Name:		maradns

Version:	2.0.09

Release:	1%{?dist}

Summary:	Authoritative and recursive DNS server made with security in mind

# recursive resolver is shipped in versioned directory

%global dwood_ver	3.2.05

Source0:	http://www.maradns.org/download/2.0/%{version}/%{name}-%{version}.tar.bz2

# http://maradns.samiam.org/download/patches/3rd_party/Thomasz-Torcz-systemd-2013-10-14.patch

Patch0:		%{name}-0001-add-systemd-unit-files.patch

License:	BSD

URL:		http://www.maradns.org/

BuildRequires:		systemd-units

Requires(pre):		shadow-utils

Requires(pre): systemd

Requires(post): systemd

Requires(preun): systemd

Requires(postun): systemd

%description

MaraDNS is a package that implements the Domain Name Service (DNS), an

essential internet service. MaraDNS has the following advantages:

	* Secure.

	* Supported.

	* Easy to use.

	* Small.

	* Open Source.

%prep

%setup -q

%patch0 -p1

# wrong permissions

chmod 0644 doc/en/man/make.pdf

chmod 0644 doc/en/tutorial/make.index

chmod 0644 doc/en/webpage/make.page

%build

# We don't use %%configure here because this is a homebrew configure not generated by autoconf

./configure --ipv6 --libdir=%{_libdir}

# first compile Deadwood, otherwise we have no control over make flags

pushd deadwood-%{dwood_ver}/src

make %{?_smp_mflags} FLAGS="%{optflags} -DIPV6 -lrt"

popd

make %{?_smp_mflags} FLAGS="%{optflags} -DSELECT_PROBLEM -DAUTHONLY"

%install

# create /etc/maradns, /etc/mararc and /etc/dwood3rc first

install -p -d -m 0755 %{buildroot}%{_sysconfdir}/maradns/logger/

install -p -D -m 0644 build/rpm.mararc %{buildroot}%{_sysconfdir}/mararc

install -p -D -m 0644 deadwood-%{dwood_ver}/doc/dwood3rc %{buildroot}%{_sysconfdir}/dwood3rc

# cache dir

install -p -d -m 0755 %{buildroot}/var/cache/deadwood

# sbin files

install -p -D -m 0755 server/maradns %{buildroot}%{_sbindir}/maradns

install -p -D -m 0755 tcp/zoneserver %{buildroot}%{_sbindir}/zoneserver

install -p -D -m 0755 deadwood-%{dwood_ver}/src/Deadwood %{buildroot}%{_sbindir}/Deadwood

# bin files

install -p -D -m 0755 tcp/getzone %{buildroot}%{_bindir}/getzone

install -p -D -m 0755 tcp/fetchzone %{buildroot}%{_bindir}/fetchzone

install -p -D -m 0755 tools/askmara %{buildroot}%{_bindir}/askmara

# man pages

install -p -d -m 0755 %{buildroot}%{_mandir}/man{1,5,8}

install -p -D -m 0644 -t %{buildroot}%{_mandir}/man1/ \

	doc/en/man/askmara.1 \

	doc/en/man/getzone.1 \

	doc/en/man/fetchzone.1

install -p -D -m 0644 -t %{buildroot}%{_mandir}/man1/ \

	deadwood-%{dwood_ver}/doc/Deadwood.1

install -p -D -m 0644 -t %{buildroot}%{_mandir}/man5/ \

	doc/en/man/csv1.5 \

	doc/en/man/csv2.5 \

	doc/en/man/csv2_txt.5 \

	doc/en/man/mararc.5

install -p -D -m 0644 -t %{buildroot}%{_mandir}/man8/ \

	doc/en/man/maradns.8 \

	doc/en/man/zoneserver.8 \

# systemd units

mkdir -p %{buildroot}%{_unitdir}

install -p -D -m 0644 -t %{buildroot}%{_unitdir}/ \

	build/maradns.service \

	build/maradns-zoneserver.service \

	build/maradns-deadwood.service

%files

%doc COPYING doc/en/changelog.txt doc/en/credits.txt doc/en/faq.txt doc/en/{examples,tutorial,webpage}

