From ac800cb412eb4a5aaa3bb44d4d2e4aded0ed7899 Mon Sep 17 00:00:00 2001 From: Maff Date: Thu, 5 Feb 2015 21:21:17 +0000 Subject: [PATCH] Added tnotify --- rdns-manager | 51 ++++++++++++---- readme.md | 3 +- tnotify | 115 +++++++++++++++++++++++++++++++++++ wdns | 169 +++++++++++++++++++++------------------------------ 4 files changed, 224 insertions(+), 114 deletions(-) create mode 100755 tnotify diff --git a/rdns-manager b/rdns-manager index c6e777f..181c62c 100755 --- a/rdns-manager +++ b/rdns-manager @@ -7,7 +7,7 @@ use strict; use warnings; package DNS::Reverse::Manager; -use vars '$VERSION'; $VERSION = '1.0.0'; #Version number +use vars '$VERSION'; $VERSION = '1.1.0'; #Version number use Data::Validate::IP qw(is_public_ipv4 is_public_ipv6); #for validating v4/v6 addresses use Getopt::Long qw(:config posix_default bundling pass_through); #for intelligently handling cli arguments @@ -23,6 +23,7 @@ my $net_type = "cpanel"; #This was originally written to my $nsd_type = "bind9"; #I might in the future support more than just bind9. #variables for arguments +my $help = ''; my $verify = ''; my $force = ''; my $reset = ''; @@ -41,10 +42,36 @@ sub nicedie { print "\n"; exit 1; } +sub print_help { + print +"rdns-manager v$VERSION by Matthew Connelly, 2014-15 +Manager script for in-addr.arpa and ip6.arpa zones. +Source at https://github.com/MaffC/script-collection/blob/master/rdns-manager + +Usage: rdns-manager [options] [IP address[, hostname]] +Basic usage: +- Get current rDNS for IP 1.2.3.4: rdns-manager 1.2.3.4 +- Set rDNS for 1.2.3.4 to example.org: rdns-manager 1.2.3.4 example.org + +Options: +-h, --help: This help text. +-v, --verify-rdns: Verify the set PTR record resolves once the zone has been synchronised. +-r, --reset: Reset [IP address] to the set default rDNS. +-p, --populate: Populate the given IPv4 reverse zone with default rDNS records. Does not support IPv6 zones. +-d, --no-sync: Do not synchronise the DNS zone after making changes. Use this for making bulk changes. +-s, --force-sync: Force-synchronise the DNS zone for [IP address]. Use after making bulk changes. +-R, --remove-ptr: Delete the PTR record for [IP address] from its zone. + +Configuration: +--reset-hostname=[default rDNS]: Use in combination with -r, --reset. +--dns-server=[IP address]: Change what DNS server is used for forward and reverse DNS queries. +" + exit; +} sub validate_domain { - use Data::Validate::Domain qw(is_domain); + require Regexp::Common; my $domain = shift; - return 1 if is_domain $domain; + return 1 if $domain =~ /^$RE{net}{domain}\.?$/; return 0; } sub validate_ip { @@ -62,8 +89,6 @@ sub get_arpa { Net::IP->new($ip)->reverse_ip =~ /^(.*)\.(.{$len}ip6\.arpa)\.