
-               $(use_with xml libxml2)
-               $(use_with zlib)
-       )
-
-       if use urandom; then
-               myeconfargs+=( --with-randomdev=/dev/urandom )
-       else
-               myeconfargs+=( --with-randomdev=/dev/random )
-       fi
-
-       use geoip && myeconfargs+=( --with-geoip )
-
-       # bug #158664
-#      gcc-specs-ssp && replace-flags -O[23s] -O
-
-       # To include db.h from proper path
-       use berkdb && append-flags "-I$(db_includedir)"
-
-       export BUILD_CC=$(tc-getBUILD_CC)
-       econf "${myeconfargs[@]}"
-
-       # bug #151839
-       echo '#undef SO_BSDCOMPAT' >> config.h
-}
-
-src_install() {
-       emake DESTDIR="${D}" install
-
-       dodoc CHANGES README
-
-       if use idn; then
-               dodoc contrib/idn/README.idnkit
-       fi
-
-       if use doc; then
-               dodoc doc/arm/Bv9ARM.pdf
-
-               docinto misc
-               dodoc doc/misc/*
-
-               # might a 'html' useflag make sense?
-               docinto html
-               dodoc -r doc/arm/*
-
-               docinto contrib
-               dodoc contrib/scripts/{nanny.pl,named-bootconf.sh}
-
-               # some handy-dandy dynamic dns examples
-               pushd "${ED%/}"/usr/share/doc/${PF} 1>/dev/null || die
-               tar xf "${DISTDIR}"/dyndns-samples.tbz2 || die
-               popd 1>/dev/null || die
-       fi
-
-       insinto /etc/bind
-       newins "${FILESDIR}"/named.conf-r8 named.conf
-
-       # ftp://ftp.rs.internic.net/domain/named.cache:
-       insinto /var/bind
-       newins "${FILESDIR}"/named.cache-r3 named.cache
-
-       insinto /var/bind/pri
-       newins "${FILESDIR}"/localhost.zone-r3 localhost.zone
-
-       newinitd "${FILESDIR}"/named.init-r13 named
-       newconfd "${FILESDIR}"/named.confd-r7 named
-
-       if use gost; then
-               sed -e 's/^OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-0}$/OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-1}/' \
-                       -i "${ED%/}/etc/init.d/named" || die
-       else
-               sed -e 's/^OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-1}$/OPENSSL_LIBGOST=${OPENSSL_LIBGOST:-0}/' \
-                       -i "${ED%/}/etc/init.d/named" || die
-       fi
-
-       newenvd "${FILESDIR}"/10bind.env 10bind
-
-       # Let's get rid of those tools and their manpages since they're provided by bind-tools
-       rm -f "${ED%/}"/usr/share/man/man1/{dig,host,nslookup}.1*
-       rm -f "${ED%/}"/usr/share/man/man8/nsupdate.8*
-       rm -f "${ED%/}"/usr/bin/{dig,host,nslookup,nsupdate}
-       rm -f "${ED%/}"/usr/sbin/{dig,host,nslookup,nsupdate}
-       for tool in dsfromkey importkey keyfromlabel keygen \
-         revoke settime signzone verify; do
-               rm -f "${ED%/}"/usr/{,s}bin/dnssec-"${tool}"
-               rm -f "${ED%/}"/usr/share/man/man8/dnssec-"${tool}".8*
-       done
-
-       # bug 405251, library archives aren't properly handled by --enable/disable-static
-       if ! use static-libs; then
-               find "${ED}" -type f -name '*.a' -delete || die
-       fi
-
-       # bug 405251
-       find "${ED}" -type f -name '*.la' -delete || die
-
-       if use python; then
-               install_python_tools() {
-                       dosbin bin/python/dnssec-{checkds,coverage}
-               }
-               python_foreach_impl install_python_tools
-
-               python_replicate_script "${ED%/}/usr/sbin/dnssec-checkds"
-               python_replicate_script "${ED%/}/usr/sbin/dnssec-coverage"
-       fi
-
-       # bug 450406
-       dosym named.cache /var/bind/root.cache
-
-       dosym /var/bind/pri /etc/bind/pri
-       dosym /var/bind/sec /etc/bind/sec
-       dosym /var/bind/dyn /etc/bind/dyn
-       keepdir /var/bind/{pri,sec,dyn}
-
-       dodir /var/log/named
-
-       fowners root:named /{etc,var}/bind /var/log/named /var/bind/{sec,pri,dyn}
-       fowners root:named /var/bind/named.cache /var/bind/pri/localhost.zone /etc/bind/{bind.keys,named.conf}
-       fperms 0640 /var/bind/named.cache /var/bind/pri/localhost.zone /etc/bind/{bind.keys,named.conf}
-       fperms 0750 /etc/bind /var/bind/pri
-       fperms 0770 /var/log/named /var/bind/{,sec,dyn}
-
-       systemd_newunit "${FILESDIR}/named.service-r1" named.service
-       systemd_dotmpfilesd "${FILESDIR}"/named.conf
-       exeinto /usr/libexec
-       doexe "${FILESDIR}/generate-rndc-key.sh"
-}
-
-pkg_postinst() {
-       if [ ! -f '/etc/bind/rndc.key' ]; then
-               if use urandom; then
-                       einfo "Using /dev/urandom for generating rndc.key"
-                       /usr/sbin/rndc-confgen -r /dev/urandom -a
-                       echo
-               else
-                       einfo "Using /dev/random for generating rndc.key"
-                       /usr/sbin/rndc-confgen -a
-                       echo
-               fi
-               chown root:named /etc/bind/rndc.key || die
-               chmod 0640 /etc/bind/rndc.key || die
-       fi
-
-       einfo
-       einfo "You can edit /etc/conf.d/named to customize named settings"
-       einfo
-       use mysql || use postgres || use ldap && {
-               elog "If your named depends on MySQL/PostgreSQL or LDAP,"
-               elog "uncomment the specified rc_named_* lines in your"
-               elog "/etc/conf.d/named config to ensure they'll start before bind"
-               einfo
-       }
-       einfo "If you'd like to run bind in a chroot AND this is a new"
-       einfo "install OR your bind doesn't already run in a chroot:"
-       einfo "1) Uncomment and set the CHROOT variable in /etc/conf.d/named."
