Hi,
On Tue, 13 Apr 2010, Rachid Zarouali wrote:
I do agree with you,
but as far as i remember EPEL provides packages that does not exist in RHEL5
official upstream.
EPEL is even more strict: From EPEL FAQ [1]:
"Does EPEL replace packages provided within Red Hat Enterprise Linux
or layered products?
No. EPEL is purely a complimentary repository that provide add-on
packages."
[1]
http://fedoraproject.org/wiki/EPEL/FAQ#Does_EPEL_replace_packages_provided_within_Red_Hat_Enterprise_Linux_or_layered_products.3F
we are using sqlite 3.4.2 and rpm and all sqlite aware apps are working
perfectly :-)
if you want to keep the official sqlite and install the 3.4.2 version it would
need more work in both sides.
for sqlite you will need to install in separate directories. create binary with
version ....
for opendnssec you will need to link it to the sqlite version you have build.
....
i see two options:
1°) chroot opendnssec and all of his dependencies
Interesting option. There must exist some tools for automating chroot
initialization from RPM preinstall scriptlets etc?
2°) static link between opendnssec and sqlite 3.4.2
Well I did this. The packages are available here:
http://staff.csc.fi/vmattila/software/packages/el5/
(signed with my key EA8840E6 available from
http://staff.csc.fi/vmattila/ and public keyservers)
You can make your own conclusions on the quality of the hacks required
for static linking. The packages seem to work but I doubt no EPEL
package maintainer would ever accept them..
There are some other enhancements wrt the
opendnssec-1.0.0/contrib/opendnssec.spec, too. Could they be considered
for inclusion there? Changelog below:
* Thu Apr 15 2010 Ville Mattila <[email protected]> - 1.0.0-4
- sqlite3 tool is used by ods-ksmutil, thus include it in the package
as $libexecdir/opendnssec/sqlite3 (statically linked, patch #201)
* Tue Apr 13 2010 Ville Mattila <[email protected]> - 1.0.0-3
- Fix for conditional installation of configuration files (patch #3)
- Workaround SQLite version dependency problem for RHEL/CentOS 5 builds
with 'rpmbuild --with static_sqlite' flag to build and install
sqlite-3.6.20 into a temporary location and statically link the
libraries
into enforcer daemon and ods-ksmutil.
* Mon Apr 12 2010 Ville Mattila <[email protected]> - 1.0.0-2
- Update to 1.0.0.
- Updates to Requires: and BuildRequires: definitions
- Move headers and libhsm.so into separate package opendnssec-devel.
- Use /var/lib/opendnssec instead of /var/opendnssec (FHS / Fedora EPEL
compliance, stealed patch #0 from Debian/Ubuntu package by Ondřej
Surý).
- Changes to default config (copied from Debian/Ubuntu packaging):
+ conf.xml: Make make enforcer and signer to run as user opendnssec
(default
config has <Privileges> commented out, thus daemons would be started
as root).
+ conf.xml: Comment out <Repository name="softHSM">
+ signconf.xml: Comment out <Zone name="opendnssec.org">
- Create opendnssec user account and group in %pre if they don't exist
(otherwise RPM would make root:root the owner of /var/lib/opendnssec).
- Add chkconfig: and description: tags in tools/ods-control.in to make
it chkconfig(8) compliant.
- Run 'chkconfig --add ods-control' and 'chkconfig --del ods-control'
only
when installing (rpm -i) and removing (rpm -e) the package, not when
upgrading (rpm -U).
- Assign /etc/opendnssec and the config files to root:opendnssec with
umask 007 instead (I thinks it's best not to give anyone but root
write access anywhere in /etc).
- Use config(noreplace) protection for configuration files.
- Explicitly define the directories for libraries in
/usr/lib64/opendnssec,
config validation schemas in /usr/share/opendnssec etc.
- Remove /usr/share/opendnssec.spec from the package.
- Ditch the *.la files.
- Plus some other minor cleanups.
Ville_______________________________________________
Opendnssec-user mailing list
[email protected]
https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