$/; return ($1,$2); } -#TODO make these work for DNS roundrobins. I doubt anyone would be stupid enough to have more than one PTR of the same name -# and i'm not sure if it's even legal, but hey. sub does_fqdn_match { my ($fqdn,$ip) = @_; my $r = Net::DNS::Resolver->new(recurse => 1,tcp_timepit => 5,udp_timeout => 5,nameservers => [$def_dns,]); @@ -71,7 +96,6 @@ sub does_fqdn_match { $p = $r->search($fqdn, 'AAAA') unless is_public_ipv4 $ip; return 0 unless defined $p; my @res = $p->answer; - #due to IPv6 shortening, we need to use Net::IP here return 1 unless scalar @res < 1 or Net::IP->new($res[0]->address)->ip ne Net::IP->new($ip)->ip; return 0; } @@ -116,7 +140,7 @@ sub does_record_exist { return 0; } sub generate_soa_serial { - use POSIX qw(strftime); + require POSIX qw(strftime); my $cur_serial = shift; my $yyyymmdd = strftime "%Y%m%d", localtime; return $cur_serial+1 if $cur_serial =~ /^$yyyymmdd[0-9]{2}$/; @@ -191,6 +215,8 @@ sub do_sync { GetOptions 'reset-hostname=s' => \$def_rdns, 'dns-server=s' => \$def_dns, + 'prefixlen=i' => \$prefixlen, + 'h|help' => \$help, 'v|verify-rdns' => \$verify, 'f|force' => \$force, 'r|reset' => \$reset, @@ -199,20 +225,19 @@ GetOptions 's|force-sync' => \$fsync, 'R|remove-ptr' => \$delptr; +$help and print_help; #get IP and domain, validate. my $ip = shift or nicedie "No IP given!"; -$prefixlen = $1 if $ip =~ s/\/([0-9]+)//; #split off prefixlen (if given) into variable for later use +$prefixlen = $1 if $ip =~ s/\/([0-9]+)$//; #split off prefixlen (if given) into variable for later use nicedie "Invalid IP address '$ip'!" unless validate_ip $ip; my $domain = shift; nicedie "Invalid FQDN '$domain'!" if defined $domain and !validate_domain $domain; $domain =~ s/([a-zA-Z])$/$1./ if defined $domain; #Append final period if it doesn't exist -#Main program flow -#Argument intelligence. Omitting this probably won't impact program flow much but it's important that the user know they're stupid. -nicedie "You seem to have specified both --no-sync and --force-sync. Please make your mind up." if $nosync and $fsync; -nicedie "You seem to have specified some combination of --reset, --remove-ptr and --force. Please make your mind up." if ($reset and $delptr) or (($reset or $delptr) and $force); -nicedie "You seem to have specified arguments that don't make sense together. Please make your mind up." if ($newzone and ($delptr or $reset or $force)) or ($verify and !defined $domain) or (defined $domain and ($newzone or $delptr or $reset)); +#Argument validation +nicedie "Invalid arguments" if ($nosync and $fsync) or ($force and ($reset or $delptr)) or ($reset and $delptr) or (($verify or $force) and !defined $domain) or ($newzone and ($delptr or $reset or $force or defined $domain) or (defined $domain and ($delptr or $reset)); +#Main program flow #Simple check that the zone exists. This was a for/when statement, but this script needs perl 5.8.8 compat, so for/given and when are out. my ($trec,$tz) = get_arpa $ip; nicedie "Authoritative zone for IP $ip doesn't exist! Please create zone $tz or ensure you specified the correct subnet mask if this is an IPv6 address!" if does_zone_exist($ip) == -2; diff --git a/readme.md b/readme.md index f1fecff..0d6435b 100644 --- a/readme.md +++ b/readme.md @@ -20,5 +20,6 @@ This readme contains an up to date list of all scripts in the repo + their descr - ifls: Perl - Script to collect all interfaces on the system and provide an easily-viewed list of their IPs - mailview: Perl - Script to parse HTML email and format it in a text-reader-friendly way. - nscheck: Bash - DNS diagnosis script -- queryresume-maff.pl: Perl - Irssi script to autoload chat history in query windows. Heavily modified from https://github.com/irssi/scripts.irssi.org/blob/gh-pages/scripts/queryresume.pl +- pscrot & pscrot.rc: Perl - OSX-oriented but likely easily ported daemon for uploading screenshots and such. pscrot.rc is the configuration file, and should be stored at ~/.pscrotrc +- tnotify: Perl - Cron-based script to notify the user when there are tickets waiting on a WHMCS helpdesk - watchd & watchd.conf: Bash - Script designed to run as a cronjob, alerting the user to any events. diff --git a/tnotify b/tnotify new file mode 100755 index 0000000..94b4137 --- /dev/null +++ b/tnotify @@ -0,0 +1,115 @@ +#!/usr/bin/env perl + +package Net::WHMCS::Integration::OSX; + +use strict; +use warnings; + +no warnings qw/experimental/; +use v5.14; +use Digest::MD5 qw/md5_hex/; +use HTTP::Date; +use JSON::PP; +use LWP::UserAgent; +use Maff::Common::OSX qw/nc_notify/; +use Maff::Common::Time qw/relative_time/; + +# Configuration +our $username = ""; +our $password = ""; +our $apitoken = ""; +$password = md5_hex $password; + +my $whmcsinstall = ""; +my $endpoint = "$whmcsinstall/includes/api.php"; +my $maxsubjlen = 32; +my $knownpath = "$ENV{HOME}/.tnotifyd_known"; + +my $whmcs; + +sub readknown { + open my $kn, "<$knownpath"; + my $json = <$kn>; + $json = decode_json $json; + close $kn; + return $json; +} +sub writeknown { + open my $kn, ">$knownpath"; + my $json = JSON::PP->new->encode(@_); + print $kn $json; + close $kn; +} +sub known { + my $k = readknown; + my ($id,$ts) = @_; + return 1 if defined $k->{$id} and $k->{$id} == $ts; + $k->{$id}=$ts; + writeknown $k; + return 0; +} +sub fetchWaitingTickets { + my %pfields = ( + "username" => $username, + "password" => $password, + "accesskey" => $apitoken, + "action" => "gettickets", + "status" => "Awaiting Reply", + #"status" => "All Active Tickets", + "limitnum" => 50, + "responsetype" => "json", + ); + my $lwp = new LWP::UserAgent(timeout => 100); + $lwp->agent('perl/whmcs-api'); + my $response = $lwp->post($endpoint, \%pfields); + return $response->decoded_content; +} +sub build_single { + my $tnum = shift || 0; + my $ticket = $whmcs->{tickets}->{ticket}->[$tnum]; + my ($tid,$tsubj,$ttime,$tstat); + $tid = $ticket->{tid}; $ttime = $ticket->{lastreply}; + $tsubj = $ticket->{subject}; $tstat = $ticket->{status}; + $tsubj = substr($tsubj,0,$maxsubjlen)."