Installing BIND 4.9.3 resolver code in SunOS 4.1.x shared libraries===================================================================$Id: INSTALL,v 8.5 1995/12/29 07:16:25 vixie Exp $by Chris Davis <ckd@kei.com>based on code, documentation, and suggestions by:  Paul Balyoz <pab@naucse.cse.nau.edu>  Piete Brooks <pb@cl.cam.ac.uk>  Dave Morrison <drmorris@mit.edu>  Hal Pomeranz <pomeranz@nas.nasa.gov>  Matt Ragan <matt@ibmoto.com>  Greg A. Woods <woods@kuma.web.net>  Eduard Vopicka <Eduard.Vopicka@vse.cz>and probably others (apologies if I've forgotten you).Note that if you wish to modify this process, you should read and understandthe file shres/sunos/ISSUES.If you have problems with the process (or its aftermath) see; shres/sunos/PROBLEMS.You should read through this whole file BEFORE BEGINNING.  I mean it.  Ireally mean it.  The shared library is the second most important part ofSunOS (right behind /vmunix).  If you screw it up you will be very veryunhappy and so will your users.  You should also read shres/sunos/PROBLEMS before starting, if only to know what sort of things to watch out for.[Disclaimer: THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' ANDANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THEIMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSEARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLEFOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIALDAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODSOR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICTLIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAYOUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OFSUCH DAMAGE.]1.  Get and unpack a copy of BIND 4.9.3.  (This document is from that    distribution, as shres/sunos/INSTALL.)  See <URL:http://www.isc.org/isc/>     for more information, including a pointer to the latest version.    In the remainder of this document, $BINDSRC represents the directory    you unpacked the BIND distribution into, and $BINDBUILD represents the    directory you actually built BIND in (they will be different if you    use "make links").2.  (Optional) Use "make DST=sun4.b links" to create a shadow source tree    for the Sun4 architecture (see $BINDSRC/README for details).  This is    particularly useful if you are building for more than one architecture    or operating system (like, say, SunOS 4.1.x and Solaris 2.x).  If you    do this, cd into the new build directory ("cd sun4.b", for example); this    will be referred to hereafter as $BINDBUILD.3.  Configure it to your tastes by editing $BINDSRC/conf/options.h, using    $BINDSRC/OPTIONS as a guide to the available choices.  (You may want to    delete the symbolic link in $BINDBUILD/conf and replace it with a copy of    options.h; this is primarily useful if you want to build different BIND    configurations on different system architectures.)  SUNSECURITY must be    on for the shared library (it should be included in the SHCC entry in    $BINDBUILD/Makefile).  Not all of the options affect the resolver    library, but you probably want the new named as well (the one Sun    supplies is really, really old).4.  Uncomment the appropriate lines in $BINDBUILD/Makefile (or    $BINDSRC/Makefile if you didn't do step 2, shame shame) for SunOS 4.    To build resolver code to install in the shared library, uncomment the    SHRES line, as well as the appropriate SHCC and PIC lines.  If you    have gcc, you should use it for SHCC, as it can share the read-only    data (see $BINDSRC/shres/sunos/ISSUES for more details).  I also use it    as CC to compile named, libresolv.a, and the tools.5.  (Optional) Add $BINDSRC/bin to your path, and "make depend".6.  Type "make" to build named, the tools, the "normal" libresolv, and the    position-independent code ("pic") libresolv.7.  Install the appropriate "jumbo libc patch" for your SunOS version, if    you haven't already.  Among other things, this includes fixes for some    bugs in the shared library building process.  This will also include    the shared library build directory (/usr/lib/shlib.etc), which is    useful if the "Shlib Custom" package was not already installed.    At the time of this writing, the patch numbers and latest revisions of    the "international" versions of these patches were:      4.1.3:    100891-13      4.1.3_U1: 101558-07      4.1.4:    102545-04    Note that "international" means "has not installed the extra-cost 'US    Encryption Kit'", so most sites, even in the US, will need these    versions.  If you have installed the "US Encryption Kit" you will need    to get the domestic versions.    As "recommended" patches, these patches are available for anonymous    ftp to all Sun customers, even those without support contracts, from    sunsolve1.sun.com in the /pub/patches directory.    Since these patches also fix the bug in syslog(3) that allows    attackers to get root access, it's a VERY good idea to install them.    SunOS-4.1.1 for sun3 doesn't have an explicit known libc patch,    though upgrading to 4.1.1_U1 does replace the shared libraries, and    it's highly recommended that you do upgrade if possible.  (It will    still be vulnerable to the aforementioned syslog(3) bug, among others,    however.)Perform the following steps to integrate the shareable resolver librarycode (libresolv_pic.a) into the shared libc (for both BSD and SysVuniverses).  If you use the $BINDSRC/shres/sunos/makeshlib script, steps 8-18 will be done for you; read them anyway.The makeshlib script does minimal error checking and is mostly a quick &dirty convenience for people tired of typing commands.  If it fails onyour system, you'll probably have to do part or all of the installationmanually instead.  (Please also let me know; I'll try to check for thatproblem, or at least document it in shres/sunos/PROBLEMS.)Note that some or all of these steps may need to be done as root.  Youshould read the makeshlib script carefully before running it as root.You may wish to run makeshlib as "sh -x shres/sunos/makeshlib" to view thecommands as they are executed as a progress indicator.Note that the makeshlib command will fail if you used "make links" tocreate a $BINDBUILD tree but run it from the original $BINDSRC.  It willalso fail if you try to run it before compiling shres/sunos/libresolv_pic.a,or if you didn't uncomment the SHRES stuff in $BINDBUILD/Makefile.  Sodon't do any of those things.  As I said, "minimal error checking".8.  Move into the shared-lib area and make a temporary directory:      cd /usr/lib/shlib.etc      mkdir tmp9.  Move into this new directory, extract the pic (position independent    code) object files from libc_pic.a and remove the SYMDEF file.  The    renaming (mv commands) is done because the "ar" command truncates    names to 16 characters.    Note that Sun's documentation (/usr/lib/shlib.etc/README) omits the    last "mv" command.  This will result in "undefined symbol" errors for    the four symbols mbstowcs_xccs, mbtowc_xccs, wcstombs_xccs, and    wctomb_xccs.  (See shres/sunos/PROBLEMS for more details.)      cd tmp      ar x ../libc_pic.a      rm __.SYMDEF      mv rpc_dtablesize. rpc_dtablesize.o      mv rpc_commondata. rpc_commondata.o      mv xccs.multibyte. xccs.multibyte.o10. Extract the shareable libresolv_pic.a into this target directory.    This will replace Sun's inet_addr.o, which is ok; this one is better.    It will also replace Sun's getnetent.o, which is ok, as long as you    have DNS entries for your networks (as in RFC 1101).  See the file    shres/sunos/ISSUES for details on why this is a Good Thing in my opinion.    If you want to keep using NIS or /etc/networks instead, you'll need to    save Sun's getnetent.o, remove BIND's getnet* files, and put Sun's    getnetent.o back after this step.  You have to remove *ALL* of BIND's    getnet* objects (getnetbyaddr.o, getnetbyname.o, getnetent.o,    getnetnamadr.o) or your shared library will fail to link properly.  The    symptom of this is usually "_getnetbyname: multiply defined" or a similar    error from ld.    Make sure that Sun's mktemp.o and strpbrk.o don't get stomped; you    need to use Sun's, not the ones in BIND's compat/lib.      ar x $BINDBUILD/shres/sunos/libresolv_pic.a      rm __.SYMDEF11. Make sure the old host resolver is not still lying around:       rm gethostent.o    (ignore error "rm: gethostent.o nonexistent" if you see it.)12. Sun's shipped awk script (/usr/lib/shlib.etc/awkfile) has two small bugs;    if you use their recommended procedure for saving old (FCS) versions of    the shared libraries, it can get the wrong version number for the new    libc.so.  It can also get the wrong number if you have different minor    revisions installed (such as 1.8.1 and 1.9; it will get 1.9.2 instead of    1.9.1 for the "next" revision).    You should fix these problems by applying (using the 'patch' program) the    patch file $BINDSRC/shres/sunos/sun-awkfile.patches.      cd /usr/lib/shlib.etc      patch < $BINDSRC/shres/sunos/sun-awkfile.patches    Even with these fixes, it may get the wrong version number; you may need    to rename the files by hand.  (Skipping a "custom" number is not unsafe,    just unaesthetic; if you have libc.so.1.9 and libc.so.1.9.2, the system    will use libc.so.1.9.2.)13. Now you need to add the BIND resolver object files to the lorder-sparc    file.  The easiest way to do this is to apply (using the 'patch' program)    the patch file $BINDSRC/shres/sunos/sun-lorder-sparc.patches.    If you removed the getnet* objects in step 10, you should remove the    references to them after applying the patch.  (Don't remove the reference    to getnetent.o, since you've put Sun's version of that back in place.)    If you don't have 'patch', duplicate the list of object files to use:      cp lorder-sparc lorder-sparc.orig    Edit this object file list and make the following modifications if    they haven't already been done before to this file:             remove: gethostent.o             add:    gethnamaddr.o                     getnetnamadr.o                     getnetbyaddr.o                     getnetbyname.o                     herror.o                     res_query.o