NAMED_RESTART_CMD Shell command for restarting the name server daemon
(default: rndc reload)
-ROOT Root directory of the whole package (default: /etc/named)
CFDIR Directory with config files (default: cf)
-ZONEDIR Directory with zone files (default: zone)
-BAKDIR Directory with backup files (default: bak)
-HASHDIR Directory with zone hashes (default: hash)
-VERSDIR Directory with version files (default: var)
ROOTCACHE File with the cache of root name servers
REFRESH SOA record parameters
freebsd: don't use `-f' in hostname
+- NSCVER macro
+- Update or delete nsc.lsm
+
DNSSEC:
- DS records and dependencies on them
-- NSCVER macro
- in reverse zones, file name != zone name => need to pass zone name to genzone
- dependencies on resign-stamp
shift
CURRENT_HASH=$($M4 -DHASHING m4/nsc.m4 "$@" | md5sum | cut -d " " -f1)
-if [ -f $KEYDIR/$Z.hash ] ; then
- CURRENT_HASH=$CURRENT_HASH:$(cat $KEYDIR/$Z.hash)
- if [ -f $KEYDIR/resign-stamp ] ; then
- CURRENT_HASH=$CURRENT_HASH:$(stat -c '%Y' $KEYDIR/resign-stamp)
+if [ -f keys/$Z.hash ] ; then
+ CURRENT_HASH=$CURRENT_HASH:$(cat keys/$Z.hash)
+ if [ -f keys/resign-stamp ] ; then
+ CURRENT_HASH=$CURRENT_HASH:$(stat -c '%Y' keys/resign-stamp)
fi
fi
-PREV_HASH=$(if [ -s $HASHDIR/$Z ] ; then cat $HASHDIR/$Z ; fi)
+PREV_HASH=$(if [ -s hash/$Z ] ; then cat hash/$Z ; fi)
if [ "X$CURRENT_HASH" = "X$PREV_HASH" ] ; then
echo "-- $Z: No changes"
- touch $ZONEDIR/$Z $HASHDIR/$Z
+ touch zone/$Z hash/$Z
else
- $M4 -DVERS=$VERSDIR/$Z m4/nsc.m4 "$@" >$ZONEDIR/$Z.new
- NEWVER="$(sed -e "s/^;;; VERSION: //; t; d" $ZONEDIR/$Z.new)"
- if [ -f $KEYDIR/$Z.hash ] ; then
- if ! dnssec-signzone -a -d $DSSDIR -g -K $KEYDIR/$Z $SIGNZONE_OPTIONS -f $ZONEDIR/$Z.signed -o $Z -S -3 - $ZONEDIR/$Z.new &>$ZONEDIR/$Z.tmp ; then
- cat $ZONEDIR/$Z.tmp
+ $M4 -DVERS=ver/$Z m4/nsc.m4 "$@" >zone/$Z.new
+ NEWVER="$(sed -e "s/^;;; VERSION: //; t; d" zone/$Z.new)"
+ if [ -f keys/$Z.hash ] ; then
+ if ! dnssec-signzone -a -d dss -g -K keys/$Z $SIGNZONE_OPTIONS -f zone/$Z.signed -o $Z -S -3 - zone/$Z.new &>zone/$Z.tmp ; then
+ cat zone/$Z.tmp
echo >&2 "FATAL: Signing failed"
exit 1
fi
- rm -f $ZONEDIR/$Z.tmp
- mv $ZONEDIR/$Z.signed $ZONEDIR/$Z
+ rm -f zone/$Z.tmp
+ mv zone/$Z.signed zone/$Z
SIGNED=" (signed)"
else
- mv $ZONEDIR/$Z.new $ZONEDIR/$Z
+ mv zone/$Z.new zone/$Z
SIGNED=
fi
echo "** $Z: New version $NEWVER$SIGNED"
- echo $CURRENT_HASH >$HASHDIR/$Z
+ echo $CURRENT_HASH >hash/$Z
fi
D="$1"
shift
-mkdir -p $KEYDIR/$D
-dnssec-keygen $KEYGEN_OPTIONS -K $KEYDIR/$D "$@" $D
+mkdir -p keys/$D
+dnssec-keygen $KEYGEN_OPTIONS -K keys/$D "$@" $D
bin/key-update $D
update ()
{
local D=$1
- local K=$KEYDIR/$D
+ local K=keys/$D
local H=$K.hash
cat $K/*.key | sha1sum | cut -f1 -d' ' >$H.new
