Hi! In the hope of giving a bind9-ldap package a better chance I've prepared a patch that builds both a bind9 and a bind9-ldap binary package from the sources; the patch is tested and used with 9.3.4-2. In case there is any interest, I'd happily prepare one for 9.4.0 as well.
Best, Michael
diff -urN bind9-9.3.4.backup/debian/bind9-ldap.dirs
bind9-9.3.4/debian/bind9-ldap.dirs
--- bind9-9.3.4.backup/debian/bind9-ldap.dirs 1970-01-01 01:00:00.000000000
+0100
+++ bind9-9.3.4/debian/bind9-ldap.dirs 2007-02-27 01:33:57.000000000 +0100
@@ -0,0 +1,5 @@
+etc/bind
+usr/bin
+usr/sbin
+var/cache/bind
+var/run/bind/run
diff -urN bind9-9.3.4.backup/debian/bind9-ldap.files
bind9-9.3.4/debian/bind9-ldap.files
--- bind9-9.3.4.backup/debian/bind9-ldap.files 1970-01-01 01:00:00.000000000
+0100
+++ bind9-9.3.4/debian/bind9-ldap.files 2007-02-27 01:33:57.000000000 +0100
@@ -0,0 +1,33 @@
+/usr/sbin/named-checkconf
+/usr/sbin/named
+/usr/sbin/rndc-confgen
+/usr/sbin/named-checkzone
+/usr/sbin/dnssec-keygen
+/usr/sbin/dnssec-signzone
+/usr/sbin/rndc
+/usr/share/doc/bind9-ldap
+/usr/share/doc/bind9-ldap/changelog.Debian.gz
+/usr/share/doc/bind9-ldap/README.Debian.gz
+/usr/share/doc/bind9-ldap/README.gz
+/usr/share/doc/bind9-ldap/copyright
+/usr/share/doc/bind9-ldap/changelog.gz
+/usr/share/doc/bind9-ldap/FAQ.gz
+/usr/share/man/man8/dnssec-signzone.8.gz
+/usr/share/man/man8/rndc.8.gz
+/usr/share/man/man8/named-checkzone.8.gz
+/usr/share/man/man8/rndc-confgen.8.gz
+/usr/share/man/man8/dnssec-keygen.8.gz
+/usr/share/man/man8/named.8.gz
+/usr/share/man/man8/named-checkconf.8.gz
+/usr/share/man/man5/rndc.conf.5.gz
+/usr/share/man/man5/named.conf.5.gz
+/etc/bind/db.root
+/etc/bind/db.127
+/etc/bind/db.255
+/etc/bind/named.conf
+/etc/bind/zones.rfc1918
+/etc/bind/db.0
+/etc/bind/db.empty
+/etc/bind/db.local
+/etc/bind/named.conf.options
+/etc/bind/named.conf.local
diff -urN bind9-9.3.4.backup/debian/bind9-ldap.init
bind9-9.3.4/debian/bind9-ldap.init
--- bind9-9.3.4.backup/debian/bind9-ldap.init 1970-01-01 01:00:00.000000000
+0100
+++ bind9-9.3.4/debian/bind9-ldap.init 2007-02-27 01:33:57.000000000 +0100
@@ -0,0 +1,71 @@
+#!/bin/sh
+
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+
+# for a chrooted server: "-u bind -t /var/lib/named"
+# Don't modify this line, change or create /etc/default/bind9.
+OPTIONS=""
+RESOLVCONF=yes
+
+test -f /etc/default/bind9 && . /etc/default/bind9
+
+test -x /usr/sbin/rndc || exit 0
+
+. /lib/lsb/init-functions
+DISTRO=$(lsb_release -is 2>/dev/null || echo Debian)
+
+case "$1" in
+ start)
+ log_daemon_msg "Starting domain name service..." "bind"
+
+ modprobe capability >/dev/null 2>&1 || true
+
+ # dirs under /var/run can go away on reboots.
+ mkdir -p /var/run/bind/run
+ chmod 775 /var/run/bind/run
+ chown root:bind /var/run/bind/run >/dev/null 2>&1 || true
+
+ if [ ! -x /usr/sbin/named ]; then
+ log_action_msg "named binary missing - not starting"
+ log_end_msg 1
+ exit 1
+ fi
+ if start-stop-daemon --start --quiet --exec /usr/sbin/named \
+ --pidfile /var/run/bind/run/named.pid -- $OPTIONS; then
+ if [ "X$RESOLVCONF" != "Xno" ] && [ -x /sbin/resolvconf ] ; then
+ echo "nameserver 127.0.0.1" | /sbin/resolvconf -a lo.named
+ fi
+ log_end_msg 0
+ else
+ log_end_msg 1
+ fi
+ ;;
+
+ stop)
+ log_daemon_msg "Stopping domain name service..." "bind"
+ if [ "X$RESOLVCONF" != "Xno" ] && [ -x /sbin/resolvconf ] ; then
+ /sbin/resolvconf -d lo.named
+ fi
+ /usr/sbin/rndc stop
+ log_end_msg $?