-       einfo "2) Run \`emerge --config '=${CATEGORY}/${PF}'\`"
-       einfo
-
-       CHROOT=$(source /etc/conf.d/named 2>/dev/null; echo ${CHROOT})
-       if [[ -n ${CHROOT} ]]; then
-               elog "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!"
-               elog "To enable the old behaviour (without using mount) uncomment the"
-               elog "CHROOT_NOMOUNT option in your /etc/conf.d/named config."
-               elog "If you decide to use the new/default method, ensure to make backup"
-               elog "first and merge your existing configs/zones to /etc/bind and"
-               elog "/var/bind because bind will now mount the needed directories into"
-               elog "the chroot dir."
-       fi
-}
-
-pkg_config() {
-       CHROOT=$(source /etc/conf.d/named; echo ${CHROOT})
-       CHROOT_NOMOUNT=$(source /etc/conf.d/named; echo ${CHROOT_NOMOUNT})
-       CHROOT_GEOIP=$(source /etc/conf.d/named; echo ${CHROOT_GEOIP})
-
-       if [[ -z "${CHROOT}" ]]; then
-               eerror "This config script is designed to automate setting up"
-               eerror "a chrooted bind/named. To do so, please first uncomment"
-               eerror "and set the CHROOT variable in '/etc/conf.d/named'."
-               die "Unset CHROOT"
-       fi
-       if [[ -d "${CHROOT}" ]]; then
-               ewarn "NOTE: As of net-dns/bind-9.4.3_p5-r1 the chroot part of the init-script got some major changes!"
-               ewarn "To enable the old behaviour (without using mount) uncomment the"
-               ewarn "CHROOT_NOMOUNT option in your /etc/conf.d/named config."
-               ewarn
-               ewarn "${CHROOT} already exists... some things might become overridden"
-               ewarn "press CTRL+C if you don't want to continue"
-               sleep 10
-       fi
-
-       echo; einfo "Setting up the chroot directory..."
-
-       mkdir -m 0750 -p ${CHROOT} || die
-       mkdir -m 0755 -p ${CHROOT}/{dev,etc,var/log,run} || die
-       mkdir -m 0750 -p ${CHROOT}/etc/bind || die
-       mkdir -m 0770 -p ${CHROOT}/var/{bind,log/named} ${CHROOT}/run/named/ || die
-       # As of bind 9.8.0
-       if has_version net-dns/bind[gost]; then
-               mkdir -m 0755 -p ${CHROOT}/usr/$(get_libdir)/engines || die
-               if [ "$(get_libdir)" = "lib64" ]; then
-                       ln -s lib64 ${CHROOT}/usr/lib || die
-               fi
-       fi
-       chown root:named \
-               ${CHROOT} \
-               ${CHROOT}/var/{bind,log/named} \
-               ${CHROOT}/run/named/ \
-               ${CHROOT}/etc/bind \
-               || die
-
-       mknod ${CHROOT}/dev/null c 1 3 || die
-       chmod 0666 ${CHROOT}/dev/null || die
-
-       mknod ${CHROOT}/dev/zero c 1 5 || die
-       chmod 0666 ${CHROOT}/dev/zero || die
-
-       if use urandom; then
-               mknod ${CHROOT}/dev/urandom c 1 9 || die
-               chmod 0666 ${CHROOT}/dev/urandom || die
-       else
-               mknod ${CHROOT}/dev/random c 1 8 || die
-               chmod 0666 ${CHROOT}/dev/random || die
-       fi
-
-       if [ "${CHROOT_NOMOUNT:-0}" -ne 0 ]; then
-               cp -a /etc/bind ${CHROOT}/etc/ || die
-               cp -a /var/bind ${CHROOT}/var/ || die
-       fi
-
-       if [ "${CHROOT_GEOIP:-0}" -eq 1 ]; then
-               mkdir -m 0755 -p ${CHROOT}/usr/share/GeoIP || die
-       fi
-
-       elog "You may need to add the following line to your syslog-ng.conf:"
-       elog "source jail { unix-stream(\"${CHROOT}/dev/log\"); };"
-}