[Pkg-dns-devel] Bug#890483: bind9: compile with dnstap support

Richard James Salts debian at spectralmud.org
Thu Feb 15 05:24:18 UTC 2018 

Package: bind9
Version: 1:9.11.2.P1-1
Severity: wishlist
Tags: patch

It would be nice to enable the dnstap functionality included in bind
9.11 for detailed logging of dns queries going throught bind.
It would pull in extra dependencies on libfstrm0, libprotobuf-c1 and
zlib1g, however this might be worth it.

I've created a patch to the debian packaging that I used to compile
a deb with this option added. I think it's more or less correct.
-------------- next part --------------
diff -ur orig/debian/changelog diff/debian/changelog
--- orig/debian/changelog	2018-01-17 07:06:04.000000000 +0100
+++ diff/debian/changelog	2018-01-22 05:40:20.000000000 +0100
@@ -1,3 +1,9 @@
+bind9 (1:9.11.2.P1-1spectralmud1) unstable; urgency=medium
+
+  *  Compile with support for dnstap
+
+ -- Richard James Salts <rjsalts at red.spectralmud.org>  Mon, 22 Jan 2018 05:40:20 +0100
+
 bind9 (1:9.11.2.P1-1) unstable; urgency=medium
 
   * New upstream version 9.11.2-P1
diff -ur orig/debian/control diff/debian/control
--- orig/debian/control	2018-01-17 07:06:04.000000000 +0100
+++ diff/debian/control	2018-01-22 05:40:20.000000000 +0100
@@ -23,7 +23,9 @@
                libtool,
                libxml2-dev,
                python3,
-               python3-ply
+               python3-ply,
+               protobuf-c-compiler,
+               libfstrm-dev
 Standards-Version: 4.1.2
 Vcs-Browser: https://anonscm.debian.org/git/pkg-dns/bind9.git
 Vcs-Git: git://anonscm.debian.org/git/pkg-dns/bind9.git
diff -ur orig/debian/dnsutils.install diff/debian/dnsutils.install
--- orig/debian/dnsutils.install	2018-01-17 07:06:04.000000000 +0100
+++ diff/debian/dnsutils.install	2018-01-22 05:39:12.000000000 +0100
@@ -3,8 +3,10 @@
 usr/bin/mdig
 usr/bin/nslookup
 usr/bin/nsupdate
+usr/bin/dnstap-read
 usr/share/man/man1/delv.1
 usr/share/man/man1/dig.1
 usr/share/man/man1/mdig.1
 usr/share/man/man1/nslookup.1
 usr/share/man/man1/nsupdate.1
+usr/share/man/man1/dnstap-read.1
diff -ur orig/debian/libdns169.symbols diff/debian/libdns169.symbols
--- orig/debian/libdns169.symbols	2018-01-17 07:06:04.000000000 +0100
+++ diff/debian/libdns169.symbols	2018-01-22 05:39:41.000000000 +0100
@@ -356,6 +356,21 @@
  dns_dsdigest_format at Base 1:9.10.6+dfsg
  dns_dsdigest_fromtext at Base 1:9.10.6+dfsg
  dns_dsdigest_totext at Base 1:9.10.6+dfsg
+ dns_dt_attach at Base 1:9.11.2+dfsg7
+ dns_dt_close at Base 1:9.11.2+dfsg
+ dns_dt_create at Base 1:9.11.2+dfsg
+ dns_dt_datatotext at Base 1:9.11.2+dfsg
+ dns_dt_detach at Base 1:9.11.2+dfsg
+ dns_dt_getframe at Base 1:9.11.2+dfsg
+ dns_dt_getstats at Base 1:9.11.2+dfsg
+ dns_dt_open at Base 1:9.11.2+dfsg
+ dns_dt_parse at Base 1:9.11.2+dfsg
+ dns_dt_reopen at Base 1:9.11.2+dfsg
+ dns_dt_send at Base 1:9.11.2+dfsg
+ dns_dt_setidentity at Base 1:9.11.2+dfsg
+ dns_dt_setversion at Base 1:9.11.2+dfsg
+ dns_dt_shutdown at Base 1:9.11.2+dfsg
+ dns_dtdata_free at Base 1:9.11.2+dfsg
  dns_dumpctx_attach at Base 1:9.10.6+dfsg
  dns_dumpctx_cancel at Base 1:9.10.6+dfsg
  dns_dumpctx_db at Base 1:9.10.6+dfsg
@@ -1407,6 +1422,24 @@
  dns_zt_loadnew at Base 1:9.10.6+dfsg
  dns_zt_mount at Base 1:9.10.6+dfsg
  dns_zt_unmount at Base 1:9.10.6+dfsg
+ dnstap__dnstap__descriptor at Base 1:9.11.2+dfsg
+ dnstap__dnstap__free_unpacked at Base 1:9.11.2+dfsg
+ dnstap__dnstap__get_packed_size at Base 1:9.11.2+dfsg
+ dnstap__dnstap__init at Base 1:9.11.2+dfsg
+ dnstap__dnstap__pack at Base 1:9.11.2+dfsg
+ dnstap__dnstap__pack_to_buffer at Base 1:9.11.2+dfsg
+ dnstap__dnstap__type__descriptor at Base 1:9.11.2+dfsg
+ dnstap__dnstap__unpack at Base 1:9.11.2+dfsg
+ dnstap__message__descriptor at Base 1:9.11.2+dfsg
+ dnstap__message__free_unpacked at Base 1:9.11.2+dfsg
+ dnstap__message__get_packed_size at Base 1:9.11.2+dfsg
+ dnstap__message__init at Base 1:9.11.2+dfsg
+ dnstap__message__pack at Base 1:9.11.2+dfsg
+ dnstap__message__pack_to_buffer at Base 1:9.11.2+dfsg
+ dnstap__message__type__descriptor at Base 1:9.11.2+dfsg
+ dnstap__message__unpack at Base 1:9.11.2+dfsg
+ dnstap__socket_family__descriptor at Base 1:9.11.2+dfsg
+ dnstap__socket_protocol__descriptor at Base 1:9.11.2+dfsg
  dst__entropy_getdata at Base 1:9.10.6+dfsg
  dst__entropy_status at Base 1:9.10.6+dfsg
  dst__gssapi_init at Base 1:9.10.6+dfsg
@@ -1883,6 +1916,21 @@
  dns_dsdigest_format at Base 1:9.10.6+dfsg
  dns_dsdigest_fromtext at Base 1:9.10.6+dfsg
  dns_dsdigest_totext at Base 1:9.10.6+dfsg
+ dns_dt_attach at Base 1:9.11.2+dfsg
+ dns_dt_close at Base 1:9.11.2+dfsg
+ dns_dt_create at Base 1:9.11.2+dfsg
+ dns_dt_datatotext at Base 1:9.11.2+dfsg
+ dns_dt_detach at Base 1:9.11.2+dfsg
+ dns_dt_getframe at Base 1:9.11.2+dfsg
+ dns_dt_getstats at Base 1:9.11.2+dfsg
+ dns_dt_open at Base 1:9.11.2+dfsg
+ dns_dt_parse at Base 1:9.11.2+dfsg
+ dns_dt_reopen at Base 1:9.11.2+dfsg
+ dns_dt_send at Base 1:9.11.2+dfsg
+ dns_dt_setidentity at Base 1:9.11.2+dfsg
+ dns_dt_setversion at Base 1:9.11.2+dfsg
+ dns_dt_shutdown at Base 1:9.11.2+dfsg
+ dns_dtdata_free at Base 1:9.11.2+dfsg
  dns_dumpctx_attach at Base 1:9.10.6+dfsg
  dns_dumpctx_cancel at Base 1:9.10.6+dfsg
  dns_dumpctx_db at Base 1:9.10.6+dfsg
@@ -2934,6 +2982,24 @@
  dns_zt_loadnew at Base 1:9.10.6+dfsg
  dns_zt_mount at Base 1:9.10.6+dfsg
  dns_zt_unmount at Base 1:9.10.6+dfsg
+ dnstap__dnstap__descriptor at Base 1:9.11.2+dfsg
+ dnstap__dnstap__free_unpacked at Base 1:9.11.2+dfsg
+ dnstap__dnstap__get_packed_size at Base 1:9.11.2+dfsg
+ dnstap__dnstap__init at Base 1:9.11.2+dfsg
+ dnstap__dnstap__pack at Base 1:9.11.2+dfsg
+ dnstap__dnstap__pack_to_buffer at Base 1:9.11.2+dfsg
+ dnstap__dnstap__type__descriptor at Base 1:9.11.2+dfsg
+ dnstap__dnstap__unpack at Base 1:9.11.2+dfsg
+ dnstap__message__descriptor at Base 1:9.11.2+dfsg
+ dnstap__message__free_unpacked at Base 1:9.11.2+dfsg
+ dnstap__message__get_packed_size at Base 1:9.11.2+dfsg
+ dnstap__message__init at Base 1:9.11.2+dfsg
+ dnstap__message__pack at Base 1:9.11.2+dfsg
+ dnstap__message__pack_to_buffer at Base 1:9.11.2+dfsg
+ dnstap__message__type__descriptor at Base 1:9.11.2+dfsg
+ dnstap__message__unpack at Base 1:9.11.2+dfsg
+ dnstap__socket_family__descriptor at Base 1:9.11.2+dfsg
+ dnstap__socket_protocol__descriptor at Base 1:9.11.2+dfsg
  dst__entropy_getdata at Base 1:9.10.6+dfsg
  dst__entropy_status at Base 1:9.10.6+dfsg
  dst__gssapi_init at Base 1:9.10.6+dfsg
diff -ur orig/debian/rules diff/debian/rules
--- orig/debian/rules	2018-01-17 07:06:04.000000000 +0100
+++ diff/debian/rules	2018-01-22 05:38:33.000000000 +0100
@@ -90,6 +90,7 @@
 		--enable-native-pkcs11 \
 		--with-pkcs11=\$${prefix}/lib/softhsm/libsofthsm2.so \
 		--with-randomdev=/dev/urandom \
+		--enable-dnstap \
 		$(EXTRA_FEATURES)
 	dh_auto_configure -B build-udeb -- \
 		--sysconfdir=/etc/bind \
@@ -114,6 +115,8 @@
 	# no need to build these targets here
 	sed -i 's/dnssec-pkcs11//;s/named-pkcs11//' build-udeb/bin/Makefile
 	sed -i 's/dns-pkcs11//;s/isc-pkcs11//' build-udeb/lib/Makefile
+	cp lib/dns/dnstap.proto build/lib/dns
+	cp lib/dns-pkcs11/dnstap.proto build/lib/dns-pkcs11
 
 override_dh_auto_build:
 	dh_auto_build -B build

More information about the pkg-dns-devel mailing list