Mercurial Mercurial > hg > ius > dnstools / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
update-zone
changeset 34 f5db9f4a3e76
parent 33 d3269961e944
child 35 b809ae6c2f57 
--- a/update-zone	Fri Aug 13 17:00:37 2010 +0200
+++ b/update-zone	Thu Sep 30 11:35:51 2010 +0200
@@ -21,6 +21,12 @@
 use FindBin;
 
 my @configs = ( "$FindBin::Bin/dnstools.conf", "/etc/dnstools.conf" );
+my @dnssec_killkeys
+    = ( "$FindBin::Bin/dnssec-killkey", "/usr/bin/dnstools/dnssec-killkey" );
+my $dnssec_killkey;
+my @dnssec_creatkeys
+    = ( "$FindBin::Bin/dnssec-creatkey", "/usr/bin/dnstools/dnssec-creatkey" );
+my $dnssec_creatkey;
 my @dnssec_signs
     = ( "$FindBin::Bin/dnssec-sign", "/usr/bin/dnstools/dnssec-sign" );
 my %config;
@@ -34,6 +40,22 @@
 unless ( seek( CONFIG, 0, 0 ) ) {
     die "Can't open config (searched: @configs)\n";
 }
+foreach ( grep {-f} @dnssec_killkeys ) {
+    if ( -x $_ ) {
+        $dnssec_killkey = $_;
+    }
+    else {
+        die "Can't run $_\n";
+    }
+}
+foreach ( grep {-f} @dnssec_creatkeys ) {
+    if ( -x $_ ) {
+        $dnssec_creatkey = $_;
+    }
+    else {
+        die "Can't run $_\n";
+    }
+}
 foreach ( grep {-f} @dnssec_signs ) {
     if ( -x $_ ) {
         $dnssec_sign = $_;
@@ -65,6 +87,7 @@
 my @Zones;
 my $file;
 
+
 sub cleanup() { unlink @tmpfiles; }
 END { cleanup(); }
 
@@ -78,7 +101,7 @@
 @Zones = @ARGV ? @ARGV : glob("$master_dir/*");
 
 MAIN: {
-    my $changed;
+    my $changed = 0;
     my ( $dd, $mm, $yy ) = ( localtime() )[ 3 .. 5 ];
     my $date;
     $mm++;
@@ -109,12 +132,12 @@
                     print "$2 ==> $2.signed\n";
                     $_ = "$1$2.signed$3\n";
                 }
+            }
 
-                open( FILE, ">$conf_file" ) or die "$conf_file: $!\n";
-                print FILE @c_content;
-                close(FILE);
-
-            }
+            open( FILE, ">$conf_file" ) or die "$conf_file: $!\n";
+            print FILE @c_content;
+            close(FILE);
+            
         }
         else {
 
@@ -136,6 +159,7 @@
     }
 
     # erzeugt eine named.conf-datei aus den entsprechenden vorlagen.
+    print "** creat named.conf.zones **\n";
     open( TO, ">$bind_dir/named.conf.zones" )
         or die "$bind_dir/named.conf.zones: $!\n";
     while (<$conf_dir/*>) {
@@ -145,7 +169,20 @@
     }
     close(TO);
 
+    # aufruf von sign-killkey
+    print "** execute dnssec-killkey for keyrollover **\n";
+    system "$dnssec_killkey";
+    die "$dnssec_killkey not found ($!)" if $? == -1;
+    exit 1 if $?;
+    
+    # aufruf von sign-creatkey
+    print "** execute dnssec-creatkey for keyrollover **\n";
+    system "$dnssec_creatkey";
+    die "$dnssec_creatkey not found ($!)" if $? == -1;
+    exit 1 if $?;
+
     # update-serial
+    print "** update serial **\n";
     foreach ( $dd, $mm ) { s/^\d$/0$&/; }
     $yy += 1900;
     $date = "$yy$mm$dd";
@@ -221,8 +258,10 @@
 
     my $pidfile;
 
-    print
-        "** Changed $changed files, the nameserver needs to be reloaded!\n";
+    unless ($changed == 0) {
+        print "Changed $changed files.\n";
+    }
+
     foreach (
         qw(/var/run/bind/run/named.pid /var/run/named.pid /etc/named.pid))
     {
@@ -230,6 +269,7 @@
     }
 
     # dnssec-sign aufruf fuer geanderten domains
+    print "** execute dnssec-sign **\n";
     system "$dnssec_sign @change_names";
     die "$dnssec_sign not found ($!)" if $? == -1;
     exit 1 if $?;
ius/dnstools