# HG changeset patch # User asuess@dns.net.schlittermann.de # Date 1280740518 -7200 # Node ID 7229d1c95ea807cce316bfc1702cd2a09909f072 # Parent 6715f8f9d04c0d2aaa717f5b28c59ab46f68e46b dnstools.conf mit perl diff -r 6715f8f9d04c -r 7229d1c95ea8 dnssec-creatkey --- a/dnssec-creatkey Thu Jul 29 14:19:56 2010 +0200 +++ b/dnssec-creatkey Mon Aug 02 11:15:18 2010 +0200 @@ -2,17 +2,32 @@ use strict; -my $master_dir="/etc/bind/master"; # verzeichnis fuer bind -my $key_counter_end="10"; # ablauf des schluessels -my @change; # liste abgelaufener zonen -my @manu; # liste manuell eingegebener zonen aus ARGV +my %config; +open (CONFIG, "dnstools.conf"); +while () { + chomp; + s/#.*//; + s/\t//g; + s/\s//g; + + next unless length; + my ($cname, $ccont) = split (/\s*=\s*/, $_,2); + $config{$cname} = $ccont; +} +close (CONFIG); + + +my $master_dir= $config{master_dir}; +my $key_counter_end=$config{key_counter_end}; +my @change; +my @manu; my @index; my $zone; my $keyname; # prueft ob eingaben in ARGV domains sind und gibt sie in die liste @manu for (@ARGV) { - chomp ($zone = `idn --quiet "$_"`); + chomp (my $zone = `idn --quiet "$_"`); if (-e "$master_dir/$zone") { push (@manu, $zone); diff -r 6715f8f9d04c -r 7229d1c95ea8 dnssec-killkey --- a/dnssec-killkey Thu Jul 29 14:19:56 2010 +0200 +++ b/dnssec-killkey Mon Aug 02 11:15:18 2010 +0200 @@ -2,8 +2,22 @@ use strict; -my $master_dir="/etc/bind/master"; # ordner fuer die einzelnen zonedateiordner -my $ablauf_zeit="1"; # zeit fuer den key-rollover in h +my %config; +open (CONFIG, "dnstools.conf"); +while () { + chomp; + s/#.*//; + s/\t//g; + s/\s//g; + + next unless length; + my ($cname, $ccont) = split (/\s*=\s*/, $_,2); + $config{$cname} = $ccont; +} +close (CONFIG); + +my $master_dir = $config{master_dir}; +my $ablauf_zeit = $config{abl_zeit}; my $zone; my @status; my @auto; @@ -15,14 +29,14 @@ my $zdir = "$master_dir/$zone"; if (-e "$master_dir/$zone") { - if (-e "$zdir/$zone.signed") { `rm $zdir/$zone.signed`} - if (-e "$zdir/.keycounter") { `rm $zdir/.keycounter`} - if (-e "$zdir/.index.ksk") { `rm $zdir/.index.ksk`} - if (-e "$zdir/.index.zsk") { `rm $zdir/.index.zsk`} - if (-e "$zdir/dsset-$zone.") { `rm $zdir/dsset-$zone.`} - if (-e "$zdir/keyset-$zone.") { `rm $zdir/keyset-$zone.`} + if (-e "$zdir/$zone.signed") { unlink $zdir/$zone.signed} + if (-e "$zdir/.keycounter") { unlink $zdir/.keycounter} + if (-e "$zdir/.index.ksk") { unlink $zdir/.index.ksk} + if (-e "$zdir/.index.zsk") { unlink $zdir/.index.zsk} + if (-e "$zdir/dsset-$zone.") { unlink $zdir/dsset-$zone.} + if (-e "$zdir/keyset-$zone.") { unlink $zdir/keyset-$zone.} - foreach (`ls $master_dir/$zone/K*[key,private]`){ `rm $_`} + for (`ls $master_dir/$zone/K*[key,private]`){ unlink $_} } else { print "$zone ist keine verwaltete zone \n"; @@ -80,7 +94,7 @@ # nach abgeschlossenem key-rollover werden fuer die entsprechende zone # unbenoetigte schluessel entfernt und die vorhandenen schluessel in die # zonedatei geschrieben. -foreach (@auto) { +for (@auto) { my $zone = $_; my @old_zone_content = (); my @new_zone_content = (); @@ -101,14 +115,14 @@ # kuerzt die schluessel-bezeichnung aus der indexdatei auf die # id um sie besser vergleichen zu koennen. - foreach (@keylist) { + for (@keylist) { chomp; s#K.*\+.*\+(.*)#$1#; } # filtert alle schluessel aus der zonedatei # old_zone_content ==> new_zone_content - foreach (@old_zone_content) { + for (@old_zone_content) { unless (/IN\sDNSKEY/) { push @new_zone_content, $_; } @@ -116,12 +130,12 @@ # prueft alle schluesseldateien (ksk, zsk) ob sie in der jeweiligen # indexdatei beschrieben sind. wenn nicht werden sie geloescht. - foreach (`ls $master_dir/$zone/K*[key,private]`){ + for (`ls $master_dir/$zone/K*[key,private]`){ chomp; $file = $_; my $rm_count = 1; - foreach (@keylist) { + for (@keylist) { if ($file =~ /$_/) { $rm_count = 0; diff -r 6715f8f9d04c -r 7229d1c95ea8 dnssec-sign --- a/dnssec-sign Thu Jul 29 14:19:56 2010 +0200 +++ b/dnssec-sign Mon Aug 02 11:15:18 2010 +0200 @@ -2,8 +2,22 @@ use strict; -my $master_dir="/etc/bind/master" ; -my $sign_alert_time="48"; # zeitraum zwischen signierung und ablauf in h +my %config; +open (CONFIG, "dnstools.conf"); +while () { + chomp; + s/#.*//; + s/\t//g; + s/\s//g; + + next unless length; + my ($cname, $ccont) = split (/\s*=\s*/, $_,2); + $config{$cname} = $ccont; +} +close (CONFIG); + +my $master_dir=$config{master_dir} ; +my $sign_alert_time=$config{sign_alert_time}; my $zone; my (@manu, @auto); my @zone_sig_content; @@ -12,7 +26,8 @@ # prueft zonen aus ARGV und fuegt sie in die liste @manu ein for (@ARGV) { - chomp ($zone = `idn --quiet $_`); + chomp (my $zone = `idn --quiet "$_"`); + if (-e "$master_dir/$zone") { push @manu, $zone; } else { @@ -20,9 +35,6 @@ } } -# feststellen des aktuellen zeitpunktes, zuzueglich der $sign_alert_time -# die ausgabe $time ist im selben format wie in der signed-datei und kann -# verglichen werden. chomp (my $unixtime=`date +%s`); $unixtime = $unixtime + (3600 * $sign_alert_time); my $time = `date -d \@$unixtime +%Y%m%d%H`; @@ -40,7 +52,7 @@ @zone_sig_content = ; close (ZONE); - foreach (@zone_sig_content) { + for (@zone_sig_content) { if (m#SOA.*[0-9]{14}#) { s#.*([0-9]{10})([0-9]{4}).*#$1#; if ($_ < $time) { @@ -56,8 +68,6 @@ s#($master_dir/)(.*)#$2#; $zone = $_; - - print $zone; if (-e "$master_dir/$zone/.keycounter") { open (KC, "$master_dir/$zone/.keycounter" ); diff -r 6715f8f9d04c -r 7229d1c95ea8 dnstools.conf --- a/dnstools.conf Thu Jul 29 14:19:56 2010 +0200 +++ b/dnstools.conf Mon Aug 02 11:15:18 2010 +0200 @@ -1,15 +1,13 @@ -ABL_ZEIT=1440 # Dauer des Key-Rollover -BIND_DIR=/etc/bind -SECONDARY=hh.schlittermann.de -PRIMARY=pu.schlittermann.de -THIS_HOST= -THIS_IP= -THIS_DOMAIN= -SECONDARY_IP= -HOSTMASTER= -MASTER_DIR=/etc/bind/master -ZONE_CONF_DIR=/etc/bind/zones.d -ZSKLIVE=60 # ZSK-Schluessellebensdauer in Tagen -KSKLIVE=360 # KSK-Schluessellebensdauer