bind-users Digest, Vol 1633, Issue 1

Harald A. Irmer Harald.Irmer at KIT.edu
Mon Sep 23 12:08:42 UTC 2013 

dear ShanyiWan,

add
#include <sys/capability.h>             /* Required for Linux 
capabilities */
to ./bind-9.9.4/bin/named/unix/os.c
and it will do (as it does with me).

Regards,

Harald

On 23.09.2013 14:00, bind-users-request at lists.isc.org wrote:
> Send bind-users mailing list submissions to
> 	bind-users at lists.isc.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> 	https://lists.isc.org/mailman/listinfo/bind-users
> or, via email, send a message with subject or body 'help' to
> 	bind-users-request at lists.isc.org
>
> You can reach the person managing the list at
> 	bind-users-owner at lists.isc.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of bind-users digest..."
>
>
> Today's Topics:
>
>     1. BIND 9.9.4 compile error (ShanyiWan)
>     2. Re: RRL probably not useful for DNS IP blacklists,	was Re:
>        New Versions of BIND are available (9.9.4, 9.8.6,	and
>        9.6-ESV-R10) (Eliezer Croitoru)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Mon, 23 Sep 2013 12:03:54 +0800
> From: ShanyiWan <wsy at 114.com.cn>
> To: bind-users <bind-users at lists.isc.org>
> Subject: BIND 9.9.4 compile error
> Message-ID: <201309231203540070554 at 114.com.cn>
> Content-Type: text/plain; charset="utf-8"
>
> [root at localhost bind-9.9.4]# uname -a
> Linux localhost.localdomain 2.6.18-274.el5PAE #1 SMP Fri Jul 22 05:34:36 EDT 2011 i686 i686 i386 GNU/Linux
> [root at localhost bind-9.9.4]# lsb_release -a
> LSB Version:    :core-4.0-ia32:core-4.0-noarch:graphics-4.0-ia32:graphics-4.0-noarch:printing-4.0-ia32:printing-4.0-noarch
> Distributor ID: CentOS
> Description:    CentOS release 5.9 (Final)
> Release:        5.9
> Codename:       Final
>
> # ./configure --enable-threads --enable-rrl --with-dlz-bdb=/usr/local/BerkeleyDB.5.1/
>
> cofigure is ok.
>
> # make
> ...
> ranlib liblwres.a
> touch timestamp
> make[2]: Leaving directory `/usr/local/src/bind-9.9.4/lib/lwres'
> making all in /usr/local/src/bind-9.9.4/lib/tests
> make[2]: Entering directory `/usr/local/src/bind-9.9.4/lib/tests'
> making all in /usr/local/src/bind-9.9.4/lib/tests/include
> make[3]: Entering directory `/usr/local/src/bind-9.9.4/lib/tests/include'
> making all in /usr/local/src/bind-9.9.4/lib/tests/include/tests
> make[4]: Entering directory `/usr/local/src/bind-9.9.4/lib/tests/include/tests'
> make[4]: Leaving directory `/usr/local/src/bind-9.9.4/lib/tests/include/tests'
> make[3]: Leaving directory `/usr/local/src/bind-9.9.4/lib/tests/include'
> gcc  -I/usr/local/src/bind-9.9.4 -I/usr/local/src/bind-9.9.4/lib/dns/include -I../../lib/dns/include -I/usr/local/src/bind-9.9.4/lib/isc/include -I../../lib/isc -I../../lib/isc/include -I../../lib/isc/unix/include -I../../lib/isc/pthreads/include -I../../lib/isc/x86_32/include -I../../lib/tests/include  -D_REENTRANT  -D_GNU_SOURCE -g -O2 -I/usr/include/libxml2  -W -Wall -Wmissing-prototypes -Wcast-qual -Wwrite-strings -Wformat -Wpointer-arith -fno-strict-aliasing  -c t_api.c
> /usr/bin/ar cruv libt_api.a t_api.o
> a - t_api.o
> ranlib libt_api.a
> touch timestamp
> make[2]: Leaving directory `/usr/local/src/bind-9.9.4/lib/tests'
> make[1]: Leaving directory `/usr/local/src/bind-9.9.4/lib'
> making all in /usr/local/src/bind-9.9.4/bin
> make[1]: Entering directory `/usr/local/src/bind-9.9.4/bin'
> making all in /usr/local/src/bind-9.9.4/bin/named
> make[2]: Entering directory `/usr/local/src/bind-9.9.4/bin/named'
> making all in /usr/local/src/bind-9.9.4/bin/named/unix
> make[3]: Entering directory `/usr/local/src/bind-9.9.4/bin/named/unix'
> gcc  -I/usr/local/src/bind-9.9.4 -I./include -I./../include -I/usr/local/src/bind-9.9.4/lib/isccfg/include -I../../../lib/isccfg/include -I/usr/local/src/bind-9.9.4/lib/isccc/include -I../../../lib/isccc/include -I/usr/local/src/bind-9.9.4/lib/dns/include -I../../../lib/dns/include -I/usr/local/src/bind-9.9.4/lib/isc/include -I../../../lib/isc -I../../../lib/isc/include -I../../../lib/isc/unix/include -I../../../lib/isc/pthreads/include -I../../../lib/isc/x86_32/include  -D_REENTRANT  -D_GNU_SOURCE -g -O2 -I/usr/include/libxml2  -W -Wall -Wmissing-prototypes -Wcast-qual -Wwrite-strings -Wformat -Wpointer-arith -fno-strict-aliasing  -c os.c
> os.c:166: error: expected ?)? before ?caps?
> os.c: In function ?linux_initialprivs?:
> os.c:242: error: ?cap_t? undeclared (first use in this function)
> os.c:242: error: (Each undeclared identifier is reported only once
> os.c:242: error: for each function it appears in.)
> os.c:242: error: expected ?;? before ?caps?
> os.c:244: error: expected ?;? before ?curcaps?
> os.c:245: error: ?cap_value_t? undeclared (first use in this function)
> os.c:245: error: expected ?;? before ?capval?
> os.c:255: error: ?caps? undeclared (first use in this function)
> os.c:255: warning: implicit declaration of function ?cap_init?
> os.c:255: error: ?curcaps? undeclared (first use in this function)
> os.c:255: warning: implicit declaration of function ?cap_get_proc?
> os.c:260: error: ?capval? undeclared (first use in this function)
> os.c:260: error: ?cap_flag_value_t? undeclared (first use in this function)
> os.c:260: error: expected ?;? before ?curval?
> os.c:260: warning: implicit declaration of function ?cap_get_flag?
> os.c:260: error: ?CAP_PERMITTED? undeclared (first use in this function)
> os.c:260: error: ?curval? undeclared (first use in this function)
> os.c:260: warning: implicit declaration of function ?cap_set_flag?
> os.c:260: error: ?CAP_EFFECTIVE? undeclared (first use in this function)
> os.c:260: error: ?CAP_SET? undeclared (first use in this function)
> os.c:265: error: expected ?;? before ?curval?
> os.c:274: error: expected ?;? before ?curval?
> os.c:280: error: expected ?;? before ?curval?
> os.c:286: error: expected ?;? before ?curval?
> os.c:295: error: expected ?;? before ?curval?
> os.c:301: error: expected ?;? before ?curval?
> os.c:303: warning: implicit declaration of function ?linux_setcaps?
> os.c:306: warning: implicit declaration of function ?cap_free?
> os.c: In function ?linux_minprivs?:
> os.c:312: error: ?cap_t? undeclared (first use in this function)
> os.c:312: error: expected ?;? before ?caps?
> os.c:314: error: expected ?;? before ?curcaps?
> os.c:315: error: ?cap_value_t? undeclared (first use in this function)
> os.c:315: error: expected ?;? before ?capval?
> os.c:320: error: ?caps? undeclared (first use in this function)
> os.c:320: error: ?curcaps? undeclared (first use in this function)
> os.c:329: error: ?capval? undeclared (first use in this function)
> os.c:329: error: ?cap_flag_value_t? undeclared (first use in this function)
> os.c:329: error: expected ?;? before ?curval?
> os.c:329: error: ?CAP_PERMITTED? undeclared (first use in this function)
> os.c:329: error: ?curval? undeclared (first use in this function)
> os.c:329: error: ?CAP_EFFECTIVE? undeclared (first use in this function)
> os.c:329: error: ?CAP_SET? undeclared (first use in this function)
> os.c:338: error: expected ?;? before ?curval?
> make[3]: *** [os.o] Error 1
> make[3]: Leaving directory `/usr/local/src/bind-9.9.4/bin/named/unix'
> make[2]: *** [subdirs] Error 1
> make[2]: Leaving directory `/usr/local/src/bind-9.9.4/bin/named'
> make[1]: *** [subdirs] Error 1
> make[1]: Leaving directory `/usr/local/src/bind-9.9.4/bin'
> make: *** [subdirs] Error 1
>
>
>
> ShanyiWan
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <https://lists.isc.org/pipermail/bind-users/attachments/20130923/ee963e55/attachment-0001.html>
>
> ------------------------------
>
> Message: 2
> Date: Mon, 23 Sep 2013 09:40:05 +0300
> From: Eliezer Croitoru <eliezer at ngtech.co.il>
> To: bind-users at lists.isc.org
> Subject: Re: RRL probably not useful for DNS IP blacklists,	was Re:
> 	New Versions of BIND are available (9.9.4, 9.8.6,	and 9.6-ESV-R10)
> Message-ID: <523FE245.6000102 at ngtech.co.il>
> Content-Type: text/plain; charset=ISO-8859-1
>
> On 09/20/2013 05:12 PM, Vernon Schryver wrote:
>> The potential RRL problem is when you provide high volume DNSBL service
>> over the open Internet to DNS clients that are not authenticated.
>> However, that is unlikely to be a worry, because providing DNSBL
>> services over the open Internet is dubious idea for unrelated reasons.
>> Major DNSBL providers have years since limited anonymous clients for
>> business or other reasons.  For example, I think Spamhaus limits
>> anonymous clients to fewer than 3 queries/second.
> and I doubt they use RRL in the application level..
> I assume they limit that on either IPTABLES\FW level.
>
> What is the way to provide DBSBL using bind??
> I was looking for something like that but I am sure a dynamic DB is
> needed for the task right?
>
> Eliezer
>
>
> ------------------------------
>
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
> End of bind-users Digest, Vol 1633, Issue 1
> *******************************************


-- 

Karlsruhe Institute of Technology (KIT)
ATIS - IT Infrastruture and Services, Faculty of Computer Science

Harald A. Irmer
IT Manager / Computer Networks Group

Am Fasanengarten 5
Building 50.34
76131 Karlsruhe, Germany

Phone: +49 721 608-46963
Fax: +49 721 608-46699
Email: harald.irmer at kit.edu
http://www.kit.edu/

KIT University of the State of Baden-Wuerttemberg and
National Laboratory of the Helmholtz Association

More information about the bind-users mailing list