if [ ! -f $H ] || ! cmp -s $H $H.new ; then
}
if [ -z "$1" ] ; then
- for DD in $KEYDIR/* ; do
+ for DD in keys/* ; do
if [ -d "$DD" ] ; then
update $(basename $DD)
fi
done
- for H in $KEYDIR/*.hash ; do
+ for H in keys/*.hash ; do
B=$(basename $H .hash)
- if [ ! -d $KEYDIR/$B ] ; then
+ if [ ! -d keys/$B ] ; then
echo "## $B: Deleted obsolete hash"
rm $H
fi
define(`NAMED_RESTART_CMD', `rndc reload')
-define(`ROOT', `/etc/named')
define(`CFDIR', `cf')
-define(`ZONEDIR', `zone')
-define(`BAKDIR', `bak')
define(`VERSDIR', `ver')
-define(`HASHDIR', `hash')
-define(`KEYDIR', `keys')
-define(`DSSDIR', `dss')
define(`ROOTCACHE', `root.cache')
define(`REFRESH', HOURS(8))
define(`DO_PRIMARY', `divert(0)zone "$1" in {
type master;
- file "ZONEDIR/nsc_file_name($2)";
+ file "zone/nsc_file_name($2)";
ZZ_OPTIONS()dnl
};
define(`SECONDARY', `divert(0)zone "$1" in {
type slave;
- file "BAKDIR/nsc_file_name($1)";
+ file "bak/nsc_file_name($1)";
masters { $2; };
ZZ_OPTIONS()dnl
};
define(`nsc_prepend_cf_one', ` 'CFDIR/`nsc_file_name($1)')
define(`nsc_prepend_cf_multi', `nsc_iterate(`nsc_prepend_cf_one', $@)')
-define(`nsc_key_dep', `ifelse(USE_DNSSEC,,,` 'KEYDIR/$1.hash)')
-define(`PRIMARY', `divert(0)ZONEDIR/nsc_file_name($1):nsc_prepend_cf_multi($@)nsc_key_dep($1) $(DDEPS)
+define(`nsc_key_dep', `ifelse(USE_DNSSEC,,,` 'keys/$1.hash)')
+define(`PRIMARY', `divert(0)zone/nsc_file_name($1):nsc_prepend_cf_multi($@)nsc_key_dep($1) $(DDEPS)
@bin/genzone nsc_file_name($1)`'nsc_prepend_cf_multi($@)
divert(-1)
-define(`PRIMARIES', PRIMARIES ZONEDIR/nsc_file_name($1))
+define(`PRIMARIES', PRIMARIES zone/nsc_file_name($1))
')
define(`REVERSE', `PRIMARY(nsc_if_v6($1,`nsc_revblock6($1)',`nsc_revaddr($1)'), shift($@))')
ifdef(`NEED_BLACKHOLE', `PRIMARY(blackhole)')
divert(0)dnl
-VERSDIR/.version: CFDIR/domains ROOTCACHE`'PRIMARIES`'ifdef(`NEED_BLACKHOLE',` ZONEDIR/blackhole')
+ver/.version: CFDIR/domains ROOTCACHE`'PRIMARIES`'ifdef(`NEED_BLACKHOLE',` zone/blackhole')
NAMED_RESTART_CMD
- touch VERSDIR/.version
+ touch ver/.version
clean:
- find BAKDIR ZONEDIR HASHDIR DSSDIR -maxdepth 1 -type f | xargs rm -f
+ find bak zone hash dss -maxdepth 1 -type f | xargs rm -f
clobber: clean
rm -f Makefile named.conf bin/shell-env
distclean: clobber
- find VERSDIR -maxdepth 1 -type f | xargs rm -f
+ find ver -maxdepth 1 -type f | xargs rm -f
')
divert(0)dnl
DDEPS=m4/nsc.m4 m4/dnslib.m4 cf/config
-all: VERSDIR/.version
+all: ver/.version
m4wrap(`nsc_cleanup')
divert(-1)
dnl ###
include(m4/dnslib.m4)
divert(0)dnl
-`NSC_ROOT'=ROOT
`CFDIR'=CFDIR
-`ZONEDIR'=ZONEDIR
-`BAKDIR'=BAKDIR
-`VERSDIR'=VERSDIR
-`HASHDIR'=HASHDIR
-`KEYDIR'=KEYDIR
-`DSSDIR'=DSSDIR
`ROOTCACHE'=ROOTCACHE
`M4'=M4
`KEYGEN_OPTIONS'="KEYGEN_OPTIONS"
projects / nsc-5.git / commitdiff