bindの緊急の脆弱性が公表されました。
http://jprs.jp/tech/security/2015-07-29-bind9-vuln-tkey.html
回避策は無く、update必須です。
私の管理しているサーバーの1つはCentOSでyumを主体に構成しているため、ソースからビルドせずにyumでupdateしたいところです。
というわけで、色々苦労したrpmbuildのメモメモ。。。
$ cd /etc/yum/repos.d/ $ sudo vi CentOS-Source.repo
[source] name=CentOS-$releasever - source~ baseurl=http://vault.centos.org/6.5/os/Source/~ enabled=0~ gpgcheck=1~ gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-6~
$ yumdownloader --enablerepo=source --source bind
$ sudo rpm -Uvh bind-9.8.2-0.17.rc1.el6_4.6.src.rpm
$ sudo cp -r rpmbuild /home/username/.... $ chown -R username:grpname /home/uesrname/....
$ cd SOURCES $ wget http://ftp.isc.org/isc/bind9/9.10.2-P3/bind-9.10.2-P3.tar.gz
$ sudo vi rpmbuild/SPECS/bind.spec
$ diff bind.spec.org SPECS/bind.spec -u
--- bind.spec.org 2015-08-01 07:31:50.190118252 +0900
+++ SPECS/bind.spec 2015-08-01 15:02:18.354717773 +0900
@@ -2,17 +2,15 @@
# Red Hat BIND package .spec file
#
-#%define PATCHVER P3
-%define PREVER rc1
-#%define VERSION %{version}
-#%define VERSION %{version}-%{PATCHVER}
-%define VERSION %{version}%{PREVER}
+%define PATCHVER P3
+%define VERSION %{version}-%{PATCHVER}
+%define _unpackaged_files_terminate_build 0
-%{?!SDB: %define SDB 1}
+%{?!SDB: %define SDB 0}
%{?!test: %define test 0}
%{?!bind_uid: %define bind_uid 25}
%{?!bind_gid: %define bind_gid 25}
-%{?!GSSTSIG: %define GSSTSIG 1}
+%{?!GSSTSIG: %define GSSTSIG 0}
%{?!PKCS11: %define PKCS11 0}
%define bind_dir /var/named
%define chroot_prefix %{bind_dir}/chroot
@@ -20,8 +18,8 @@
Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server
Name: bind
License: ISC
-Version: 9.8.2
-Release: 0.17.%{PREVER}%{?dist}.6
+Version: 9.10.2
+Release: P3
Epoch: 32
Url: http://www.isc.org/products/BIND/
Buildroot:%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -42,72 +40,74 @@
Source30: ldap2zone.c
Source31: named.portreserve
+AutoReq: no
+
# Common patches
-Patch5: bind-nonexec.patch
-Patch10: bind-9.5-PIE.patch
-Patch16: bind-9.3.2-redhat_doc.patch
-Patch71: bind-9.5-overflow.patch
-Patch72: bind-9.5-dlz-64bit.patch
-Patch87: bind-9.5-parallel-build.patch
-Patch99: bind-96-libtool2.patch
-Patch101:bind-96-old-api.patch
-Patch102:bind-95-rh452060.patch
-Patch106:bind93-rh490837.patch
-Patch107:bind97-compat-keysdir.patch
-Patch108:bind97-rh622764.patch
-Patch109:bind97-rh623190.patch
-Patch111:bind97-rh640538.patch
-Patch112:bind97-rh658045.patch
-Patch115:bind97-rh669163.patch
-Patch116:bind97-testsuite.patch
-Patch117:bind97-rh672819.patch
-Patch118:bind97-rh699951.patch
-Patch119:bind97-rh725577.patch
-Patch122:bind97-rh693982.patch
-Patch123:bind97-rh712066-1.patch
-Patch124:bind97-rh712066-2.patch
-Patch125:bind98-dlz_buildfix.patch
-Patch126:bind99-forward.patch
-Patch127:bind98-rh759503.patch
-Patch128:bind98-rh749582.patch
-Patch129:bind98-rh734458.patch
-Patch130:bind97-rh645544.patch
-Patch131:bind98-rh795414.patch
