--> -->
bindの緊急の脆弱性が公表されました。
http://jprs.jp/tech/security/2015-07-29-bind9-vuln-tkey.html
回避策は無く、update必須です。
私の管理しているサーバーの1つはCentOSでyumを主体に構成しているため、ソースからビルドせずにyumでupdateしたいところです。
というわけで、色々苦労したrpmbuildのメモメモ。。。
$ cd /etc/yum/repos.d/ $ sudo vi CentOS-Source.repo
[source] name=CentOS-$releasever - source~ baseurl=http://vault.centos.org/6.5/os/Source/~ enabled=0~ gpgcheck=1~ gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-6~
$ yumdownloader --enablerepo=source --source bind
$ sudo rpm -Uvh bind-9.8.2-0.17.rc1.el6_4.6.src.rpm
$ sudo cp -r rpmbuild /home/username/.... $ chown -R username:grpname /home/uesrname/....
$ cd SOURCES $ wget http://ftp.isc.org/isc/bind9/9.10.2-P3/bind-9.10.2-P3.tar.gz
$ sudo vi rpmbuild/SPECS/bind.spec
$ diff bind.spec.org SPECS/bind.spec -u --- bind.spec.org 2015-08-01 07:31:50.190118252 +0900 +++ SPECS/bind.spec 2015-08-01 15:02:18.354717773 +0900 @@ -2,17 +2,15 @@ # Red Hat BIND package .spec file # -#%define PATCHVER P3 -%define PREVER rc1 -#%define VERSION %{version} -#%define VERSION %{version}-%{PATCHVER} -%define VERSION %{version}%{PREVER} +%define PATCHVER P3 +%define VERSION %{version}-%{PATCHVER} +%define _unpackaged_files_terminate_build 0 -%{?!SDB: %define SDB 1} +%{?!SDB: %define SDB 0} %{?!test: %define test 0} %{?!bind_uid: %define bind_uid 25} %{?!bind_gid: %define bind_gid 25} -%{?!GSSTSIG: %define GSSTSIG 1} +%{?!GSSTSIG: %define GSSTSIG 0} %{?!PKCS11: %define PKCS11 0} %define bind_dir /var/named %define chroot_prefix %{bind_dir}/chroot @@ -20,8 +18,8 @@ Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server Name: bind License: ISC -Version: 9.8.2 -Release: 0.17.%{PREVER}%{?dist}.6 +Version: 9.10.2 +Release: P3 Epoch: 32 Url: http://www.isc.org/products/BIND/ Buildroot:%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -42,72 +40,74 @@ Source30: ldap2zone.c Source31: named.portreserve +AutoReq: no + # Common patches -Patch5: bind-nonexec.patch -Patch10: bind-9.5-PIE.patch -Patch16: bind-9.3.2-redhat_doc.patch -Patch71: bind-9.5-overflow.patch -Patch72: bind-9.5-dlz-64bit.patch -Patch87: bind-9.5-parallel-build.patch -Patch99: bind-96-libtool2.patch -Patch101:bind-96-old-api.patch -Patch102:bind-95-rh452060.patch -Patch106:bind93-rh490837.patch -Patch107:bind97-compat-keysdir.patch -Patch108:bind97-rh622764.patch -Patch109:bind97-rh623190.patch -Patch111:bind97-rh640538.patch -Patch112:bind97-rh658045.patch -Patch115:bind97-rh669163.patch -Patch116:bind97-testsuite.patch -Patch117:bind97-rh672819.patch -Patch118:bind97-rh699951.patch -Patch119:bind97-rh725577.patch -Patch122:bind97-rh693982.patch -Patch123:bind97-rh712066-1.patch -Patch124:bind97-rh712066-2.patch -Patch125:bind98-dlz_buildfix.patch -Patch126:bind99-forward.patch -Patch127:bind98-rh759503.patch -Patch128:bind98-rh749582.patch -Patch129:bind98-rh734458.patch -Patch130:bind97-rh645544.patch -Patch131:bind98-rh795414.patch -Patch132:bind98-rh798978.patch -Patch133:bind98-CVE-2012-1033.patch -Patch134:bind98-CVE-2012-1033-2.patch -Patch135:bind98-rh800053.patch -Patch136:bind98-rh809084.patch -Patch137:bind98-rh818582.patch -Patch138:bind98-rh816164.patch -Patch139:bind98-CVE-2012-1667.patch -Patch140:bind98-rh837165.patch -Patch141:bind98-CVE-2012-3817.patch -Patch142:bind98-CVE-2012-4244.patch -Patch143:bind98-rh853806.patch -Patch144:bind98-CVE-2012-5166.patch -Patch145:bind98-CVE-2012-5688.patch -Patch146:bind98-rh873624.patch -Patch147:bind98-CVE-2012-5689.patch -Patch148:bind98-CVE-2013-2266.patch -Patch149:bind98-rh927914.patch -Patch150:bind98-CVE-2013-4854.patch -Patch151:bind98-rh996955.patch +#Patch5: bind-nonexec.patch +#Patch10: bind-9.5-PIE.patch +#Patch16: bind-9.3.2-redhat_doc.patch +#Patch71: bind-9.5-overflow.patch +#Patch72: bind-9.5-dlz-64bit.patch +#Patch87: bind-9.5-parallel-build.patch +#Patch99: bind-96-libtool2.patch +#Patch101:bind-96-old-api.patch +#Patch102:bind-95-rh452060.patch +#Patch106:bind93-rh490837.patch +#Patch107:bind97-compat-keysdir.patch +#Patch108:bind97-rh622764.patch +#Patch109:bind97-rh623190.patch +#Patch111:bind97-rh640538.patch +#Patch112:bind97-rh658045.patch +#Patch115:bind97-rh669163.patch +#Patch116:bind97-testsuite.patch +#Patch117:bind97-rh672819.patch +#Patch118:bind97-rh699951.patch +#Patch119:bind97-rh725577.patch +#Patch122:bind97-rh693982.patch +#Patch123:bind97-rh712066-1.patch +#Patch124:bind97-rh712066-2.patch +#Patch125:bind98-dlz_buildfix.patch +#Patch126:bind99-forward.patch +#Patch127:bind98-rh759503.patch +#Patch128:bind98-rh749582.patch +#Patch129:bind98-rh734458.patch +#Patch130:bind97-rh645544.patch +#Patch131:bind98-rh795414.patch +#Patch132:bind98-rh798978.patch +#Patch133:bind98-CVE-2012-1033.patch +#Patch134:bind98-CVE-2012-1033-2.patch +#Patch135:bind98-rh800053.patch +#Patch136:bind98-rh809084.patch +#Patch137:bind98-rh818582.patch +#Patch138:bind98-rh816164.patch +#Patch139:bind98-CVE-2012-1667.patch +#Patch140:bind98-rh837165.patch +#Patch141:bind98-CVE-2012-3817.patch +#Patch142:bind98-CVE-2012-4244.patch +#Patch143:bind98-rh853806.patch +#Patch144:bind98-CVE-2012-5166.patch +#Patch145:bind98-CVE-2012-5688.patch +#Patch146:bind98-rh873624.patch +#Patch147:bind98-CVE-2012-5689.patch +#Patch148:bind98-CVE-2013-2266.patch +#Patch149:bind98-rh927914.patch +#Patch150:bind98-CVE-2013-4854.patch +#Patch151:bind98-rh996955.patch # SDB patches -Patch11: bind-9.3.2b2-sdbsrc.patch -Patch12: bind-9.5-sdb.patch -Patch62: bind-9.5-sdb-sqlite-bld.patch +#Patch11: bind-9.3.2b2-sdbsrc.patch +#Patch12: bind-9.5-sdb.patch +#Patch62: bind-9.5-sdb-sqlite-bld.patch # needs inpection -Patch17: bind-9.3.2b1-fix_sdb_ldap.patch -Patch104: bind-96-dyndb.patch +#Patch17: bind-9.3.2b1-fix_sdb_ldap.patch +#Patch104: bind-96-dyndb.patch # IDN paches -Patch73: bind-9.5-libidn.patch -Patch83: bind-9.5-libidn2.patch -Patch85: bind-9.5-libidn3.patch -Patch94: bind95-rh461409.patch +#Patch73: bind-9.5-libidn.patch +#Patch83: bind-9.5-libidn2.patch +#Patch85: bind-9.5-libidn3.patch +#Patch94: bind95-rh461409.patch # Requires: bind-libs = %{epoch}:%{version}-%{release} @@ -227,97 +227,97 @@ %setup -q -n %{name}-%{VERSION} # Common patches -%patch5 -p1 -b .nonexec -%patch10 -p1 -b .PIE -%patch16 -p1 -b .redhat_doc -%patch104 -p1 -b .dyndb -%patch107 -p1 -b .compat-keysdir -%patch119 -p1 -b .rh725577 -%patch122 -p1 -b .rh693982 -%patch123 -p1 -b .rh712066-1 -%patch131 -p1 -b .rh795414 -%patch136 -p1 -b .rh809084 -%patch144 -p1 -b .CVE-2012-5166 -%patch145 -p1 -b .CVE-2012-5688 -%patch146 -p1 -b .rh873624 -%patch147 -p1 -b .CVE-2012-5689 -%patch148 -p1 -b .CVE-2013-2266 -%patch150 -p1 -b .CVE-2013-4854 -%patch151 -p1 -b .rh996955 -%if %{SDB} -%patch101 -p1 -b .old-api -mkdir bin/named-sdb -cp -r bin/named/* bin/named-sdb -%patch11 -p1 -b .sdbsrc -# SDB ldap -cp -fp contrib/sdb/ldap/ldapdb.[ch] bin/named-sdb -# SDB postgreSQL -cp -fp contrib/sdb/pgsql/pgsqldb.[ch] bin/named-sdb -# SDB sqlite -cp -fp contrib/sdb/sqlite/sqlitedb.[ch] bin/named-sdb -# SDB Berkeley DB - needs to be ported to DB4! -#cp -fp contrib/sdb/bdb/bdb.[ch] bin/named_sdb -# SDB dir -cp -fp contrib/sdb/dir/dirdb.[ch] bin/named-sdb -# SDB tools -mkdir -p bin/sdb_tools -cp -fp %{SOURCE30} bin/sdb_tools/ldap2zone.c -cp -fp %{SOURCE7} bin/sdb_tools/Makefile.in -#cp -fp contrib/sdb/bdb/zone2bdb.c bin/sdb_tools -cp -fp contrib/sdb/ldap/{zone2ldap.1,zone2ldap.c} bin/sdb_tools -cp -fp contrib/sdb/pgsql/zonetodb.c bin/sdb_tools -cp -fp contrib/sdb/sqlite/zone2sqlite.c bin/sdb_tools -%patch12 -p1 -b .sdb -%endif -%if %{SDB} -%patch17 -p1 -b .fix_sdb_ldap -%endif -%if %{SDB} -%patch62 -p1 -b .sdb-sqlite-bld -%endif -%patch71 -p1 -b .overflow -%ifnarch alpha ia64 -%patch72 -p1 -b .64bit -%endif -%patch73 -p1 -b .libidn -%patch83 -p1 -b .libidn2 -%patch85 -p1 -b .libidn3 -%patch87 -p1 -b .parallel -%patch94 -p1 -b .rh461409 +#%patch5 -p1 -b .nonexec +#%patch10 -p1 -b .PIE +#%patch16 -p1 -b .redhat_doc +#%patch104 -p1 -b .dyndb +#%patch107 -p1 -b .compat-keysdir +#%patch119 -p1 -b .rh725577 +#%patch122 -p1 -b .rh693982 +#%patch123 -p1 -b .rh712066-1 +#%patch131 -p1 -b .rh795414 +#%patch136 -p1 -b .rh809084 +#%patch144 -p1 -b .CVE-2012-5166 +#%patch145 -p1 -b .CVE-2012-5688 +#%patch146 -p1 -b .rh873624 +#%patch147 -p1 -b .CVE-2012-5689 +#%patch148 -p1 -b .CVE-2013-2266 +#%patch150 -p1 -b .CVE-2013-4854 +#%patch151 -p1 -b .rh996955 +#%if %{SDB} +#%patch101 -p1 -b .old-api +#mkdir bin/named-sdb +#cp -r bin/named/* bin/named-sdb +#%patch11 -p1 -b .sdbsrc +## SDB ldap +#cp -fp contrib/sdb/ldap/ldapdb.[ch] bin/named-sdb +## SDB postgreSQL +#cp -fp contrib/sdb/pgsql/pgsqldb.[ch] bin/named-sdb +## SDB sqlite +#cp -fp contrib/sdb/sqlite/sqlitedb.[ch] bin/named-sdb +## SDB Berkeley DB - needs to be ported to DB4! +##cp -fp contrib/sdb/bdb/bdb.[ch] bin/named_sdb +## SDB dir +#cp -fp contrib/sdb/dir/dirdb.[ch] bin/named-sdb +## SDB tools +#mkdir -p bin/sdb_tools +#cp -fp %{SOURCE30} bin/sdb_tools/ldap2zone.c +#cp -fp %{SOURCE7} bin/sdb_tools/Makefile.in +##cp -fp contrib/sdb/bdb/zone2bdb.c bin/sdb_tools +#cp -fp contrib/sdb/ldap/{zone2ldap.1,zone2ldap.c} bin/sdb_tools +#cp -fp contrib/sdb/pgsql/zonetodb.c bin/sdb_tools +#cp -fp contrib/sdb/sqlite/zone2sqlite.c bin/sdb_tools +#%patch12 -p1 -b .sdb +#%endif +#%if %{SDB} +#%patch17 -p1 -b .fix_sdb_ldap +#%endif +#%if %{SDB} +#%patch62 -p1 -b .sdb-sqlite-bld +#%endif +#%patch71 -p1 -b .overflow +#%ifnarch alpha ia64 +#%patch72 -p1 -b .64bit +#%endif +#%patch73 -p1 -b .libidn +#%patch83 -p1 -b .libidn2 +#%patch85 -p1 -b .libidn3 +#%patch87 -p1 -b .parallel +#%patch94 -p1 -b .rh461409 # XXX due new libtool. Not sure about proper upstream approach yet. mkdir m4 -%patch99 -p1 -b .libtool2 - -%patch102 -p1 -b .rh452060 -%patch106 -p0 -b .rh490837 -%patch108 -p1 -b .rh622764 -%patch109 -p1 -b .rh623190 -%patch111 -p1 -b .rh640538 -%patch112 -p1 -b .rh658045 -%patch115 -p1 -b .rh669163 -%patch116 -p1 -b .testsuite -%patch117 -p1 -b .rh672819 -%patch118 -p1 -b .rh699951 -%patch124 -p1 -b .rh712066-2 -%patch125 -p1 -b .dlz_buildfix -%patch126 -p1 -b .forward -%patch127 -p1 -b .rh759503 -%patch128 -p1 -b .rh749582 -%patch129 -p1 -b .rh734458 -%patch130 -p1 -b .rh645544 -%patch132 -p1 -b .rh798978 -%patch133 -p1 -b .CVE-2012-1033 -%patch134 -p1 -b .CVE-2012-1033-2 -%patch135 -p1 -b .rh800053 -%patch137 -p1 -b .rh818582 -%patch138 -p1 -b .rh816164 -%patch139 -p1 -b .CVE-2012-1667 -%patch140 -p1 -b .rh837165 -%patch141 -p1 -b .CVE-2012-3817 -%patch142 -p1 -b .CVE-2012-4244 -%patch143 -p1 -b .rh853806 -%patch149 -p1 -b .rh927914 +#%patch99 -p1 -b .libtool2 +# +#%patch102 -p1 -b .rh452060 +#%patch106 -p0 -b .rh490837 +#%patch108 -p1 -b .rh622764 +#%patch109 -p1 -b .rh623190 +#%patch111 -p1 -b .rh640538 +#%patch112 -p1 -b .rh658045 +#%patch115 -p1 -b .rh669163 +#%patch116 -p1 -b .testsuite +#%patch117 -p1 -b .rh672819 +#%patch118 -p1 -b .rh699951 +#%patch124 -p1 -b .rh712066-2 +#%patch125 -p1 -b .dlz_buildfix +#%patch126 -p1 -b .forward +#%patch127 -p1 -b .rh759503 +#%patch128 -p1 -b .rh749582 +#%patch129 -p1 -b .rh734458 +#%patch130 -p1 -b .rh645544 +#%patch132 -p1 -b .rh798978 +#%patch133 -p1 -b .CVE-2012-1033 +#%patch134 -p1 -b .CVE-2012-1033-2 +#%patch135 -p1 -b .rh800053 +#%patch137 -p1 -b .rh818582 +#%patch138 -p1 -b .rh816164 +#%patch139 -p1 -b .CVE-2012-1667 +#%patch140 -p1 -b .rh837165 +#%patch141 -p1 -b .CVE-2012-3817 +#%patch142 -p1 -b .CVE-2012-4244 +#%patch143 -p1 -b .rh853806 +#%patch149 -p1 -b .rh927914 # Sparc and s390 arches need to use -fPIE %ifarch sparcv9 sparc64 s390 s390x @@ -360,7 +360,6 @@ --with-gssapi=yes \ --disable-isc-spnego \ %endif - --with-docbook-xsl=%{_datadir}/sgml/docbook/xsl-stylesheets \ %ifarch ppc ppc64 --disable-atomic \ %endif @@ -369,15 +368,15 @@ make %{?_smp_mflags} # Regenerate dig.1 manpage -pushd bin/dig -make man -popd -pushd bin/nsupdate -make man -popd -pushd doc/arm -make Bv9ARM.html -popd +#pushd bin/dig +#make man +#popd +#pushd bin/nsupdate +#make man +#popd +#pushd doc/arm +#make Bv9ARM.html +#popd # Remove this backup file to avoid be picked by %%doc directive rm -f doc/arm/Bv9ARM-book.xml.rh873624 @@ -411,7 +410,8 @@ # We don't want these rm -f doc/rfc/fetch -cp --preserve=timestamps %{SOURCE5} doc/rfc +mkdir -p doc/rfc +cp --preserve=timestamps %{SOURCE5} doc/rfc/ gzip -9 doc/rfc/* # Build directory hierarchy @@ -641,7 +641,7 @@ %{_mandir}/man8/nsec3hash.8* %{_mandir}/man8/isc-hmac-fixup.8* %doc CHANGES COPYRIGHT README named.conf.default -%doc doc/arm doc/misc doc/draft doc/rfc +%doc doc/arm doc/misc doc/rfc %doc sample/ %doc Copyright %doc rfc1912.txt
# rpmbuild -bb bind.spec /bin/sh: line 2: 4830 Done(1) expand Bv9ARM-book.xml 4831 Segmentation fault | /usr/bin/xsltproc --novalid --xinclude --nonet --stringparam root.filename Bv9ARM ../../doc/xsl/isc-docbook-chunk.xsl - make: *** [Bv9ARM.html] Error 139 error: Bad exit status from /var/tmp/rpm-tmp.XoHtVz (%build) RPM build errors: Bad exit status from /var/tmp/rpm-tmp.XoHtVz (%build)
+ gzip -9 'doc/rfc/*' gzip: doc/rfc/*: Not a directory error: Bad exit status from /var/tmp/rpm-tmp.EJwEHB (%install) RPM build errors: Bad exit status from /var/tmp/rpm-tmp.EJwEHB (%install)
Processing Dependency: /usr/local/bin/python for package:
# rpmbuild -bb bind.spec error: Failed build dependencies: openssl-devel is needed by bind-32:9.10.2-P3.x86_64 libcap-devel is needed by bind-32:9.10.2-P3.x86_64 docbook-style-xsl is needed by bind-32:9.10.2-P3.x86_64 libxslt is needed by bind-32:9.10.2-P3.x86_64
# sudo yum install openssl-devel libcap-devel docbook-style-xsl libxslt途中segmentation faultが出るが気にしない。
# rpmbuild -bb bind.spec
Wrote: /home/username/rpmbuild/RPMS/x86_64/bind-9.10.2-P3.x86_64.rpm Wrote: /home/username/rpmbuild/RPMS/x86_64/bind-libs-9.10.2-P3.x86_64.rpm Wrote: /home/username/rpmbuild/RPMS/x86_64/bind-utils-9.10.2-P3.x86_64.rpm Wrote: /home/username/rpmbuild/RPMS/x86_64/bind-devel-9.10.2-P3.x86_64.rpm Wrote: /home/username/rpmbuild/RPMS/x86_64/bind-chroot-9.10.2-P3.x86_64.rpm Wrote: /home/username/rpmbuild/RPMS/x86_64/bind-debuginfo-9.10.2-P3.x86_64.rpm Executing(%clean): /bin/sh -e /var/tmp/rpm-tmp.VfqEOW + umask 022 + cd /home/username/rpmbuild/BUILD + cd bind-9.10.2-P3 + rm -rf /home/username/rpmbuild/BUILDROOT/bind-9.10.2-P3.x86_64 + : + exit 0
$ sudo yum localinstall RPMS/x86_64/bind-9.10.2-P3.x86_64.rpm RPMS/x86_64/bind-libs-9.10.2-P3.x86_64.rpm RPMS/x86_64/bind-utils-9.10.2-P3.x86_64.rpm RPMS/x86_64/bind-chroot-9.10.2-P3.x86_64.rpm
$ sudo yum localinstall RPMS/x86_64/bind-9.10.2-P3.x86_64.rpm RPMS/x86_64/bind-libs-9.10.2-P3.x86_64.rpm RPMS/x86_64/bind-utils-9.10.2-P3.x86_64.rpm RPMS/x86_64/bind-chroot-9.10.2-P3.x86_64.rpm Loaded plugins: fastestmirror, security Setting up Local Package Process Examining RPMS/x86_64/bind-9.10.2-P3.x86_64.rpm: 32:bind-9.10.2-P3.x86_64 Marking RPMS/x86_64/bind-9.10.2-P3.x86_64.rpm as an update to 32:bind-9.8.2-0.30.rc1.el6_6.3.x86_64 Loading mirror speeds from cached hostfile * base: www.ftp.ne.jp * extras: www.ftp.ne.jp * remi-safe: mirrors.mediatemple.net * updates: ftp.riken.jp Examining RPMS/x86_64/bind-libs-9.10.2-P3.x86_64.rpm: 32:bind-libs-9.10.2-P3.x86_64 Marking RPMS/x86_64/bind-libs-9.10.2-P3.x86_64.rpm as an update to 32:bind-libs-9.8.2-0.30.rc1.el6_6.3.x86_64 Examining RPMS/x86_64/bind-utils-9.10.2-P3.x86_64.rpm: 32:bind-utils-9.10.2-P3.x86_64 Marking RPMS/x86_64/bind-utils-9.10.2-P3.x86_64.rpm as an update to 32:bind-utils-9.8.2-0.30.rc1.el6_6.3.x86_64 Examining RPMS/x86_64/bind-chroot-9.10.2-P3.x86_64.rpm: 32:bind-chroot-9.10.2-P3.x86_64 Marking RPMS/x86_64/bind-chroot-9.10.2-P3.x86_64.rpm as an update to 32:bind-chroot-9.8.2-0.30.rc1.el6_6.3.x86_64 Resolving Dependencies --> Running transaction check ---> Package bind.x86_64 32:9.8.2-0.30.rc1.el6_6.3 will be updated ---> Package bind.x86_64 32:9.10.2-P3 will be an update ---> Package bind-chroot.x86_64 