…" if length $tsubj > $maxsubjlen; + $ttime =~ s/$/ -0700/; $ttime = str2time $ttime; + return if known $tid, $ttime; + $ttime = relative_time $ttime; + $tstat = "opened" if $tstat eq "Open"; $tstat = "response" if $tstat eq "Customer-Reply"; + return ("New ticket $tstat","#$tid: $tsubj ($ttime)"); +} +sub build_many { + my ($openc,$replc,$esclc,$othc,$ltnum) = (0,0,0,0,0); + for(my $t=0;$t<$whmcs->{numreturned};$t++) { + my $ticket = $whmcs->{tickets}->{ticket}->[$t]; + my $tid = $ticket->{tid}; + my $ttime = $ticket->{lastreply}; $ttime =~ s/$/ -0700/; $ttime = str2time $ttime; + next if known $tid, $ttime; + $ltnum=$t; + for($ticket->{status}) { + $openc++ when /Open/; + $replc++ when /Customer-Reply/; + $esclc++ when /Escalated/i; + default { $othc++ } + } + } + my $tc = ($openc+$replc+$esclc+$othc); + return unless $tc; + return build_single $ltnum if $tc == 1; + my $tstr = ""; + $openc and $tstr .= "$openc open"; + $replc and $tstr .= (length $tstr? ', ' : '')."$replc replied to"; + $esclc and $tstr .= (length $tstr? ', ' : '')."$esclc escalated"; + $othc and $tstr .= (length $tstr? ', ' : '')."$othc misc."; + return ("New tickets waiting",$tstr); +} +sub build { + $whmcs = fetchWaitingTickets; + return ("Error","Failed to parse response from WHMCS: $whmcs") if $whmcs !~ /^{/; + $whmcs = decode_json $whmcs; + return ("Error","Failed to fetch tickets from WHMCS") if $whmcs->{result} ne "success"; + return unless $whmcs->{numreturned}; + return build_single if $whmcs->{numreturned} == 1; + return build_many; +} +my ($t,$m) = build or exit 0; +nc_notify $t, $m; diff --git a/wdns b/wdns index 04d051d..e041127 100755 --- a/wdns +++ b/wdns @@ -1,12 +1,11 @@ -#!/usr/local/bin/bash -#wdns - Script to edit specific zones or the master zones conf file -#Generate random string of characters. This is to ensure we're not directly editing things #TODO: Make the creation and management of reverse zones easier. #TODO: Make the 'zones' file easier to manage. Automate creation, editing and removal of entries. RAND=$(cat /dev/urandom|tr -cd "[:alnum:]"|head -c 8) FILETOEDIT="" -ORIGDIR="/etc/namedb/" -CHECKBIN="/usr/sbin/named-checkconf" +ORIGDIR="/usr/local/etc/namedb" +SUBDIR="" +NAMEDRC="/usr/local/etc/rc.d/named" +CHECKBIN="/usr/local/sbin/named-checkconf" CHECKRUN="$CHECKBIN /tmp/named.$RAND" UPDATE_SOA=0 USAGE="wdns - Small bash script for maintaining BIND9 configs. @@ -23,150 +22,128 @@ USAGE="wdns - Small bash script for maintaining BIND9 configs. # wnds -rs domain.name - resign DNSSEC-secured zone" if [ "$1" == "" ]; then echo "$USAGE" - exit 1 + return 1 elif [ "$1" == "named.conf" ]; then #Edit the master config by default echo "No zone specified, editing named.conf." FILETOEDIT="named.conf" elif [ "$1" == "-h" ]; then echo "$USAGE" - exit 0 + return 0 elif [ "$1" == "-d" ]; then if [ "$2" == "" ]; then echo "$USAGE" - exit 1 + return 1 fi echo "Deleting zone for $2." - if [ ! -f /etc/namedb/master/$2 ]; then + if [ ! -f $ORIGDIR/master/$2 ]; then echo "Error: Zonefile for $2 doesn't exist!" - exit 1 + return 1 fi - rm /etc/namedb/master/$2 + rm $ORIGDIR/master/$2 if [ $? -ne 0 ]; then - echo "Error: Failed to delete zonefile /etc/namedb/master/$2." - exit 1 + echo "Error: Failed to delete zonefile $ORIGDIR/master/$2." + return 1 fi - exit 0 + return 0 elif [ "$1" == "-l" ]; then echo "The following forward zones exist:" - ls -l /etc/namedb/master|egrep -v "\.db$|new.domain|\.last|\.arpa|\.signed$|^total "|awk '{print $9}'|sort + ls -l $ORIGDIR/master|egrep -v "\.db$|new.domain|\.last|\.arpa|\.signed|\.jbk|\.jnl|\.signed\.jnl$|^total "|awk '{print $9}'|sort echo echo "The following reverse zones exist:" - ls -l /etc/namedb/master/|egrep "\.arpa$"|egrep -v "\.last|\.signed$"|awk '{print $9}'|sort - exit 0 + ls -l $ORIGDIR/master/|egrep "\.arpa$"|egrep -v "\.last|\.signed$"|awk '{print $9}'|sort + return 0 elif [ "$1" == "-n" ]; then if [ "$2" == "" ]; then echo "$USAGE" - exit 1 + return 1 fi echo "Creating new zone for $2." - if [ -f /etc/namedb/master/$2 ]; then + if [ -f $ORIGDIR/master/$2 ]; then echo "Error: Zonefile for $2 already exists. Use -nz to overwrite with new zone!" - exit 1 + return 1 fi #TODO: Validate input. - cat /etc/namedb/master/new.domain|sed "s/new\.domain/$2/g">/etc/namedb/master/$2 + cat $ORIGDIR/master/new.domain|sed "s/new\.domain/$2/g">$ORIGDIR/master/$2 if [ $? -ne 0 ]; then - echo "Error: Failed to copy zone template to /etc/namedb/master/$2" - exit 1 + echo "Error: Failed to copy zone template to $ORIGDIR/master/$2" + return 1 fi echo "Zone for $2 created. Run the following on all slaves:" #TODO: Add zone to slaves - read -p "Hit exit to open it for editing, or Ctrl-C to exit." + read -p "Hit return to open it for editing, or Ctrl-C to exit." wdns $2 - exit 0 + return 0 elif [ "$1" == "-nz" ]; then if [ "$2" == "" ]; then echo "$USAGE" - exit 1 + return 1 fi echo "Recreating zone for $2." - if [ ! -f /etc/namedb/master/$2 ]; then + if [ ! -f $ORIGDIR/master/$2 ]; then echo "Error: Zonefile for $2 does not exist. Use -n to create a new zone!" - exit 1 + return 1 fi #TODO: Validate input. - cat /etc/namedb/master/new.domain|sed "s/new\.domain/$2/g">/etc/namedb/master/$2 + cat $ORIGDIR/master/new.domain|sed "s/new\.domain/$2/g">$ORIGDIR/master/$2 if [ $? -ne 0 ]; then - echo "Error: Failed to copy zone template to /etc/namedb/master/$2" - exit 1 + echo "Error: Failed to copy zone template to $ORIGDIR/master/$2" + return 1 fi - read -p "Zone recreated. Hit exit to open it for editing, or Ctrl-C to exit." + read -p "Zone recreated. Hit return to open it for editing, or Ctrl-C to exit." wdns $2 - exit 0 + return 0 elif [ "$1" == "-s" ]; then if [ "$2" == "" ]; then echo "$USAGE" - exit 1 + return 1 fi - if [ ! -f /etc/namedb/master/$2 ]; then + if [ ! -f $ORIGDIR/master/$2 ]; then echo "Error: Zonefile for $2 does not exist. Use -n to create a new zone!" - exit 1 + return 1 fi ZONE=$2 - DNSSEC_DIR="/etc/namedb/dnssec" + DNSSEC_DIR="$ORIGDIR/keys" DSKEYG_MSG="$(dnssec-keygen -f KSK -a RSASHA256 -b 2048 -K $DNSSEC_DIR -n ZONE $ZONE. 2>&1)" if [ $? -ne 0 ]; then echo "DNSSEC signing key generation failed! Error: $DSKEYG_MSG" - exit 1 + return 1 fi - mv $DNSSEC_DIR/K$ZONE.+*.key $DNSSEC_DIR/K$ZONE.KSK.key - mv $DNSSEC_DIR/K$ZONE.+*.private $DNSSEC_DIR/K$ZONE.KSK.private DSKEYG_MSG="$(dnssec-keygen -a RSASHA256 -b 2048 -K $DNSSEC_DIR -n ZONE $ZONE. 2>&1)" if [ $? -ne 0 ]; then echo "DNSSEC zone signing key generation failed! Error: $DSKEYG_MSG" - exit 1 + return 1 fi - mv $DNSSEC_DIR/K$ZONE.+*.key $DNSSEC_DIR/K$ZONE.ZSK.key - mv $DNSSEC_DIR/K$ZONE.+*.private $DNSSEC_DIR/K$ZONE.ZSK.private - echo "The following lines must now be added to the zone file for $ZONE, right after the nameserver records: - \$include $DNSSEC_DIR/K$ZONE.KSK.key - \$include $DNSSEC_DIR/K$ZONE.ZSK.key - - After this has been done, please remember to edit the zone definition in your bind config to change the zone file to '/etc/namedb/master/$ZONE.signed'" && echo - read -p "Press enter to open the zone for editing, or Ctrl-C to exit and add these later." - wdns $ZONE - exit 0 + echo "DNSSEC key generation complete. Add the following to the zone configuration in zones.conf: +key-directory \"$ORIGDIR/keys\"; +auto-dnssec maintain; +inline-signing yes;" && echo + read -p "Press enter to open named.conf.zones for editing, or Ctrl-C to exit and add these later." + wdns zones + return 0 elif [ "$1" == "-rs" ]; then if [ "$2" == "" ]; then echo "$USAGE" - exit 1 + return 1 fi - if [ ! -f /etc/namedb/master/$2 ]; then + if [ ! -f $ORIGDIR/master/$2 ]; then echo "Error: Zonefile for $2 does not exist. Use -n to create a new zone!" - exit 1 + return 1 fi ZONE=$2 - DNSSEC_DIR="/etc/namedb/dnssec" - if [ ! -f /etc/namedb/master/$ZONE.signed ]; then + DNSSEC_DIR="$ORIGDIR/dnssec" + if [ ! -f $ORIGDIR/master/$ZONE.signed ]; then echo "Zone $ZONE doesn't appear to be DNSSEC-enabled! Use -s to sign an unsigned zone!" - exit 1 + return 1 fi if [ ! -f $DNSSEC_DIR/K$ZONE.KSK.key -o ! -f $DNSSEC_DIR/K$ZONE.ZSK.key ]; then echo "Signing keys for $ZONE don't exist! Use -s to sign an unsigned zone!" - exit 1 + return 1 fi - #sorry - ORIGDIR="/etc/namedb/master/" - SOA="$(cat "$ORIGDIR$ZONE"|grep "; Serial"|sed -E 's/;.*//g;s/[[:space:]]*//g')" - SOA_VERSION="$(echo $SOA|tail -c2)" - SOA_DATE="$(echo $SOA|head -c8)" - SOA_NEW_DATE="$(date "+%Y%m%d")" - if [[ "$SOA_DATE" == "$SOA_NEW_DATE" ]]; then - SOA_VERSION="$(echo "$SOA_VERSION+1"|bc)" - if [ "$(echo "$(echo "$SOA_VERSION"|wc -c|tr -cd '[:alnum:]')-1"|bc)" == "1" ]; then - SOA_VERSION="0$SOA_VERSION" - fi - else - SOA_VERSION="00" - SOA_DATE="$SOA_NEW_DATE" - fi - cat "$ORIGDIR$ZONE"|sed "s/$SOA/$SOA_DATE$SOA_VERSION/">/tmp/soatmp$ZONE - mv /tmp/soatmp$ZONE $ORIGDIR$ZONE - DNSSEC_OUT="$(dnssec-signzone -o $ZONE -e +31536000 -d /etc/namedb/dnssec -K /etc/namedb/dnssec -k /etc/namedb/dnssec/K$ZONE.KSK.key /etc/namedb/master/$ZONE /etc/namedb/dnssec/K$ZONE.ZSK.key 2>&1)" + DNSSEC_OUT="$(dnssec-signzone -o $ZONE -d $DNSSEC_DIR -K $DNSSEC_DIR -k $DNSSEC_DIR/K$ZONE.KSK.key $ORIGDIR/master/$ZONE $DNSSEC_DIR/K$ZONE.ZSK.key 2>&1)" if [ $? -ne 0 ]; then echo "DNSSEC signing failed! Error: $DNSSEC_OUT" - exit 1 + return 1 fi echo "Zone $ZONE resigned." #Reload zones @@ -174,32 +151,32 @@ elif [ "$1" == "-rs" ]; then /etc/rc.d/named reload if [ $? -ne 0 ]; then echo "Error while reloading named!" - exit 1 + return 1 fi - exit 0 + return 0 else #Check if we want to edit the master zones config if [ "$1" == "zones" ]; then echo "Editing zones.conf." - FILETOEDIT="zones.conf" + FILETOEDIT="/named.conf.zones" else #Edit a specific zonefile - if [ ! -f /etc/namedb/master/$1 ]; then + if [ ! -f $ORIGDIR/master/$1 ]; then #Error out if the zone doesn't exist. Zones should be created using the newzone function echo "Zone for $1 doesn't exist!" - exit 1 + return 1 fi echo "Editing zonefile for $1." + SUBDIR="/master/" FILETOEDIT="$1" - ORIGDIR="/etc/namedb/master/" - CHECKBIN="/usr/sbin/named-checkzone" + CHECKBIN="/usr/local/sbin/named-checkzone" CHECKRUN="$CHECKBIN $1 /tmp/named.$RAND" UPDATE_SOA=1 fi fi if [ $UPDATE_SOA -eq 1 ]; then #Update SOA - SOA="$(cat "$ORIGDIR$FILETOEDIT"|grep "; Serial"|sed -E 's/;.*//g;s/[[:space:]]*//g')" + SOA="$(cat "$ORIGDIR$SUBDIR$FILETOEDIT"|grep "; Serial"|sed -E 's/;.*//g;s/[[:space:]]*//g')" SOA_VERSION="$(echo $SOA|tail -c2)" SOA_DATE="$(echo $SOA|head -c8)" SOA_NEW_DATE="$(date "+%Y%m%d")" @@ -212,9 +189,9 @@ if [ $UPDATE_SOA -eq 1 ]; then SOA_VERSION="00" SOA_DATE="$SOA_NEW_DATE" fi - cat "$ORIGDIR$FILETOEDIT"|sed "s/$SOA/$SOA_DATE$SOA_VERSION/">/tmp/named.$RAND + cat "$ORIGDIR$SUBDIR$FILETOEDIT"|sed "s/$SOA/$SOA_DATE$SOA_VERSION/">/tmp/named.$RAND else - cp "$ORIGDIR$FILETOEDIT" /tmp/named.$RAND + cp "$ORIGDIR$SUBDIR$FILETOEDIT" /tmp/named.$RAND fi #Generate MD5 sum of the original file ORIGHASH=$(md5 -q /tmp/named.$RAND) @@ -224,7 +201,7 @@ for (( ; ; )); do NEWHASH=$(md5 -q /tmp/named.$RAND) if [ "$ORIGHASH" == "$NEWHASH" ]; then echo "No changes made to $FILETOEDIT." - exit 0 + return 0 fi echo -n "Checking $FILETOEDIT for errors... " CHECK_OUT=$($CHECKRUN) @@ -232,25 +209,17 @@ for (( ; ; )); do #Changes cleared named-checkzone echo "No errors." #Make a backup of the previous known-good zone, just in case - cp "$ORIGDIR$FILETOEDIT" "$ORIGDIR$FILETOEDIT.last" + cp "$ORIGDIR$SUBDIR$FILETOEDIT" "$ORIGDIR$SUBDIR$FILETOEDIT.last" #Move the new zone in over the old one - mv /tmp/named.$RAND "$ORIGDIR$FILETOEDIT" - #DNSSEC - if [ -f /etc/namedb/dnssec/K$1.KSK.key ]; then - echo "Signing zone" - DNSSEC_OUT="$(dnssec-signzone -o $1 -e +31536000 -d /etc/namedb/dnssec -K /etc/namedb/dnssec -k /etc/namedb/dnssec/K$1.KSK.key /etc/namedb/master/$1 /etc/namedb/dnssec/K$1.ZSK.key 2>&1)" - if [ $? -ne 0 ]; then - echo "Failed to sign zone!\n$DNSSEC_OUT" - fi - fi + mv /tmp/named.$RAND "$ORIGDIR$SUBDIR$FILETOEDIT" #Reload zones echo "Reloading named" - /etc/rc.d/named reload + $NAMEDRC reload if [ $? -eq 0 ]; then break else echo "Error while reloading named!" - exit 1 + return 1 fi else #Changes didn't clear named-checkzone