Overhaul the named boot script:

1. Remove a now-spurious NetBSD CVS Id, as we are no longer synching work 2. Remove a now-spurious BEFORE, since ntpdate now REQUIRE's named 3. Replace the call to set rcvar with what that function would output, and generally reduce indirection ($name -> named) since it's highly unlikely the name of the named process or service will change any time soon. 4. Resort the order the variables at the top of the file to a more traditional format, and remove a spurious required_dirs from the top, as it works better after load_rc_config. 5. We do not want the default reload method with named, so define a simple but appropriate substitute using rndc. If I were writing this script for the first time I would not include this at all, since it's preferable to control a running daemon with rndc to start with, but given that this is already here, let's do it right. I hope that future generations will however resist the tempation to add reconfig to extra_commands. 6. By the same token, we want to use rndc to shut down named, but given that by defining a stop function we lose the "find the process by its pid file in an emergency" goodness of rc.subr, try to do something useful in the event that rndc is not available, and keep the user informed. 7. Replace some "test -f" with "test -r" to handle the unlikely event that the relevant file exists, but is unreadable. 8. Twiddle whitespace in a few areas, remove a spurious blank line, a bogus double space, and try to do better indenting. 9. Improve generation of the rndc.key file significantly a. If for some reason a user has an rndc.conf file, assume that they did that on purpose, and hence know what they are doing, so leave them alone. b. Introduce a named_uid configuration variable so that the user which owns the rndc.key file and the user named runs as always match, and is more easily configurable. This should dramatically reduce problems with rndc. c. Also test that the rndc.key file size is greater than zero, rather than simply that the file exists. I have seen at least one user report this exact problem, and although neither of us is sure where the empty file came from, the fix is simple, so include it. d. Rather than try to create an rndc.key file in both /etc/namedb and the chroot'ed /etc/namedb, assume that they are be the same (which they should be), and only create the file in the chroot'ed version of the directory. This partially addresses the problem described in conf/73929, but I have not yet finished thinking about the PREFIX issue that PR also raises. As a result of introducing the named_uid knob, the default named_flags are now empty. Update defaults/rc.conf and rc.conf(5) to reflect these changes.
2006-02-13 08:45:51 +00:00 · 2006-02-13 08:45:51 +00:00 · 196b6a193e
commit 196b6a193e
parent d8267df729
3 changed files with 53 additions and 24 deletions
--- a/etc/defaults/rc.conf
+++ b/etc/defaults/rc.conf
@ -197,8 +197,9 @@ inetd_flags="-wW -C 60"		# Optional flags to inetd
 #
 named_enable="NO"		# Run named, the DNS server (or NO).
 named_program="/usr/sbin/named"	# path to named, if you want a different one.
-named_flags="-u bind" 		# Flags for named
+#named_flags="" 		# Flags for named
 named_pidfile="/var/run/named/pid" # Must set this in named.conf as well
+named_uid="bind" 		# User to run named as
 named_chrootdir="/var/named"	# Chroot directory (or "" not to auto-chroot it)
 named_chroot_autoupdate="YES"	# Automatically install/update chrooted
 				# components of named. See /etc/rc.d/named.
--- a/etc/rc.d/named
+++ b/etc/rc.d/named
@ -1,24 +1,25 @@
 #!/bin/sh
 #
-# $NetBSD: named,v 1.10 2002/03/22 04:33:59 thorpej Exp $
 # $FreeBSD$
 #

 # PROVIDE: named
 # REQUIRE: SERVERS cleanvar
-# BEFORE:  DAEMON
 # KEYWORD: shutdown

 . /etc/rc.subr

 name="named"
-rcvar=`set_rcvar`
-command="/usr/sbin/${name}"
+rcvar=named_enable
+
+command="/usr/sbin/named"
+extra_commands="reload"
+
 start_precmd="named_precmd"
 start_postcmd="make_symlinks"
+reload_cmd="named_reload"
+stop_cmd="named_stop"
 stop_postcmd="named_poststop"
-required_dirs="$named_chrootdir"	# if it is set, it must exist
-extra_commands="reload"

