| @@ -1,16 +1,16 @@ | | | @@ -1,16 +1,16 @@ |
1 | #!/bin/sh | | 1 | #!/bin/sh |
2 | # | | 2 | # |
3 | # $NetBSD: named,v 1.26 2020/07/04 06:24:53 skrll Exp $ | | 3 | # $NetBSD: named,v 1.27 2021/03/31 04:57:25 christos Exp $ |
4 | # | | 4 | # |
5 | | | 5 | |
6 | # PROVIDE: named | | 6 | # PROVIDE: named |
7 | # REQUIRE: NETWORKING mountcritremote syslogd | | 7 | # REQUIRE: NETWORKING mountcritremote syslogd |
8 | # BEFORE: DAEMON | | 8 | # BEFORE: DAEMON |
9 | # KEYWORD: chrootdir | | 9 | # KEYWORD: chrootdir |
10 | | | 10 | |
11 | $_rc_subr_loaded . /etc/rc.subr | | 11 | $_rc_subr_loaded . /etc/rc.subr |
12 | | | 12 | |
13 | name="named" | | 13 | name="named" |
14 | rcvar=$name | | 14 | rcvar=$name |
15 | command="/usr/sbin/${name}" | | 15 | command="/usr/sbin/${name}" |
16 | pidfile="/var/run/${name}/${name}.pid" | | 16 | pidfile="/var/run/${name}/${name}.pid" |
| @@ -51,62 +51,77 @@ named_migrate() | | | @@ -51,62 +51,77 @@ named_migrate() |
51 | cp -p "$f" "$dst/$f" | | 51 | cp -p "$f" "$dst/$f" |
52 | fi | | 52 | fi |
53 | done | | 53 | done |
54 | if $diff; then | | 54 | if $diff; then |
55 | echo "Cannot complete migration because files are different" | | 55 | echo "Cannot complete migration because files are different" |
56 | echo "Run 'diff -r $src $dst' resolve the differences" | | 56 | echo "Run 'diff -r $src $dst' resolve the differences" |
57 | else | | 57 | else |
58 | rm -fr "$src" | | 58 | rm -fr "$src" |
59 | ln -s "$dst" "$src" | | 59 | ln -s "$dst" "$src" |
60 | fi | | 60 | fi |
61 | ) | | 61 | ) |
62 | } | | 62 | } |
63 | | | 63 | |
| | | 64 | copy_if_newer() |
| | | 65 | { |
| | | 66 | local chrootdir="$1" |
| | | 67 | local dir="$2" |
| | | 68 | local file="$3" |
| | | 69 | if [ ! -x "${chrootdir}${dir}/${file}" -o \ |
| | | 70 | "${chrootdir}${dir}/${file}" -ot "${dir}/${file}" ]; then |
| | | 71 | rm -f "${chrootdir}${dir}/${file}" |
| | | 72 | cp -p "${dir}/${file}" "${chrootdir}${dir}/${file}" |
| | | 73 | fi |
| | | 74 | } |
| | | 75 | |
64 | named_precmd() | | 76 | named_precmd() |
65 | { | | 77 | { |
66 | if [ ! -e "/etc/rndc.key" ]; then | | 78 | if [ ! -e "/etc/rndc.key" ]; then |
67 | echo "Generating rndc.key" | | 79 | echo "Generating rndc.key" |
68 | /usr/sbin/rndc-confgen -a | | 80 | /usr/sbin/rndc-confgen -a |
69 | fi | | 81 | fi |
70 | | | 82 | |
71 | if [ -z "$named_chrootdir" ]; then | | 83 | if [ -z "$named_chrootdir" ]; then |
72 | if [ ! -d "/etc/namedb/keys" ]; then | | 84 | if [ ! -d "/etc/namedb/keys" ]; then |
73 | mkdir -m 775 "/etc/namedb/keys" | | 85 | mkdir -m 775 "/etc/namedb/keys" |
74 | chown named:named "/etc/namedb/keys" | | 86 | chown named:named "/etc/namedb/keys" |
75 | fi | | 87 | fi |
76 | return 0; | | 88 | return 0; |
77 | fi | | 89 | fi |
78 | | | 90 | |
79 | # If running in a chroot cage, ensure that the appropriate files | | 91 | # If running in a chroot cage, ensure that the appropriate files |
80 | # exist inside the cage, as well as helper symlinks into the cage | | 92 | # exist inside the cage, as well as helper symlinks into the cage |
81 | # from outside. | | 93 | # from outside. |
82 | # | | 94 | # |
83 | # As this is called after the is_running and required_dir checks | | 95 | # As this is called after the is_running and required_dir checks |
84 | # are made in run_rc_command(), we can safely assume ${named_chrootdir} | | 96 | # are made in run_rc_command(), we can safely assume ${named_chrootdir} |
85 | # exists and named isn't running at this point (unless forcestart | | 97 | # exists and named isn't running at this point (unless forcestart |
86 | # is used). | | 98 | # is used). |
87 | # | | 99 | # |
88 | case "$($command -v)" in | | 100 | case "$($command -v)" in |
89 | BIND*) # 9 no group, named-xfer, or ndc | | 101 | BIND*) # 9 no group, named-xfer, or ndc |
| | | 102 | named_plugindir="/usr/libexec/named" |
| | | 103 | if [ ! -d "${named_chrootdir}${named_plugindir}" ]; then |
| | | 104 | mkdir -p -m 755 "${named_chrootdir}${named_plugindir}" |
| | | 105 | chown root:wheel "${named_chrootdir}${named_plugindir}" |
| | | 106 | fi |
| | | 107 | for p in filter-aaaa.so; do |
| | | 108 | copy_if_newer "${named_chrootdir}" \ |
| | | 109 | "${named_plugindir}" "$p" |
| | | 110 | done |
90 | ;; | | 111 | ;; |
91 | named*) # 4 and 8 | | 112 | named*) # 4 and 8 |
92 | rc_flags="-g named $rc_flags" | | 113 | rc_flags="-g named $rc_flags" |
93 | if [ ! -x "${named_chrootdir}/usr/libexec/named-xfer" -o \ | | 114 | copy_if_newer "${named_chrootdir}" "/usr/libexec" "named-xfer" |
94 | "${named_chrootdir}/usr/libexec/named-xfer" -ot \ | | | |
95 | /usr/libexec/named-xfer ]; then | | | |
96 | rm -f "${named_chrootdir}/usr/libexec/named-xfer" | | | |
97 | cp -p /usr/libexec/named-xfer \ | | | |
98 | "${named_chrootdir}/usr/libexec" | | | |
99 | fi | | | |
100 | ln -fs "${named_chrootdir}/var/run/ndc" /var/run/ndc | | 115 | ln -fs "${named_chrootdir}/var/run/ndc" /var/run/ndc |
101 | ;; | | 116 | ;; |
102 | esac | | 117 | esac |
103 | | | 118 | |
104 | for i in null random urandom; do | | 119 | for i in null random urandom; do |
105 | if [ ! -c "${named_chrootdir}/dev/$i" ]; then | | 120 | if [ ! -c "${named_chrootdir}/dev/$i" ]; then |
106 | rm -f "${named_chrootdir}/dev/$i" | | 121 | rm -f "${named_chrootdir}/dev/$i" |
107 | (cd /dev && | | 122 | (cd /dev && |
108 | /bin/pax -rw -pe "$i" "${named_chrootdir}/dev") | | 123 | /bin/pax -rw -pe "$i" "${named_chrootdir}/dev") |
109 | fi | | 124 | fi |
110 | done | | 125 | done |
111 | | | 126 | |
112 | if [ ! -h /etc/namedb ]; then | | 127 | if [ ! -h /etc/namedb ]; then |