+ ;;
+
+ reload|force-reload)
+ log_daemon_msg "Reloading domain name service..." "bind"
+ /usr/sbin/rndc reload >/dev/null
+ log_end_msg $?
+ ;;
+
+ restart)
+ $0 stop
+ sleep 2
+ $0 start
+ ;;
+
+ *)
+ log_action_msg "Usage: /etc/init.d/bind9
{start|stop|reload|restart|force-reload}"
+ exit 1
+ ;;
+esac
+
+exit 0
diff -urN bind9-9.3.4.backup/debian/bind9-ldap.postinst
bind9-9.3.4/debian/bind9-ldap.postinst
--- bind9-9.3.4.backup/debian/bind9-ldap.postinst 1970-01-01
01:00:00.000000000 +0100
+++ bind9-9.3.4/debian/bind9-ldap.postinst 2007-02-27 01:33:57.000000000
+0100
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+if [ "$1" = configure ]; then
+ lastversion="$2";
+
+ # lets give them a bind user/group in all cases.
+ getent group bind >/dev/null 2>&1 || addgroup --system bind
+ getent passwd bind >/dev/null 2>&1 ||
+ adduser --system --home /var/cache/bind --no-create-home \
+ --disabled-password --ingroup bind bind
+
+ if [ ! -s /etc/bind/rndc.key ]; then
+ rndc-confgen -r /dev/urandom -a
+ fi
+
+ localconf=""
+ if [ ! -f /etc/default/bind9 ]; then
+ for file in /etc/bind/named.conf /etc/bind/named.conf.local; do
+ theirs=$(md5sum $file | sed 's/ .*$//')
+ mine=$(dpkg --status bind9 | grep "^ $file " | sed -n 's/.* //p')
+ if [ "$mine" != "$theirs" ]; then
+ localconf="y"
+ fi
+ done
+ if [ -n "$localconf" ]; then
+ echo 'OPTIONS=""' >> /etc/default/bind9
+ else
+ echo 'OPTIONS="-u bind"' >> /etc/default/bind9
+ fi
+ echo '# Set RESOLVCONF=no to not run resolvconf' >> /etc/default/bind9
+ echo 'RESOLVCONF=yes' >> /etc/default/bind9
+ fi
+
+ # Deal with the aftermath of 9.2.1-5 - it's a hack, but hey..
+ if [ "$lastversion" = "9.2.1-5" ]; then
+ ugid=$(ls -l /etc/bind/rndc.key | awk '{print $3 $4}')
+ if [ "$ugid" = "bindbind" ]; then
+ chown root:root /etc/bind/rndc.key
+ chown root:bind /var/run/bind/run
+ chown root:bind /var/cache/bind
+ fi
+ fi
+
+ uid=$(ls -ln /etc/bind/rndc.key | awk '{print $3}')
+ if [ "$uid" = "0" ]; then
+ [ -n "$localconf" ] || chown bind /etc/bind/rndc.key
+ chgrp bind /etc/bind
+ chmod g+s /etc/bind
+ chgrp bind /etc/bind/rndc.key /var/run/bind/run /var/cache/bind
+ chgrp bind /etc/bind/named.conf*
+ chmod g+r /etc/bind/rndc.key /etc/bind/named.conf*
+ chmod g+rwx /var/run/bind/run /var/cache/bind
+ fi
+
+fi
+
+
+#DEBHELPER#
diff -urN bind9-9.3.4.backup/debian/bind9-ldap.postrm
bind9-9.3.4/debian/bind9-ldap.postrm
--- bind9-9.3.4.backup/debian/bind9-ldap.postrm 1970-01-01 01:00:00.000000000
+0100
+++ bind9-9.3.4/debian/bind9-ldap.postrm 2007-02-27 01:33:57.000000000
+0100
@@ -0,0 +1,9 @@
+#!/bin/sh
+
+if [ "$1" = "purge" ]
+then
+ rm -f /etc/bind/rndc.key /etc/default/bind9
+ rmdir /etc/bind >/dev/null 2>&1 || true
+fi
+
+#DEBHELPER#
diff -urN bind9-9.3.4.backup/debian/control bind9-9.3.4/debian/control
--- bind9-9.3.4.backup/debian/control 2007-02-26 20:17:47.000000000 +0100
+++ bind9-9.3.4/debian/control 2007-02-27 01:33:57.000000000 +0100
@@ -3,7 +3,7 @@
Priority: optional
Maintainer: LaMont Jones <[EMAIL PROTECTED]>
Uploaders: Bdale Garbee <[EMAIL PROTECTED]>
-Build-Depends: debhelper (>=4.1.16), libssl-dev, libtool, bison
+Build-Depends: debhelper (>=4.1.16), libssl-dev, libtool, bison, libldap2-dev
Standards-Version: 3.7.2.0
Package: bind9
@@ -17,6 +17,18 @@
.
