There are a number of posts out there showing how to install the Bind 9.5.0-P1 source RPM packages on CentOS, so you can build and upgrade your Bind 9.3.4, to make use of allow-query-cache.
Problem is, there’s a MINOR detail. If you follow the procedure, you get this problem:
error: Failed dependencies:
libdns.so.16 is needed by bind-libs-9.5.0-33.P1.i386
libisc.so.7 is needed by bind-libs-9.5.0-33.P1.i386
libisccc.so.0 is needed by bind-libs-9.5.0-33.P1.i386
Of course. It sounds catch-22. How can bind-libs require libdns.so.16 when it provides a newer one?
I, knowing that rpm and spec files are relatively flawed (ok, probably not, I just don’t like them. Give me a break, I found the solution and I’m posting it! :D), thought “What if rpmbuild -bb bind.spec finds the currently installed bind, and for some weird reason, includes THAT versions dependencies on the NEW version?”. That’s exactly what was happening, it seems, cause I only had to remove the current bind packages (via yum remove, full procedure below), then re-run rpmbuild -bb bind.spec, then rpm -ivh the new rpm files (as needed). Voila. No more old-version dependencies, and it works PERFECT.
Here is what you need to do:
rpm -ivh bind-9.5.0-33.P1.src.rpm
cp /etc/named.conf /root/named.conf
yum remove bind bind-libs bind-utils caching-nameserver
rpmbuild -bb bind.spec
rpm -ivh bind-9.5.0-33.P1.i386.rpm bind-utils-9.5.0-33.P1.i386.rpm bind-libs-9.5.0-33.P1.i386.rpm
cp /root/named.conf /etc
rpm -q bind show show 9.5.0 🙂
Now you use the new allow-query-cache parameter.
- El bug DNS de Kaminsky: Solucion Parcial por un CHAR!
- Fail2ban rules for lighttpd fastcgi alerts
- Welcome, Linux and Security interested visitors!
- Administration System for Courier MTA
- FIX: fail2ban does not work in Ubuntu 10.04