d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
cd22091d46
freebsd-nq/etc/rc.d/named
Doug Barton 8f1bb3891d Create a named chroot directory structure in /var/named, and use it 
by default when named is enabled. Also, improve our default directory
layout by creating /var/named/etc/namedb/{master|slave} directories,
and use the former for the generated localhost* files.

Rather than using pax to copy device entries, mount devfs in the
chroot directory.

There may be some corner cases where things need to be adjusted,
but overall this structure has been well tested on a production
network, and should serve the needs of the vast majority of users.

UPDATING has instructions on how to do the conversion for those
with existing configurations.
2004-09-28 09:46:00 +00:00

107 lines
2.6 KiB
Bash
Executable File
Raw Blame History

#!/bin/sh
#
# $NetBSD: named,v 1.10 2002/03/22 04:33:59 thorpej Exp $
# $FreeBSD$
#
# PROVIDE: named
# REQUIRE: SERVERS
# BEFORE: DAEMON
# KEYWORD: FreeBSD
. /etc/rc.subr
name="named"
rcvar=`set_rcvar`
start_precmd="named_precmd"
start_postcmd="make_symlinks"
required_dirs="$named_chrootdir" # if it is set, it must exist
extra_commands="reload"
# If running in a chroot cage, ensure that the appropriate files
# exist inside the cage, as well as helper symlinks into the cage
# from outside.
#
# As this is called after the is_running and required_dir checks
# are made in run_rc_command(), we can safely assume ${named_chrootdir}
# exists and named isn't running at this point (unless forcestart
# is used).
#
chroot_autoupdate()
{
# Create (or update) the chroot directory structure
#
if [ -f /etc/mtree/BIND.chroot.dist ]; then
mtree -deU -f /etc/mtree/BIND.chroot.dist \
-p ${named_chrootdir}
else
warn "/etc/mtree/BIND.chroot.dist missing,"
warn "chroot directory structure not updated"
fi
# Create /etc/namedb symlink
#
if [ ! -L /etc/namedb ]; then
if [ -d /etc/namedb ]; then
warn "named chroot: /etc/namedb is a directory!"
elif [ -e /etc/namedb ]; then
warn "named chroot: /etc/namedb exists!"
else
ln -s ${named_chrootdir}/etc/namedb /etc/namedb
fi
fi
# Mount a devfs in the chroot directory if needed
#
if [ ! -c ${named_chrootdir}/dev/random -o \
! -c ${named_chrootdir}/dev/null ]; then
umount ${named_chrootdir}/dev 2>/dev/null
mount_devfs devfs ${named_chrootdir}/dev
fi
# Copy local timezone information if it is not up to date.
#
if [ -f /etc/localtime ]; then
cmp -s /etc/localtime "${named_chrootdir}/etc/localtime" || \
cp -p /etc/localtime "${named_chrootdir}/etc/localtime"
fi
}
# Make symlinks to the correct pid file
#
make_symlinks()
{
checkyesno named_symlink_enable &&
ln -fs "${named_chrootdir}${pidfile}" ${pidfile}
}
named_precmd()
{
local confgen_chroot
# Is the user using a sandbox?
#
if [ -n "$named_chrootdir" ]; then
rc_flags="$rc_flags -t $named_chrootdir"
confgen_chroot="-t${named_chrootdir} -u bind"
checkyesno named_chroot_autoupdate && chroot_autoupdate
else
named_symlink_enable=NO
fi
# Create an rndc.key file for the user if none exists
#
if [ ! -f "${named_chrootdir}/etc/namedb/rndc.key" -a \
! -f "${named_chrootdir}/etc/namedb/rndc.conf" ]; then
rndc-confgen -a -b256 ${confgen_chroot}
fi
}
load_rc_config $name
# The following variable requires that rc.conf be loaded first
#
required_dirs="$named_chrootdir" # if it is set, it must exist
pidfile="${named_pidfile:-/var/run/${name}/pid}"
run_rc_command "$1"
Reference in New Issue View Git Blame Copy Permalink