This package provides the server and related configuration files.
+Package: bind9-ldap
+Architecture: any
+Depends: ${shlibs:Depends}, netbase, adduser, libdns22 (=${Source-Version}),
libisccfg1 (=${Source-Version}), libisc11 (=${Source-Version}), libisccc0
(=${Source-Version}), lsb-base (>=3.0-6)
+Conflicts: bind, bind9
+Replaces: bind, dnsutils (<< 1:9.1.0-3)
+Suggests: dnsutils, bind9-doc
+Description: Internet Domain Name Server
+ ${Description}
+ .
+ This package provides the server and related configuration files with support
+ for LDAP backends.
+
Package: bind9-doc
Architecture: all
Section: doc
diff -urN bind9-9.3.4.backup/debian/ldap.patch bind9-9.3.4/debian/ldap.patch
--- bind9-9.3.4.backup/debian/ldap.patch 1970-01-01 01:00:00.000000000
+0100
+++ bind9-9.3.4/debian/ldap.patch 2007-02-27 01:33:57.000000000 +0100
@@ -0,0 +1,47 @@
+diff -urN bind9-9.3.2-P1.backup/bin/named/Makefile.in
bind9-9.3.2-P1/bin/named/Makefile.in
+--- bind9-9.3.2-P1.backup/bin/named/Makefile.in 2004-09-06
23:47:25.000000000 +0200
++++ bind9-9.3.2-P1/bin/named/Makefile.in 2006-10-06 13:09:13.000000000
+0200
+@@ -26,10 +26,10 @@
+ #
+ # Add database drivers here.
+ #
+-DBDRIVER_OBJS =
++DBDRIVER_OBJS = [EMAIL PROTECTED]@
+ DBDRIVER_SRCS =
+-DBDRIVER_INCLUDES =
+-DBDRIVER_LIBS =
++DBDRIVER_INCLUDES = -I/usr/include
++DBDRIVER_LIBS = -L/usr/lib -lldap -llber -lresolv
+
+ CINCLUDES = -I${srcdir}/include -I${srcdir}/unix/include \
+ ${LWRES_INCLUDES} ${DNS_INCLUDES} ${BIND9_INCLUDES} \
+diff -urN bind9-9.3.2-P1.backup/bin/named/main.c
bind9-9.3.2-P1/bin/named/main.c
+--- bind9-9.3.2-P1.backup/bin/named/main.c 2005-04-29 03:04:47.000000000
+0200
++++ bind9-9.3.2-P1/bin/named/main.c 2006-10-06 13:09:13.000000000 +0200
+@@ -69,7 +69,7 @@
+ /*
+ * Include header files for database drivers here.
+ */
+-/* #include "xxdb.h" */
++#include "ldapdb.h"
+
+ static isc_boolean_t want_stats = ISC_FALSE;
+ static char program_name[ISC_DIR_NAMEMAX] = "named";
+@@ -669,7 +669,7 @@
+ /*
+ * Add calls to register sdb drivers here.
+ */
+- /* xxdb_init(); */
++ ldapdb_init();
+
+ ns_server_create(ns_g_mctx, &ns_g_server);
+ }
+@@ -685,7 +685,7 @@
+ /*
+ * Add calls to unregister sdb drivers here.