-Patch132:bind98-rh798978.patch
-Patch133:bind98-CVE-2012-1033.patch
-Patch134:bind98-CVE-2012-1033-2.patch
-Patch135:bind98-rh800053.patch
-Patch136:bind98-rh809084.patch
-Patch137:bind98-rh818582.patch
-Patch138:bind98-rh816164.patch
-Patch139:bind98-CVE-2012-1667.patch
-Patch140:bind98-rh837165.patch
-Patch141:bind98-CVE-2012-3817.patch
-Patch142:bind98-CVE-2012-4244.patch
-Patch143:bind98-rh853806.patch
-Patch144:bind98-CVE-2012-5166.patch
-Patch145:bind98-CVE-2012-5688.patch
-Patch146:bind98-rh873624.patch
-Patch147:bind98-CVE-2012-5689.patch
-Patch148:bind98-CVE-2013-2266.patch
-Patch149:bind98-rh927914.patch
-Patch150:bind98-CVE-2013-4854.patch
-Patch151:bind98-rh996955.patch
+#Patch5: bind-nonexec.patch
+#Patch10: bind-9.5-PIE.patch
+#Patch16: bind-9.3.2-redhat_doc.patch
+#Patch71: bind-9.5-overflow.patch
+#Patch72: bind-9.5-dlz-64bit.patch
+#Patch87: bind-9.5-parallel-build.patch
+#Patch99: bind-96-libtool2.patch
+#Patch101:bind-96-old-api.patch
+#Patch102:bind-95-rh452060.patch
+#Patch106:bind93-rh490837.patch
+#Patch107:bind97-compat-keysdir.patch
+#Patch108:bind97-rh622764.patch
+#Patch109:bind97-rh623190.patch
+#Patch111:bind97-rh640538.patch
+#Patch112:bind97-rh658045.patch
+#Patch115:bind97-rh669163.patch
+#Patch116:bind97-testsuite.patch
+#Patch117:bind97-rh672819.patch
+#Patch118:bind97-rh699951.patch
+#Patch119:bind97-rh725577.patch
+#Patch122:bind97-rh693982.patch
+#Patch123:bind97-rh712066-1.patch
+#Patch124:bind97-rh712066-2.patch
+#Patch125:bind98-dlz_buildfix.patch
+#Patch126:bind99-forward.patch
+#Patch127:bind98-rh759503.patch
+#Patch128:bind98-rh749582.patch
+#Patch129:bind98-rh734458.patch
+#Patch130:bind97-rh645544.patch
+#Patch131:bind98-rh795414.patch
+#Patch132:bind98-rh798978.patch
+#Patch133:bind98-CVE-2012-1033.patch
+#Patch134:bind98-CVE-2012-1033-2.patch
+#Patch135:bind98-rh800053.patch
+#Patch136:bind98-rh809084.patch
+#Patch137:bind98-rh818582.patch
+#Patch138:bind98-rh816164.patch
+#Patch139:bind98-CVE-2012-1667.patch
+#Patch140:bind98-rh837165.patch
+#Patch141:bind98-CVE-2012-3817.patch
+#Patch142:bind98-CVE-2012-4244.patch
+#Patch143:bind98-rh853806.patch
+#Patch144:bind98-CVE-2012-5166.patch
+#Patch145:bind98-CVE-2012-5688.patch
+#Patch146:bind98-rh873624.patch
+#Patch147:bind98-CVE-2012-5689.patch
+#Patch148:bind98-CVE-2013-2266.patch
+#Patch149:bind98-rh927914.patch
+#Patch150:bind98-CVE-2013-4854.patch
+#Patch151:bind98-rh996955.patch
# SDB patches
-Patch11: bind-9.3.2b2-sdbsrc.patch
-Patch12: bind-9.5-sdb.patch
-Patch62: bind-9.5-sdb-sqlite-bld.patch
+#Patch11: bind-9.3.2b2-sdbsrc.patch
+#Patch12: bind-9.5-sdb.patch
+#Patch62: bind-9.5-sdb-sqlite-bld.patch
# needs inpection
-Patch17: bind-9.3.2b1-fix_sdb_ldap.patch
-Patch104: bind-96-dyndb.patch
+#Patch17: bind-9.3.2b1-fix_sdb_ldap.patch
+#Patch104: bind-96-dyndb.patch
# IDN paches
-Patch73: bind-9.5-libidn.patch
-Patch83: bind-9.5-libidn2.patch
