named revision 1.28
11.1Slukem#!/bin/sh 21.1Slukem# 31.28Skre# $NetBSD: named,v 1.28 2023/12/25 08:35:07 kre Exp $ 41.1Slukem# 51.1Slukem 61.1Slukem# PROVIDE: named 71.22Sperry# REQUIRE: NETWORKING mountcritremote syslogd 81.10Sthorpej# BEFORE: DAEMON 91.11Slukem# KEYWORD: chrootdir 101.1Slukem 111.14Smycroft$_rc_subr_loaded . /etc/rc.subr 121.1Slukem 131.1Slukemname="named" 141.6Slukemrcvar=$name 151.1Slukemcommand="/usr/sbin/${name}" 161.19Schristospidfile="/var/run/${name}/${name}.pid" 171.7Slukemstart_precmd="named_precmd" 181.7Slukemextra_commands="reload" 191.7Slukemrequired_dirs="$named_chrootdir" # if it is set, it must exist 201.7Slukem 211.17Schristosnamed_migrate() 221.28Skre( 231.23Schristos local src="$1" 241.23Schristos local dst="$2$1" 251.17Schristos echo "Migrating $src to $dst" 261.17Schristos diff=false 271.23Schristos cd "$src" 281.23Schristos mkdir -p "$dst" 291.17Schristos for f in $(find . -type f) 301.17Schristos do 311.23Schristos f="${f##./}" 321.23Schristos case "$f" in 331.17Schristos */*) 341.23Schristos ds="$(dirname "$f")" 351.23Schristos dd="$dst/$ds" 361.23Schristos mkdir -p "$dd" 371.23Schristos chmod "$(stat -f "%p" "$ds" | 381.23Schristos sed -e 's/.*\([0-7][0-7][0-7][0-7]\)$/\1/g')" "$dd" 391.23Schristos chown "$(stat -f %u:%g "$ds")" "$dd" 401.17Schristos ;; 411.23Schristos *) 421.17Schristos ;; 431.17Schristos esac 441.18Schristos if [ -r "$dst/$f" ] 451.17Schristos then 461.23Schristos if ! cmp "$f" "$dst/$f"; then 471.17Schristos diff=true 481.17Schristos fi 491.17Schristos else 501.23Schristos cp -p "$f" "$dst/$f" 511.17Schristos fi 521.17Schristos done 531.17Schristos if $diff; then 541.17Schristos echo "Cannot complete migration because files are different" 551.17Schristos echo "Run 'diff -r $src $dst' resolve the differences" 561.17Schristos else 571.23Schristos rm -fr "$src" 581.23Schristos ln -s "$dst" "$src" 591.17Schristos fi 601.17Schristos) 611.17Schristos 621.27Schristoscopy_if_newer() 631.27Schristos{ 641.27Schristos local chrootdir="$1" 651.27Schristos local dir="$2" 661.27Schristos local file="$3" 671.28Skre if ! [ -x "${chrootdir}${dir}/${file}" ] || 681.28Skre [ "${chrootdir}${dir}/${file}" -ot "${dir}/${file}" ]; then 691.27Schristos rm -f "${chrootdir}${dir}/${file}" 701.27Schristos cp -p "${dir}/${file}" "${chrootdir}${dir}/${file}" 711.27Schristos fi 721.27Schristos} 731.27Schristos 741.7Slukemnamed_precmd() 751.7Slukem{ 761.28Skre if ! [ -e "/etc/rndc.key" ]; then 771.24Sspz echo "Generating rndc.key" 781.24Sspz /usr/sbin/rndc-confgen -a 791.24Sspz fi 801.24Sspz 811.7Slukem if [ -z "$named_chrootdir" ]; then 821.28Skre if ! [ -d "/etc/namedb/keys" ]; then 831.23Schristos mkdir -m 775 "/etc/namedb/keys" 841.23Schristos chown named:named "/etc/namedb/keys" 851.23Schristos fi 861.7Slukem return 0; 871.7Slukem fi 881.7Slukem 891.7Slukem # If running in a chroot cage, ensure that the appropriate files 901.26Sskrll # exist inside the cage, as well as helper symlinks into the cage 911.7Slukem # from outside. 