rpms / opendnssec

Clone
Source Code
GIT

Blame SPECS/opendnssec.spec

c7 c7-beta c8-beta-stream-DL1 c8-beta-stream-client c8-stream-DL1 c8-stream-client c8s-stream-DL1 c8s-stream-client c9 c9-beta
  1.   38cdc8acead6c22b0177d8c59305ac08bdf09347
  2.   SPECS
  3.   opendnssec.spec
Blob History Raw
afd8c8 
#global prever rcX
afd8c8 
%global _hardened_build 1
afd8c8
afd8c8 
Summary: DNSSEC key and zone management software
afd8c8 
Name: opendnssec
38cdc8 
Version: 2.1.6
38cdc8 
Release: 2%{?prever}%{?dist}
afd8c8 
License: BSD
afd8c8 
Url: http://www.opendnssec.org/
afd8c8 
Source0: http://www.opendnssec.org/files/source/%{?prever:testing/}%{name}-%{version}%{?prever}.tar.gz
afd8c8 
Source1: ods-enforcerd.service
afd8c8 
Source2: ods-signerd.service
afd8c8 
Source3: ods.sysconfig
afd8c8 
Source4: conf.xml
afd8c8 
Source5: tmpfiles-opendnssec.conf
afd8c8 
Source6: opendnssec.cron
38cdc8 
Source7: opendnssec-2.1.sqlite_convert.sql
38cdc8 
Source8: opendnssec-2.1.sqlite_rpmversion.sql
afd8c8
38cdc8 
Patch1: opendnssec-2.1.6-gcc10-fixups.patch
38cdc8 
Patch2: opendnssec-2.1.6-sqlite.patch
38cdc8
38cdc8 
Requires: opencryptoki, softhsm >= 2.5.0 , systemd-units
afd8c8 
Requires: libxml2, libxslt sqlite
38cdc8 
BuildRequires:  gcc
38cdc8 
BuildRequires: ldns-devel >= 1.6.12, sqlite-devel >= 3.0.0, openssl-devel
afd8c8 
BuildRequires: libxml2-devel CUnit-devel, doxygen
afd8c8 
# It tests for pkill/killall and would use /bin/false if not found
afd8c8 
BuildRequires: procps-ng
afd8c8 
BuildRequires: perl-interpreter
38cdc8 
BuildRequires: libmicrohttpd-devel jansson-devel libyaml-devel
afd8c8
afd8c8 
BuildRequires: systemd-units
afd8c8 
Requires(pre): shadow-utils
afd8c8 
Requires(post): systemd-units
afd8c8 
Requires(preun): systemd-units
afd8c8 
Requires(postun): systemd-units
afd8c8 
%if 0%{?prever:1}
38cdc8 
# For building development snapshots
afd8c8 
Buildrequires: autoconf, automake, libtool, java
afd8c8 
%endif
afd8c8
afd8c8 
%description
afd8c8 
OpenDNSSEC was created as an open-source turn-key solution for DNSSEC.
afd8c8 
It secures zone data just before it is published in an authoritative
afd8c8 
name server. It requires a PKCS#11 crypto module library, such as softhsm
afd8c8
afd8c8 
%prep
afd8c8 
%setup -q -n %{name}-%{version}%{?prever}
afd8c8 
# bump default policy ZSK keysize to 2048
afd8c8 
sed -i "s/1024/2048/" conf/kasp.xml.in
38cdc8 
%patch1 -p1
38cdc8 
%patch2 -p1
afd8c8
afd8c8 
%build
1afa75 
#export LDFLAGS="-Wl,-z,relro,-z,now -pie -specs=/usr/lib/rpm/redhat/redhat-hardened-ld"
1afa75 
#export CFLAGS="$RPM_OPT_FLAGS -fPIE -pie -Wextra -Wformat -Wformat-nonliteral -Wformat-security"
1afa75 
#export CXXFLAGS="$RPM_OPT_FLAGS -fPIE -pie -Wformat-nonliteral -Wformat-security"
38cdc8 
%if 0%{?prever:1}
38cdc8 
# for development snapshots
38cdc8 
sh ./autogen.sh
38cdc8 
%endif
afd8c8 
%configure --with-ldns=%{_libdir}
afd8c8 
make %{?_smp_mflags}
afd8c8
afd8c8 
%check
afd8c8 
# Requires sample db not shipped with upstream
afd8c8 
# make check
afd8c8
afd8c8 
%install
afd8c8 
rm -rf %{buildroot}
afd8c8 
make DESTDIR=%{buildroot} install
