update-zone
changeset 38 d50f6874b7ab
parent 37 d3158de72598
child 39 8b46e7c48995
child 43 7e472c559b36
child 45 5dc44dc86f61
--- a/update-zone	Thu Dec 02 16:46:17 2010 +0100
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,298 +0,0 @@
-#! /usr/bin/perl
-# (c) 1998 Heiko Schlittermann <heiko@datom.de>
-#
-# … work in progress do integrate dnssec (branch suess)
-#
-# Update the serial numbers in zone files
-# The serial number needs to match a specified pattern (see
-# the line marked w/ PATTERN.
-#
-# ToDo:
-# . test against an md5 sum, not just the date of the stamp file
-# . FIXME: handle `/' in file names (currently only working in
-#   the current directory)
-# . optionally reload the named
-
-use strict;
-use warnings;
-
-use File::Basename;
-use File::Copy;
-use FindBin;
-
-my @configs = ( "$FindBin::Bin/dnstools.conf", "/etc/dnstools.conf" );
-my @dnssec_killkeys
-    = ( "$FindBin::Bin/dnssec-killkey", "/usr/bin/dnstools/dnssec-killkey" );
-my $dnssec_killkey;
-my @dnssec_creatkeys
-    = ( "$FindBin::Bin/dnssec-creatkey", "/usr/bin/dnstools/dnssec-creatkey" );
-my $dnssec_creatkey;
-my @dnssec_signs
-    = ( "$FindBin::Bin/dnssec-sign", "/usr/bin/dnstools/dnssec-sign" );
-my %config;
-my $dnssec_sign;
-my @change_names = ();
-
-foreach ( grep {-f} @configs ) {
-    open( CONFIG, $_ ) or die "Can't open $_: $!\n";
-}
-
-unless ( seek( CONFIG, 0, 0 ) ) {
-    die "Can't open config (searched: @configs)\n";
-}
-foreach ( grep {-f} @dnssec_killkeys ) {
-    if ( -x $_ ) {
-        $dnssec_killkey = $_;
-    }
-    else {
-        die "Can't run $_\n";
-    }
-}
-foreach ( grep {-f} @dnssec_creatkeys ) {
-    if ( -x $_ ) {
-        $dnssec_creatkey = $_;
-    }
-    else {
-        die "Can't run $_\n";
-    }
-}
-foreach ( grep {-f} @dnssec_signs ) {
-    if ( -x $_ ) {
-        $dnssec_sign = $_;
-    }
-    else {
-        die "Can't run $_\n";
-    }
-}
-
-while (<CONFIG>) {
-    chomp;
-    s/#.*//;
-    s/\t//g;
-    s/\s//g;
-    next unless length;
-    my ( $cname, $ccont ) = split( /\s*=\s*/, $_, 2 );
-    $config{$cname} = $ccont;
-}
-close(CONFIG);
-
-my $bind_dir   = $config{bind_dir};
-my $conf_dir   = $config{zone_conf_dir};
-my $master_dir = $config{master_dir};
-
-my $ME = basename $0;
-my @tmpfiles;
-my $verbose = 0;
-my $opt_yes = 0;
-my @Zones;
-my $file;
-
-
-sub cleanup() { unlink @tmpfiles; }
-END { cleanup(); }
-
-for (@ARGV) {
-    if ( $_ eq "-y" ) {
-        $opt_yes = 1;
-        shift @ARGV;
-    }
-}
-
-@Zones = @ARGV ? @ARGV : glob("$master_dir/*");
-
-MAIN: {
-    my $changed = 0;
-    my ( $dd, $mm, $yy ) = ( localtime() )[ 3 .. 5 ];
-    my $date;
-    $mm++;
-
-    # prueft jede domain, die ein verzeichnis in $master_dir hat, ob sie
-    # dnssec nutzt.
-    # passt die eintraege in $config_file falls noetig an.
-    while (<$master_dir/*>) {
-        s#($master_dir/)(.*)#$2#;
-        my $zone = $_;
-
-        my $zone_file = "$master_dir/$zone/$zone";
-        my $conf_file = "$conf_dir/$zone";
-        my @c_content;
-
-        unless ( -f "$conf_file" ) {
-            die "$conf_file: $! \n";
-        }
-
-        if ( -e "$master_dir/$zone/.keycounter" ) {
-
-            open( FILE, "<$conf_file" ) or die "$conf_file: $!\n";
-            @c_content = <FILE>;
-            close(FILE);
-
-            for (@c_content) {
-                if (m{(.*)($zone_file)(";)}) {
-                    print "$2 ==> $2.signed\n";
-                    $_ = "$1$2.signed$3\n";
-                }
-            }
-
-            open( FILE, ">$conf_file" ) or die "$conf_file: $!\n";
-            print FILE @c_content;
-            close(FILE);
-            
-        }
-        else {
-
-            open( FILE, "<$conf_file" ) or die "$conf_file: $!\n";
-            @c_content = <FILE>;
-            close(FILE);
-
-            for (@c_content) {
-                if (m{(.*)($zone_file)\.signed(.*)}) {
-                    print "$2.signed ==> $2\n";
-                    $_ = "$1$2$3\n";
-                }
-            }
-    
-            open( FILE, ">$conf_file" ) or die "$conf_file: $!\n";
-            print FILE @c_content;
-            close(FILE);
-        }
-    }
-
-    # erzeugt eine named.conf-datei aus den entsprechenden vorlagen.
