[bind] Renerate /etc/rndc.key during named service startup if doesn't exist
Adam Tkac
atkac at fedoraproject.org
Thu Dec 20 13:48:58 UTC 2012
commit 0f7d49832f9d425653f62b4ec13235e5b998997e
Author: Adam Tkac <atkac at redhat.com>
Date: Thu Dec 20 14:34:39 2012 +0100
Renerate /etc/rndc.key during named service startup if doesn't exist
- increase startup timeout in systemd units to 90sec (default)
Signed-off-by: Adam Tkac <atkac at redhat.com>
bind.spec | 9 ++++++++-
generate-rndc-key.sh | 19 +++++++++++++++++++
named-chroot.service | 2 +-
named-sdb-chroot.service | 2 +-
named-sdb.service | 2 +-
named.service | 2 +-
6 files changed, 31 insertions(+), 5 deletions(-)
---
diff --git a/bind.spec b/bind.spec
index c9f693f..2cff571 100644
--- a/bind.spec
+++ b/bind.spec
@@ -26,7 +26,7 @@ Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv
Name: bind
License: ISC
Version: 9.9.2
-Release: 5.%{PATCHVER}%{?dist}
+Release: 6.%{PATCHVER}%{?dist}
Epoch: 32
Url: http://www.isc.org/products/BIND/
Buildroot:%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -53,6 +53,7 @@ Source38: named-chroot.service
Source39: named-sdb.service
Source40: named-sdb-chroot.service
Source41: setup-named-chroot.sh
+Source42: generate-rndc-key.sh
# Common patches
Patch5: bind-nonexec.patch
@@ -433,6 +434,7 @@ install -m 644 %{SOURCE40} ${RPM_BUILD_ROOT}%{_unitdir}
mkdir -p ${RPM_BUILD_ROOT}%{_libexecdir}
install -m 755 %{SOURCE41} ${RPM_BUILD_ROOT}%{_libexecdir}/setup-named-chroot.sh
+install -m 755 %{SOURCE42} ${RPM_BUILD_ROOT}%{_libexecdir}/generate-rndc-key.sh
install -m 644 %SOURCE3 ${RPM_BUILD_ROOT}/etc/logrotate.d/named
install -m 755 %SOURCE4 ${RPM_BUILD_ROOT}/etc/NetworkManager/dispatcher.d/13-named
@@ -618,6 +620,7 @@ rm -rf ${RPM_BUILD_ROOT}
%{_sbindir}/rndc*
%{_sbindir}/named-compilezone
%{_sbindir}/isc-hmac-fixup
+%{_libexecdir}/generate-rndc-key.sh
%{_mandir}/man1/arpaname.1*
%{_mandir}/man5/named.conf.5*
%{_mandir}/man5/rndc.conf.5*
@@ -769,6 +772,10 @@ rm -rf ${RPM_BUILD_ROOT}
%endif
%changelog
+* Thu Dec 20 2012 Adam Tkac <atkac redhat com> 32:9.9.2-6.P1
+- generate /etc/rndc.key during named service startup if doesn't exist
+- increase startup timeout in systemd units to 90sec (default)
+
* Wed Dec 05 2012 Tomas Hozza <thozza at redhat.com> 32:9.9.2-5.P1
- update to bind-9.9.2-P1
diff --git a/generate-rndc-key.sh b/generate-rndc-key.sh
new file mode 100755
index 0000000..5678413
--- /dev/null
+++ b/generate-rndc-key.sh
@@ -0,0 +1,19 @@
+#!/bin/bash
+
+. /etc/rc.d/init.d/functions
+
+# This script generates /etc/rndc.key if doesn't exist
+
+if [ ! -s /etc/rndc.key ]; then
+ echo -n $"Generating /etc/rndc.key:"
+ if /usr/sbin/rndc-confgen -a > /dev/null 2>&1; then
+ chmod 640 /etc/rndc.key
+ chown root.named /etc/rndc.key
+ [ -x /sbin/restorecon ] && /sbin/restorecon /etc/rndc.key
+ success $"/etc/rndc.key generation"
+ echo
+ else
+ failure $"/etc/rndc.key generation"
+ echo
+ fi
+fi