-Patch85: bind-9.5-libidn3.patch
-Patch94: bind95-rh461409.patch
+#Patch73: bind-9.5-libidn.patch
+#Patch83: bind-9.5-libidn2.patch
+#Patch85: bind-9.5-libidn3.patch
+#Patch94: bind95-rh461409.patch
#
Requires: bind-libs = %{epoch}:%{version}-%{release}
@@ -227,97 +227,97 @@
%setup -q -n %{name}-%{VERSION}
# Common patches
-%patch5 -p1 -b .nonexec
-%patch10 -p1 -b .PIE
-%patch16 -p1 -b .redhat_doc
-%patch104 -p1 -b .dyndb
-%patch107 -p1 -b .compat-keysdir
-%patch119 -p1 -b .rh725577
-%patch122 -p1 -b .rh693982
-%patch123 -p1 -b .rh712066-1
-%patch131 -p1 -b .rh795414
-%patch136 -p1 -b .rh809084
-%patch144 -p1 -b .CVE-2012-5166
-%patch145 -p1 -b .CVE-2012-5688
-%patch146 -p1 -b .rh873624
-%patch147 -p1 -b .CVE-2012-5689
-%patch148 -p1 -b .CVE-2013-2266
-%patch150 -p1 -b .CVE-2013-4854
-%patch151 -p1 -b .rh996955
-%if %{SDB}
-%patch101 -p1 -b .old-api
-mkdir bin/named-sdb
-cp -r bin/named/* bin/named-sdb
-%patch11 -p1 -b .sdbsrc
-# SDB ldap
-cp -fp contrib/sdb/ldap/ldapdb.[ch] bin/named-sdb
-# SDB postgreSQL
-cp -fp contrib/sdb/pgsql/pgsqldb.[ch] bin/named-sdb
-# SDB sqlite
-cp -fp contrib/sdb/sqlite/sqlitedb.[ch] bin/named-sdb
-# SDB Berkeley DB - needs to be ported to DB4!
-#cp -fp contrib/sdb/bdb/bdb.[ch] bin/named_sdb
-# SDB dir
-cp -fp contrib/sdb/dir/dirdb.[ch] bin/named-sdb
-# SDB tools
-mkdir -p bin/sdb_tools
-cp -fp %{SOURCE30} bin/sdb_tools/ldap2zone.c
-cp -fp %{SOURCE7} bin/sdb_tools/Makefile.in
-#cp -fp contrib/sdb/bdb/zone2bdb.c bin/sdb_tools
-cp -fp contrib/sdb/ldap/{zone2ldap.1,zone2ldap.c} bin/sdb_tools
-cp -fp contrib/sdb/pgsql/zonetodb.c bin/sdb_tools
-cp -fp contrib/sdb/sqlite/zone2sqlite.c bin/sdb_tools
-%patch12 -p1 -b .sdb
-%endif
-%if %{SDB}
-%patch17 -p1 -b .fix_sdb_ldap
-%endif
-%if %{SDB}
-%patch62 -p1 -b .sdb-sqlite-bld
-%endif
-%patch71 -p1 -b .overflow
-%ifnarch alpha ia64
-%patch72 -p1 -b .64bit
-%endif
-%patch73 -p1 -b .libidn
-%patch83 -p1 -b .libidn2
-%patch85 -p1 -b .libidn3
-%patch87 -p1 -b .parallel
-%patch94 -p1 -b .rh461409
+#%patch5 -p1 -b .nonexec
+#%patch10 -p1 -b .PIE
+#%patch16 -p1 -b .redhat_doc
+#%patch104 -p1 -b .dyndb
+#%patch107 -p1 -b .compat-keysdir
+#%patch119 -p1 -b .rh725577
+#%patch122 -p1 -b .rh693982
+#%patch123 -p1 -b .rh712066-1
+#%patch131 -p1 -b .rh795414
+#%patch136 -p1 -b .rh809084
+#%patch144 -p1 -b .CVE-2012-5166
+#%patch145 -p1 -b .CVE-2012-5688
+#%patch146 -p1 -b .rh873624
+#%patch147 -p1 -b .CVE-2012-5689
+#%patch148 -p1 -b .CVE-2013-2266
+#%patch150 -p1 -b .CVE-2013-4854
+#%patch151 -p1 -b .rh996955
+#%if %{SDB}
+#%patch101 -p1 -b .old-api
+#mkdir bin/named-sdb
+#cp -r bin/named/* bin/named-sdb
+#%patch11 -p1 -b .sdbsrc
+## SDB ldap
+#cp -fp contrib/sdb/ldap/ldapdb.[ch] bin/named-sdb
+## SDB postgreSQL
+#cp -fp contrib/sdb/pgsql/pgsqldb.[ch] bin/named-sdb
+## SDB sqlite
+#cp -fp contrib/sdb/sqlite/sqlitedb.[ch] bin/named-sdb
+## SDB Berkeley DB - needs to be ported to DB4!
