named revision 1.27
11.1Slukem#!/bin/sh 21.1Slukem# 31.27Schristos# $NetBSD: named,v 1.27 2021/03/31 04:57:25 christos Exp $ 41.1Slukem# 51.1Slukem 61.1Slukem# PROVIDE: named 71.22Sperry# REQUIRE: NETWORKING mountcritremote syslogd 81.10Sthorpej# BEFORE: DAEMON 91.11Slukem# KEYWORD: chrootdir 101.1Slukem 111.14Smycroft$_rc_subr_loaded . /etc/rc.subr 121.1Slukem 131.1Slukemname="named" 141.6Slukemrcvar=$name 151.1Slukemcommand="/usr/sbin/${name}" 161.19Schristospidfile="/var/run/${name}/${name}.pid" 171.7Slukemstart_precmd="named_precmd" 181.7Slukemextra_commands="reload" 191.7Slukemrequired_dirs="$named_chrootdir" # if it is set, it must exist 201.7Slukem 211.17Schristosnamed_migrate() 221.17Schristos{ 231.23Schristos local src="$1" 241.23Schristos local dst="$2$1" 251.17Schristos echo "Migrating $src to $dst" 261.17Schristos( 271.17Schristos diff=false 281.23Schristos cd "$src" 291.23Schristos mkdir -p "$dst" 301.17Schristos for f in $(find . -type f) 311.17Schristos do 321.23Schristos f="${f##./}" 331.23Schristos case "$f" in 341.17Schristos */*) 351.23Schristos ds="$(dirname "$f")" 361.23Schristos dd="$dst/$ds" 371.23Schristos mkdir -p "$dd" 381.23Schristos chmod "$(stat -f "%p" "$ds" | 391.23Schristos sed -e 's/.*\([0-7][0-7][0-7][0-7]\)$/\1/g')" "$dd" 401.23Schristos chown "$(stat -f %u:%g "$ds")" "$dd" 411.17Schristos ;; 421.23Schristos *) 431.17Schristos ;; 441.17Schristos esac 451.18Schristos if [ -r "$dst/$f" ] 461.17Schristos then 471.23Schristos if ! cmp "$f" "$dst/$f"; then 481.17Schristos diff=true 491.17Schristos fi 501.17Schristos else 511.23Schristos cp -p "$f" "$dst/$f" 521.17Schristos fi 531.17Schristos done 541.17Schristos if $diff; then 551.17Schristos echo "Cannot complete migration because files are different" 561.17Schristos echo "Run 'diff -r $src $dst' resolve the differences" 571.17Schristos else 581.23Schristos rm -fr "$src" 591.23Schristos ln -s "$dst" "$src" 601.17Schristos fi 611.17Schristos) 621.17Schristos} 631.17Schristos 641.27Schristoscopy_if_newer() 651.27Schristos{ 661.27Schristos local chrootdir="$1" 671.27Schristos local dir="$2" 681.27Schristos local file="$3" 691.27Schristos if [ ! -x "${chrootdir}${dir}/${file}" -o \ 701.27Schristos "${chrootdir}${dir}/${file}" -ot "${dir}/${file}" ]; then 711.27Schristos rm -f "${chrootdir}${dir}/${file}" 721.27Schristos cp -p "${dir}/${file}" "${chrootdir}${dir}/${file}" 731.27Schristos fi 741.27Schristos} 751.27Schristos 761.7Slukemnamed_precmd() 771.7Slukem{ 781.24Sspz if [ ! -e "/etc/rndc.key" ]; then 791.24Sspz echo "Generating rndc.key" 801.24Sspz /usr/sbin/rndc-confgen -a 811.24Sspz fi 821.24Sspz 831.7Slukem if [ -z "$named_chrootdir" ]; then 841.23Schristos if [ ! -d "/etc/namedb/keys" ]; then 851.23Schristos mkdir -m 775 "/etc/namedb/keys" 861.23Schristos chown named:named "/etc/namedb/keys" 871.23Schristos fi 881.7Slukem return 0; 891.7Slukem fi 901.7Slukem 911.7Slukem # If running in a chroot cage, ensure that the appropriate files 921.26Sskrll # exist inside the cage, as well as helper symlinks into the cage 931.7Slukem # from outside. 