38cdc8 
mkdir -p %{buildroot}%{_localstatedir}/opendnssec/{tmp,signed,signconf,enforcer}
afd8c8 
install -d -m 0755 %{buildroot}%{_initrddir} %{buildroot}%{_sysconfdir}/cron.d/
afd8c8 
install -m 0644 %{SOURCE6} %{buildroot}/%{_sysconfdir}/cron.d/opendnssec
afd8c8 
rm -f %{buildroot}/%{_sysconfdir}/opendnssec/*.sample
afd8c8 
install -d -m 0755 %{buildroot}/%{_sysconfdir}/sysconfig
afd8c8 
install -d -m 0755 %{buildroot}%{_unitdir}
afd8c8 
install -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/
afd8c8 
install -m 0644 %{SOURCE2} %{buildroot}%{_unitdir}/
afd8c8 
install -m 0644 %{SOURCE3} %{buildroot}/%{_sysconfdir}/sysconfig/ods
afd8c8 
install -m 0644 %{SOURCE4} %{buildroot}/%{_sysconfdir}/opendnssec/
afd8c8 
mkdir -p %{buildroot}%{_tmpfilesdir}/
afd8c8 
install -m 0644 %{SOURCE5} %{buildroot}%{_tmpfilesdir}/opendnssec.conf
afd8c8 
mkdir -p %{buildroot}%{_localstatedir}/run/opendnssec
38cdc8 
mkdir -p %{buildroot}%{_datadir}/opendnssec/
38cdc8 
cp -a enforcer/utils %{buildroot}%{_datadir}/opendnssec/migration
38cdc8 
cp -a enforcer/src/db/schema.* %{buildroot}%{_datadir}/opendnssec/migration/1.4-2.0_db_convert/
38cdc8 
# fixup path for mysql/sqlite. Use our replacement sqlite_convert.sql to detect previous migration
38cdc8 
cp -a %{SOURCE7} %{buildroot}%{_datadir}/opendnssec/migration/1.4-2.0_db_convert/sqlite_convert.sql
38cdc8 
cp -a %{SOURCE8} %{buildroot}%{_datadir}/opendnssec/migration/1.4-2.0_db_convert/rpmversion.sql
38cdc8 
sed -i "s:^SCHEMA=.*schema:SCHEMA=%{_datadir}/opendnssec/migration/1.4-2.0_db_convert/schema:" %{buildroot}%{_datadir}/opendnssec/migration/1.4-2.0_db_convert/convert_sqlite
38cdc8 
sed -i "s:find_problematic_zones.sql:%{_datadir}/opendnssec/migration/1.4-2.0_db_convert/find_problematic_zones.sql:g" %{buildroot}%{_datadir}/opendnssec/migration/1.4-2.0_db_convert/convert_sqlite
38cdc8 
sed -i "s:^SCHEMA=.*schema:SCHEMA=%{_datadir}/opendnssec/migration/1.4-2.0_db_convert/schema:" %{buildroot}%{_datadir}/opendnssec/migration/1.4-2.0_db_convert/convert_mysql
38cdc8 
sed -i "s:find_problematic_zones.sql:%{_datadir}/opendnssec/migration/1.4-2.0_db_convert/find_problematic_zones.sql:g" %{buildroot}%{_datadir}/opendnssec/migration/1.4-2.0_db_convert/convert_mysql
38cdc8 
sed -i "s:sqlite_convert.sql:%{_datadir}/opendnssec/migration/1.4-2.0_db_convert/sqlite_convert.sql:g" %{buildroot}%{_datadir}/opendnssec/migration/1.4-2.0_db_convert/convert_sqlite
38cdc8
afd8c8
afd8c8 
%files
afd8c8 
%{_unitdir}/ods-enforcerd.service
afd8c8 
%{_unitdir}/ods-signerd.service
afd8c8 
%config(noreplace) %{_tmpfilesdir}/opendnssec.conf
afd8c8 
%attr(0770,root,ods) %dir %{_sysconfdir}/opendnssec
afd8c8 
%attr(0770,root,ods) %dir %{_localstatedir}/opendnssec
afd8c8 
%attr(0770,root,ods) %dir %{_localstatedir}/opendnssec/tmp
afd8c8 
%attr(0775,root,ods) %dir %{_localstatedir}/opendnssec/signed
afd8c8 
%attr(0770,root,ods) %dir %{_localstatedir}/opendnssec/signconf
38cdc8 
%attr(0770,root,ods) %dir %{_localstatedir}/opendnssec/enforcer
afd8c8 
%attr(0660,root,ods) %config(noreplace) %{_sysconfdir}/opendnssec/*.xml
