# Keep only tool binaries and libraries those binaries need.
ndb_install_mask="
        /etc
        /var
        /usr/bin/arpaname
        /usr/bin/named-*
        /usr/bin/nsec3hash
        /usr/lib/systemd
        /usr/lib/tmpfiles.d
        /usr/lib64/bind
        /usr/lib64/libisccc*
        /usr/libexec
        /usr/sbin
"

INSTALL_MASK+="${ndb_install_mask}"
PKG_INSTALL_MASK+="${ndb_install_mask}"

unset ndb_install_mask

# Override fowners to ignore changing owner or group to named. The
# only files that this happens for are files that we have put into
# {PKG_,}INSTALL_MASK. This will help us avoid installing
# acct-user/named and acct-user/group.
if [[ -z ${flatcar_hacked_fowners:-} ]]; then
    flatcar_hacked_fowners=$(command -v fowners)
fi
fowners() {
    if [[ ${#} -gt 0 && ( ${1} = named:* || ${1} = *:named ) ]]; then
        return 0
    fi
    "${flatcar_hacked_fowners}" "${@}"
}

# The pkg_postinst phase function wants to generate an rndc.key file
# with /usr/sbin/rndc-confgen script if the key file is missing, then
# change the ownership to the named group. We don't need the key file
# at all as it's presumably for named. Also, we masked the installtion
# of the script. Thus we fool the phase function by putting an empty
# key file there, so the function won't trigger the generation. We
# drop the key file later too.
cros_pre_pkg_postinst_add_fake_rndc_key() {
    local dir="${EROOT}/etc/bind"
    if [[ ! -d "${dir}" ]]; then
        mkdir "${dir}" || die
    fi
    touch "${dir}/rndc.key" || die
}
cros_post_pkg_postinst_drop_fake_rndc_key() {
    rm -rf "${EROOT}/etc/bind" || die
}
