📄 bind-9.3.3rc2-dbus.patch
字号:
+ }else + sock_selected = dispatch_write_ready(manager,sock); } FD_CLR(i, &manager->write_fds); } if (unlock_sock) UNLOCK(&sock->lock); }+ if( sock_selected != 0L )+ {+ dispatch_selected(manager, sock_selected);+ } } #ifdef ISC_PLATFORM_USETHREADS@@ -2215,7 +2271,7 @@ int cc; fd_set readfds; fd_set writefds;- int msg, fd;+ int msg, fd = -1; int maxfd; char strbuf[ISC_STRERRORSIZE]; @@ -3546,3 +3602,55 @@ return (ISC_R_SUCCESS); } #endif /* ISC_PLATFORM_USETHREADS */++isc_socketevent_t*+isc_socket_fd_handle_reads( isc_socket_t *sock, isc_socketevent_t *dev )+{ + REQUIRE(VALID_SOCKET(sock)); + if(dev != 0L) + {+ sock->references=1;+ sock->read_ready_event = dev;+ select_poke(sock->manager, sock->fd, SELECT_POKE_READ);+ }else+ {+ dev = sock->read_ready_event ;+ sock->read_ready_event = 0L ;+ }+ return dev;+}++isc_socketevent_t*+isc_socket_fd_handle_writes( isc_socket_t *sock, isc_socketevent_t *dev )+{+ REQUIRE(VALID_SOCKET(sock)); + if(dev != 0L) + {+ sock->references=1;+ sock->write_ready_event = dev;+ select_poke(sock->manager, sock->fd, SELECT_POKE_WRITE); + }else+ {+ dev = sock->write_ready_event;+ sock->write_ready_event = 0L;+ }+ return dev;+}++isc_socketevent_t*+isc_socket_fd_handle_selected( isc_socket_t *sock, isc_socketevent_t *dev )+{+ REQUIRE(VALID_SOCKET(sock));+ if(dev != 0L) + {+ sock->references=1;+ sock->selected_event = dev;+ }else+ {+ dev = sock->selected_event;+ sock->selected_event = 0L;+ sock->references=0;+ destroy(&sock);+ }+ return dev;+}--- bind-9.3.3rc2/bin/named/named.8.dbus 2006-06-29 15:02:30.000000000 +0200+++ bind-9.3.3rc2/bin/named/named.8 2006-09-18 10:08:37.000000000 +0200@@ -33,7 +33,7 @@ named \- Internet domain name server .SH "SYNOPSIS" .HP 6-\fBnamed\fR [\fB\-4\fR] [\fB\-6\fR] [\fB\-c\ \fR\fB\fIconfig\-file\fR\fR] [\fB\-d\ \fR\fB\fIdebug\-level\fR\fR] [\fB\-f\fR] [\fB\-g\fR] [\fB\-n\ \fR\fB\fI#cpus\fR\fR] [\fB\-p\ \fR\fB\fIport\fR\fR] [\fB\-s\fR] [\fB\-t\ \fR\fB\fIdirectory\fR\fR] [\fB\-u\ \fR\fB\fIuser\fR\fR] [\fB\-v\fR] [\fB\-x\ \fR\fB\fIcache\-file\fR\fR]+\fBnamed\fR [\fB\-4\fR] [\fB\-6\fR] [\fB\-c\ \fR\fB\fIconfig\-file\fR\fR] [\fB\-d\ \fR\fB\fIdebug\-level\fR\fR] [\fB\-f\fR] [\fB\-g\fR] [\fB\-n\ \fR\fB\fI#cpus\fR\fR] [\fB\-p\ \fR\fB\fIport\fR\fR] [\fB\-s\fR] [\fB\-t\ \fR\fB\fIdirectory\fR\fR] [\fB\-u\ \fR\fB\fIuser\fR\fR] [\fB\-v\fR] [\fB\-x\ \fR\fB\fIcache\-file\fR\fR] [\fB\-D\fR] .SH "DESCRIPTION" .PP \fBnamed\fR@@ -146,6 +146,13 @@ .B "Warning:" This option must not be used. It is only of interest to BIND 9 developers and may be removed or changed in a future release. .RE+.sp+.TP+\fB\-D\fR+Enable dynamic management of the forwarding table with D-BUS+messages. This option is required for Red Hat NetworkManager+support. See doc/README.DBUS .+.sp .SH "SIGNALS" .PP In routine operation, signals should not be used to control the nameserver;@@ -165,6 +172,73 @@ \fBnamed\fR configuration file is too complex to describe in detail here. A complete description is provided in the BIND 9 Administrator Reference Manual.