info-cvs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A bunch of questions about commitinfo

From: Greg A. Woods
Subject: Re: A bunch of questions about commitinfo
Date: Fri, 9 Nov 2001 14:08:39 -0500 (EST) 
[ On Friday, November 9, 2001 at 11:17:47 (+0100), Marc Haber wrote: ]
> Subject: Re: A bunch of questions about commitinfo
>
> Drilling people doesn't work :-(

Well, no, it doesn't always -- but if you have other checks and balances
such as peer pressure it can encourage people to be more careful!  ;-)

> What I am planning is generating a named.conf fragment in the
> commitinfo script, so that in case of new zones being added to the
> repository the corresponding zone entry in the named.conf file can be
> generated automatically. Also, I'd like to automatically add
> allow-query clauses to named.conf for every zone that is loaded
> automatically.

Don't even try to do it that way.

Don't ever version any generated files -- only version the sources to
the programs which do the work.

I.e. always automatically generate _all_ of the named.conf include file
for all of the zones that will be installed into the running
configuration (then test it along with the zone files themselves, of
course) and just version the sources for the script that generates it.

For example this shell script will generate a file suitable for
including from within the main /etc/named.conf given a list of zone
names.  As you can see this example generates a config suitable for a
slave server.  I name my forward zone files with the same name as the
zone, but I name the in-addr.arpa zone files with the IPV4 network
number (usually without trailing ".0"s).  If you do this you can use
"ls" and the inverse of the little awk program below to create the zone
name and instead just use "ls -1 | tr ..." in your directory of zone
files instead of keeping a list and reading from it as below (in fact as
you'll see I generate the list from a named-master.conf file which is
for now still manually maintained, partly to accomodate internal
documentation).

(warning this is slightly edited from the original and not tested in
this form)

#! /bin/sh

# set your authoriative nameserver's IP# here
#
AUTH_SERVER_IP="1.2.3.4"

# list any master zone files....
#
MASTERS="/etc/namedb/named-master.conf"

argv0=$(basename $0)

# WARNING:  this script could fail to interlock properly if it can be
# invoked simultaneously with more than one name!  Don't do that!
# 
LOCKDIR=/etc/namedb/$(basename $0).lock

if [ -e $LOCKDIR ] ; then
        echo "It appears there's already an instance of $0 running..." 1>&2
        exit 1
fi

if mkdir $LOCKDIR ; then
        : #got it!
else
        echo "Oops, just missed grabbing $LOCKDIR!  Try later...." 1>&2
        exit 1
fi

rm -f /etc/namedb/named-slave.conf-new

echo "# Created with $0: $(date)" > /etc/namedb/named-slave.conf-new
echo "# By: $(who am i)" >> /etc/namedb/named-slave.conf-new

cat >> /etc/namedb/named-slave.conf-new <<EOF
#
# named-slave.conf -  zones to secondary from the authoritative nameserver
#
# NOTE: only use this file *only* on the secondary server(s)!
#

#     #                                                   ###
#  #  #    ##    #####   #    #     #    #    #   ####    ###
#  #  #   #  #   #    #  ##   #     #    ##   #  #    #   ###
#  #  #  #    #  #    #  # #  #     #    # #  #  #         #
#  #  #  ######  #####   #  # #     #    #  # #  #  ###
#  #  #  #    #  #   #   #   ##     #    #   ##  #    #   ###
 ## ##   #    #  #    #  #    #     #    #    #   ####    ###

#
#       THIS FILE IS UPDATED AUTOMATICALLY!
#
EOF

# create a list of all zones we are master for
#
rm -f  /etc/namedb/master.list-new
awk -F'"' '$0 ~ /zone "/ { print $2 }' $MASTERS > /etc/namedb/master.list-new

mv -f /etc/namedb/master.list-new /etc/namedb/master.list

for zone in $(tr '[A-Z]' '[a-z]' < /etc/namedb/master.list) ; do
        case "${zone}" in
        *.in-addr.arpa)
                forward=$(echo "$zone" | \
                        sed -e 's/\.in-addr\.arpa//' | \
                        awk -F. '
                        {
                                printf("%d", $NF);
                                for (i=(NF-1); i>0; i--) {
                                        printf(".%d", $i);
                                }
                        }' \
                )
                echo "zone \"${zone}\" {"
                echo "  type slave;"
                echo "  file \"slave/${forward}\";"
                echo "  masters {"
                echo "          ${AUTH_SERVER_IP};"
                echo "  };"
                echo "};"
                echo ""
                ;;
        *)
                echo "zone \"${zone}\" {"
                echo "  type slave;"
                echo "  file \"slave/${zone}\";"
                echo "  masters {"
                echo "          ${AUTH_SERVER_IP};"
                echo "  };"
                echo "};"
                echo ""
                ;;
        esac
done >> /etc/namedb/named-slave.conf-new

#
# include this generated file with the following statement in named.conf:
#
#       include "named-slave.conf";
#
mv -f /etc/namedb/named-slave.conf-new /etc/namedb/named-slave.conf
chmod 444 /etc/namedb/named-slave.conf

# finally update ns2
# (do this in a loop for multiple secondaries)
#
rcp /etc/namedb/named-slave.conf ns2.sec:/etc/namedb
rsh ns2.sec /usr/sbin/ndc reload

rmdir $LOCKDIR

exit 0


-- 
                                                        Greg A. Woods

+1 416 218-0098      VE3TCP      <address@hidden>     <address@hidden>
Planix, Inc. <address@hidden>;   Secrets of the Weird <address@hidden>
reply via email to
[Prev in Thread] Current Thread [Next in Thread]