32:9.8.2-0.30.rc1.el6_6.3 will be updated ---> Package bind-chroot.x86_64 32:9.10.2-P3 will be an update ---> Package bind-libs.x86_64 32:9.8.2-0.30.rc1.el6_6.3 will be updated ---> Package bind-libs.x86_64 32:9.10.2-P3 will be an update ---> Package bind-utils.x86_64 32:9.8.2-0.30.rc1.el6_6.3 will be updated ---> Package bind-utils.x86_64 32:9.10.2-P3 will be an update --> Finished Dependency Resolution Dependencies Resolved ================================================================================================================ Package Arch Version Repository Size ================================================================================================================ Updating: bind x86_64 32:9.10.2-P3 /bind-9.10.2-P3.x86_64 6.0 M bind-chroot x86_64 32:9.10.2-P3 /bind-chroot-9.10.2-P3.x86_64 0.0 bind-libs x86_64 32:9.10.2-P3 /bind-libs-9.10.2-P3.x86_64 2.7 M bind-utils x86_64 32:9.10.2-P3 /bind-utils-9.10.2-P3.x86_64 460 k Transaction Summary ================================================================================================================ Upgrade 4 Package(s) Total size: 9.2 M Is this ok [y/N]: y Downloading Packages: Running rpm_check_debug Running Transaction Test Transaction Test Succeeded Running Transaction Updating : 32:bind-libs-9.10.2-P3.x86_64 1/8 Updating : 32:bind-9.10.2-P3.x86_64 2/8 Updating : 32:bind-chroot-9.10.2-P3.x86_64 3/8 Updating : 32:bind-utils-9.10.2-P3.x86_64 4/8 Cleanup : 32:bind-chroot-9.8.2-0.30.rc1.el6_6.3.x86_64 5/8 Cleanup : 32:bind-9.8.2-0.30.rc1.el6_6.3.x86_64 6/8 Cleanup : 32:bind-utils-9.8.2-0.30.rc1.el6_6.3.x86_64 7/8 Cleanup : 32:bind-libs-9.8.2-0.30.rc1.el6_6.3.x86_64 8/8 Verifying : 32:bind-utils-9.10.2-P3.x86_64 1/8 Verifying : 32:bind-libs-9.10.2-P3.x86_64 2/8 Verifying : 32:bind-chroot-9.10.2-P3.x86_64 3/8 Verifying : 32:bind-9.10.2-P3.x86_64 4/8 Verifying : 32:bind-chroot-9.8.2-0.30.rc1.el6_6.3.x86_64 5/8 Verifying : 32:bind-utils-9.8.2-0.30.rc1.el6_6.3.x86_64 6/8 Verifying : 32:bind-libs-9.8.2-0.30.rc1.el6_6.3.x86_64 7/8 Verifying : 32:bind-9.8.2-0.30.rc1.el6_6.3.x86_64 8/8 Updated: bind.x86_64 32:9.10.2-P3 bind-chroot.x86_64 32:9.10.2-P3 bind-libs.x86_64 32:9.10.2-P3 bind-utils.x86_64 32:9.10.2-P3 Complete!
# /etc/init.d/named start Starting named: [FAILED]
# mkdir /var/named/chroot/var/named/dynamic/ # chown named:named /var/named/chroot/var/named/dynamic # chmod 770 /var/named/chroot/var/named/dynamic # mkdir /var/named/chroot/var/named/data/ # chown named:named /var/named/chroot/var/named/data # chmod 770 /var/named/chroot/var/named/data今度は成功(^^)。
# /etc/init.d/named start Starting named: [ OK ]