Ubuntu 18 Bind9 with Custom Config Flags for DLZ Support

by Super User

bind9 ubuntu source compiling

There comes a time when some of the packages needed might not have been compiled with all the options you require. For instance, if you need Bind9 to interface with Samba4's setting of BIND_DLZ, you need to recompile bind9 with dlz support. It doesn't come with it enabled. 

To check what your version of bind was compiled with, in the configure build stage, use this command:

named -V

It will spit out something like this. The highlighted flags mean this version of bind was compiled WITH the necessary DLZ support and doesn't need to be recompiled. If you don't see these flags, you'll need to recompile:

BIND 9.11.3-1ubuntu1.9-Ubuntu (Extended Support Version) <id:a375815>
running on Linux x86_64 4.15.0-64-generic #73-Ubuntu SMP Thu Sep 12 13:16:13 UTC 2019
built by make with '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=/usr/include' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--disable-silent-rules' '--libdir=/usr/lib/x86_64-linux-gnu' '--libexecdir=/usr/lib/x86_64-linux-gnu' '--disable-maintainer-mode' '--disable-dependency-tracking' '--libdir=/usr/lib/x86_64-linux-gnu' '--sysconfdir=/etc/bind' '--with-python=python3' '--localstatedir=/' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-gost=no' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-libjson=/usr' '--without-lmdb' '--with-gnu-ld' '--with-geoip=/usr' '--with-atf=no' '--enable-ipv6' '--enable-rrl' '--enable-filter-aaaa' '--enable-native-pkcs11' '--with-pkcs11=/usr/lib/softhsm/libsofthsm2.so' '--with-randomdev=/dev/urandom' '--with-eddsa=no' '--with-dlz-ldap=yes' '--with-dlz-filesystem=yes' '--with-dlz-dbd=yes' '--with-dlz-stub=yes' '--with-dlopen=yes' 'build_alias=x86_64-linux-gnu' 'CFLAGS=-g -O2 -fdebug-prefix-map=/home/christopher/bind9/bind9-9.11.3+dfsg=. -fstack-protector-strong -Wformat -Werror=format-security -fno-strict-aliasing -fno-delete-null-pointer-checks -DNO_VERSION_DATE -DDIG_SIGCHASE' 'LDFLAGS=-Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now' 'CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=2'
compiled by GCC 7.4.0
compiled with OpenSSL version: OpenSSL 1.1.1 11 Sep 2018
linked to OpenSSL version: OpenSSL 1.1.1 11 Sep 2018
compiled with libxml2 version: 2.9.4
linked to libxml2 version: 20904
compiled with libjson-c version: 0.12.1
linked to libjson-c version: 0.12.1
compiled with zlib version: 1.2.11
linked to zlib version: 1.2.11
threads support is enabled

If you have bind installed, make sure you remove it, before continuing, otherwise, it will interfere with what we're trying to do. 

sudo apt-get remove bind9 

You may need to turn on the source lists in apt. That will be in this article. For now, let's get started by creating folders to hold the source files.

mkdir bind9
cd bind9

Once those folders are and you're in the bind9 folder, use apt to download the source files. This will download several files and a folder into the bind9 folder you are in. 

apt-get source bind9

Proceed into the source folder you downloaded. In my case, I'm using bind9-9.11.3+dfsg, but I'm sure there will be later versions, so substitute yours. You are going to be looking for the folder "debian" and the file "rules".

cd bind9-9.11.3+dfsg
nano debian/rules

In the rules file, search for the options between this:

     dh_auto_configure -B build -- \

and this:

dh_auto_configure -B build-udeb -- \

Just above EXTRA_FEATURES is where you'll insert your DLZ directives.

 --with-dlz-ldap=yes \
--with-dlz-filesystem=yes \
--with-dlz-dbd=yes \
--with-dlz-stub=yes \
--with-dlopen=yes \

Once you've saved the file, ensure you're in the bind9-9.11.3+dfsg folder and execute:

dpkg-buildpackage --no-sign

If everything was entered correctly, you should see a bunch of stuff scrolling across the screen. Go grab some coffee; it could take a while. 

When processing is complete, it will create a .deb file, one directory up, in the bind9 folder. You can install it normally, using

dpkg -i [packagename]

By the way, if you want to see all the options available to you during configure, go into the bind9-9.11.3+dfsg folder and type:

./configure --help

Leave a comment


  • No comments found