+##cp -fp contrib/sdb/bdb/bdb.[ch] bin/named_sdb
+## SDB dir
+#cp -fp contrib/sdb/dir/dirdb.[ch] bin/named-sdb
+## SDB tools
+#mkdir -p bin/sdb_tools
+#cp -fp %{SOURCE30} bin/sdb_tools/ldap2zone.c
+#cp -fp %{SOURCE7} bin/sdb_tools/Makefile.in
+##cp -fp contrib/sdb/bdb/zone2bdb.c bin/sdb_tools
+#cp -fp contrib/sdb/ldap/{zone2ldap.1,zone2ldap.c} bin/sdb_tools
+#cp -fp contrib/sdb/pgsql/zonetodb.c bin/sdb_tools
+#cp -fp contrib/sdb/sqlite/zone2sqlite.c bin/sdb_tools
+#%patch12 -p1 -b .sdb
+#%endif
+#%if %{SDB}
+#%patch17 -p1 -b .fix_sdb_ldap
+#%endif
+#%if %{SDB}
+#%patch62 -p1 -b .sdb-sqlite-bld
+#%endif
+#%patch71 -p1 -b .overflow
+#%ifnarch alpha ia64
+#%patch72 -p1 -b .64bit
+#%endif
+#%patch73 -p1 -b .libidn
+#%patch83 -p1 -b .libidn2
+#%patch85 -p1 -b .libidn3
+#%patch87 -p1 -b .parallel
+#%patch94 -p1 -b .rh461409
# XXX due new libtool. Not sure about proper upstream approach yet.
mkdir m4
-%patch99 -p1 -b .libtool2
-
-%patch102 -p1 -b .rh452060
-%patch106 -p0 -b .rh490837
-%patch108 -p1 -b .rh622764
-%patch109 -p1 -b .rh623190
-%patch111 -p1 -b .rh640538
-%patch112 -p1 -b .rh658045
-%patch115 -p1 -b .rh669163
-%patch116 -p1 -b .testsuite
-%patch117 -p1 -b .rh672819
-%patch118 -p1 -b .rh699951
-%patch124 -p1 -b .rh712066-2
-%patch125 -p1 -b .dlz_buildfix
-%patch126 -p1 -b .forward
-%patch127 -p1 -b .rh759503
-%patch128 -p1 -b .rh749582
-%patch129 -p1 -b .rh734458
-%patch130 -p1 -b .rh645544
-%patch132 -p1 -b .rh798978
-%patch133 -p1 -b .CVE-2012-1033
-%patch134 -p1 -b .CVE-2012-1033-2
-%patch135 -p1 -b .rh800053
-%patch137 -p1 -b .rh818582
-%patch138 -p1 -b .rh816164
-%patch139 -p1 -b .CVE-2012-1667
-%patch140 -p1 -b .rh837165
-%patch141 -p1 -b .CVE-2012-3817
-%patch142 -p1 -b .CVE-2012-4244
-%patch143 -p1 -b .rh853806
-%patch149 -p1 -b .rh927914
+#%patch99 -p1 -b .libtool2
+#
+#%patch102 -p1 -b .rh452060
+#%patch106 -p0 -b .rh490837
+#%patch108 -p1 -b .rh622764
+#%patch109 -p1 -b .rh623190
+#%patch111 -p1 -b .rh640538
+#%patch112 -p1 -b .rh658045
+#%patch115 -p1 -b .rh669163
+#%patch116 -p1 -b .testsuite
+#%patch117 -p1 -b .rh672819
+#%patch118 -p1 -b .rh699951
+#%patch124 -p1 -b .rh712066-2
+#%patch125 -p1 -b .dlz_buildfix
+#%patch126 -p1 -b .forward
+#%patch127 -p1 -b .rh759503
+#%patch128 -p1 -b .rh749582
+#%patch129 -p1 -b .rh734458
+#%patch130 -p1 -b .rh645544
+#%patch132 -p1 -b .rh798978
+#%patch133 -p1 -b .CVE-2012-1033
+#%patch134 -p1 -b .CVE-2012-1033-2
