|
jvdias |
0cd02a |
#!/bin/bash
|
|
jvdias |
0cd02a |
#
|
|
jvdias |
0cd02a |
# Script to control the bind-chroot ISC BIND named(8) server runtime environment.
|
|
jvdias |
0cd02a |
#
|
|
jvdias |
0cd02a |
# Usage:
|
|
jvdias |
0cd02a |
# [ -e | --enable ] [ -d | --disable ] | [ -s --sync ]
|
|
jvdias |
0cd02a |
#
|
|
jvdias |
0cd02a |
# -e | --enable: enable the bind-chroot environment
|
|
jvdias |
0cd02a |
# -d | --disable: disable the bind-chroot environment
|
|
jvdias |
0cd02a |
# -s | --sync: sync files between the bind chroot and / environments,
|
|
jvdias |
0cd02a |
# so they are correct for the current state of the bind-chroot
|
|
jvdias |
0cd02a |
# (enabled / disabled)
|
|
jvdias |
0cd02a |
# $BIND_CHROOT_PREFIX, default /var/named/chroot, is the location of the chroot.
|
|
jvdias |
0cd02a |
# $BIND_DIR, default /var/named, is the default un-chrooted bind directory.
|
|
jvdias |
0cd02a |
#
|
|
jvdias |
0cd02a |
# Copyright(C) 2006 Jason Vas Dias <jvdias@redhat.com>, Red Hat, Inc.
|
|
jvdias |
0cd02a |
#
|
|
jvdias |
0cd02a |
# This software is provided under the terms of the GNU
|
|
jvdias |
0cd02a |
# General Public License (GPL), as published at:
|
|
jvdias |
0cd02a |
# http://www.gnu.org/licenses/gpl.html .
|
|
jvdias |
0cd02a |
#
|
|
jvdias |
0cd02a |
#
|
|
jvdias |
0cd02a |
BIND_CHROOT_PREFIX=${BIND_CHROOT_PREFIX:-@BIND_CHROOT_PREFIX@}
|
|
jvdias |
0cd02a |
BIND_DIR=${BIND_DIR:-@BIND_DIR@}
|
|
jvdias |
0cd02a |
|
|
jvdias |
0cd02a |
function usage()
|
|
jvdias |
0cd02a |
{
|
|
jvdias |
0cd02a |
echo 'Usage:
|
|
jvdias |
0cd02a |
-e | --enable: enable the bind-chroot environment
|
|
jvdias |
0cd02a |
-d | --disable: disable the bind-chroot environment
|
|
jvdias |
0cd02a |
-s | --sync: sync files between the bind chroot and / environments,
|
|
jvdias |
0cd02a |
so they are correct for the current state of the bind-chroot
|
|
jvdias |
0cd02a |
(enabled / disabled)
|
|
jvdias |
0cd02a |
$BIND_CHROOT_PREFIX, default /var/named/chroot, is the location of the chroot.
|
|
jvdias |
0cd02a |
$BIND_DIR, default /var/named, is the default un-chrooted bind directory.
|
|
jvdias |
0cd02a |
';
|
|
jvdias |
0cd02a |
}
|
|
jvdias |
0cd02a |
|
|
jvdias |
0cd02a |
function rootdir()
|
|
jvdias |
0cd02a |
{
|
|
jvdias |
0cd02a |
. /etc/sysconfig/named
|
|
jvdias |
0cd02a |
if [ -n "$ROOTDIR" ]; then
|
|
jvdias |
0cd02a |
BIND_CHROOT_PREFIX="$ROOTDIR";
|
|
jvdias |
0cd02a |
BIND_CHROOT_PREFIX=`echo $BIND_CHROOT_PREFIX | sed 's#//*#/#g;s#/$##'`;
|
|
jvdias |
0cd02a |
if [ -L "$BIND_CHROOT_PREFIX" ]; then
|
|
jvdias |
0cd02a |
BIND_CHROOT_PREFIX=`/usr/bin/readlink "$BIND_CHROOT_PREFIX"`;
|
|
jvdias |
0cd02a |
fi
|
|
Adam Tkac |
7d1ee6 |
ENABLED=0;
|
|
Adam Tkac |
7d1ee6 |
else
|
|
Adam Tkac |
7d1ee6 |
ENABLED=1;
|
|
jvdias |
0cd02a |
fi;
|
|
jvdias |
0cd02a |
}
|
|
jvdias |
0cd02a |
|
|
jvdias |
fc31cd |
function selinux_enabled()
|
|
jvdias |
fc31cd |
{
|
|
Adam Tkac |
60fd32 |
if [ -x /usr/sbin/selinuxenabled ]; then
|
|
Adam Tkac |
60fd32 |
/usr/sbin/selinuxenabled;
|
|
Adam Tkac |
182006 |
return $?;
|
|
Adam Tkac |
60fd32 |
fi;
|
|
Adam Tkac |
182006 |
return 1;
|
|
jvdias |
fc31cd |
}
|
|
jvdias |
fc31cd |
|
|
jvdias |
0cd02a |
function check_dirs()
|
|
jvdias |
0cd02a |
{
|
|
jvdias |
0cd02a |
if [ -z "$BIND_CHROOT_PREFIX" ]; then
|
|
Adam Tkac |
7d1ee6 |
usage;
|
|
Adam Tkac |
7d1ee6 |
exit 1;
|
|
Adam Tkac |
7d1ee6 |
fi;
|
|
jvdias |
0cd02a |
BIND_DIR=`echo $BIND_DIR | sed 's#//*#/#g;s#/$##'`;
|
|
jvdias |
0cd02a |
if [ -L "$BIND_DIR" ]; then
|
|
jvdias |
0cd02a |
BIND_DIR=`/usr/bin/readlink "$BIND_DIR"`;
|
|
jvdias |
0cd02a |
fi
|
|
jvdias |
0cd02a |
BIND_CHROOT_PREFIX=`echo $BIND_CHROOT_PREFIX | sed 's#//*#/#g;s#/$##'`;
|
|
jvdias |
0cd02a |
if [ -L "$BIND_CHROOT_PREFIX" ]; then
|
|
jvdias |
0cd02a |
BIND_CHROOT_PREFIX=`/usr/bin/readlink "$BIND_CHROOT_PREFIX"`;
|
|
jvdias |
0cd02a |
fi
|
|
jvdias |
d74c49 |
if [ -e /etc/sysconfig/named ]; then
|
|
jvdias |
d74c49 |
/bin/chown root:named /etc/sysconfig/named;
|
|
jvdias |
d74c49 |
/bin/chmod 0640 /etc/sysconfig/named;
|
|
jvdias |
d74c49 |
fi
|
|
Adam Tkac |
7fdb7f |
/bin/mkdir -p ${BIND_DIR}/{slaves,data,dynamic};
|
|
Martin Stransky |
2dcae4 |
/bin/chown --preserve-root root:named ${BIND_DIR};
|
|
Adam Tkac |
7fdb7f |
/bin/chown --preserve-root named:named ${BIND_DIR}/{slaves,data,dynamic};
|
|
Martin Stransky |
2dcae4 |
/bin/chmod --preserve-root 750 ${BIND_DIR}
|
|
Adam Tkac |
7fdb7f |
/bin/chmod --preserve-root 770 ${BIND_DIR}/{slaves,data,dynamic};
|
|
jvdias |
0cd02a |
|
|
Adam Tkac |
7fdb7f |
mkdir -p ${BIND_CHROOT_PREFIX}/{etc,dev,var/{run/named,named/{slaves,data,dynamic}}};
|
|
Martin Stransky |
2dcae4 |