+.PP+.SH "NOTES"+.PP+.TP+\fBRed Hat SELinux BIND Security Profile:\fR+.PP+By default, Red Hat ships BIND with the most secure SELinux policy+that will not prevent normal BIND operation and will prevent exploitation+of all known BIND security vulnerabilities . See the selinux(8) man page+for information about SElinux.+.PP+It is not necessary to run named in a chroot environment if the Red Hat+SELinux policy for named is enabled. When enabled, this policy is far+more secure than a chroot environment.+.PP+With this extra security comes some restrictions:+.br+By default, the SELinux policy does not allow named to write any master+zone database files. Only the root user may create files in the $ROOTDIR/var/named+zone database file directory (the options { "directory" } option), where+$ROOTDIR is set in /etc/sysconfig/named.+.br+The "named" group must be granted read privelege to +these files in order for named to be enabled to read them. +.br+Any file created in the zone database file directory is automatically assigned+the SELinux file context named_zone_t .+.br+By default, SELinux prevents any role from modifying named_zone_t files; this+means that files in the zone database directory cannot be modified by dynamic+DNS (DDNS) updates or zone transfers.+.br+The Red Hat BIND distribution and SELinux policy creates two directories where+named is allowed to create and modify files: $ROOTDIR/var/named/slaves and+$ROOTDIR/var/named/data. By placing files you want named to modify, such as+slave or DDNS updateable zone files and database / statistics dump files in +these directories, named will work normally and no further operator action is+required. Files in these directories are automatically assigned the 'named_cache_t'+file context, which SELinux allows named to write.+.br+You can enable the named_t domain to write and create named_zone_t files by use+of the SELinux tunable boolean variable "named_write_master_zones", using the+setsebool(8) command or the system-config-security GUI . If you do this, you+must also set the ENABLE_ZONE_WRITE variable in /etc/sysconfig/named to +1 / yes to set the ownership of files in the $ROOTDIR/var/named directory+to named:named in order for named to be allowed to write them. +.PP+\fBRed Hat BIND named_sdb SDB support:\fR+.PP+Red Hat ships the bind-sdb RPM that provides the /usr/sbin/named_sdb program,+which is named compiled with the Simplified Database Backend modules that ISC+provides in the "contrib/sdb" directory.+.br+The SDB modules for LDAP, PostGreSQL and DirDB are compiled into named_sdb.+.br+To run named_sdb, set the ENABLE_SDB variable in /etc/sysconfig/named to 1 or "yes",+and then the "service named start" named initscript will run named_sdb instead+of named .+.br+See the documentation for the various SDB modules in /usr/share/doc/bind-sdb-*/ .+.PP+\fBRed Hat system-config-bind:\fR+.PP+Red Hat provides the system-config-bind GUI to configure named.conf and zone+database files. Run the "system-config-bind" command and access the manual+by selecting the Help menu.+.PP .SH "FILES" .TP 3n \fI/etc/named.conf\fR--- bind-9.3.3rc2/bin/named/include/named/globals.h.dbus 2006-03-02 01:37:20.000000000 +0100+++ bind-9.3.3rc2/bin/named/include/named/globals.h 2006-09-18 10:08:37.000000000 +0200@@ -112,6 +112,8 @@ EXTERN int ns_g_listen INIT(3); +EXTERN int ns_g_dbus INIT(0);+ #undef EXTERN #undef INIT --- bind-9.3.3rc2/bin/named/include/named/log.h.dbus 2004-03-08 05:04:21.000000000 +0100+++ bind-9.3.3rc2/bin/named/include/named/log.h 2006-09-18 10:08:37.000000000 +0200@@ -34,6 +34,7 @@ #define NS_LOGCATEGORY_QUERIES (&ns_g_categories[4]) #define NS_LOGCATEGORY_UNMATCHED (&ns_g_categories[5]) #define NS_LOGCATEGORY_UPDATE_SECURITY (&ns_g_categories[6])+#define NS_LOGCATEGORY_DBUS (&ns_g_categories[7]) /* * Backwards compatibility.@@ -51,6 +52,7 @@ #define NS_LOGMODULE_NOTIFY (&ns_g_modules[8]) #define NS_LOGMODULE_CONTROL (&ns_g_modules[9]) #define NS_LOGMODULE_LWRESD (&ns_g_modules[10])+#define NS_LOGMODULE_DBUS (&ns_g_modules[11]) isc_result_t ns_log_init(isc_boolean_t safe);--- bind-9.3.3rc2/bin/named/include/named/server.h.dbus 2006-03-02 01:37:20.000000000 +0100+++ bind-9.3.3rc2/bin/named/include/named/server.h 2006-09-18 10:08:37.000000000 +0200@@ -91,7 +91,8 @@ ns_controls_t * controls; /* Control channels */ unsigned int dispatchgen; ns_dispatchlist_t dispatches;- ++ ns_dbus_mgr_t * dbus_mgr; }; #define NS_SERVER_MAGIC ISC_MAGIC('S','V','E','R')--- bind-9.3.3rc2/bin/named/include/named/types.h.dbus 2004-03-06 11:21:26.000000000 +0100+++ bind-9.3.3rc2/bin/named/include/named/types.h 2006-09-18 10:08:37.000000000 +0200@@ -38,4 +38,6 @@ typedef struct ns_dispatch ns_dispatch_t; typedef ISC_LIST(ns_dispatch_t) ns_dispatchlist_t; +typedef struct ns_dbus_mgr ns_dbus_mgr_t ;+ #endif /* NAMED_TYPES_H */--- bind-9.3.3rc2/bin/named/log.c.dbus 2005-05-25 01:58:17.000000000 +0200+++ bind-9.3.3rc2/bin/named/log.c 2006-09-18 10:08:37.000000000 +0200@@ -41,6 +41,7 @@ { "queries", 0 }, { "unmatched", 0 }, { "update-security", 0 },+ { "dbus", 0 }, { NULL, 0 } }; @@ -60,6 +61,7 @@ { "notify", 0 }, { "control", 0 }, { "lwresd", 0 },+ { "dbus", 0 }, { NULL, 0 } }; --- bind-9.3.3rc2/bin/named/main.c.dbus 2006-01-06 01:01:42.000000000 +0100+++ bind-9.3.3rc2/bin/named/main.c 2006-09-18 10:08:37.000000000 +0200@@ -239,7 +239,8 @@ "usage: named [-4|-6] [-c conffile] [-d debuglevel] " "[-f|-g] [-n number_of_cpus]\n" " [-p port] [-s] [-t chrootdir] [-u username]\n"- " [-m {usage|trace|record}]\n");+ " [-m {usage|trace|record}]\n"+ " [-D ]\n"); } static void@@ -345,7 +346,7 @@ isc_commandline_errprint = ISC_FALSE; while ((ch = isc_commandline_parse(argc, argv,- "46c:C:d:fgi:lm:n:N:p:P:st:u:vx:")) != -1) {+ "46c:C:d:fgi:lm:n:N:p:P:st:u:vx:D")) != -1) { switch (ch) { case '4': if (disable4)@@ -434,6 +435,9 @@ case 'v': printf("BIND %s\n", ns_g_version); exit(0);+ case 'D':+ ns_g_dbus = 1;+ break; case '?': usage(); ns_main_earlyfatal("unknown option '-%c'",--- bind-9.3.3rc2/bin/named/server.c.dbus 2006-05-24 06:30:24.000000000 +0200+++ bind-9.3.3rc2/bin/named/server.c 2006-09-18 10:08:37.000000000 +0200@@ -86,6 +86,8 @@ #include <stdlib.h> #endif +#include <named/dbus_mgr.h>+ /* * Check an operation for failure. Assumes that the function * using it has a 'result' variable and a 'cleanup' label.