 # If running in a chroot cage, ensure that the appropriate files
 # exist inside the cage, as well as helper symlinks into the cage
@ -33,7 +34,7 @@ chroot_autoupdate()
 {
 	# Create (or update) the chroot directory structure
 	#
-	if [ -f /etc/mtree/BIND.chroot.dist ]; then
+	if [ -r /etc/mtree/BIND.chroot.dist ]; then
 		mtree -deU -f /etc/mtree/BIND.chroot.dist \
 		    -p ${named_chrootdir}
 	else
@ -54,7 +55,6 @@ chroot_autoupdate()
 	else
 		# Make sure it points to the right place.
 		ln -shf ${named_chrootdir}/etc/namedb /etc/namedb
-
 	fi

 	# Mount a devfs in the chroot directory if needed
@ -66,9 +66,9 @@ chroot_autoupdate()

 	# Copy local timezone information if it is not up to date.
 	#
-	if [ -f /etc/localtime ]; then
-		cmp -s /etc/localtime "${named_chrootdir}/etc/localtime" || \
-		cp -p /etc/localtime "${named_chrootdir}/etc/localtime"
+	if [ -r /etc/localtime ]; then
+		cmp -s /etc/localtime "${named_chrootdir}/etc/localtime" ||
+		    cp -p /etc/localtime "${named_chrootdir}/etc/localtime"
 	fi
 }

@ -77,25 +77,40 @@ chroot_autoupdate()
 make_symlinks()
 {
 	checkyesno named_symlink_enable &&
-	ln -fs "${named_chrootdir}${pidfile}" ${pidfile}
+	    ln -fs "${named_chrootdir}${pidfile}" ${pidfile}
+}
+
+named_reload()
+{
+	rndc reload
+}
+
+named_stop()
+{
+	echo -n "Stopping named"
+	if rndc stop 2>/dev/null; then
+		echo .
+	else
+		echo -n ": rndc failed, trying killall: "
+		if killall named; then
+			echo .
+		fi
+	fi
 }

 named_poststop()
 {
-	if [ -n "${named_chrootdir}"  -a -c ${named_chrootdir}/dev/null ]; then
+	if [ -n "${named_chrootdir}" -a -c ${named_chrootdir}/dev/null ]; then
 		umount ${named_chrootdir}/dev 2>/dev/null || true
 	fi
 }

 named_precmd()
 {
-	local confgen_chroot
-
 	# Is the user using a sandbox?
 	#
 	if [ -n "$named_chrootdir" ]; then
 		rc_flags="$rc_flags -t $named_chrootdir"
-		confgen_chroot="-t${named_chrootdir} -u bind"
 		checkyesno named_chroot_autoupdate && chroot_autoupdate
 	else
 		named_symlink_enable=NO
@ -103,16 +118,26 @@ named_precmd()

 	# Create an rndc.key file for the user if none exists
 	#
-	if [ ! -f "${named_chrootdir}/etc/namedb/rndc.key" -a \
-	    ! -f "${named_chrootdir}/etc/namedb/rndc.conf" ]; then
-		rndc-confgen -a -b256 ${confgen_chroot}
+	if [ -s "${named_chrootdir}/etc/namedb/rndc.conf" ]; then
+		return 0
+	fi
+	confgen_command="rndc-confgen -a -b256 -u $named_uid \
+	    -c ${named_chrootdir}/etc/namedb/rndc.key"
+	if [ -s "${named_chrootdir}/etc/namedb/rndc.key" ]; then
+		if [ ! `stat -f%Su ${named_chrootdir}/etc/namedb/rndc.key` = \
+		    "$named_uid" ]; then
+			$confgen_command
+		fi
+	else
+		$confgen_command
 	fi
 }

 load_rc_config $name
-# The following variable requires that rc.conf be loaded first
+# Updating the following variables requires that rc.conf be loaded first
 #
 required_dirs="$named_chrootdir"	# if it is set, it must exist
-pidfile="${named_pidfile:-/var/run/${name}/pid}"
+pidfile="${named_pidfile:-/var/run/named/pid}"
+command_args="-u ${named_uid:=root}"

 run_rc_command "$1"
--- a/share/man/man5/rc.conf.5
+++ b/share/man/man5/rc.conf.5
@ -24,7 +24,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd February 3, 2006
+.Dd February 13, 2006
 .Dt RC.CONF 5
 .Os
 .Sh NAME
@ -1448,8 +1448,11 @@ these are the flags to pass to
 This is the default path to the
 .Xr named 8
 daemon's PID file.
-Change it if you change the location in
+This must match the location in
 .Xr named.conf 5 .
+.It Va named_uid
+.Pq Vt str
+The user that the named process should be run as.
 .It Va named_chrootdir
 .Pq Vt str
 The root directory for a name server run in a