%config(noreplace) %{_sysconfdir}/mararc

%config(noreplace) %{_sysconfdir}/dwood3rc

%attr(-,maradns,maradns) %{_sysconfdir}/maradns/ 

%attr(-,maradns,maradns) /var/cache/deadwood/

%{_unitdir}/%{name}.service

%{_unitdir}/%{name}-zoneserver.service

%{_unitdir}/%{name}-deadwood.service

%{_bindir}/askmara

%{_bindir}/fetchzone

%{_bindir}/getzone

%{_sbindir}/maradns

%{_sbindir}/zoneserver

%{_sbindir}/Deadwood

%{_mandir}/man1/askmara.1*

%{_mandir}/man1/getzone.1*

%{_mandir}/man1/fetchzone.1*

%{_mandir}/man1/Deadwood.1*

%{_mandir}/man5/csv1.5*

%{_mandir}/man5/csv2.5*

%{_mandir}/man5/csv2_txt.5*

%{_mandir}/man5/mararc.5*

%{_mandir}/man8/maradns.8*

%{_mandir}/man8/zoneserver.8*

%pre

if [ $1 -eq 1 ]; then

	getent group maradns >/dev/null || groupadd -r maradns

	getent passwd maradns >/dev/null || \

	useradd -r -g maradns -d /etc/maradns -s /sbin/nologin \

		-c "MaraDns chroot user" maradns

	exit 0

fi

%post

if [ $1 -eq 1 ]; then

	# correct UID/GID of maradns user

	sed --in-place -e "s/^maradns_uid.*/maradns_uid = $(id -u maradns)/" %{_sysconfdir}/mararc

	sed --in-place -e "s/^maradns_gid.*/maradns_gid = $(id -g maradns)/" %{_sysconfdir}/mararc

	sed --in-place -e "s/^maradns_uid.*/maradns_uid = $(id -u maradns)/" %{_sysconfdir}/dwood3rc

	sed --in-place -e "s/^maradns_gid.*/maradns_gid = $(id -g maradns)/" %{_sysconfdir}/dwood3rc

	# correct cache file directory

	sed --in-place -e 's@/etc/deadwood@/var/cache/deadwood@' %{_sysconfdir}/dwood3rc

fi

%systemd_post maradns.service maradns-zoneserver.service maradns-deadwood.service

%preun

%systemd_preun maradns.service maradns-zoneserver.service maradns-deadwood.service

%postun

%systemd_postun_with_restart maradns.service maradns-zoneserver.service maradns-deadwood.service

%triggerun -- maradns < 1.3.07.09-6

# Save the current service runlevel info

# User must manually run systemd-sysv-convert --apply maradns

#			 systemd-sysv-convert --apply maradns-zoneserver

# to migrate them to systemd targets

/usr/bin/systemd-sysv-convert --save maradns >/dev/null 2>&1 ||:

/usr/bin/systemd-sysv-convert --save maradns-zoneserver >/dev/null 2>&1 ||:

# Run these because the SysV package being removed won't do them

/sbin/chkconfig --del maradns >/dev/null 2>&1 || :

/bin/systemctl try-restart maradns.service >/dev/null 2>&1 || :

/sbin/chkconfig --del maradns-zoneserver >/dev/null 2>&1 || :

/bin/systemctl try-restart maradns-zoneserver.service >/dev/null 2>&1 || :

%changelog

* Thu Feb 13 2014 Tomasz Torcz <ttorcz@fedoraproject.org> - 2.0.09-1

- new release, fixing denial-of-service vulnerability  

  ( http://samiam.org/blog/2014-02-12.html )

* Thu Jan 16 2014 Tomasz Torcz <ttorcz@fedoraproject.org> - 2.0.08-1

- new upstream release ( http://samiam.org/blog/2014-01-14.html )

* Mon Dec 02 2013 Tomasz Torcz <ttorcz@fedoraproject.org> - 2.0.07d-1

- fix against possible blind spoof attack

* Sun Oct 13 2013 Tomasz Torcz <ttorcz@fedoraproject.org> - 2.0.07c-2

- refresh systemd patch, introduce additional deps on network-online (#1015282)

* Sat Sep 21 2013 Tomasz Torcz <ttorcz@fedoraproject.org> - 2.0.07c-1

- new upstream version

* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.07-3

- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild

* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.07-2

- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild

* Tue Jan 22 2013 Tomasz Torcz <ttorcz@fedoraproject.org> - 2.0.07-1

- new upstream version

- use explicit systemd requires, macro is considered bad

* Mon Oct 22 2012 Tomasz Torcz <ttorcz@fedoraproject.org> - 2.0.06-3

- fix review issues

  - use name macro in Patch, rename Patch itself

  - add "-p" to install lines

  - add --libdir... to configure

- use macros for systemd operations

* Tue Aug 21 2012 Tomasz Torcz <ttorcz@fedoraproject.org> - 2.0.06-2

- provide link to patch sent upstream

- review remarks:

  - removed grouptag

  - do not use macros for system executables

  - use more readable version of sed command in post

  - remove maradns.gpg.key

  - be more specific in doc line

* Mon Jul 16 2012 Tomasz Torcz <ttorcz@fedoraproject.org> - 2.0.06-1

- initial package for 2.0 branch