diff --git a/named-chroot.service b/named-chroot.service
index 6cbb350..84c775b 100644
--- a/named-chroot.service
+++ b/named-chroot.service
@@ -14,6 +14,7 @@ EnvironmentFile=-/etc/sysconfig/named
Environment=KRB5_KTNAME=/etc/named.keytab
PIDFile=/var/named/chroot/var/run/named/named.pid
+ExecStartPre=/usr/libexec/generate-rndc-key.sh
ExecStartPre=/usr/libexec/setup-named-chroot.sh /var/named/chroot on
ExecStartPre=/usr/sbin/named-checkconf -t /var/named/chroot -z /etc/named.conf
ExecStart=/usr/sbin/named -u named -t /var/named/chroot $OPTIONS
@@ -24,7 +25,6 @@ ExecStop=/bin/sh -c '/usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MA
ExecStopPost=/usr/libexec/setup-named-chroot.sh /var/named/chroot off
PrivateTmp=false
-TimeoutSec=25
[Install]
WantedBy=multi-user.target
diff --git a/named-sdb-chroot.service b/named-sdb-chroot.service
index 4259c7c..d9318da 100644
--- a/named-sdb-chroot.service
+++ b/named-sdb-chroot.service
@@ -14,6 +14,7 @@ EnvironmentFile=-/etc/sysconfig/named
Environment=KRB5_KTNAME=/etc/named.keytab
PIDFile=/var/named/chroot/var/run/named/named.pid
+ExecStartPre=/usr/libexec/generate-rndc-key.sh
ExecStartPre=/usr/libexec/setup-named-chroot.sh /var/named/chroot on
ExecStartPre=/usr/sbin/named-checkconf -t /var/named/chroot -z /etc/named.conf
ExecStart=/usr/sbin/named-sdb -u named -t /var/named/chroot $OPTIONS
@@ -24,7 +25,6 @@ ExecStop=/bin/sh -c '/usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MA
ExecStopPost=/usr/libexec/setup-named-chroot.sh /var/named/chroot off
PrivateTmp=false
-TimeoutSec=25
[Install]
WantedBy=multi-user.target
diff --git a/named-sdb.service b/named-sdb.service
index dd9cc0e..424846d 100644
--- a/named-sdb.service
+++ b/named-sdb.service
@@ -10,6 +10,7 @@ EnvironmentFile=-/etc/sysconfig/named
Environment=KRB5_KTNAME=/etc/named.keytab
PIDFile=/var/run/named/named.pid
+ExecStartPre=/usr/libexec/generate-rndc-key.sh
ExecStartPre=/usr/sbin/named-checkconf -z /etc/named.conf
ExecStart=/usr/sbin/named-sdb -u named $OPTIONS
@@ -18,7 +19,6 @@ ExecReload=/bin/sh -c '/usr/sbin/rndc reload > /dev/null 2>&1 || /bin/kill -HUP
ExecStop=/bin/sh -c '/usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MAINPID'
PrivateTmp=true
-TimeoutSec=25
[Install]
WantedBy=multi-user.target
diff --git a/named.service b/named.service
index 388fc89..f04403b 100644
--- a/named.service
+++ b/named.service
@@ -10,6 +10,7 @@ EnvironmentFile=-/etc/sysconfig/named
Environment=KRB5_KTNAME=/etc/named.keytab
PIDFile=/run/named/named.pid
+ExecStartPre=/usr/libexec/generate-rndc-key.sh
ExecStartPre=/usr/sbin/named-checkconf -z /etc/named.conf
ExecStart=/usr/sbin/named -u named $OPTIONS
@@ -18,7 +19,6 @@ ExecReload=/bin/sh -c '/usr/sbin/rndc reload > /dev/null 2>&1 || /bin/kill -HUP
ExecStop=/bin/sh -c '/usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MAINPID'
PrivateTmp=true
-TimeoutSec=25
[Install]
WantedBy=multi-user.target
More information about the scm-commits
mailing list