afd8c8 
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/sysconfig/ods
afd8c8 
%attr(0770,root,ods) %dir %{_localstatedir}/run/opendnssec
afd8c8 
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/cron.d/opendnssec
afd8c8 
%doc NEWS README.md
afd8c8 
%license LICENSE
afd8c8 
%{_mandir}/*/*
afd8c8 
%{_sbindir}/*
afd8c8 
%{_bindir}/*
38cdc8 
%attr(0755,root,root) %dir %{_datadir}/opendnssec
38cdc8 
%{_datadir}/opendnssec/*
afd8c8
afd8c8 
%pre
afd8c8 
getent group ods >/dev/null || groupadd -r ods
afd8c8 
getent passwd ods >/dev/null || \
afd8c8 
useradd -r -g ods -d /etc/opendnssec -s /sbin/nologin \
afd8c8 
-c "opendnssec daemon account" ods
afd8c8 
exit 0
afd8c8
afd8c8 
%post
afd8c8 
# Initialise a slot on the softhsm on first install
afd8c8 
if [ "$1" -eq 1 ]; then
afd8c8 
   %{_sbindir}/runuser -u ods -- %{_bindir}/softhsm2-util --init-token \
38cdc8 
                --free --label "OpenDNSSEC" --pin 1234 --so-pin 1234
38cdc8 
   if [ ! -s %{_localstatedir}/opendnssec/kasp.db ]; then
38cdc8 
      echo y | %{_sbindir}/ods-enforcer-db-setup
38cdc8 
      %{_bindir}/sqlite3 -batch %{_localstatedir}/opendnssec/kasp.db < %{_datadir}/opendnssec/migration/1.4-2.0_db_convert/rpmversion.sql
afd8c8 
   fi
afd8c8
38cdc8 
elif [ -z "$(%{_bindir}/sqlite3 %{_localstatedir}/opendnssec/kasp.db 'select * from rpm_migration;')" ]; then
38cdc8 
   # Migrate version 1.4 db to version 2.1 db
38cdc8 
   if [ -e %{_localstatedir}/opendnssec/rpm-migration-in-progress ]; then
38cdc8 
      echo "previous (partial?) migration found - human intervention is needed"
38cdc8 
   else
38cdc8 
      echo "opendnssec 1.4 database found, migrating to 2.x"
38cdc8 
      touch %{_localstatedir}/opendnssec/rpm-migration-in-progress
38cdc8 
      mv -n %{_localstatedir}/opendnssec/kasp.db %{_localstatedir}/opendnssec/kasp.db-1.4
38cdc8 
      echo "migrating conf.xml from 1.4 to 2.1 schema"
38cdc8 
      cp -n %{_sysconfdir}/opendnssec/conf.xml %{_sysconfdir}/opendnssec/conf.xml-1.4
38cdc8 
      # fixup incompatibilities inflicted upon us by upstream :(
38cdc8 
      sed -i "/<Interval>.*Interval>/d" %{_sysconfdir}/opendnssec/conf.xml
38cdc8 
      echo "Converting kasp.db"
38cdc8 
      ERR=""
38cdc8 
      %{_datadir}/opendnssec/migration/1.4-2.0_db_convert/convert_sqlite -i %{_localstatedir}/opendnssec/kasp.db-1.4 -o %{_localstatedir}/opendnssec/kasp.db || ERR="convert_sqlite error"
38cdc8 
      chown ods.ods %{_localstatedir}/opendnssec/kasp.db
38cdc8 
      cp -n %{_sysconfdir}/opendnssec/zonelist.xml %{_localstatedir}/opendnssec/enforcer/zones.xml
38cdc8 
      if [ -z "$ERR" ]; then
38cdc8 
         echo "calling ods-migrate"
38cdc8 
         ods-migrate || ERR="ods-migrate failed"
38cdc8 
         if [ -z "$ERR" ]; then
38cdc8 
            echo "opendnssec 1.4 to 2.x migration completed"
38cdc8 
            rm %{_localstatedir}/opendnssec/rpm-migration-in-progress
38cdc8 
         else
38cdc8 
            echo "ods-migrate process failed - human intervention is needed"
38cdc8 
         fi
38cdc8 
      else
38cdc8 
         echo "%{_localstatedir}/opendnssec/kasp.db conversion failed - not calling ods-migrate to complete migration. human intervention is needed"
38cdc8 
      fi
38cdc8 
   fi
afd8c8 
fi
afd8c8
afd8c8 
# in case we update any xml conf file
38cdc8 
ods-enforcer update all >/dev/null 2>/dev/null ||:
38cdc8
afd8c8 
%systemd_post ods-enforcerd.service
afd8c8 
%systemd_post ods-signerd.service
afd8c8
afd8c8 
%preun
afd8c8 
%systemd_preun ods-enforcerd.service
afd8c8 
%systemd_preun ods-signerd.service
afd8c8
afd8c8 
%postun
afd8c8 
%systemd_postun_with_restart ods-enforcerd.service
afd8c8 
%systemd_postun_with_restart ods-signerd.service
afd8c8
afd8c8 
%changelog
38cdc8 
* Fri May 08 2020 Paul Wouters <pwouters@redhat.com> - 2.1.6-2
38cdc8 
- Resolves: rhbz#1831732 AVC avc: denied { dac_override } for comm="ods-enforcerd
38cdc8
38cdc8 
* Wed Apr 15 2020 Paul Wouters <pwouters@redhat.com> - 2.1.6-1
38cdc8 
- Resolves: rhbz#1759888 Rebase OpenDNSSEC to 2.1
38cdc8
afd8c8 
* Tue Dec 12 2017 Paul Wouters <pwouters@redhat.com> - 1.4.14-1
afd8c8 
- Update to 1.4.14 as first steop to migrating to 2.x
afd8c8 
- Resolves: rhbz#1413254 Move tmpfiles.d config to %%{_tmpfilesdir}, install LICENSE as %%license
afd8c8
afd8c8 
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.9-7
afd8c8 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
afd8c8
afd8c8 
* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.9-6
afd8c8 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
afd8c8
afd8c8 
* Wed Mar 08 2017 Tomas Hozza <thozza@redhat.com> - 1.4.9-5
afd8c8 
- Fix FTBFS (#1424019) in order to rebuild against new ldns
afd8c8
afd8c8 
* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.9-4
afd8c8 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
afd8c8
afd8c8 
* Thu Feb 18 2016 Paul Wouters <pwouters@redhat.com> - 1.4.9-3
afd8c8 
- Resolves: rbz#1303965 upgrade to opendnssec-1.4.9-1.fc23 breaks old installations
afd8c8 
- On initial install, after token init, also run ods-ksmutil setup
afd8c8
afd8c8 
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.9-2
afd8c8 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
afd8c8
afd8c8 
* Mon Feb 01 2016 Paul Wouters <pwouters@redhat.com> - 1.4.9-1
afd8c8 
- Updated to 1.4.9
afd8c8 
- Removed merged in patch
afd8c8
afd8c8 
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.7-3
afd8c8 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
afd8c8
afd8c8 
* Tue Jun 09 2015 Paul Wouters <pwouters@redhat.com> - 1.4.7-2
afd8c8 
- Resolves rhbz#1219746 ods-signerd.service misplaced After= in section Service
afd8c8 
- Resolves rhbz#1220443 OpenDNSSEC fails to initialise a slot in softhsm on first install
afd8c8
afd8c8 
* Tue Dec 09 2014 Paul Wouters <pwouters@redhat.com> - 1.4.7-1
afd8c8 
- Updated to 1.4.7 (fix zone update can get stuck, crash on retransfer cmd)
afd8c8
afd8c8 
* Wed Oct 15 2014 Paul Wouters <pwouters@redhat.com> - 1.4.6-4
afd8c8 
- Change /etc/opendnssec to be ods group writable
afd8c8
afd8c8 
* Wed Oct 08 2014 Paul Wouters <pwouters@redhat.com> - 1.4.6-3
afd8c8 
- Added Petr Spacek's patch that adds the config option <AllowExtraction/> (rhbz#1123354)