in Tagen -KEY_COUNTER_END=5 # Anzahl der maximalen Signierungen bis zum Key-Rollover -SIGN_ALERT_TIME=48 # Warn-Zeitraum vor dem ablauf einer Zone-Signatur in Stunden +bind_dir = /etc/bind +master_dir = /etc/bind/master +zone_conf_dir = /etc/bind/zones.d +key_counter_end = 5 # Anzahl der maximalen Signierungen bis zum Key-Rollover +sign_alert_time = 48 # Warn-Zeitraum vor dem ablauf einer Zone-Signatur in h +abl_zeit = 48 # Dauer des Key-Rollover in h +secondary = hh.schlittermann.de +primary = pu.schlittermann.de +#this_host +#this_ip +#this_domain +#secondary_ip +#hostmaster diff -r 6715f8f9d04c -r 7229d1c95ea8 mkready --- a/mkready Thu Jul 29 14:19:56 2010 +0200 +++ b/mkready Mon Aug 02 11:15:18 2010 +0200 @@ -2,9 +2,24 @@ use strict; -my $bind_dir = "/etc/bind"; -my $conf_dir = "/etc/bind/zones.d"; -my $master_dir = "/etc/bind/master"; +my %config; +open (CONFIG, "dnstools.conf"); +while () { + chomp; + s/#.*//; + s/\t//g; + s/\s//g; + + next unless length; + my ($cname, $ccont) = split (/\s*=\s*/, $_,2); + $config{$cname} = $ccont; +} +close (CONFIG); + + +my $bind_dir = $config{bind_dir}; +my $conf_dir = $config{zone_conf_dir}; +my $master_dir = $config{master_dir}; chomp (my @conf_dir_files = `ls $conf_dir`); # prueft jede domain, die ein verzeichnis in $master_dir hat, ob es eine @@ -25,7 +40,7 @@ @c_content = ; close (FILE); - foreach (@c_content) { + for (@c_content) { if (m{(.*)($zone_file)(";)}) { print "$2 ==> $2.signed\n"; $_ = "$1$2.signed$3\n"; @@ -43,7 +58,7 @@ @c_content = ; close (FILE); - foreach (@c_content) { + for (@c_content) { if (m{(.*)($zone_file)\.signed(.*)}) { print "$2.signed ==> $2\n"; $_ = "$1$2$3\n"; @@ -58,7 +73,7 @@ # erzeugt eine named.conf-datei aus den entsprechenden vorlagen. open( TO, ">$bind_dir/named.conf.zones"); -foreach (@conf_dir_files) { +for (@conf_dir_files) { open (FROM, "$conf_dir/$_"); print TO ; close (FROM); diff -r 6715f8f9d04c -r 7229d1c95ea8 zone-ls --- a/zone-ls Thu Jul 29 14:19:56 2010 +0200 +++ b/zone-ls Mon Aug 02 11:15:18 2010 +0200 @@ -2,10 +2,24 @@ use strict; -my $master_dir = "/etc/bind/master"; +my %config; +open (CONFIG, "dnstools.conf"); +while () { + chomp; + s/#.*//; + s/\t//g; + s/\s//g; + + next unless length; + my ($cname, $ccont) = split (/\s*=\s*/, $_,2); + $config{$cname} = $ccont; +} +close (CONFIG); + +my $master_dir = $config{master_dir}; printf "%-25s %1s/%1s %3s %7s\n", "Domain", "ZSK", "KSK", "Used", "Sig-end"; -foreach (<$master_dir/*>) { +for (<$master_dir/*>) { s#($master_dir/)(.*)#$2#; my $zone = $_; @@ -42,7 +56,7 @@ @temp = ; close (FILE); - foreach (@temp) { + for (@temp) { if (m/RSIG.*SOA.*\s(\d\d\d\d)(\d\d)(\d\d)(\d\d)(\d\d)\d+\s\(/i) { $info_end = "$3.$2.$1 $4:$5"; } diff -r 6715f8f9d04c -r 7229d1c95ea8 zone-mk --- a/zone-mk Thu Jul 29 14:19:56 2010 +0200 +++ b/zone-mk Mon Aug 02 11:15:18 2010 +0200 @@ -2,16 +2,30 @@ use strict; - if (@ARGV < 2) { print "usage: zone-mk kundennummer domain ... \n"; exit 1; } -my $primary = "pu.schlittermann.de"; -my $secondary= "hh.schlittermann.de"; -my $zone_conf_dir= "/etc/bind/zones.d"; -my $master_dir = "/etc/bind/master"; +my %config; +open (CONFIG, "dnstools.conf"); +while () { + chomp; + s/#.