Create server-dns sub-package.

This allows us to automatically pull in package bind-pkcs11 and thus create upgrade path for on CentOS 7.1 -> 7.2. IPA previously had no requires on BIND packages and these had to be installed manually before first ipa-dns-install run. We need to pull additional bind-pkcs11 package during RPM upgrade so ipa-dns-install cannot help with this. https://fedorahosted.org/freeipa/ticket/4058 Reviewed-By: Jan Cholasta <jcholast@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
2025-02-25 18:55:28 -06:00 · 2015-07-16 15:09:45 +02:00 · 2015-07-16 15:09:45 +02:00 · f1f3ef478d
commit f1f3ef478d
parent e5d179b5b9
1 changed files with 35 additions and 15 deletions
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@ -170,19 +170,8 @@ Obsoletes: %{alt_name}-server < %{version}
 # entire SELinux policy is stored in the system policy
 Obsoletes: freeipa-server-selinux < 3.3.0

-# We have a soft-requires on bind. It is an optional part of
-# IPA but if it is configured we need a way to require versions
-# that work for us.
-Conflicts: bind-dyndb-ldap < 6.0-4
-%if 0%{?fedora} >= 21
-Conflicts: bind < 9.9.6-3
-Conflicts: bind-utils < 9.9.6-3
-%else
-Conflicts: bind < 9.9.4-21
-Conflicts: bind-utils < 9.9.4-21
-%endif
-# DNSSEC
-Conflicts: opendnssec < 1.4.6-4
+# upgrade path from monolithic -server to -server + -server-dns
+Obsoletes: %{name}-server <= 4.2.0

 # Versions of nss-pam-ldapd < 0.8.4 require a mapping from uniqueMember to
 # member.
@ -197,6 +186,35 @@ to install this package (in other words, most people should NOT install
 this package).


+%package server-dns
+Summary: IPA integrated DNS server with support for automatic DNSSEC signing
+Group: System Environment/Base
+Requires: %{name}-server = %{version}-%{release}
+Requires: bind-dyndb-ldap >= 6.0-4
+%if 0%{?fedora} >= 21
+Requires: bind >= 9.9.6-3
+Requires: bind-utils >= 9.9.6-3
+Requires: bind-pkcs11 >= 9.9.6-3
+Requires: bind-pkcs11-utils >= 9.9.6-3
+%else
+Requires: bind >= 9.9.4-21
+Requires: bind-utils >= 9.9.4-21
+Requires: bind-pkcs11 >= 9.9.4-21
+Requires: bind-pkcs11-utils >= 9.9.4-21
+%endif
+Requires: opendnssec >= 1.4.6-4
+
+Conflicts: %{alt_name}-server-dns
+Obsoletes: %{alt_name}-server-dns < %{version}
+
+# upgrade path from monolithic -server to -server + -server-dns
+Obsoletes: %{name}-server <= 4.2.0
+
+%description server-dns
+IPA integrated DNS server with support for automatic DNSSEC signing.
+Integrated DNS server is BIND 9. OpenDNSSEC provides key management.
+
+
 %package server-trust-ad
 Summary: Virtual package to install packages required for Active Directory trusts
 Group: System Environment/Base
@ -683,7 +701,6 @@ fi
 %{_sbindir}/ipa-backup
 %{_sbindir}/ipa-restore
 %{_sbindir}/ipa-ca-install
-%{_sbindir}/ipa-dns-install
 %{_sbindir}/ipa-kra-install
 %{_sbindir}/ipa-server-install
 %{_sbindir}/ipa-replica-conncheck
@ -857,7 +874,6 @@ fi
 %{_mandir}/man1/ipa-server-certinstall.1.gz
 %{_mandir}/man1/ipa-server-install.1.gz
 %{_mandir}/man1/ipa-server-upgrade.1.gz
-%{_mandir}/man1/ipa-dns-install.1.gz
 %{_mandir}/man1/ipa-ca-install.1.gz
 %{_mandir}/man1/ipa-kra-install.1.gz
 %{_mandir}/man1/ipa-compat-manage.1.gz
@ -873,6 +889,10 @@ fi
 %{_mandir}/man1/ipa-cacert-manage.1.gz
 %{_mandir}/man1/ipa-winsync-migrate.1.gz

+%files server-dns
+%{_sbindir}/ipa-dns-install
+%{_mandir}/man1/ipa-dns-install.1.gz
+
 %files server-trust-ad
 %{_sbindir}/ipa-adtrust-install
 %{_usr}/share/ipa/smb.conf.empty