svn commit: r196054 - in stable/6: etc/defaults etc/namedb etc/rc.d share/man/man5

Doug Barton dougb at FreeBSD.org
Mon Aug 3 20:14:01 UTC 2009 

Author: dougb
Date: Mon Aug  3 20:14:00 2009
New Revision: 196054
URL: http://svn.freebsd.org/changeset/base/196054

Log:
  MFC r192210, a whitespace only change in rc.d/named, and
  
  MFC r192215:
  named_wait feature, auto-forward feature, add named-checkconf to startup

Modified:
  stable/6/etc/defaults/rc.conf
  stable/6/etc/namedb/named.conf
  stable/6/etc/rc.d/named
  stable/6/share/man/man5/rc.conf.5   (contents, props changed)

Modified: stable/6/etc/defaults/rc.conf
==============================================================================
--- stable/6/etc/defaults/rc.conf	Mon Aug  3 20:09:54 2009	(r196053)
+++ stable/6/etc/defaults/rc.conf	Mon Aug  3 20:14:00 2009	(r196054)
@@ -221,6 +221,7 @@ inetd_flags="-wW -C 60"		# Optional flag
 #
 named_enable="NO"		# Run named, the DNS server (or NO).
 named_program="/usr/sbin/named" # Path to named, if you want a different one.
+named_conf="/etc/namedb/named.conf" 	# Path to the configuration file
 #named_flags="-c /etc/namedb/named.conf" # Uncomment for named not in /usr/sbin
 named_pidfile="/var/run/named/pid" # Must set this in named.conf as well
 named_uid="bind" 		# User to run named as
@@ -228,6 +229,10 @@ named_chrootdir="/var/named"	# Chroot di
 named_chroot_autoupdate="YES"	# Automatically install/update chrooted
 				# components of named. See /etc/rc.d/named.
 named_symlink_enable="YES"	# Symlink the chrooted pid file
+named_wait="NO" 		# Wait for working name service before exiting
+named_wait_host="localhost" 	# Hostname to check if named_wait is enabled
+named_auto_forward="NO" 	# Set up forwarders from /etc/resolv.conf
+named_auto_forward_only="NO" 	# Do "forward only" instead of "forward first"
 
 #
 # kerberos. Do not run the admin daemons on slave servers

Modified: stable/6/etc/namedb/named.conf
==============================================================================
--- stable/6/etc/namedb/named.conf	Mon Aug  3 20:09:54 2009	(r196053)
+++ stable/6/etc/namedb/named.conf	Mon Aug  3 20:14:00 2009	(r196054)
@@ -33,12 +33,6 @@ options {
 	disable-empty-zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
 */
 
-// In addition to the "forwarders" clause, you can force your name
-// server to never initiate queries of its own, but always ask its
-// forwarders only, by enabling the following line:
-//
-//	forward only;
-
 // If you've got a DNS server around at your upstream provider, enter
 // its IP address here, and enable the line below.  This will make you
 // benefit from its cache, thus reduce overall DNS traffic in the Internet.
@@ -47,6 +41,20 @@ options {
 		127.0.0.1;
 	};
 */
+
+// If the 'forwarders' clause is not empty the default is to 'forward first'
+// which will fall back to sending a query from your local server if the name
+// servers in 'forwarders' do not have the answer.  Alternatively you can
+// force your name server to never initiate queries of its own by enabling the
+// following line:
+//	forward only;
+
+// If you wish to have forwarding configured automatically based on
+// the entries in /etc/resolv.conf, uncomment the following line and
+// set named_auto_forward=yes in /etc/rc.conf.  You can also enable
+// named_auto_forward_only (the effect of which is described above).
+//	include "/etc/namedb/auto_forward.conf";
+
 	/*
 	   Modern versions of BIND use a random UDP port for each outgoing
 	   query by default in order to dramatically reduce the possibility

Modified: stable/6/etc/rc.d/named
==============================================================================
--- stable/6/etc/rc.d/named	Mon Aug  3 20:09:54 2009	(r196053)
+++ stable/6/etc/rc.d/named	Mon Aug  3 20:14:00 2009	(r196054)
@@ -16,7 +16,7 @@ command="/usr/sbin/named"
 extra_commands="reload"
 
 start_precmd="named_precmd"
-start_postcmd="make_symlinks"
+start_postcmd="named_poststart"
 reload_cmd="named_reload"
 stop_cmd="named_stop"
 stop_postcmd="named_poststop"
@@ -79,7 +79,7 @@ chroot_autoupdate()
 		fi
 	fi
 
-	# Copy and/or update key files to the chroot /etc 
+	# Copy and/or update key files to the chroot /etc
 	#
 	for file in localtime protocols services; do
 		if [ -r /etc/$file ]; then
@@ -97,6 +97,17 @@ make_symlinks()
 	    ln -fs "${named_chrootdir}${pidfile}" ${pidfile}
 }
 
+named_poststart () {
+	make_symlinks
+
+	if checkyesno named_wait; then
+		until ${command%/sbin/named}/bin/host $named_wait_host >/dev/null 2>&1; do
+			echo "	Waiting for nameserver to resolve $named_wait_host"
+			sleep 1
+		done
+	fi
+}
+
 named_reload()
 {
 	${command%/named}/rndc reload
@@ -135,8 +146,19 @@ named_poststop()
 	fi
 }
 