941.7Slukem # 951.7Slukem # As this is called after the is_running and required_dir checks 961.7Slukem # are made in run_rc_command(), we can safely assume ${named_chrootdir} 971.7Slukem # exists and named isn't running at this point (unless forcestart 981.7Slukem # is used). 991.7Slukem # 1001.12Schristos case "$($command -v)" in 1011.12Schristos BIND*) # 9 no group, named-xfer, or ndc 1021.27Schristos named_plugindir="/usr/libexec/named" 1031.27Schristos if [ ! -d "${named_chrootdir}${named_plugindir}" ]; then 1041.27Schristos mkdir -p -m 755 "${named_chrootdir}${named_plugindir}" 1051.27Schristos chown root:wheel "${named_chrootdir}${named_plugindir}" 1061.27Schristos fi 1071.27Schristos for p in filter-aaaa.so; do 1081.27Schristos copy_if_newer "${named_chrootdir}" \ 1091.27Schristos "${named_plugindir}" "$p" 1101.27Schristos done 1111.12Schristos ;; 1121.12Schristos named*) # 4 and 8 1131.12Schristos rc_flags="-g named $rc_flags" 1141.27Schristos copy_if_newer "${named_chrootdir}" "/usr/libexec" "named-xfer" 1151.12Schristos ln -fs "${named_chrootdir}/var/run/ndc" /var/run/ndc 1161.12Schristos ;; 1171.12Schristos esac 1181.12Schristos 1191.25Stls for i in null random urandom; do 1201.13Schristos if [ ! -c "${named_chrootdir}/dev/$i" ]; then 1211.13Schristos rm -f "${named_chrootdir}/dev/$i" 1221.26Sskrll (cd /dev && 1231.13Schristos /bin/pax -rw -pe "$i" "${named_chrootdir}/dev") 1241.13Schristos fi 1251.13Schristos done 1261.4Slukem 1271.17Schristos if [ ! -h /etc/namedb ]; then 1281.17Schristos named_migrate /etc/namedb ${named_chrootdir} 1291.16Schristos fi 1301.23Schristos 1311.23Schristos for i in named.conf rndc.key; do 1321.23Schristos if [ \( -r "/etc/$i" \) -a \( ! -h "/etc/$i" \) -a \ 1331.23Schristos \( ! -r "${named_chrootdir}/etc/$i" \) ]; then 1341.23Schristos mv "/etc/$i" "${named_chrootdir}/etc/$i" 1351.23Schristos ln -s "${named_chrootdir}/etc/$i" "/etc/$i" 1361.23Schristos fi 1371.23Schristos done 1381.23Schristos 1391.16Schristos if [ \( ! -r ${named_chrootdir}/etc/named.conf \) -a \ 1401.16Schristos \( -r ${named_chrootdir}/etc/namedb/named.conf \) ]; then 1411.16Schristos ln -s namedb/named.conf ${named_chrootdir}/etc 1421.16Schristos fi 1431.16Schristos 1441.7Slukem if [ -f /etc/localtime ]; then 1451.7Slukem cmp -s /etc/localtime "${named_chrootdir}/etc/localtime" || \ 1461.7Slukem cp -p /etc/localtime "${named_chrootdir}/etc/localtime" 1471.7Slukem fi 1481.21Schristos 1491.21Schristos local piddir="$(dirname "${pidfile}")" 1501.21Schristos mkdir -p "${named_chrootdir}${piddir}" "${piddir}" 1511.21Schristos chmod 755 "${named_chrootdir}${piddir}" "${piddir}" 1521.21Schristos chown named:named "${named_chrootdir}${piddir}" "${piddir}" 1531.21Schristos ln -fs "${named_chrootdir}${pidfile}" "${pidfile}" 1541.7Slukem 1551.7Slukem # Change run_rc_commands()'s internal copy of $named_flags 1561.7Slukem # 1571.12Schristos rc_flags="-u named -t ${named_chrootdir} $rc_flags" 1581.7Slukem} 1591.1Slukem 1601.5Slukemload_rc_config $name 1611.3Slukemrun_rc_command "$1" 162