afd8c8
afd8c8 
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.6-2
afd8c8 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
afd8c8
afd8c8 
* Mon Jul 28 2014 Paul Wouters <pwouters@redhat.com> - 1.4.6-1
afd8c8 
- Updated to 1.4.6
afd8c8 
- Removed incorporated patch upstream
afd8c8 
- Remove Wants= from ods-signerd.service (rhbz#1098205)
afd8c8
afd8c8 
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.5-3
afd8c8 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
afd8c8
afd8c8 
* Fri Apr 18 2014 Paul Wouters <pwouters@redhat.com> - 1.4.5-2
afd8c8 
- Updated to 1.4.5
afd8c8 
- Added patch for serial 0 bug in XFR adapter
afd8c8
afd8c8 
* Tue Apr 01 2014 Paul Wouters <pwouters@redhat.com> - 1.4.4-3
afd8c8 
- Add buildrequires for ods-kasp2html (rhbz#1073313)
afd8c8
afd8c8 
* Sat Mar 29 2014 Paul Wouters <pwouters@redhat.com> - 1.4.4-2
afd8c8 
- Add requires for ods-kasp2html (rhbz#1073313)
afd8c8
afd8c8 
* Thu Mar 27 2014 Paul Wouters <pwouters@redhat.com> - 1.4.4-1
afd8c8 
- Updated to 1.4.4 (compatibility with non RFC 5155 errata 3441)
afd8c8 
- Change the default ZSK policy from 1024 to 2048 bit RSA keys
afd8c8 
- Fix post to be quiet when upgrading opendnssec
afd8c8
afd8c8 
* Thu Jan 09 2014 Paul Wouters <pwouters@redhat.com> - 1.4.3-1
afd8c8 
- Updated to 1.4.3 (rhel#1048449) - minor bugfixes, minor feature enhancements
afd8c8 
- rhel#1025985 OpenDNSSEC signer cannot be started due to a typo in service file
afd8c8
afd8c8 
* Wed Sep 11 2013 Paul Wouters <pwouters@redhat.com> - 1.4.2-1
afd8c8 
- Updated to 1.4.2, bugfix release
afd8c8
afd8c8 
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.1-2
afd8c8 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
afd8c8
afd8c8 
* Fri Jun 28 2013 Paul Wouters <pwouters@redhat.com> - 1.4.1-1
afd8c8 
- Updated to 1.4.1. NSEC3 handling and serial number handling fixes
afd8c8 
- Add BuildRequire for systemd-units
afd8c8
afd8c8 
* Sat May 11 2013 Paul Wouters <pwouters@redhat.com> - 1.4.0-1
afd8c8 
- Updated to 1.4.0
afd8c8
afd8c8 
* Fri Apr 12 2013 Paul Wouters <pwouters@redhat.com> - 1.4.20-0.8.rc3
afd8c8 
- Updated to 1.4.0rc3
afd8c8 
- Enabled hardened compile, full relzo/pie
afd8c8
afd8c8 
* Fri Jan 25 2013 Patrick Uiterwijk <puiterwijk@gmail.com> - 1.4.0-0.7.rc2
afd8c8 
- Updated to 1.4.0rc2, which includes svn r6952
afd8c8
afd8c8 
* Fri Jan 18 2013 Patrick Uiterwijk <puiterwijk@gmail.com> - 1.4.0-0.6.rc1
afd8c8 
- Updated to 1.4.0rc1
afd8c8 
- Applied opendnssec-ksk-premature-retirement.patch (svn r6952)
afd8c8
afd8c8 
* Tue Dec 18 2012 Paul Wouters <pwouters@redhat.com> - 1.4.0-0.5.b2
afd8c8 
- Updated to 1.4.0b2
afd8c8 
- All patches have been merged upstream
afd8c8 
- cron job should be marked as config file
afd8c8
afd8c8 
* Tue Oct 30 2012 Paul Wouters <pwouters@redhat.com> - 1.4.0-0.4.b1
afd8c8 
- Added BuildRequires: procps-ng for bug OPENDNSSEC-345
afd8c8 
- Change RRSIG inception offset to -2h to avoid possible
afd8c8 
  daylight saving issues on resolvers
afd8c8 
- Patch to prevent removal of occluded data
afd8c8
afd8c8 