+create_file () {
+	if [ -e "$1" ]; then
+		unlink $1
+	fi
+	> $1
+	chown root:wheel $1
+	chmod 644 $1
+}
+
 named_precmd()
 {
+	local line nsip firstns
+
 	# Is the user using a sandbox?
 	#
 	if [ -n "$named_chrootdir" ]; then
@@ -161,6 +183,80 @@ named_precmd()
 	else
 		$confgen_command
 	fi
+
+	# Create a forwarder configuration based on /etc/resolv.conf
+	if checkyesno named_auto_forward; then
+		if [ ! -s /etc/resolv.conf ]; then
+			warn "named_auto_forward enabled, but no /etc/resolv.conf"
+
+			# Empty the file in case it is included in named.conf
+			[ -s "${named_chrootdir}/etc/namedb/auto_forward.conf" ] &&
+			    create_file ${named_chrootdir}/etc/namedb/auto_forward.conf
+
+			${command%/named}/named-checkconf $named_conf ||
+			    err 3 'named-checkconf for $named_conf failed'
+			return
+		fi
+
+		create_file /var/run/naf-resolv.conf
+		create_file /var/run/auto_forward.conf
+
+		echo '	forwarders {' > /var/run/auto_forward.conf
+
+		while read line; do
+			case "$line" in
+			'nameserver '*|'nameserver	'*)
+				nsip=${line##nameserver[         ]}
+
+				if [ -z "$firstns" ]; then
+					if [ ! "$nsip" = '127.0.0.1' ]; then
+						echo 'nameserver 127.0.0.1'
+						echo "		${nsip};" >> /var/run/auto_forward.conf
+					fi
+
+					firstns=1
+				else
+					[ "$nsip" = '127.0.0.1' ] && continue
+					echo "		${nsip};" >> /var/run/auto_forward.conf
+				fi
+				;;
+			esac
+
+			echo $line
+		done < /etc/resolv.conf > /var/run/naf-resolv.conf
+
+		echo '	};' >> /var/run/auto_forward.conf
+		echo '' >> /var/run/auto_forward.conf
+		if checkyesno named_auto_forward_only; then
+			echo "	forward only;" >> /var/run/auto_forward.conf
+		else
+			echo "	forward first;" >> /var/run/auto_forward.conf
+		fi
+
+		if cmp -s /etc/resolv.conf /var/run/naf-resolv.conf; then
+			unlink /var/run/naf-resolv.conf
+		else
+			[ -e /etc/resolv.conf ] && unlink /etc/resolv.conf
+			mv /var/run/naf-resolv.conf /etc/resolv.conf
+		fi
+
+		if cmp -s ${named_chrootdir}/etc/namedb/auto_forward.conf \
+		    /var/run/auto_forward.conf; then
+			unlink /var/run/auto_forward.conf
+		else
+			[ -e "${named_chrootdir}/etc/namedb/auto_forward.conf" ] &&
+			    unlink ${named_chrootdir}/etc/namedb/auto_forward.conf
+			mv /var/run/auto_forward.conf \
+			    ${named_chrootdir}/etc/namedb/auto_forward.conf
+		fi
+	else
+		# Empty the file in case it is included in named.conf
+		[ -s "${named_chrootdir}/etc/namedb/auto_forward.conf" ] &&
+		    create_file ${named_chrootdir}/etc/namedb/auto_forward.conf
+	fi
+
+	${command%/named}/named-checkconf $named_conf ||
+	    err 3 'named-checkconf for $named_conf failed'
 }
 
 load_rc_config $name

Modified: stable/6/share/man/man5/rc.conf.5
==============================================================================
--- stable/6/share/man/man5/rc.conf.5	Mon Aug  3 20:09:54 2009	(r196053)
+++ stable/6/share/man/man5/rc.conf.5	Mon Aug  3 20:14:00 2009	(r196054)
@@ -1526,6 +1526,12 @@ Path to
 .Xr named 8
 (default
 .Pa /usr/sbin/named ) .
+.It Va named_conf
+.Pq Vt str
+Path to
+.Xr named 8
+configuration file, (default
+.Pa /etc/namedb/named.conf ) .
 .It Va named_flags
 .Pq Vt str
 If
@@ -1571,6 +1577,26 @@ daemon's PID file
 into the
 .Xr chroot 8
 environment.
+.It Va named_wait
+.Pq Vt bool
+Set to have
+.Pa /etc/rc.d/named
+loop until working name service is established.
+.It Va named_wait_host
+.Pq Vt str
+Name of host to lookup for the named_wait option.
+(Default localhost)
+.It Va named_auto_forward
+.Pq Vt bool
+Set to enable automatic creation of a forwarder
+configuration file derived from
+.Pa /etc/resolv.conf .
+.It Va named_auto_forward_only
+.Pq Vt bool
+Set to change the default forwarder configuration from
+.Dq forward first
+to
+.Dq forward only .
 .It Va kerberos5_server_enable
 .Pq Vt bool
 Set to

More information about the svn-src-stable-6 mailing list