/bin/chown --preserve-root root:named ${BIND_CHROOT_PREFIX}/{etc,dev,var/{run,named/}};
|
|
Martin Stransky |
2dcae4 |
/bin/chown --preserve-root root:named ${BIND_CHROOT_PREFIX}/var;
|
|
Martin Stransky |
2dcae4 |
/bin/chmod --preserve-root 750 ${BIND_CHROOT_PREFIX}/{,etc,dev,var,var/{run,named/}};
|
|
Adam Tkac |
7fdb7f |
/bin/chown --preserve-root named:named ${BIND_CHROOT_PREFIX}/var/{run/named,named/{data,slaves,dynamic}};
|
|
Adam Tkac |
7fdb7f |
/bin/chmod --preserve-root 770 ${BIND_CHROOT_PREFIX}/var/{run/named,named/{slaves,data,dynamic}};
|
|
jvdias |
d74c49 |
|
|
jvdias |
7366a5 |
[ ! -e "${BIND_CHROOT_PREFIX}/dev/random" ] && /bin/mknod "${BIND_CHROOT_PREFIX}/dev/random" c 1 8
|
|
jvdias |
0cd02a |
[ ! -e "${BIND_CHROOT_PREFIX}/dev/zero" ] && /bin/mknod "${BIND_CHROOT_PREFIX}/dev/zero" c 1 5
|
|
jvdias |
0cd02a |
[ ! -e "${BIND_CHROOT_PREFIX}/dev/null" ] && /bin/mknod "${BIND_CHROOT_PREFIX}/dev/null" c 1 3
|
|
jvdias |
0cd02a |
[ ! -e "${BIND_CHROOT_PREFIX}/etc/localtime" ] && [ -e /etc/localtime ] && /bin/cp -fp /etc/localtime "${BIND_CHROOT_PREFIX}/etc/localtime";
|
|
Martin Stransky |
2dcae4 |
/bin/chown --preserve-root root:named "${BIND_CHROOT_PREFIX}"/dev/{random,null,zero};
|
|
Martin Stransky |
2dcae4 |
/bin/chmod --preserve-root 660 "${BIND_CHROOT_PREFIX}"/dev/{random,null,zero};
|
|
Adam Tkac |
e31eda |
if selinux_enabled && [ -x /sbin/restorecon ]; then
|
|
Adam Tkac |
e31eda |
for dev in random zero null; do
|
|
Adam Tkac |
e31eda |
/sbin/restorecon ${BIND_CHROOT_PREFIX}/dev/$dev;
|
|
Adam Tkac |
e31eda |
done
|
|
Adam Tkac |
e31eda |
fi;
|
|
jvdias |
0cd02a |
}
|
|
jvdias |
0cd02a |
|
|
jvdias |
0cd02a |
check_dirs;
|
|
jvdias |
0cd02a |
|
|
jvdias |
0cd02a |
function replace_with_link()
|
|
jvdias |
0cd02a |
{ # replaces $dst second arg file with link to $src first arg file
|
|
jvdias |
0cd02a |
if [ $# -lt 2 ]; then
|
|
jvdias |
0cd02a |
return 1;
|
|
jvdias |
0cd02a |
fi;
|
|
jvdias |
0cd02a |
src=$1
|
|
jvdias |
0cd02a |
dst=$2
|
|
jvdias |
0cd02a |
if [ -z "$src" ] || [ -z "$dst" ] || [ "$src" = "$dst" ]; then
|
|
jvdias |
0cd02a |
return 1;
|
|
jvdias |
0cd02a |
fi
|
|
jvdias |
0cd02a |
if [ ! -e "$src" ]; then
|
|
jvdias |
0cd02a |
if [ ! -e "$dst" ]; then
|
|
jvdias |
0cd02a |
return 1;
|
|
jvdias |
0cd02a |
else
|
|
jvdias |
0cd02a |
if [ -L "$dst" ]; then
|
|
jvdias |
0cd02a |
dstlnk=`/usr/bin/readlink "$dst"`;
|
|
jvdias |
0cd02a |
if [ ! -e "$dstlnk" ] ; then
|
|
jvdias |
0cd02a |
return 1;
|
|
jvdias |
0cd02a |
fi
|
|
jvdias |
0cd02a |
rm -f "$dst";
|
|
jvdias |
0cd02a |
/bin/cp -fp "$dstlnk" "$dst";
|
|
jvdias |
0cd02a |
fi;
|
|
jvdias |
0cd02a |
/bin/mv "$dst" "$src";
|
|
jvdias |
0cd02a |
fi
|
|
jvdias |
0cd02a |
fi
|
|
jvdias |
0cd02a |
if [ -e "$dst" ]; then
|
|
jvdias |
0cd02a |
if [ ! -L "$dst" ]; then
|
|
jvdias |
d74c49 |
if [ ! -s "$dst" ] || /usr/bin/cmp "$dst" "$src" > /dev/null 2>&1; then
|
|
jvdias |
0cd02a |
/bin/rm -f "$dst";
|
|
jvdias |
0cd02a |
else
|
|
jvdias |
0cd02a |
if [ "$src" -nt "$dst" ] || [ ! "$dst" -nt "$src" ] ; then
|
|
jvdias |
0cd02a |
/bin/mv "$dst" "$dst".`/bin/date +'%Y-%m-%d_%H-%M-%S.%N'`;
|
|
jvdias |
0cd02a |
else # [ "$dst" -nt "$src" ]
|
|
jvdias |
0cd02a |
/bin/mv "$src" "$src".`/bin/date +'%Y-%m-%d_%H-%M-%S.%N'`;
|
|
jvdias |
0cd02a |
/bin/mv "$dst" "$src";
|
|
jvdias |
0cd02a |
fi;
|
|
jvdias |
0cd02a |
fi;
|
|
jvdias |
0cd02a |
else
|
|
jvdias |
0cd02a |
dstlnk=`/usr/bin/readlink "$dst"`
|
|
jvdias |
0cd02a |
if [ "$dstlnk" != $src ]; then
|
|
jvdias |
0cd02a |
/bin/rm -f $dst;
|
|
jvdias |
d74c49 |
if ! /usr/bin/cmp "$dstlnk" "$src" > /dev/null 2>&1; then
|
|
jvdias |
d74c49 |
if [ "$dstlnk" != "$dst" ] && [ -s $dstlnk ]; then
|
|
jvdias |
d74c49 |
if [ "$dstlnk" -nt "$src" ] || [ ! "$dstlnk" -nt "$src" ] ; then
|
|
jvdias |
d74c49 |
/bin/cp -fp "$dstlnk" "$dst".`/bin/date +'%Y-%m-%d_%H-%M-%S.%N'`;
|
|
jvdias |
d74c49 |
else
|
|
jvdias |
d74c49 |
/bin/mv "$src" "$src".`/bin/date +'%Y-%m-%d_%H-%M-%S.%N'`;
|
|
jvdias |
d74c49 |
/bin/cp -fp "$dstlnk" "$src";
|
|
jvdias |
d74c49 |
fi;
|
|
jvdias |
d74c49 |
fi;
|
|
jvdias |
0cd02a |
fi;
|
|
jvdias |
0cd02a |
else
|
|
jvdias |
0cd02a |
return 0;
|
|
jvdias |
0cd02a |
fi;
|
|
jvdias |
0cd02a |
fi;
|
|
jvdias |
0cd02a |
fi;
|
|
jvdias |
0cd02a |
/bin/ln -sf "$src" "$dst";
|
|
jvdias |
0cd02a |
return $?;
|
|
jvdias |
0cd02a |
}
|
|
jvdias |
0cd02a |
|
|
jvdias |
0cd02a |
function replace_with_file()
|
|
jvdias |
0cd02a |
{
|
|
jvdias |
0cd02a |
if [ $# -lt 2 ]; then
|
|
jvdias |
0cd02a |
return 1;
|
|
jvdias |
0cd02a |
fi;
|
|
jvdias |
0cd02a |
src=$1;
|
|
jvdias |
0cd02a |
dst=$2;
|
|
jvdias |
0cd02a |
if [ -z "$src" ] || [ -z "$dst" ] || [ "$src" = "$dst" ]; then
|
|
jvdias |
0cd02a |
return 1;
|
|
jvdias |
0cd02a |
fi
|
|
jvdias |
0cd02a |
if [ ! -e "$src" ]; then
|
|
jvdias |
0cd02a |
if [ -e "$dst" ]; then
|
|
jvdias |
0cd02a |
/bin/rm -f $dst;
|
|
jvdias |
0cd02a |
fi;
|
|
jvdias |
0cd02a |
return 1;
|
|
jvdias |
0cd02a |
fi;
|
|
jvdias |
0cd02a |
if [ -e "$dst" ]; then
|
|
jvdias |
0cd02a |
if [ ! -L "$dst" ]; then
|
|
jvdias |
0cd02a |
/bin/mv "$dst" "$dst".`/bin/date +'%Y-%m-%d_%H-%M-%S.%N'`;
|
|
jvdias |
0cd02a |
else
|
|
jvdias |
0cd02a |
/bin/rm -f "$dst";
|
|
jvdias |
0cd02a |
fi;
|
|
jvdias |
0cd02a |
fi;
|
|
jvdias |
0cd02a |
/bin/mv -f "$src" "$dst";
|
|
jvdias |
0cd02a |
}
|
|
jvdias |
0cd02a |
|
|
jvdias |
0cd02a |
function enable_bind_chroot()
|
|
jvdias |
0cd02a |
{
|
|
Adam Tkac |
60fd32 |
rootdir;
|
|
jvdias |
7366a5 |
if /bin/egrep -q '^ROOTDIR=' /etc/sysconfig/named; then
|
|
jvdias |
0cd02a |
/bin/sed -i -e 's#^ROOTDIR=.*$#ROOTDIR='${BIND_CHROOT_PREFIX}'#' /etc/sysconfig/named ;
|
|
jvdias |
0cd02a |
else
|
|
jvdias |
0cd02a |
echo 'ROOTDIR='${BIND_CHROOT_PREFIX} >> /etc/sysconfig/named;
|
|
Adam Tkac |
60fd32 |
fi;
|
|
jvdias |
0cd02a |
}
|
|
jvdias |
0cd02a |
|
|
jvdias |
0cd02a |
function disable_bind_chroot()
|
|
jvdias |
0cd02a |
{
|
|
Adam Tkac |
60fd32 |
/bin/sed -i -e '/^ROOTDIR=/d' /etc/sysconfig/named;
|
|
jvdias |
0cd02a |
}
|
|
jvdias |
0cd02a |
|
|
jvdias |
0cd02a |
function sync_files()
|
|
jvdias |
0cd02a |
{
|
|
Adam Tkac |
60fd32 |
rootdir;
|
|
jvdias |
0cd02a |
shopt -q nullglob;
|
|
jvdias |
0cd02a |
ng=$?
|
|
jvdias |
0cd02a |
shopt -s nullglob;
|
|
jvdias |
0cd02a |
pfx=''
|
|
jvdias |
053216 |
changed=`/bin/mktemp /tmp/XXXXXX`;
|
|
jvdias |
053216 |
rm -f $changed
|
|
Adam Tkac |
7d1ee6 |
if [ $ENABLED -eq 0 ] ; then # chroot is enabled
|
|
Adam Tkac |
19fe83 |
/usr/bin/find /{etc/{named.*,rndc.*},${BIND_DIR#/}{/*,/data/*,/slaves/*,/dynamic/*}} /var/log/named.log -maxdepth 0 -type f |
|
|
jvdias |
0cd02a |
while read f;
|
|
jvdias |
0cd02a |
do
|
|
Adam Tkac |
19fe83 |
replace_with_link ${BIND_CHROOT_PREFIX}$f $f;
|
|
jvdias |
053216 |
[ ! -e $changed ] && touch $changed;
|
|
jvdias |
0cd02a |
done;
|
|
jvdias |
d74c49 |
/usr/bin/find /etc/{named.*,rndc.*}.rpmsave ${BIND_DIR}/*.rpmsave -maxdepth 0 -type l 2>/dev/null |
|
|
jvdias |
d74c49 |
while read f;
|
|
jvdias |
d74c49 |
do
|
|
jvdias |
d74c49 |
/bin/rm -f $f >/dev/null 2>&1;
|
|
jvdias |
d74c49 |
done
|
|
jvdias |
0cd02a |
pfx=${BIND_CHROOT_PREFIX}
|
|
jvdias |
0cd02a |
else # chroot is disabled
|
|
Adam Tkac |
8af0fe |
/usr/bin/find /var/named/chroot/{etc/{named.*,rndc.*},var/{named{/*,/data/*,/slaves/*,/dynamic/*},log/named.log}} -maxdepth 0 |
|
|
jvdias |
0cd02a |
while read f;
|
|
jvdias |
0cd02a |
do
|
|
jvdias |
0cd02a |
if [ ! -d "$f" ]; then
|
|
jvdias |
0cd02a |
replace_with_file $f ${f#$BIND_CHROOT_PREFIX};
|
|
jvdias |
053216 |
[ ! -e $changed ] && touch $changed;
|
|
jvdias |
0cd02a |
fi;
|
|
jvdias |
0cd02a |
done
|
|
jvdias |
0cd02a |
fi;
|
|
jvdias |
053216 |
if [ ! -e ${pfx}/etc/rndc.key ]; then
|
|
jvdias |
053216 |
echo 'key "rndckey" {
|
|
jvdias |
053216 |
algorithm hmac-md5;
|
|
jvdias |
053216 |
secret "'`/usr/sbin/dns-keygen`'";
|
|
jvdias |
053216 |
};' > /etc/rndc.key;
|
|
jvdias |
053216 |
elif /bin/egrep -q '@KEY@' /etc/rndc.key; then
|
|
jvdias |
053216 |
/bin/sed -i -e 's^@KEY@^'`/usr/sbin/dns-keygen`'^' /etc/rndc.key ;
|
|
Adam Tkac |
182006 |
fi
|
|
Adam Tkac |
a7cf97 |
chown -h root:named /var/named/* >/dev/null 2>&1;
|
|
Adam Tkac |
a7cf97 |
chown -h root:named ${BIND_CHROOT_PREFIX}/var/named/* >/dev/null 2>&1;
|
|
jvdias |
d74c49 |
chown -h root:named /etc/{named,rndc}.* >/dev/null 2>&1;
|
|
jvdias |
d74c49 |
chown -h root:named ${BIND_CHROOT_PREFIX}/etc/{named,rndc}.* >/dev/null 2>&1;
|
|
Adam Tkac |
19fe83 |
chown -h named:named /var/log/named.log >/dev/null 2>&1;
|
|
Adam Tkac |
19fe83 |
chown -h named:named ${BIND_CHROOT_PREFIX}/var/log/named.log >/dev/null 2>&1;
|
|
jvdias |
0cd02a |
chmod 750 ${pfx}/var/named >/dev/null 2>&1;
|
|
jvdias |
0cd02a |
chmod 640 ${pfx}/var/named/* >/dev/null 2>&1;
|
|
jvdias |
38b940 |
chmod 750 ${pfx}/var/named/*/. >/dev/null 2>&1;
|
|
Adam Tkac |
19fe83 |
chmod 660 ${pfx}/var/log/named.log >/dev/null 2>&1;
|
|
Adam Tkac |
7fdb7f |
chown -h named:named /var/named/{data{,/*},slaves{,/*},dynamic{,/*}} >/dev/null 2>&1;
|
|
Adam Tkac |
7fdb7f |
chown -h named:named ${BIND_CHROOT_PREFIX}/var/named/{data{,/*},slaves{,/*},dynamic{,/*}} >/dev/null 2>&1;
|
|
Adam Tkac |
7fdb7f |
chmod 770 ${pfx}/var/named/{data,slaves,dynamic} >/dev/null 2>&1;
|
|
Adam Tkac |
7fdb7f |
chmod 660 ${pfx}/var/named/{data/*,slaves/*,dynamic/*} >/dev/null 2>&1;
|
|
Adam Tkac |
7fdb7f |
chmod 770 ${pfx}/var/named/{data/*/.,slaves/*/.,dynamic/*/.} >/dev/null 2>&1;
|
|
jvdias |
053216 |
if [ -e $changed ]; then
|
|
jvdias |
fc31cd |
if selinux_enabled && [ -x /sbin/restorecon ]; then
|
|
Adam Tkac |
e31eda |
/sbin/restorecon -R ${BIND_CHROOT_PREFIX}/{dev,etc,var} >/dev/null 2>&1;
|
|
Adam Tkac |
5ea70d |
/sbin/restorecon /etc/named.* >/dev/null 2>&1;
|
|
Adam Tkac |
5ea70d |
/sbin/restorecon /etc/rndc.key >/dev/null 2>&1;
|
|
Adam Tkac |
5ea70d |
/sbin/restorecon /etc/rndc.conf >/dev/null 2>&1;
|
|
Adam Tkac |
bb5d89 |
for all in `ls /var/named`; do
|
|
Adam Tkac |
bb5d89 |
if [ "x$all" != "xchroot" ]; then
|
|
Adam Tkac |
bb5d89 |
restorecon -R /var/named/"$all" > /dev/null 2>&1;
|
|
Adam Tkac |
bb5d89 |
fi
|
|
Adam Tkac |
bb5d89 |
done
|
|
jvdias |
053216 |
fi;
|
|
Adam Tkac |
a7cf97 |
/sbin/service named try-restart
|
|
jvdias |
053216 |
rm -f $changed;
|
|
jvdias |
053216 |
fi;
|
|
jvdias |
053216 |
if [ $ng -eq 1 ]; then
|
|
jvdias |
053216 |
shopt -u nullglob;
|
|
jvdias |
053216 |
fi;
|
|
jvdias |
0cd02a |
}
|
|
jvdias |
0cd02a |
|
|
Martin Stransky |
5c5cdc |
function clean_root()
|
|
Martin Stransky |
5c5cdc |
{
|
|
Adam Tkac |
7d1ee6 |
if [ $ENABLED -eq 0 ] ; then # chroot is disabled, clean it up
|
|
Martin Stransky |
5c5cdc |
if [ -n "${BIND_CHROOT_PREFIX}" -a "x${BIND_CHROOT_PREFIX}" != "x/" ]; then
|
|
Martin Stransky |
5c5cdc |
rm -r ${BIND_CHROOT_PREFIX}/dev >/dev/null 2>&1 || :;
|
|
Martin Stransky |
5c5cdc |
rmdir ${BIND_CHROOT_PREFIX}/proc >/dev/null 2>&1 || :;
|
|
Martin Stransky |
5c5cdc |
rmdir ${BIND_CHROOT_PREFIX}/etc >/dev/null 2>&1 || :;
|
|
Martin Stransky |
5c5cdc |
rmdir ${BIND_CHROOT_PREFIX}/var/run/named >/dev/null 2>&1 || :;
|
|
Martin Stransky |
5c5cdc |
rmdir ${BIND_CHROOT_PREFIX}/var/run/dbus >/dev/null 2>&1 || :;
|
|
Martin Stransky |
5c5cdc |
rmdir ${BIND_CHROOT_PREFIX}/var/run >/dev/null 2>&1 || :;
|
|
Martin Stransky |
5c5cdc |
rmdir ${BIND_CHROOT_PREFIX}/var/named/slaves >/dev/null 2>&1 || :;
|
|
Martin Stransky |
5c5cdc |
rmdir ${BIND_CHROOT_PREFIX}/var/named/data >/dev/null 2>&1 || :;
|
|
Adam Tkac |
7fdb7f |
rmdir ${BIND_CHROOT_PREFIX}/var/named/dynamic >/dev/null 2>&1 || :;
|
|
Martin Stransky |
5c5cdc |
rmdir ${BIND_CHROOT_PREFIX}/var/named >/dev/null 2>&1 || :;
|
|
Martin Stransky |
5c5cdc |
rmdir ${BIND_CHROOT_PREFIX}/var/tmp >/dev/null 2>&1 || :;
|
|
Martin Stransky |
5c5cdc |
rmdir ${BIND_CHROOT_PREFIX}/var >/dev/null 2>&1 || :;
|
|
Martin Stransky |
5c5cdc |
fi;
|
|
Martin Stransky |
5c5cdc |
fi;
|
|
Martin Stransky |
5c5cdc |
}
|
|
Martin Stransky |
5c5cdc |
|
|
jvdias |
0cd02a |
case $1 in
|
|
jvdias |
0cd02a |
-e|--enable)
|
|
jvdias |
0cd02a |
enable_bind_chroot;
|
|
jvdias |
0cd02a |
sync_files;
|
|
jvdias |
0cd02a |
exit $?;
|
|
jvdias |
0cd02a |
;;
|
|
jvdias |
0cd02a |
-d|--disable)
|
|
jvdias |
0cd02a |
disable_bind_chroot;
|
|
jvdias |
0cd02a |
sync_files;
|
|
jvdias |
7366a5 |
/bin/umount ${BIND_CHROOT_PREFIX}/proc >/dev/null 2>&1 || :;
|
|
jvdias |
7366a5 |
/bin/umount ${BIND_CHROOT_PREFIX}/var/run/dbus >/dev/null 2>&1 || :;
|
|
Martin Stransky |
5c5cdc |
clean_root;
|
|
jvdias |
0cd02a |
exit $?;
|
|
jvdias |
0cd02a |
;;
|
|
jvdias |
0cd02a |
-s|--sync)
|
|
jvdias |
0cd02a |
sync_files;
|
|
jvdias |
0cd02a |
exit $?;
|
|
jvdias |
0cd02a |
;;
|
|
jvdias |
0cd02a |
-q)
|
|
jvdias |
0cd02a |
;;
|
|
jvdias |
0cd02a |
*)
|
|
jvdias |
0cd02a |
usage;
|
|
jvdias |
0cd02a |
exit 1;
|
|
Martin Stransky |
2dcae4 |
esac
|