921.7Slukem # 931.7Slukem # As this is called after the is_running and required_dir checks 941.7Slukem # are made in run_rc_command(), we can safely assume ${named_chrootdir} 951.7Slukem # exists and named isn't running at this point (unless forcestart 961.7Slukem # is used). 971.7Slukem # 981.12Schristos case "$($command -v)" in 991.12Schristos BIND*) # 9 no group, named-xfer, or ndc 1001.27Schristos named_plugindir="/usr/libexec/named" 1011.28Skre if ! [ -d "${named_chrootdir}${named_plugindir}" ]; then 1021.27Schristos mkdir -p -m 755 "${named_chrootdir}${named_plugindir}" 1031.27Schristos chown root:wheel "${named_chrootdir}${named_plugindir}" 1041.27Schristos fi 1051.27Schristos for p in filter-aaaa.so; do 1061.27Schristos copy_if_newer "${named_chrootdir}" \ 1071.27Schristos "${named_plugindir}" "$p" 1081.27Schristos done 1091.12Schristos ;; 1101.12Schristos named*) # 4 and 8 1111.12Schristos rc_flags="-g named $rc_flags" 1121.27Schristos copy_if_newer "${named_chrootdir}" "/usr/libexec" "named-xfer" 1131.12Schristos ln -fs "${named_chrootdir}/var/run/ndc" /var/run/ndc 1141.12Schristos ;; 1151.12Schristos esac 1161.12Schristos 1171.25Stls for i in null random urandom; do 1181.28Skre if ! [ -c "${named_chrootdir}/dev/$i" ]; then 1191.13Schristos rm -f "${named_chrootdir}/dev/$i" 1201.28Skre ( cd /dev && 1211.28Skre /bin/pax -rw -pe "$i" "${named_chrootdir}/dev" ) 1221.13Schristos fi 1231.13Schristos done 1241.4Slukem 1251.28Skre if ! [ -h /etc/namedb ]; then 1261.28Skre named_migrate /etc/namedb "${named_chrootdir}" 1271.16Schristos fi 1281.23Schristos 1291.23Schristos for i in named.conf rndc.key; do 1301.28Skre if [ -r "/etc/$i" ] && ! [ -h "/etc/$i" ] && 1311.28Skre ! [ -r "${named_chrootdir}/etc/$i" ] 1321.28Skre then 1331.23Schristos mv "/etc/$i" "${named_chrootdir}/etc/$i" 1341.23Schristos ln -s "${named_chrootdir}/etc/$i" "/etc/$i" 1351.23Schristos fi 1361.23Schristos done 1371.23Schristos 1381.28Skre if ! [ -r ${named_chrootdir}/etc/named.conf ] && 1391.28Skre [ -r ${named_chrootdir}/etc/namedb/named.conf ] 1401.28Skre then 1411.28Skre ln -s namedb/named.conf "${named_chrootdir}/etc" 1421.16Schristos fi 1431.16Schristos 1441.7Slukem if [ -f /etc/localtime ]; then 1451.28Skre cmp -s /etc/localtime "${named_chrootdir}/etc/localtime" || 1461.7Slukem cp -p /etc/localtime "${named_chrootdir}/etc/localtime" 1471.7Slukem fi 1481.21Schristos 1491.21Schristos local piddir="$(dirname "${pidfile}")" 1501.21Schristos mkdir -p "${named_chrootdir}${piddir}" "${piddir}" 1511.21Schristos chmod 755 "${named_chrootdir}${piddir}" "${piddir}" 1521.21Schristos chown named:named "${named_chrootdir}${piddir}" "${piddir}" 1531.21Schristos ln -fs "${named_chrootdir}${pidfile}" "${pidfile}" 1541.7Slukem 1551.7Slukem # Change run_rc_commands()'s internal copy of $named_flags 1561.7Slukem # 1571.12Schristos rc_flags="-u named -t ${named_chrootdir} $rc_flags" 1581.7Slukem} 1591.1Slukem 1601.5Slukemload_rc_config $name 1611.3Slukemrun_rc_command "$1" 162