+#%patch135 -p1 -b .rh800053
+#%patch137 -p1 -b .rh818582
+#%patch138 -p1 -b .rh816164
+#%patch139 -p1 -b .CVE-2012-1667
+#%patch140 -p1 -b .rh837165
+#%patch141 -p1 -b .CVE-2012-3817
+#%patch142 -p1 -b .CVE-2012-4244
+#%patch143 -p1 -b .rh853806
+#%patch149 -p1 -b .rh927914
# Sparc and s390 arches need to use -fPIE
%ifarch sparcv9 sparc64 s390 s390x
@@ -360,7 +360,6 @@
--with-gssapi=yes \
--disable-isc-spnego \
%endif
- --with-docbook-xsl=%{_datadir}/sgml/docbook/xsl-stylesheets \
%ifarch ppc ppc64
--disable-atomic \
%endif
@@ -369,15 +368,15 @@
make %{?_smp_mflags}
# Regenerate dig.1 manpage
-pushd bin/dig
-make man
-popd
-pushd bin/nsupdate
-make man
-popd
-pushd doc/arm
-make Bv9ARM.html
-popd
+#pushd bin/dig
+#make man
+#popd
+#pushd bin/nsupdate
+#make man
+#popd
+#pushd doc/arm
+#make Bv9ARM.html
+#popd
# Remove this backup file to avoid be picked by %%doc directive
rm -f doc/arm/Bv9ARM-book.xml.rh873624
@@ -411,7 +410,8 @@
# We don't want these
rm -f doc/rfc/fetch
-cp --preserve=timestamps %{SOURCE5} doc/rfc
+mkdir -p doc/rfc
+cp --preserve=timestamps %{SOURCE5} doc/rfc/
gzip -9 doc/rfc/*
# Build directory hierarchy
@@ -641,7 +641,7 @@
%{_mandir}/man8/nsec3hash.8*
%{_mandir}/man8/isc-hmac-fixup.8*
%doc CHANGES COPYRIGHT README named.conf.default
-%doc doc/arm doc/misc doc/draft doc/rfc
+%doc doc/arm doc/misc doc/rfc
%doc sample/
%doc Copyright
%doc rfc1912.txt
# rpmbuild -bb bind.spec
/bin/sh: line 2: 4830 Done(1) expand Bv9ARM-book.xml
4831 Segmentation fault | /usr/bin/xsltproc --novalid --xinclude --nonet --stringparam root.filename Bv9ARM ../../doc/xsl/isc-docbook-chunk.xsl -
make: *** [Bv9ARM.html] Error 139
error: Bad exit status from /var/tmp/rpm-tmp.XoHtVz (%build)
RPM build errors:
Bad exit status from /var/tmp/rpm-tmp.XoHtVz (%build)
+ gzip -9 'doc/rfc/*'
gzip: doc/rfc/*: Not a directory
error: Bad exit status from /var/tmp/rpm-tmp.EJwEHB (%install)
RPM build errors:
Bad exit status from /var/tmp/rpm-tmp.EJwEHB (%install)
Processing Dependency: /usr/local/bin/python for package:
# rpmbuild -bb bind.spec error: Failed build dependencies: openssl-devel is needed by bind-32:9.10.2-P3.x86_64 libcap-devel is needed by bind-32:9.10.2-P3.x86_64 docbook-style-xsl is needed by bind-32:9.10.2-P3.x86_64 libxslt is needed by bind-32:9.10.2-P3.x86_64
# sudo yum install openssl-devel libcap-devel docbook-style-xsl libxslt途中segmentation faultが出るが気にしない。
