diff options
| -rwxr-xr-x | make-bindconfig-from-ldap | 132 | ||||
| -rwxr-xr-x | rvi | 35 |
2 files changed, 167 insertions, 0 deletions
diff --git a/make-bindconfig-from-ldap b/make-bindconfig-from-ldap new file mode 100755 index 0000000..92939b0 --- /dev/null +++ b/make-bindconfig-from-ldap @@ -0,0 +1,132 @@ +#!/usr/bin/perl -wT + +# Copyright 2002, 2003, 2004, 2005 Peter Palfrader <peter@palfrader.org> +# All rights reserved. + +=pod + +=head1 NAME + +makezonefile - create config file for bind + +=head1 SYNOPSIS + +makezonefile + +=head1 DESCRIPTION + +makezonefile reads from STDIN a list of domains and +their assoziated nameservers; one domain per line, the primary, the nameservers +seperated by whitespace. + +Example: + + sigint.net 82.94.251.194 asteria.debian.or.at. seppia.noreply.org. + theremailer.net 195.244.237.84|213.239.201.102 asteria.debian.or.at. + vanderheide.ca 64.26.156.90 asteria.debian.or.at. + +First column is the domain in question, second is the primary or primaries +separated by a pipe symbol, the rest are the nameservers + +For each domain it will then look whether this host's name (as configured in +the @THISNAMES variable) appears in the list of nameservers and if that is the +case add a slave entry to the file hardcoded in the script. + +Afterwards a bind9 reload will be issued. + + +The script is typicalle called from ssh (using authorized keys with command=script). + +=head1 OPTIONS + +none + +=head1 AUTHOR + +Peter Palfrader E<lt>peter@palfrader.org<gt> + +=head1 FILES + +/var/cache/bind/weasel/ldapzones.conf.slave.pushed + +=head1 REQUIREMENTS + +none but perl + +=head1 SEE ALSO + +Ask author. + +=cut + + +use strict; +use English; + +$ENV{'PATH'} = '/bin:/usr/bin'; +delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'}; + +my $NAMEDCONF = '/etc/bind/named.conf.from-opium.ldapzones.slave.pushed'; +my @RELOAD = qw{/etc/init.d/bind9 reload}; +my @THISNAMES = qw{asteria.debian.or.at.}; +#my @THISNAMES = qw{seppia.noreply.org. ns3.noreply.org.}; +#my @THISNAMES = qw{redeemer.devspread.org.}; + +my $date = localtime(); +open (CONF, ">$NAMEDCONF") or + die ("Cannot open $NAMEDCONF: $!\n"); +print CONF << "EOF"; +// conf file for bind +// $date +// automatically created by $PROGRAM_NAME from stdin (probably called by ssh) +// vim:set syn=named: +EOF + +my @lines = <>; +DOMAIN: +for my $line (@lines) { + chomp ($line); + my @part = split (/\s+/, $line); + my $domain = shift @part; + my @masters = split /\|/, shift @part; + unless (defined $domain && ($domain =~ /^[a-z0-9.-]+$/)) { + warn "Skipping $domain: bad name\n"; + next; + }; + if (scalar @masters == 0) { + warn "Skipping $domain: No masters\n"; + next; + }; + for my $master (@masters) { + unless (defined $master && ($master =~ /^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/)) { + warn "Skipping $domain: bad master '$master'\n"; + next DOMAIN; + }; + }; + my $this_ns = 0; + for my $ns (@part) { + for my $my_name (@THISNAMES) { + $this_ns |= ($ns eq $my_name); + }; + }; + next unless $this_ns; + + print CONF << "EOF"; + zone "$domain" { + type slave; + file "from-opium-slave-ldap-$domain"; + allow-transfer { "none"; }; + allow-query { any; }; + masters { +EOF + for my $master (@masters) { + print CONF " $master;\n"; + }; + print CONF << "EOF"; + }; + }; +EOF +}; +close (CONF); + +exec(@RELOAD); @@ -0,0 +1,35 @@ +#!/bin/sh + +if ! [ -e "$1" ] ; then + echo "$1 does not exist." >&2 + exit 1 +fi + +DN=`dirname "$1"` +BN=`basename "$1"` +if ! [ -e "$1,v" ] && ! [ -e "$DN/RCS/$BN,v" ] ; then + echo "Neither $1,v nor $DN/RCS/$BN,v do not exist." >&2 + exit 1 +fi + +rcsdiff -u $1 +if [ $? -ne 0 ] ; then + rcsdiff $1 > $1.rvi.diff + echo + echo "Differences detected" + echo "run 'co $1' to overwrite with last committed version" + echo "or 'co -l $1; patch $1 < $1.rvi.diff; ci -u $1' to commit" + exit 1 +fi +rm -f $1.rvi.diff + +co -l $1 +if [ $? -ne 0 ] ; then + echo "Check out failed." + echo "Maybe someone else is currently editing this file." + echo "Aborting rvi." + exit 1 +fi +/usr/bin/vim $1 +ci -u $1 + |