-    print "** creat named.conf.zones **\n";
-    open( TO, ">$bind_dir/named.conf.zones" )
-        or die "$bind_dir/named.conf.zones: $!\n";
-    while (<$conf_dir/*>) {
-        open( FROM, "$_" ) or die "$_: $! \n";
-        print TO <FROM>;
-        close(FROM);
-    }
-    close(TO);
-
-    # aufruf von dnssec-killkey
-    print "** execute dnssec-killkey for keyrollover **\n";
-    system "$dnssec_killkey";
-    die "$dnssec_killkey not found ($!)" if $? == -1;
-    exit 1 if $?;
-    
-    # aufruf von dnssec-creatkey
-    print "** execute dnssec-creatkey for keyrollover **\n";
-    system "$dnssec_creatkey";
-    die "$dnssec_creatkey not found ($!)" if $? == -1;
-    exit 1 if $?;
-
-    # aufruf von dnssec-sign
-    print "** execute dnssec-sign for sign-update **\n";
-    system "$dnssec_sign";
-    die "$dnssec_sign not found ($!)" if $? == -1;
-    exit 1 if $?;
-
-    # update-serial
-    print "** update serial **\n";
-    foreach ( $dd, $mm ) { s/^\d$/0$&/; }
-    $yy += 1900;
-    $date = "$yy$mm$dd";
-
-    while ( my $file = shift @Zones ) {
-
-        my $file_basename = basename($file);
-
-        $file =~ s#($master_dir)(/.*)#$1$2$2#;
-        local ( *I, *O );
-        my $done = 0;
-
-        my $new   = "$file.$$.tmp";
-        my $bak   = "$file.bak";
-        my $stamp = $master_dir . "/.stamp/" . basename($file);
-
-        $file =~ /(\.bak|~)$/ and next;
-        $file !~ /\./ and next;
-
-        $verbose && print "$file:";
-
-        if ( -f $stamp && ( ( stat($stamp) )[9] >= ( stat($file) )[9] ) ) {
-            $verbose && print " fresh, skipping.\n";
-            next;
-        }
-
-        $done = 0;
-        push @tmpfiles, $new;
-        open( *I, "<$file" ) or die("Can't open < $file: $!\n");
-        open( *O, ">$new" )  or die("Can't open > $new: $!\n");
-
-        while (<I>) {
-            /^\s+((\d+)(\d{2}))\s*;\s*serial/i and do {    # PATTERN
-                my ( $sdate, $scount, $serial ) = ( $2, $3, $1 );
-                $done = 1;
-                print " [$file] serial $sdate$scount";
-
-                if   ( $date eq $sdate ) { $scount++; }
-                else                     { $sdate = $date; $scount = "00"; }
-
-                print " bumping to $sdate$scount";
-                s/$serial/$sdate$scount/;
-
-            };
-            print O;
-        }
-
-        close(O);
-        close(I);
-
-        if ($done) {
-
-            open( I, "<$new" )  or die("Can't open <$new: $!\n");
-            open( O, ">$file" ) or die("Can't open >$file: $!\n");
-            while (<I>) { print O or die("Can't write to $file: $!\n"); }
-            close(I) or die("Can't close $new: $!\n");
-            close(O) or die("Can't close $file: $!\n");
-
-            unlink $new;
-
-            open( O, ">$stamp" ) or die("Can't open >$stamp: $!\n");
-            close(O);
-            $changed++;
-
-            push @change_names, $file_basename;
-
-        }
-        else {
-            print " $file: no serial number found: no zone file?";
-        }
-        print "\n";
-    }
-
-    my $pidfile;
-
-    unless ($changed == 0) {
-        print "Changed $changed files.\n";
-    }
-
-    foreach (
-        qw(/var/run/bind/run/named.pid /var/run/named.pid /etc/named.pid))
-    {
-        -f $_ and $pidfile = $_ and last;
-    }
-
-    # dnssec-sign aufruf fuer geanderten domains
-    print "** execute dnssec-sign **\n";
-    system "$dnssec_sign @change_names";
-    die "$dnssec_sign not found ($!)" if $? == -1;
-    exit 1 if $?;
-
-    if ($pidfile) {
-        if ($opt_yes) {
-            $_ = "y";
-            print "** Nameserver will be reloaded\n";
-        }
-        else { print "** Reload now? [Y/n]: "; $_ = <STDIN>; }
-        /^y|^$/i and system "rndc reload";
-    }
-    else {
-        print
-            "** No PID of a running named found.  Please reload manually.\n";
-
-    }
-
-}
-