# rpmbuild -bb bind.spec
Wrote: /home/username/rpmbuild/RPMS/x86_64/bind-9.10.2-P3.x86_64.rpm Wrote: /home/username/rpmbuild/RPMS/x86_64/bind-libs-9.10.2-P3.x86_64.rpm Wrote: /home/username/rpmbuild/RPMS/x86_64/bind-utils-9.10.2-P3.x86_64.rpm Wrote: /home/username/rpmbuild/RPMS/x86_64/bind-devel-9.10.2-P3.x86_64.rpm Wrote: /home/username/rpmbuild/RPMS/x86_64/bind-chroot-9.10.2-P3.x86_64.rpm Wrote: /home/username/rpmbuild/RPMS/x86_64/bind-debuginfo-9.10.2-P3.x86_64.rpm Executing(%clean): /bin/sh -e /var/tmp/rpm-tmp.VfqEOW + umask 022 + cd /home/username/rpmbuild/BUILD + cd bind-9.10.2-P3 + rm -rf /home/username/rpmbuild/BUILDROOT/bind-9.10.2-P3.x86_64 + : + exit 0
$ sudo yum localinstall RPMS/x86_64/bind-9.10.2-P3.x86_64.rpm RPMS/x86_64/bind-libs-9.10.2-P3.x86_64.rpm RPMS/x86_64/bind-utils-9.10.2-P3.x86_64.rpm RPMS/x86_64/bind-chroot-9.10.2-P3.x86_64.rpm
$ sudo yum localinstall RPMS/x86_64/bind-9.10.2-P3.x86_64.rpm RPMS/x86_64/bind-libs-9.10.2-P3.x86_64.rpm RPMS/x86_64/bind-utils-9.10.2-P3.x86_64.rpm RPMS/x86_64/bind-chroot-9.10.2-P3.x86_64.rpm Loaded plugins: fastestmirror, security Setting up Local Package Process Examining RPMS/x86_64/bind-9.10.2-P3.x86_64.rpm: 32:bind-9.10.2-P3.x86_64 Marking RPMS/x86_64/bind-9.10.2-P3.x86_64.rpm as an update to 32:bind-9.8.2-0.30.rc1.el6_6.3.x86_64 Loading mirror speeds from cached hostfile * base: www.ftp.ne.jp * extras: www.ftp.ne.jp * remi-safe: mirrors.mediatemple.net * updates: ftp.riken.jp Examining RPMS/x86_64/bind-libs-9.10.2-P3.x86_64.rpm: 32:bind-libs-9.10.2-P3.x86_64 Marking RPMS/x86_64/bind-libs-9.10.2-P3.x86_64.rpm as an update to 32:bind-libs-9.8.2-0.30.rc1.el6_6.3.x86_64 Examining RPMS/x86_64/bind-utils-9.10.2-P3.x86_64.rpm: 32:bind-utils-9.10.2-P3.x86_64 Marking RPMS/x86_64/bind-utils-9.10.2-P3.x86_64.rpm as an update to 32:bind-utils-9.8.2-0.30.rc1.el6_6.3.x86_64 Examining RPMS/x86_64/bind-chroot-9.10.2-P3.x86_64.rpm: 32:bind-chroot-9.10.2-P3.x86_64 Marking RPMS/x86_64/bind-chroot-9.10.2-P3.x86_64.rpm as an update to 32:bind-chroot-9.8.2-0.30.rc1.el6_6.3.x86_64 Resolving Dependencies --> Running transaction check ---> Package bind.x86_64 32:9.8.2-0.30.rc1.el6_6.3 will be updated ---> Package bind.x86_64 32:9.10.2-P3 will be an update ---> Package bind-chroot.x86_64 32:9.8.2-0.30.rc1.el6_6.3 will be updated ---> Package bind-chroot.x86_64 32:9.10.2-P3 will be an update ---> Package bind-libs.x86_64 32:9.8.2-0.30.rc1.el6_6.3 will be updated ---> Package