[OE-core] [PATCH 1/1] bind: refer ubuntu/redhat to add bind user/group

Hongxu Jia hongxu.jia at windriver.com
Tue Aug 19 10:04:42 UTC 2014 

We refer what ubuntu/redhat did, gave bind a user/group

Here is the example in ubuntu 14.04:

$ ps -eo user,group,cmd | grep "named"
...
bind     bind     /usr/sbin/named -u bind
...

$vim bind9_1%3a9.9.5.dfsg-3_amd64.deb/postinst
...
    # lets give them a bind user/group in all cases.
    getent group bind >/dev/null 2>&1 || addgroup --system bind
    getent passwd bind >/dev/null 2>&1 ||
    adduser --system --home /var/cache/bind --no-create-home \
        --disabled-password --ingroup bind bind
...

Signed-off-by: Hongxu Jia <hongxu.jia at windriver.com>
---
 meta/recipes-connectivity/bind/bind/bind9    |  2 ++
 meta/recipes-connectivity/bind/bind_9.9.5.bb | 10 +++++++++-
 2 files changed, 11 insertions(+), 1 deletion(-)
 create mode 100644 meta/recipes-connectivity/bind/bind/bind9

diff --git a/meta/recipes-connectivity/bind/bind/bind9 b/meta/recipes-connectivity/bind/bind/bind9
new file mode 100644
index 0000000..968679f
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/bind9
@@ -0,0 +1,2 @@
+# startup options for the server
+OPTIONS="-u bind"
diff --git a/meta/recipes-connectivity/bind/bind_9.9.5.bb b/meta/recipes-connectivity/bind/bind_9.9.5.bb
index de10eb8..ebd38ef 100644
--- a/meta/recipes-connectivity/bind/bind_9.9.5.bb
+++ b/meta/recipes-connectivity/bind/bind_9.9.5.bb
@@ -15,6 +15,7 @@ SRC_URI = "ftp://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.gz \
            file://dont-test-on-host.patch \
            file://generate-rndc-key.sh \
            file://named.service \
+           file://bind9 \
            file://init.d-add-support-for-read-only-rootfs.patch \
 	   "
 
@@ -30,7 +31,11 @@ EXTRA_OECONF = " ${ENABLE_IPV6} --with-randomdev=/dev/random --disable-threads \
                  --with-openssl=${STAGING_LIBDIR}/.. --with-libxml2=${STAGING_LIBDIR}/.. \
                  --enable-exportlib --with-export-includedir=${includedir} --with-export-libdir=${libdir} \
                "
-inherit autotools-brokensep update-rc.d systemd
+inherit autotools-brokensep update-rc.d systemd useradd
+
+USERADD_PACKAGES = "${PN}"
+USERADD_PARAM_${PN} = "--system --home /var/cache/bind --no-create-home \
+                       --user-group bind"
 
 INITSCRIPT_NAME = "bind"
 INITSCRIPT_PARAMS = "defaults"
@@ -67,6 +72,9 @@ do_install_append() {
 	sed -i -e 's, at BASE_BINDIR@,${base_bindir},g' \
 	       -e 's, at SBINDIR@,${sbindir},g' \
 	       ${D}${systemd_unitdir}/system/named.service
+
+	install -d ${D}${sysconfdir}/default
+	install -m 0644 ${WORKDIR}/bind9 ${D}${sysconfdir}/default
 }
 
 CONFFILES_${PN} = " \
-- 
1.9.1

More information about the Openembedded-core mailing list