+ */
+- /* xxdb_clear(); */
++ ldapdb_clear();
+
+ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN,
+ ISC_LOG_NOTICE, "exiting");
diff -urN bind9-9.3.4.backup/debian/rules bind9-9.3.4/debian/rules
--- bind9-9.3.4.backup/debian/rules 2007-02-26 20:17:47.000000000 +0100
+++ bind9-9.3.4/debian/rules 2007-02-27 01:36:56.000000000 +0100
@@ -42,6 +42,33 @@
LD_LIBRARY_PATH=$$(pwd)/lib/isc/.libs:$$(pwd)/lib/isccc/.libs:$$(pwd)/isccfg/.libs:$${LD_LIBRARY_PATH}
$(MAKE)
touch build-stamp
+prepare-ldap-stamp:
+ dh_testdir
+ -$(MAKE) distclean
+ rm -f build-stamp configure-stamp
+ cp contrib/sdb/ldap/ldapdb.h bin/named/include/ldapdb.h
+ cp contrib/sdb/ldap/ldapdb.c bin/named/ldapdb.c
+ patch -t -p1 < debian/ldap.patch
+ touch prepare-ldap-stamp
+
+build-ldap: prepare-ldap-stamp
+ dh_testdir
+ ./configure --prefix=/usr \
+ --mandir=\$${prefix}/share/man \
+ --infodir=\$${prefix}/share/info \
+ --sysconfdir=/etc/bind \
+ --localstatedir=/var/run/bind \
+ --enable-threads \
+ --with-libtool \
+ --enable-shared \
+ --enable-static \
+ --with-openssl=/usr \
+ --with-gnu-ld \
+ --enable-ipv6
+ touch configure-stamp
+
LD_LIBRARY_PATH=$$(pwd)/lib/isc/.libs:$$(pwd)/lib/isccc/.libs:$$(pwd)/isccfg/.libs:$${LD_LIBRARY_PATH}
$(MAKE)
+ touch build-stamp
+
autofiles:
libtoolize --automake --copy --force
aclocal
@@ -77,8 +104,24 @@
install -c -o bin -g bin -m 440 debian/named.conf.options ${ETCBIND}
cp doc/arm/*.html debian/bind9-doc/usr/share/doc/bind9-doc/arm
+ETCBIND_LDAP=debian/bind9-ldap/etc/bind
+install-ldap: build-ldap
+ dh_testdir
+ dh_testroot
+ $(MAKE) install DESTDIR=`pwd`/debian/bind9-ldap
+ install -c -o bin -g bin -m 444 debian/db.0 ${ETCBIND_LDAP}/db.0
+ install -c -o bin -g bin -m 444 debian/db.0 ${ETCBIND_LDAP}/db.255
+ install -c -o bin -g bin -m 444 debian/db.empty ${ETCBIND_LDAP}
+ install -c -o bin -g bin -m 444 debian/zones.rfc1918 ${ETCBIND_LDAP}
+ install -c -o bin -g bin -m 444 debian/db.127 ${ETCBIND_LDAP}
+ install -c -o bin -g bin -m 444 debian/db.local ${ETCBIND_LDAP}
+ install -c -o bin -g bin -m 444 debian/db.root ${ETCBIND_LDAP}
+ install -c -o bin -g bin -m 440 debian/named.conf ${ETCBIND_LDAP}
+ install -c -o bin -g bin -m 440 debian/named.conf.local ${ETCBIND_LDAP}
+ install -c -o bin -g bin -m 440 debian/named.conf.options
${ETCBIND_LDAP}
+
# Build architecture-independent files here.
-binary-indep: build install
+binary-indep: build install build-ldap install-ldap
dh_testdir -i
dh_testroot -i
dh_installdocs -i
@@ -98,7 +141,7 @@
dh_builddeb -i
# Build architecture-dependent files here.
-binary-arch: build install
+binary-arch: build install build-ldap install-ldap
dh_testdir -a
dh_testroot -a
dh_installdocs -a
@@ -107,9 +150,13 @@
dh_installinit -a -- defaults 15 85
dh_installcron -a
dh_installmanpages -pbind9 runmdn.1 mdnconv.1 zone2ldap.1 nslint.8
+ dh_installmanpages -pbind9-ldap runmdn.1 mdnconv.1 zone2ldap.1 nslint.8
dh_installinfo -a
dh_installchangelogs CHANGES -a
- dh_movefiles --sourcedir=debian/bind9 -a
+ dh_movefiles --sourcedir=debian/bind9-ldap -a -Nbind9-ldap
+ ( cd debian/bind9-ldap/usr ; rm -fr bin include lib )
+ rmdir debian/bind9-ldap/usr/share/man/man[13]
+ dh_movefiles --sourcedir=debian/bind9 -a -Nbind9-ldap
( cd debian/bind9/usr ; rm -fr bin include lib )
rmdir debian/bind9/usr/share/man/man[13]
dh_link -a
@@ -126,4 +173,4 @@
dh_builddeb -a
binary: binary-indep binary-arch
-.PHONY: build clean binary-indep binary-arch binary install configure
+.PHONY: build clean binary-indep binary-arch binary install configure
build-ldap install-ldap
pgp2J62AjjEeY.pgp
Description: PGP signature