bind-libs.x86_64 32:9.10.2-P3 will be an update ---> Package bind-utils.x86_64 32:9.8.2-0.30.rc1.el6_6.3 will be updated ---> Package bind-utils.x86_64 32:9.10.2-P3 will be an update --> Finished Dependency Resolution Dependencies Resolved ================================================================================================================ Package Arch Version Repository Size ================================================================================================================ Updating: bind x86_64 32:9.10.2-P3 /bind-9.10.2-P3.x86_64 6.0 M bind-chroot x86_64 32:9.10.2-P3 /bind-chroot-9.10.2-P3.x86_64 0.0 bind-libs x86_64 32:9.10.2-P3 /bind-libs-9.10.2-P3.x86_64 2.7 M bind-utils x86_64 32:9.10.2-P3 /bind-utils-9.10.2-P3.x86_64 460 k Transaction Summary ================================================================================================================ Upgrade 4 Package(s) Total size: 9.2 M Is this ok [y/N]: y Downloading Packages: Running rpm_check_debug Running Transaction Test Transaction Test Succeeded Running Transaction Updating : 32:bind-libs-9.10.2-P3.x86_64 1/8 Updating : 32:bind-9.10.2-P3.x86_64 2/8 Updating : 32:bind-chroot-9.10.2-P3.x86_64 3/8 Updating : 32:bind-utils-9.10.2-P3.x86_64 4/8 Cleanup : 32:bind-chroot-9.8.2-0.30.rc1.el6_6.3.x86_64 5/8 Cleanup : 32:bind-9.8.2-0.30.rc1.el6_6.3.x86_64 6/8 Cleanup : 32:bind-utils-9.8.2-0.30.rc1.el6_6.3.x86_64 7/8 Cleanup : 32:bind-libs-9.8.2-0.30.rc1.el6_6.3.x86_64 8/8 Verifying : 32:bind-utils-9.10.2-P3.x86_64 1/8 Verifying : 32:bind-libs-9.10.2-P3.x86_64 2/8 Verifying : 32:bind-chroot-9.10.2-P3.x86_64 3/8 Verifying : 32:bind-9.10.2-P3.x86_64 4/8 Verifying : 32:bind-chroot-9.8.2-0.30.rc1.el6_6.3.x86_64 5/8 Verifying : 32:bind-utils-9.8.2-0.30.rc1.el6_6.3.x86_64 6/8 Verifying : 32:bind-libs-9.8.2-0.30.rc1.el6_6.3.x86_64 7/8 Verifying : 32:bind-9.8.2-0.30.rc1.el6_6.3.x86_64 8/8 Updated: bind.x86_64 32:9.10.2-P3 bind-chroot.x86_64 32:9.10.2-P3 bind-libs.x86_64 32:9.10.2-P3 bind-utils.x86_64 32:9.10.2-P3 Complete!
# /etc/init.d/named start Starting named: [FAILED]
# mkdir /var/named/chroot/var/named/dynamic/ # chown named:named /var/named/chroot/var/named/dynamic # chmod 770 /var/named/chroot/var/named/dynamic # mkdir /var/named/chroot/var/named/data/ # chown named:named /var/named/chroot/var/named/data # chmod 770 /var/named/chroot/var/named/data今度は成功(^^)。
# /etc/init.d/named start Starting named: [ OK ]