@@ -1495,12 +1497,12 @@ if (result != ISC_R_SUCCESS) { char namebuf[DNS_NAME_FORMATSIZE]; dns_name_format(origin, namebuf, sizeof(namebuf));- cfg_obj_log(forwarders, ns_g_lctx, ISC_LOG_WARNING,- "could not set up forwarding for domain '%s': %s",+ cfg_obj_log(forwarders, ns_g_lctx, ISC_LOG_NOTICE,+ "setting up forwarding failed for domain '%s': %s", namebuf, isc_result_totext(result)); goto cleanup; }-+ result = ISC_R_SUCCESS; cleanup:@@ -2875,6 +2877,20 @@ CHECKFATAL(load_zones(server, ISC_FALSE), "loading zones"); + server->dbus_mgr = 0L;+ if( ns_g_dbus ) + if( dbus_mgr_create+ ( ns_g_mctx, ns_g_taskmgr, ns_g_socketmgr, ns_g_timermgr,+ &server->dbus_mgr+ ) != ISC_R_SUCCESS+ )+ {+ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,+ NS_LOGMODULE_SERVER, ISC_LOG_WARNING,+ "dbus_mgr initialization failed. D-BUS service is disabled."+ );+ }+ ns_os_started(); isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_NOTICE, "running");@@ -2937,6 +2953,9 @@ dns_db_detach(&server->in_roothints); + if( server->dbus_mgr != 0L )+ dbus_mgr_shutdown(server->dbus_mgr);+ isc_task_endexclusive(server->task); isc_task_detach(&server->task);--- bind-9.3.3rc2/bin/named/Makefile.in.dbus 2004-09-06 23:47:25.000000000 +0200+++ bind-9.3.3rc2/bin/named/Makefile.in 2006-09-18 10:10:58.000000000 +0200@@ -35,7 +35,8 @@ ${LWRES_INCLUDES} ${DNS_INCLUDES} ${BIND9_INCLUDES} \ ${ISCCFG_INCLUDES} ${ISCCC_INCLUDES} ${ISC_INCLUDES} \ ${DBDRIVER_INCLUDES}-+DBUS_INCLUDES = \+ -I/usr/lib/dbus-1.0/include -I/usr/include/dbus-1.0 CDEFINES = CWARNINGS = @@ -52,6 +53,7 @@ ISCDEPLIBS = ../../lib/isc/libisc.@A@ LWRESDEPLIBS = ../../lib/lwres/liblwres.@A@ BIND9DEPLIBS = ../../lib/bind9/libbind9.@A@+DBUSLIBS= -ldbus-1 DEPLIBS = ${LWRESDEPLIBS} ${DNSDEPLIBS} ${BIND9DEPLIBS} \ ${ISCCFGDEPLIBS} ${ISCCCDEPLIBS} ${ISCDEPLIBS}@@ -71,6 +73,7 @@ zoneconf.@O@ \ lwaddr.@O@ lwresd.@O@ lwdclient.@O@ lwderror.@O@ lwdgabn.@O@ \ lwdgnba.@O@ lwdgrbn.@O@ lwdnoop.@O@ lwsearch.@O@ \+ dbus_service.@O@ dbus_mgr.@O@ \ $(DBDRIVER_OBJS) UOBJS = unix/os.@O@@@ -83,6 +86,7 @@ zoneconf.c \ lwaddr.c lwresd.c lwdclient.c lwderror.c lwdgabn.c \ lwdgnba.c lwdgrbn.c lwdnoop.c lwsearch.c \+ dbus_service.c dbus_mgr.c \ $(DBDRIVER_SRCS) MANPAGES = named.8 lwresd.8 named.conf.5@@ -105,9 +109,14 @@ -DNS_LOCALSTATEDIR=\"${localstatedir}\" \ -c ${srcdir}/config.c +dbus_service.o: dbus_service.c+ ${LIBTOOL_MODE_COMPILE} ${CC} ${ALL_CFLAGS} \+ ${DBUS_INCLUDES} \+ -c ${srcdir}/dbus_service.c+ named@EXEEXT@: ${OBJS} ${UOBJS} ${DEPLIBS} ${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} -o $@ \- ${OBJS} ${UOBJS} ${LIBS}+ ${OBJS} ${UOBJS} ${LIBS} ${DBUSLIBS} lwresd@EXEEXT@: named@EXEEXT@ rm -f lwresd@EXEEXT@⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -