Patchwork gnu: Add bind

login
register
mail settings
Submitter John Darrington
Date Aug. 30, 2016, 4:36 p.m.
Message ID <1472574964-16954-1-git-send-email-jmd@gnu.org>
Download mbox | patch
Permalink /patch/15074/
State New
Headers show

Comments

John Darrington - Aug. 30, 2016, 4:36 p.m.
* gnu/packages/networking.scm (bind): New variable.
---
 gnu/packages/networking.scm | 46 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 46 insertions(+)
Leo Famulari - Aug. 31, 2016, 5:52 p.m.
On Tue, Aug 30, 2016 at 06:36:04PM +0200, John Darrington wrote:
> * gnu/packages/networking.scm (bind): New variable.

Hi, thanks for this patch! I think it can go in the DNS module.

I wonder, how does it relate to the BIND that replaces the bundled BIND
in isc-dhcp, which I've noticed often requires security updates?

> +    (description "BIND is an implementation of the Domain Name System (DNS)
> +protocols for the Internet.  It is a reference implementation of those
> +protocols, but it is also production-grade software, suitable for use in
> +high-volume and high-reliability applications. The name BIND stands for
> +"Berkeley Internet Name Domain", because the software originated in the early
> +1980s at the University of California at Berkeley.")

The descriptions needs the quotation marks around the acronym
description to be escaped. Otherwise, it doesn't work for me.

> +              (uri (string-append
> +                    "ftp://ftp.isc.org/isc/bind9/" version "/" name "-"
> +                    version ".tar.gz"))

This server is unavailable over IPv6 connections:

Starting download of /gnu/store/lhwlfx4qp94pn5d0xpflqib1cy2c4bhp-bind-9.10.4-P2.tar.gz
From ftp://ftp.isc.org/isc/bind9/9.10.4-P2/bind-9.10.4-P2.tar.gz...
ERROR: Throw to key `ftp-error' with args `(#<input-output: socket 6> "PASV" 425 "You cannot use PASV on IPv6 connections. Use EPSV instead.\r")'.

I wonder if there is a better URL?

> +     (modify-phases %standard-phases
> +         (replace 'check
> +           (lambda _
> +             (zero? (system* "make" "force-test")))))))

Does "force-test" mean that the test suite will return success even if
there are some failures? If so, this should explicitly stated in a
comment.
John Darrington - Aug. 31, 2016, 6:38 p.m.
Thanks for the comments,

On Wed, Aug 31, 2016 at 01:52:11PM -0400, Leo Famulari wrote:
     On Tue, Aug 30, 2016 at 06:36:04PM +0200, John Darrington wrote:
     > * gnu/packages/networking.scm (bind): New variable.
     
     Hi, thanks for this patch! I think it can go in the DNS module.
     
     I wonder, how does it relate to the BIND that replaces the bundled BIND
     in isc-dhcp, which I've noticed often requires security updates?

I don't think it relates at all, except that it is produced by the same group.

However, I noticed in that module, there is bind-utils, which provides about
half of what my patch does, and IMO is unecessarily complicated.  I suppose this
was done because somebody wanted to provide the DNS query tools without the
DNS server.  

I think this would be better achieved by having separate outputs bind:utils and bind:daemon


     > +     (modify-phases %standard-phases
     > +         (replace 'check
     > +           (lambda _
     > +             (zero? (system* "make" "force-test")))))))
     
     Does "force-test" mean that the test suite will return success even if
     there are some failures? If so, this should explicitly stated in a
     comment.

Apparently, some tests cannot be run unless one makes some local hacks 
as root.  force-test skips those tests which require that.

J'
Leo Famulari - Sept. 10, 2016, 7:25 p.m.
On Wed, Aug 31, 2016 at 08:38:53PM +0200, John Darrington wrote:
> Thanks for the comments,
> 
> On Wed, Aug 31, 2016 at 01:52:11PM -0400, Leo Famulari wrote:
>      On Tue, Aug 30, 2016 at 06:36:04PM +0200, John Darrington wrote:
>      > * gnu/packages/networking.scm (bind): New variable.
>      
>      Hi, thanks for this patch! I think it can go in the DNS module.
>      
>      I wonder, how does it relate to the BIND that replaces the bundled BIND
>      in isc-dhcp, which I've noticed often requires security updates?
> 
> I don't think it relates at all, except that it is produced by the same group.
> 
> However, I noticed in that module, there is bind-utils, which provides about
> half of what my patch does, and IMO is unecessarily complicated.  I suppose this
> was done because somebody wanted to provide the DNS query tools without the
> DNS server.  
> 
> I think this would be better achieved by having separate outputs bind:utils and bind:daemon

Okay, so what is the status of this package? Do you want to add it
as-is, or do you want to overhaul bind-utils?

Patch

diff --git a/gnu/packages/networking.scm b/gnu/packages/networking.scm
index bdcccce..7bb4a69 100644
--- a/gnu/packages/networking.scm
+++ b/gnu/packages/networking.scm
@@ -10,6 +10,7 @@ 
 ;;; Copyright © 2016 Eric Bavier <bavier@member.fsf.org>
 ;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
 ;;; Coypright © 2016 Arun Isaac <arunisaac@systemreboot.net>
+;;; Coypright © 2016 John Darrington <jmd@gnu.org>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -56,6 +57,51 @@ 
   #:use-module (gnu packages python)
   #:use-module (gnu packages tls))
 
+(define-public bind
+  (package
+    (name "bind")
+    (version "9.10.4-P2")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append
+                    "ftp://ftp.isc.org/isc/bind9/" version "/" name "-"
+                    version ".tar.gz"))
+              (sha256
+               (base32
+                "08s48h5p916ixjiwgar4w6skc20crmg7yj1y7g89c083zvw8lnxk"))))
+    (build-system gnu-build-system)
+    (arguments
+     `(#:configure-flags
+       (list
+        (string-append "--with-openssl=" (assoc-ref %build-inputs "openssl")))
+
+       #:phases
+       ;; When and if guix provides user namespaces for the build process,
+       ;; then the following can be uncommented and the subsequent "force-test"
+       ;; will not be necessary.
+       
+       ;; (modify-phases %standard-phases
+       ;;   (add-before 'check 'set-up-loopback
+       ;;     (lambda _
+       ;;          (system "bin/tests/system/ifconfig.sh up"))))
+     (modify-phases %standard-phases
+         (replace 'check
+           (lambda _
+             (zero? (system* "make" "force-test")))))))
+    (inputs
+     `(("openssl" ,openssl)))
+    (native-inputs `(("perl" ,perl)
+                     ("net-tools" ,net-tools)))
+    (synopsis "An implementation of the Domain Name System")
+    (description "BIND is an implementation of the Domain Name System (DNS)
+protocols for the Internet.  It is a reference implementation of those
+protocols, but it is also production-grade software, suitable for use in
+high-volume and high-reliability applications. The name BIND stands for
+"Berkeley Internet Name Domain", because the software originated in the early
+1980s at the University of California at Berkeley.")
+    (home-page "https://www.isc.org/downloads/bind")
+    (license license:bsd-2)))
+
 (define-public macchanger
   (package
     (name "macchanger")