900526
#!/bin/bash
900526
900526
# Warning: the order is important
900526
# If a directory containing $ROOTDIR is listed here,
900526
# it MUST be listed last. (/var/named contains /var/named/chroot)
900526
ROOTDIR_MOUNT='/etc/localtime /etc/named /etc/pki/dnssec-keys /etc/named.root.key /etc/named.conf
900526
/etc/named.dnssec.keys /etc/named.rfc1912.zones /etc/rndc.conf /etc/rndc.key /etc/named.iscdlv.key /etc/protocols /etc/services
900526
/usr/lib64/bind /usr/lib/bind /run/named
900526
/var/named'
900526
900526
usage()
900526
{
900526
  echo
900526
  echo 'This script setups chroot environment for BIND'
900526
  echo 'Usage: setup-named-chroot.sh ROOTDIR [on|off]'
900526
}
900526
900526
if ! [ "$#" -eq 2 ]; then
900526
  echo 'Wrong number of arguments'
900526
  usage
900526
  exit 1
900526
fi
900526
900526
ROOTDIR="$1"
900526
900526
# Exit if ROOTDIR doesn't exist
900526
if ! [ -d "$ROOTDIR" ]; then
900526
  echo "Root directory $ROOTDIR doesn't exist"
900526
  usage
900526
  exit 1
900526
fi
900526
900526
mount_chroot_conf()
900526
{
900526
  if [ -n "$ROOTDIR" ]; then
900526
    for all in $ROOTDIR_MOUNT; do
900526
      # Skip nonexistant files
900526
      [ -e "$all" ] || continue
900526
900526
      # If mount source is a file
900526
      if ! [ -d "$all" ]; then
900526
        # mount it only if it is not present in chroot or it is empty
900526
        if ! [ -e "$ROOTDIR$all" ] || [ `stat -c'%s' "$ROOTDIR$all"` -eq 0 ]; then
900526
          touch "$ROOTDIR$all"
900526
          mount --bind "$all" "$ROOTDIR$all"
900526
        fi
900526
      else
900526
        # Mount source is a directory. Mount it only if directory in chroot is
900526
        # empty.
900526
        if [ -e "$all" ] && [ `ls -1A $ROOTDIR$all | wc -l` -eq 0 ]; then
900526
          mount --bind --make-private "$all" "$ROOTDIR$all"
900526
        fi
900526
      fi
900526
    done
900526
  fi
900526
}
900526
900526
umount_chroot_conf()
900526
{
900526
  if [ -n "$ROOTDIR" ]; then
900526
    for all in $ROOTDIR_MOUNT; do
900526
      # Check if file is mount target. Do not use /proc/mounts because detecting
900526
      # of modified mounted files can fail.
900526
      if mount | grep -q '.* on '"$ROOTDIR$all"' .*'; then
900526
        umount "$ROOTDIR$all"
900526
        # Remove temporary created files
900526
        [ -f "$all" ] && rm -f "$ROOTDIR$all"
900526
      fi
900526
    done
900526
  fi
900526
}
900526
900526
case "$2" in
900526
  on)
900526
    mount_chroot_conf
900526
    ;;
900526
  off)
900526
    umount_chroot_conf
900526
    ;;
900526
  *)
900526
    echo 'Second argument has to be "on" or "off"'
900526
    usage
900526
    exit 1
900526
esac
900526
900526
exit 0