cvs commit: src/etc Makefile

Doug Barton DougB at FreeBSD.org
Tue Oct 5 16:57:32 PDT 2004 

On Tue, 5 Oct 2004, Brian Somers wrote:

> On Tue, 5 Oct 2004 20:20:56 +0300, Ruslan Ermilov <ru at freebsd.org> wrote:
>>> Shouldn't this be:
>>>
>>>     ln -fhs ../var/named/etc/namedb ${DESTDIR}/etc/namedb
>>>
>> No.
>
> If I mount an alternate filesystem hierarchy somewhere, isn't it a bit
> useless/dangerous for symlinks to point outside of it?

The attached patch combines the best of the various ideas that have been 
disucssed on this topic.

1. Incorporates Ruslan's improvements to where things are done related 
to the symlink in src/etc/Makefile.

2. Incorporates Brian's suggestion to make the link relative. This is 
the best way I can see to make it work as expected in all cases, 
including complete alternate filesystems. It should also solve the 
release engineering problem.

3. Add a new knob, NO_BIND_MTREE, as suggested by the folks who already 
have stuff in /var/named that they don't want me to mess with. :)

4. Updates make.conf(5) with the new stuff, and corrects a few paths 
that have changed since I last updated it.

If everyone finds this acceptable, I will commit it, and then ask re@ 
for permission to MFC it, hopefully before 5-RC1.

Thanks to everyone who contributed to this train of thought.

Doug

-- 

     This .signature sanitized for your protection
-------------- next part --------------
Index: etc/Makefile
===================================================================
RCS file: /usr/local/ncvs/src/etc/Makefile,v
retrieving revision 1.334
diff -u -r1.334 Makefile
--- etc/Makefile	5 Oct 2004 13:03:08 -0000	1.334
+++ etc/Makefile	5 Oct 2004 23:54:02 -0000
@@ -122,10 +122,18 @@
 	    ln ${DESTDIR}/root/.profile ${DESTDIR}/.profile
 	cd ${.CURDIR}/mtree; ${INSTALL} -o ${BINOWN} -g ${BINGRP} -m 444 \
 	    ${MTREE} ${DESTDIR}/etc/mtree
-.if !defined(NO_BIND_ETC) && !defined(NO_BIND)
+.if !defined(NO_BIND)
+.if !defined(NO_BIND_ETC)
 	cd ${.CURDIR}/namedb; ${INSTALL} -o ${BINOWN} -g ${BINGRP} -m 644 \
 	    ${NAMEDB} ${DESTDIR}/var/named/etc/namedb
 .endif
+.if !defined(NO_BIND_MTREE)
+	@if [ ! -e ${DESTDIR}/etc/namedb ]; then \
+		set -x; \
+		ln -fhs ../var/named/etc/namedb ${DESTDIR}/etc/namedb; \
+	fi
+.endif
+.endif
 	cd ${.CURDIR}/ppp; ${INSTALL} -o ${BINOWN} -g ${BINGRP} -m 600 \
 	    ${PPPCNF} ${DESTDIR}/etc/ppp
 	cd ${.CURDIR}/mail; ${INSTALL} -o ${BINOWN} -g ${BINGRP} -m 644 \
@@ -184,9 +192,10 @@
 	mtree -deU ${MTREE_FOLLOWS_SYMLINKS} -f ${.CURDIR}/mtree/BIND.include.dist \
 	    -p ${DESTDIR}/usr/include
 .endif
+.if !defined(NO_BIND_MTREE)
 	mtree -deU ${MTREE_FOLLOWS_SYMLINKS} -f ${.CURDIR}/mtree/BIND.chroot.dist \
 	    -p ${DESTDIR}/var/named
-	ln -fhs /var/named/etc/namedb ${DESTDIR}/etc/namedb
+.endif
 .endif
 .if !defined(NO_SENDMAIL)
 	mtree -deU ${MTREE_FOLLOWS_SYMLINKS} -f ${.CURDIR}/mtree/BSD.sendmail.dist -p ${DESTDIR}/
Index: share/examples/etc/make.conf
===================================================================
RCS file: /usr/local/ncvs/src/share/examples/etc/make.conf,v
retrieving revision 1.234
diff -u -r1.234 make.conf
--- share/examples/etc/make.conf	27 Sep 2004 08:23:42 -0000	1.234
+++ share/examples/etc/make.conf	5 Oct 2004 23:34:58 -0000
@@ -149,6 +149,7 @@
 #NO_BIND_DNSSEC=	true	# Do not build dnssec-keygen, dnssec-signzone
 #NO_BIND_ETC=		true	# Do not install files to /etc/namedb
 #NO_BIND_LIBS_LWRES=	true	# Do not install the lwres library
+#NO_BIND_MTREE=		true	# Do run mtree to create chroot directories
 #NO_BIND_NAMED=		true	# Do not build named, rndc, lwresd, etc.
 #NO_BIND_UTILS=		true	# Do not build dig, host, nslookup, nsupdate
 #WITH_BIND_LIBS=	true	# Install the BIND libs and include files
Index: share/man/man5/make.conf.5
===================================================================
RCS file: /usr/local/ncvs/src/share/man/man5/make.conf.5,v
retrieving revision 1.96
diff -u -r1.96 make.conf.5
--- share/man/man5/make.conf.5	27 Sep 2004 08:23:42 -0000	1.96
+++ share/man/man5/make.conf.5	5 Oct 2004 23:53:33 -0000
@@ -24,7 +24,7 @@
 .\"
 .\" $FreeBSD: src/share/man/man5/make.conf.5,v 1.96 2004/09/27 08:23:42 dougb Exp $
 .\"
-.Dd September 27, 2004
+.Dd October 5, 2004
 .Dt MAKE.CONF 5
 .Os
 .Sh NAME
@@ -612,12 +612,23 @@
 .It Va NO_BIND_ETC
 .Pq Vt bool
 Set to avoid installing the default files to
-.Pa /etc/namedb .
+.Pa /var/named/etc/namedb .
 .It Va NO_BIND_LIBS_LWRES
 .Pq Vt bool
 Set to avoid installing the lightweight resolver library in
 .Pa /usr/lib .
 The library that is private to the build system may still be built as needed.
+.It Va NO_BIND_MTREE
+.Pq Vt bool
+Set to avoid running
+.Xr mtree 8
+to create the chroot directory structure under
+.Pa /var/named ,
+and avoid creating an
+.Pa /etc/namedb
+symlink to the chroot directory.
+This option should typically be used together with
+.Vt NO_BIND_ETC .
 .It Va NO_BIND_NAMED
 .Pq Vt bool
 Set to avoid building or installing

More information about the cvs-src mailing list