*//; + s/\t//g; + s/\s//g; + + next unless length; + my ($cname, $ccont) = split (/\s*=\s*/, $_,2); + $config{$cname} = $ccont; +} +close (CONFIG); + + +my $primary = $config{primary}; +my $secondary= $config{secondary}; +my $zone_conf_dir= $config{zone_conf_dir}; +my $master_dir = $config{master_dir}; my $customer = shift @ARGV; chomp (my $primary_ip = `dig +short $primary`); chomp (my $secondary_ip = `dig +short $secondary`); @@ -22,11 +36,11 @@ chomp (my $start= `date -I`); my $hostmaster = "hostmaster.$this_domain"; -if (! -e $master_dir) { +unless (-e $master_dir) { print "$master_dir nicht vorhanden \n"; exit 1; } -if (! -e $zone_conf_dir) { +unless (-e $zone_conf_dir) { print "$zone_conf_dir nicht vorhanden \n"; exit 1; } @@ -36,14 +50,14 @@ # schreibt aus den angegebenen templates die dateien $zonefile und $config # in die entsprechenden verzeichnisse. -foreach (@ARGV) { +for (@ARGV) { chomp (my $domain = `idn --quiet "$_"`); my $zonefile = "$master_dir/$domain/$domain"; my $config = "$zone_conf_dir/$domain"; my $utf8domain = "$_"; - if (! -e "$master_dir/$domain") { + unless ( -e "$master_dir/$domain") { `mkdir $master_dir/$domain`; } @@ -64,7 +78,7 @@ my @tempzone = ; close (TEMPZONE); - foreach (@tempzone) { + for (@tempzone) { s##$start#; s##$domain#; s##$time#; @@ -83,7 +97,7 @@ my @tempconf = ; close (TEMPCONF); - foreach (@tempconf) { + for (@tempconf) { s##$domain#; s##$start#; s##$customer#; diff -r 6715f8f9d04c -r 7229d1c95ea8 zone-rm --- a/zone-rm Thu Jul 29 14:19:56 2010 +0200 +++ b/zone-rm Mon Aug 02 11:15:18 2010 +0200 @@ -1,20 +1,40 @@ #!/usr/bin/perl -w use strict; +use File::Path; -my $master_dir = "/etc/bind/master"; -my $conf_dir = "/etc/bind/zones.d"; +my %config; +open (CONFIG, "dnstools.conf"); +while () { + chomp; + s/#.*//; + s/\t//g; + s/\s//g; + next unless length; -foreach (@ARGV) { - chomp (my $domain = `idn --quiet $_`); + my ($cname, $ccont) = split (/\s*=\s*/, $_,2); + $config{$cname} = $ccont; +} +close (CONFIG); + +my $master_dir = $config{"master_dir"}; +my $conf_dir = $config{"zone_conf_dir"}; + - if (-e "$master_dir/$domain") { - `rm -rf $master_dir/$domain`; - print "zone-dir for $domain removed\n"; +for (@ARGV) { + chomp (my $zone = `idn --quiet "$_"`); + + if (-e "$master_dir/$zone") { + rmtree "$master_dir/$zone/" and + print "zone-dir for $zone removed\n"; + } else { + print "$master_dir/$zone: no such file or directory\n"; } - if (-e "$conf_dir/$domain") { - `rm -f $conf_dir/$domain`; - print "configuration-file for $domain removed\n"; + if (-e "$conf_dir/$zone") { + unlink "$conf_dir/$zone" and + print "configuration-file for $zone removed\n"; + } else { + print "$conf_dir/$zone: no such file or directory\n"; } }