sbin/update-serial
changeset 132 1306901e3462
parent 128 ce219be2c383
child 136 43e9d618af43
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/sbin/update-serial	Mon Jun 06 12:48:00 2011 +0200
@@ -0,0 +1,126 @@
+#!/usr/bin/perl -w
+
+#    Copyright (C) 2011 Matthias Förste
+#    Copyright (C) 2010, 2011 Heiko Schlittermann
+#    Copyright (C) 2010 Andre Süß
+#
+#    This program is free software: you can redistribute it and/or modify
+#    it under the terms of the GNU General Public License as published by
+#    the Free Software Foundation, either version 3 of the License, or
+#    (at your option) any later version.
+#
+#    This program is distributed in the hope that it will be useful,
+#    but WITHOUT ANY WARRANTY; without even the implied warranty of
+#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#    GNU General Public License for more details.
+#
+#    You should have received a copy of the GNU General Public License
+#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+#    Matthias Förste <foerste@schlittermann.de>
+
+=encoding utf8
+=cut
+
+use v5.10;
+use strict;
+use warnings;
+
+use Pod::Usage;
+use Getopt::Long;
+use File::Temp;
+use IO::File;
+use POSIX qw(strftime);
+use if $ENV{DEBUG} => "Smart::Comments";
+use DNStools::Config qw(get_config);
+use DNStools::UpdateSerial;
+
+my %opt;
+
+MAIN: {
+
+    GetOptions(
+        "sign-alert-time=i" => \$opt{sign_alert_time},
+        "key-counter-end=i" => \$opt{key_counter_end},
+        "h|help"            => sub { pod2usage(-exit => 0, -verbose => 1) },
+        "m|man"             => sub {
+            pod2usage(
+                -exit => 0,
+                -verbose   => 2,
+                # "system('perldoc -V &>/dev/null')" appears shorter, but may not
+                # do what you expect ( it still returns 0 on debian squeeze with
+                # dash as system shell even if cannot find the command in $PATH)
+                -noperldoc => system('perldoc -V >/dev/null 2>&1')
+            );
+        }
+    ) or pod2usage;
+
+    # merge the config and the defined options from commandline
+    my @configs = ( "dnstools.conf", "$ENV{HOME}/.dnstools.conf",
+        "/etc/dnstools.conf");
+    unshift @configs, $ENV{DNSTOOLS_CONF} if defined $ENV{DNSTOOLS_CONF};
+    %config = get_config @configs, \%opt;
+
+    my @candidates = @ARGV ? zones(@ARGV) : changed_zones;
+    push @candidates, update_index($config{indexzone});
+    push @candidates, signature_expired($config{sign_alert_time});
+
+    my @need_rollover = need_rollover;
+    my @done_rollover = done_rollover;
+
+    push @candidates, begin_rollover(@need_rollover);
+    push @candidates, end_rollover(@done_rollover);
+
+    foreach my $zone (uniq(@candidates)) {
+#        say "XXX: candidate $zone";
+        update_serial($zone);
+        sign($zone) if dnssec_enabled($zone, "$config{master_dir}/$config{indexzone}/$config{indexzone}");
+#        say "XXX: $zone should be signed" if dnssec_enabled($zone, "$config{master_dir}/$config{indexzone}/$config{indexzone}");
+    }
+
+    file_entry;
+    mk_zone_conf($config{bind_dir}, $config{zone_conf_dir});
+    server_reload;
+
+}
+
+__END__
+
+=pod
+
+=head1 NAME
+ 
+ update-serial - updates the serial numbers and re-signs the zone files
+
+=head1 SYNOPSIS
+
+ update-serial [options] [zone...]
+
+=head1 DESCRIPTION
+
+B<update-serial> scans the configured directories for modified zone files. On any
+file found it increments the serial number and signs the zone, if approbiate.
+
+=head1 OPTIONS
+
+=over
+
+=item B<--sign-alert-time> I<days>
+
+TODO
+
+=item B<--key-counter-end> I<integer>
+
+Maximum number if key usages.
+
+=back
+
+The common options B<-h>|B<--help>|B<-m>|B<--man> are supported.
+
+=head1 AUTHORS
+
+Matthias Förste L<<foerste@schlittermann.de>>, Heiko Schlittermann L<<hs@schlittermann.de>>, Andre Süss L<<andre.suess@pipkin.cc>>
+
+=cut
+
+# vim:sts=4 sw=4 aw ai sm: