mirror of
git://slackware.nl/current.git
synced 2024-12-28 09:59:53 +01:00
00ce2dfdd8
a/gzip-1.11-x86_64-1.txz: Upgraded. a/kernel-firmware-20210903_2984e26-noarch-1.txz: Upgraded. a/kernel-generic-5.14.1-x86_64-1.txz: Upgraded. a/kernel-huge-5.14.1-x86_64-1.txz: Upgraded. a/kernel-modules-5.14.1-x86_64-1.txz: Upgraded. d/kernel-headers-5.14.1-x86-1.txz: Upgraded. k/kernel-source-5.14.1-noarch-1.txz: Upgraded. kde/kstars-3.5.4-x86_64-1.txz: Upgraded. n/bind-9.16.20-x86_64-2.txz: Rebuilt. rc.bind: Fixed typo: $RDNC_OPTIONS -> $RNDC_OPTIONS rc.bind: Allow a 10 second (default) timeout for rndc to stop BIND. At that point if BIND is still running, use killall -SIGTERM to stop it. Thanks to akschu. xap/ssr-0.4.3-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
156 lines
4.7 KiB
Bash
156 lines
4.7 KiB
Bash
#!/bin/sh
|
|
# Start/stop/restart the BIND name server daemon (named).
|
|
|
|
# Start BIND. In the past it was more secure to run BIND as a non-root
|
|
# user (for example, with '-u daemon'), but the modern version of BIND
|
|
# knows how to use the kernel's capability mechanism to drop all root
|
|
# privileges except the ability to bind() to a privileged port and set
|
|
# process resource limits, so running as a non-root user is not needed.
|
|
# But if you want to run as a non-root user anyway, the command options
|
|
# can be set like this in /etc/default/named:
|
|
# NAMED_OPTIONS="-u daemon"
|
|
# So you will not have to edit this script.
|
|
#
|
|
# Please note that if you run BIND as a non-root user, your files in
|
|
# /var/named may need to be chowned to this user or else named will
|
|
# refuse to start.
|
|
|
|
# You might also consider running BIND in a "chroot jail",
|
|
# a discussion of which may be found in
|
|
# /usr/doc/Linux-HOWTOs/Chroot-BIND-HOWTO.
|
|
|
|
# One last note: rndc has a lot of other nice features that it is not
|
|
# within the scope of this start/stop/restart script to support.
|
|
# For more details, see "man rndc" or just type "rndc" to see the options.
|
|
|
|
# Load command defaults:
|
|
if [ -f /etc/default/named ] ; then . /etc/default/named ; fi
|
|
if [ -f /etc/default/rndc ] ; then . /etc/default/rndc ; fi
|
|
|
|
# Sanity check. If /usr/sbin/named is missing then it
|
|
# doesn't make much sense to try to run this script:
|
|
if [ ! -x /usr/sbin/named ]; then
|
|
echo "/etc/rc.d/rc.bind: no /usr/sbin/named found (or not executable); cannot start."
|
|
exit 1
|
|
fi
|
|
|
|
# Function to find the user BIND is running as in $NAMED_OPTIONS:
|
|
find_bind_user() {
|
|
if echo $NAMED_OPTIONS | grep -wq "\-u" ; then
|
|
unset BIND_USER USER_FOUND
|
|
echo $NAMED_OPTIONS | tr ' ' '\n' | while read element ; do
|
|
if [ "$USER_FOUND" = "true" ]; then
|
|
BIND_USER="$element"
|
|
echo $BIND_USER
|
|
break
|
|
elif [ "$element" = "-u" ]; then
|
|
USER_FOUND="true"
|
|
fi
|
|
done
|
|
else
|
|
echo "root"
|
|
fi
|
|
}
|
|
|
|
# Start BIND. As many times as you like. ;-)
|
|
# Seriously, don't run "rc.bind start" if BIND is already
|
|
# running or you'll get more than one copy running.
|
|
bind_start() {
|
|
# Make sure /var/run/named exists:
|
|
mkdir -p /var/run/named
|
|
# If we are running as a non-root user, we'll need to be sure that
|
|
# /var/run/named is chowned properly to that user. Your files in
|
|
# /var/named may need to be chowned as well, but that will be up to
|
|
# the sysadmin to do.
|
|
BIND_USER="$(find_bind_user)"
|
|
if [ ! "$BIND_USER" = "root" ]; then
|
|
chown -R $BIND_USER /var/run/named
|
|
else # prevent error if switching back to running as root:
|
|
chown -R root /var/run/named
|
|
fi
|
|
# Start named:
|
|
if [ -x /usr/sbin/named ]; then
|
|
echo "Starting BIND: /usr/sbin/named $NAMED_OPTIONS"
|
|
/usr/sbin/named $NAMED_OPTIONS
|
|
sleep 1
|
|
fi
|
|
# Make sure that named started:
|
|
if ! ps axc | grep -q named ; then
|
|
echo "WARNING: named did not start."
|
|
echo "Attempting to start named again: /usr/sbin/named $NAMED_OPTIONS"
|
|
/usr/sbin/named $NAMED_OPTIONS
|
|
sleep 1
|
|
if ps axc | grep -q named ; then
|
|
echo "SUCCESS: named started."
|
|
else
|
|
echo "FAILED: Sorry, a second attempt to start named has also failed."
|
|
echo "There may be a configuration error that needs fixing. Good luck!"
|
|
fi
|
|
fi
|
|
}
|
|
|
|
# Stop all running copies of BIND (/usr/sbin/named):
|
|
bind_stop() {
|
|
# If you've set up rndc, we can use this to make shutting down BIND faster.
|
|
# If you have /etc/rndc.conf, or you have /etc/rndc.key, or $RNDC_OPTIONS is
|
|
# not empty, we'll try it.
|
|
if [ -r /etc/rndc.conf -o -r /etc/rndc.key -o ! -z "$RNDC_OPTIONS" ]; then
|
|
if [ -z "$RNDC_OPTIONS" ]; then
|
|
echo "Stopping BIND: /usr/sbin/rndc stop"
|
|
else
|
|
echo "Stopping BIND: /usr/sbin/rndc $RNDC_OPTIONS stop"
|
|
fi
|
|
/usr/sbin/rndc $RNDC_OPTIONS stop
|
|
# Wait for up to $TIMEOUT seconds before moving on to try killall:
|
|
TIMEOUT=${TIMEOUT:-10}
|
|
while [ "$TIMEOUT" -gt "0" ]; do
|
|
# Exit the timeout loop if there are no named processes:
|
|
if ! ps axco command | grep -q -e "^named$"; then
|
|
break
|
|
fi
|
|
sleep 1
|
|
TIMEOUT=$(expr $TIMEOUT - 1)
|
|
done
|
|
fi
|
|
# Kill named processes if there are any running:
|
|
if ps axco command | grep -q -e "^named$"; then
|
|
echo "Stopping all named processes in this namespace: /bin/killall -SIGTERM --ns \$\$ named"
|
|
/bin/killall -SIGTERM --ns $$ named 2> /dev/null
|
|
fi
|
|
}
|
|
|
|
# Reload BIND:
|
|
bind_reload() {
|
|
/usr/sbin/rndc $RNDC_OPTIONS reload
|
|
}
|
|
|
|
# Restart BIND:
|
|
bind_restart() {
|
|
bind_stop
|
|
bind_start
|
|
}
|
|
|
|
# Get BIND status:
|
|
bind_status() {
|
|
/usr/sbin/rndc $RNDC_OPTIONS status
|
|
}
|
|
|
|
case "$1" in
|
|
'start')
|
|
bind_start
|
|
;;
|
|
'stop')
|
|
bind_stop
|
|
;;
|
|
'reload')
|
|
bind_reload
|
|
;;
|
|
'restart')
|
|
bind_restart
|
|
;;
|
|
'status')
|
|
bind_status
|
|
;;
|
|
*)
|
|
echo "usage $0 start|stop|reload|restart|status"
|
|
esac
|