diff options
| author | Adam Tkac <atkac@redhat.com> | 2012-12-20 14:34:39 +0100 |
|---|---|---|
| committer | Adam Tkac <atkac@redhat.com> | 2012-12-20 14:34:39 +0100 |
| commit | 0f7d49832f9d425653f62b4ec13235e5b998997e (patch) | |
| tree | e7501b99435e9f48b6998854e68916198934144c | |
| parent | e73262808d614de4374dd9311e8237fff14e6e93 (diff) | |
| download | bind-0f7d49832f9d425653f62b4ec13235e5b998997e.tar.gz bind-0f7d49832f9d425653f62b4ec13235e5b998997e.tar.xz bind-0f7d49832f9d425653f62b4ec13235e5b998997e.zip | |
Renerate /etc/rndc.key during named service startup if doesn't exist
- increase startup timeout in systemd units to 90sec (default)
Signed-off-by: Adam Tkac <atkac@redhat.com>
| -rw-r--r-- | bind.spec | 9 | ||||
| -rwxr-xr-x | generate-rndc-key.sh | 19 | ||||
| -rw-r--r-- | named-chroot.service | 2 | ||||
| -rw-r--r-- | named-sdb-chroot.service | 2 | ||||
| -rw-r--r-- | named-sdb.service | 2 | ||||
| -rw-r--r-- | named.service | 2 |
6 files changed, 31 insertions, 5 deletions
@@ -26,7 +26,7 @@ Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv Name: bind License: ISC Version: 9.9.2 -Release: 5.%{PATCHVER}%{?dist} +Release: 6.%{PATCHVER}%{?dist} Epoch: 32 Url: http://www.isc.org/products/BIND/ Buildroot:%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -53,6 +53,7 @@ Source38: named-chroot.service Source39: named-sdb.service Source40: named-sdb-chroot.service Source41: setup-named-chroot.sh +Source42: generate-rndc-key.sh # Common patches Patch5: bind-nonexec.patch @@ -433,6 +434,7 @@ install -m 644 %{SOURCE40} ${RPM_BUILD_ROOT}%{_unitdir} mkdir -p ${RPM_BUILD_ROOT}%{_libexecdir} install -m 755 %{SOURCE41} ${RPM_BUILD_ROOT}%{_libexecdir}/setup-named-chroot.sh +install -m 755 %{SOURCE42} ${RPM_BUILD_ROOT}%{_libexecdir}/generate-rndc-key.sh install -m 644 %SOURCE3 ${RPM_BUILD_ROOT}/etc/logrotate.d/named install -m 755 %SOURCE4 ${RPM_BUILD_ROOT}/etc/NetworkManager/dispatcher.d/13-named @@ -618,6 +620,7 @@ rm -rf ${RPM_BUILD_ROOT} %{_sbindir}/rndc* %{_sbindir}/named-compilezone %{_sbindir}/isc-hmac-fixup +%{_libexecdir}/generate-rndc-key.sh %{_mandir}/man1/arpaname.1* %{_mandir}/man5/named.conf.5* %{_mandir}/man5/rndc.conf.5* @@ -769,6 +772,10 @@ rm -rf ${RPM_BUILD_ROOT} %endif %changelog +* Thu Dec 20 2012 Adam Tkac <atkac redhat com> 32:9.9.2-6.P1 +- generate /etc/rndc.key during named service startup if doesn't exist +- increase startup timeout in systemd units to 90sec (default) + * Wed Dec 05 2012 Tomas Hozza <thozza@redhat.com> 32:9.9.2-5.P1 - update to bind-9.9.2-P1 diff --git a/generate-rndc-key.sh b/generate-rndc-key.sh new file mode 100755 index 0000000..5678413 --- /dev/null +++ b/generate-rndc-key.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +. /etc/rc.d/init.d/functions + +# This script generates /etc/rndc.key if doesn't exist + +if [ ! -s /etc/rndc.key ]; then + echo -n $"Generating /etc/rndc.key:" + if /usr/sbin/rndc-confgen -a > /dev/null 2>&1; then + chmod 640 /etc/rndc.key + chown root.named /etc/rndc.key + [ -x /sbin/restorecon ] && /sbin/restorecon /etc/rndc.key + success $"/etc/rndc.key generation" + echo + else + failure $"/etc/rndc.key generation" + echo + fi +fi diff --git a/named-chroot.service b/named-chroot.service index 6cbb350..84c775b 100644 --- a/named-chroot.service +++ b/named-chroot.service @@ -14,6 +14,7 @@ EnvironmentFile=-/etc/sysconfig/named Environment=KRB5_KTNAME=/etc/named.keytab PIDFile=/var/named/chroot/var/run/named/named.pid +ExecStartPre=/usr/libexec/generate-rndc-key.sh ExecStartPre=/usr/libexec/setup-named-chroot.sh /var/named/chroot on ExecStartPre=/usr/sbin/named-checkconf -t /var/named/chroot -z /etc/named.conf ExecStart=/usr/sbin/named -u named -t /var/named/chroot $OPTIONS @@ -24,7 +25,6 @@ ExecStop=/bin/sh -c '/usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MA ExecStopPost=/usr/libexec/setup-named-chroot.sh /var/named/chroot off PrivateTmp=false -TimeoutSec=25 [Install] WantedBy=multi-user.target diff --git a/named-sdb-chroot.service b/named-sdb-chroot.service index 4259c7c..d9318da 100644 --- a/named-sdb-chroot.service +++ b/named-sdb-chroot.service @@ -14,6 +14,7 @@ EnvironmentFile=-/etc/sysconfig/named Environment=KRB5_KTNAME=/etc/named.keytab PIDFile=/var/named/chroot/var/run/named/named.pid +ExecStartPre=/usr/libexec/generate-rndc-key.sh ExecStartPre=/usr/libexec/setup-named-chroot.sh /var/named/chroot on ExecStartPre=/usr/sbin/named-checkconf -t /var/named/chroot -z /etc/named.conf ExecStart=/usr/sbin/named-sdb -u named -t /var/named/chroot $OPTIONS @@ -24,7 +25,6 @@ ExecStop=/bin/sh -c '/usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MA ExecStopPost=/usr/libexec/setup-named-chroot.sh /var/named/chroot off PrivateTmp=false -TimeoutSec=25 [Install] WantedBy=multi-user.target diff --git a/named-sdb.service b/named-sdb.service index dd9cc0e..424846d 100644 --- a/named-sdb.service +++ b/named-sdb.service @@ -10,6 +10,7 @@ EnvironmentFile=-/etc/sysconfig/named Environment=KRB5_KTNAME=/etc/named.keytab PIDFile=/var/run/named/named.pid +ExecStartPre=/usr/libexec/generate-rndc-key.sh ExecStartPre=/usr/sbin/named-checkconf -z /etc/named.conf ExecStart=/usr/sbin/named-sdb -u named $OPTIONS @@ -18,7 +19,6 @@ ExecReload=/bin/sh -c '/usr/sbin/rndc reload > /dev/null 2>&1 || /bin/kill -HUP ExecStop=/bin/sh -c '/usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MAINPID' PrivateTmp=true -TimeoutSec=25 [Install] WantedBy=multi-user.target diff --git a/named.service b/named.service index 388fc89..f04403b 100644 --- a/named.service +++ b/named.service @@ -10,6 +10,7 @@ EnvironmentFile=-/etc/sysconfig/named Environment=KRB5_KTNAME=/etc/named.keytab PIDFile=/run/named/named.pid +ExecStartPre=/usr/libexec/generate-rndc-key.sh ExecStartPre=/usr/sbin/named-checkconf -z /etc/named.conf ExecStart=/usr/sbin/named -u named $OPTIONS @@ -18,7 +19,6 @@ ExecReload=/bin/sh -c '/usr/sbin/rndc reload > /dev/null 2>&1 || /bin/kill -HUP ExecStop=/bin/sh -c '/usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MAINPID' PrivateTmp=true -TimeoutSec=25 [Install] WantedBy=multi-user.target |