* Wed Sep 26 2012 Paul Wouters <pwouters@redhat.com> - 1.4.0-0.3.b1
afd8c8 
- Just an EVR fix to the proper standard
afd8c8 
- Cleanup of spec file
afd8c8 
- Introduce new systemd-rpm macros (rhbz#850242)
afd8c8
afd8c8 
* Wed Sep 12 2012 Paul Wouters <pwouters@redhat.com> - 1.4.0-0.b1.1
afd8c8 
- Updated to 1.4.0b1
afd8c8 
- Patch for NSEC3PARAM TTL
afd8c8 
- Cron job to assist narrowing ods-enforcerd timing differences
afd8c8
afd8c8 
* Wed Aug 29 2012 Paul Wouters <pwouters@redhat.com> - 1.4.0-0.a3.1
afd8c8 
- Updated to 1.4.0a3
afd8c8 
- Patch to more aggressively try to resign
afd8c8 
- Patch to fix locking issue eating up cpu
afd8c8
afd8c8 
* Fri Jul 20 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.0-0.a2.2
afd8c8 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
afd8c8
afd8c8 
* Tue Jun 12 2012 Paul Wouters <pwouters@redhat.com> - 1.4.0-0.a2.1
afd8c8 
- Updated to 1.4.0a2
afd8c8 
- ksm-utils patch for ods-ksmutil to die sooner when it can't lock
afd8c8 
  the HSM.
afd8c8
afd8c8 
* Wed May 16 2012 Paul Wouters <pwouters@redhat.com> - 1.4.0-0.a1.3
afd8c8 
- Patch for crasher with deleted RRsets and NSEC3/OPTOUT chains
afd8c8
afd8c8 
* Mon Mar 26 2012 Paul Wouters <pwouters@redhat.com> - 1.4.0-0.a1.2
afd8c8 
- Added opendnssec LICENSE file from trunk (Thanks Jakob!)
afd8c8
afd8c8 
* Mon Mar 26 2012 Paul Wouters <pwouters@redhat.com> - 1.4.0-0.a1.1
afd8c8 
- Fix macros in comment
afd8c8 
- Added missing -m to install target
afd8c8
afd8c8 
* Sun Mar 25 2012 Paul Wouters <pwouters@redhat.com> - 1.4.0-0.a1
afd8c8 
- The 1.4.x branch no longer needs ruby, as the auditor has been removed
afd8c8 
- Added missing openssl-devel BuildRequire
afd8c8 
- Comment out <SkipPublicKey/> so keys generated by ods can be used by bind
afd8c8
afd8c8 
* Fri Feb 24 2012 Paul Wouters <pwouters@redhat.com> - 1.3.6-3
afd8c8 
- Requires rubygem-soap4r when using ruby-1.9
afd8c8 
- Don't ghost /var/run/opendnssec
afd8c8 
- Converted initd to systemd
afd8c8
afd8c8 
* Thu Nov 24 2011 root - 1.3.2-6
afd8c8 
- Added rubygem-dnsruby requires as rpm does not pick it up automatically
afd8c8
afd8c8 
* Tue Nov 22 2011 root - 1.3.2-5
afd8c8 
- Added /var/opendnssec/signconf/ /as this temp dir is needed
afd8c8
afd8c8 
* Mon Nov 21 2011 Paul Wouters <paul@xelerance.com> - 1.3.2-4
afd8c8 
- Added /var/opendnssec/signed/ as this is the default output dir
afd8c8
afd8c8 
* Sun Nov 20 2011 Paul Wouters <paul@xelerance.com> - 1.3.2-3
afd8c8 
- Add ods user for opendnssec tasks
afd8c8 
- Added initscripts and services for ods-signerd and ods-enforcerd
afd8c8 
- Initialise OpenDNSSEC softhsm token on first install
afd8c8
afd8c8 
* Wed Oct 05 2011 Paul Wouters <paul@xelerance.com> - 1.3.2-1
afd8c8 
- Updated to 1.3.2
afd8c8 
- Added dependancies on opencryptoki and softhsm
afd8c8 
- Don't install duplicate unreadable .sample files
afd8c8 
- Fix upstream conf.xml to point to actually used library paths
afd8c8
afd8c8 
* Thu Mar  3 2011 Paul Wouters <paul@xelerance.com> - 1.2.0-1
afd8c8 
- Initial package for Fedora

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation