actually fixed the LC_CTYPE issue with tr

This commit is contained in:
Matthew Connelly 2015-02-23 23:49:31 +00:00
parent 6e33560d01
commit e28105d48b
1 changed files with 31 additions and 31 deletions

62
wdns
View File

@ -1,6 +1,6 @@
#TODO: Make the creation and management of reverse zones easier. #TODO: Make the creation and management of reverse zones easier.
#TODO: Make the 'zones' file easier to manage. Automate creation, editing and removal of entries. #TODO: Make the 'zones' file easier to manage. Automate creation, editing and removal of entries.
RAND=$(LC_CTYPE=C;cat /dev/urandom|tr -cd "[:alnum:]"|head -c 8) RAND=$(cat /dev/urandom|env -i LC_CTYPE=C tr -cd "[:alnum:]"|head -c 8)
FILETOEDIT="" FILETOEDIT=""
ORIGDIR="/usr/local/etc/namedb" ORIGDIR="/usr/local/etc/namedb"
SUBDIR="" SUBDIR=""
@ -22,97 +22,97 @@ USAGE="wdns - Small bash script for maintaining BIND9 configs.
# wnds -rs domain.name - resign DNSSEC-secured zone" # wnds -rs domain.name - resign DNSSEC-secured zone"
if [ "$1" == "" ]; then if [ "$1" == "" ]; then
echo "$USAGE" echo "$USAGE"
return 1 exit 1
elif [ "$1" == "named.conf" ]; then elif [ "$1" == "named.conf" ]; then
#Edit the master config by default #Edit the master config by default
echo "No zone specified, editing named.conf." echo "No zone specified, editing named.conf."
FILETOEDIT="named.conf" FILETOEDIT="named.conf"
elif [ "$1" == "-h" ]; then elif [ "$1" == "-h" ]; then
echo "$USAGE" echo "$USAGE"
return 0 exit 0
elif [ "$1" == "-d" ]; then elif [ "$1" == "-d" ]; then
if [ "$2" == "" ]; then if [ "$2" == "" ]; then
echo "$USAGE" echo "$USAGE"
return 1 exit 1
fi fi
echo "Deleting zone for $2." echo "Deleting zone for $2."
if [ ! -f $ORIGDIR/master/$2 ]; then if [ ! -f $ORIGDIR/master/$2 ]; then
echo "Error: Zonefile for $2 doesn't exist!" echo "Error: Zonefile for $2 doesn't exist!"
return 1 exit 1
fi fi
rm $ORIGDIR/master/$2 rm $ORIGDIR/master/$2
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
echo "Error: Failed to delete zonefile $ORIGDIR/master/$2." echo "Error: Failed to delete zonefile $ORIGDIR/master/$2."
return 1 exit 1
fi fi
return 0 exit 0
elif [ "$1" == "-l" ]; then elif [ "$1" == "-l" ]; then
echo "The following forward zones exist:" echo "The following forward zones exist:"
ls -l $ORIGDIR/master|egrep -v "\.db$|new.domain|\.last|\.arpa|\.signed|\.jbk|\.jnl|\.signed\.jnl$|^total "|awk '{print $9}'|sort ls -l $ORIGDIR/master|egrep -v "\.db$|new.domain|\.last|\.arpa|\.signed|\.jbk|\.jnl|\.signed\.jnl$|^total "|awk '{print $9}'|sort
echo echo
echo "The following reverse zones exist:" echo "The following reverse zones exist:"
ls -l $ORIGDIR/master/|egrep "\.arpa$"|egrep -v "\.last|\.signed$"|awk '{print $9}'|sort ls -l $ORIGDIR/master/|egrep "\.arpa$"|egrep -v "\.last|\.signed$"|awk '{print $9}'|sort
return 0 exit 0
elif [ "$1" == "-n" ]; then elif [ "$1" == "-n" ]; then
if [ "$2" == "" ]; then if [ "$2" == "" ]; then
echo "$USAGE" echo "$USAGE"
return 1 exit 1
fi fi
echo "Creating new zone for $2." echo "Creating new zone for $2."
if [ -f $ORIGDIR/master/$2 ]; then if [ -f $ORIGDIR/master/$2 ]; then
echo "Error: Zonefile for $2 already exists. Use -nz to overwrite with new zone!" echo "Error: Zonefile for $2 already exists. Use -nz to overwrite with new zone!"
return 1 exit 1
fi fi
#TODO: Validate input. #TODO: Validate input.
cat $ORIGDIR/master/new.domain|sed "s/new\.domain/$2/g">$ORIGDIR/master/$2 cat $ORIGDIR/master/new.domain|sed "s/new\.domain/$2/g">$ORIGDIR/master/$2
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
echo "Error: Failed to copy zone template to $ORIGDIR/master/$2" echo "Error: Failed to copy zone template to $ORIGDIR/master/$2"
return 1 exit 1
fi fi
echo "Zone for $2 created. Run the following on all slaves:" echo "Zone for $2 created. Run the following on all slaves:"
#TODO: Add zone to slaves #TODO: Add zone to slaves
read -p "Hit return to open it for editing, or Ctrl-C to exit." read -p "Hit return to open it for editing, or Ctrl-C to exit."
wdns $2 wdns $2
return 0 exit 0
elif [ "$1" == "-nz" ]; then elif [ "$1" == "-nz" ]; then
if [ "$2" == "" ]; then if [ "$2" == "" ]; then
echo "$USAGE" echo "$USAGE"
return 1 exit 1
fi fi
echo "Recreating zone for $2." echo "Recreating zone for $2."
if [ ! -f $ORIGDIR/master/$2 ]; then if [ ! -f $ORIGDIR/master/$2 ]; then
echo "Error: Zonefile for $2 does not exist. Use -n to create a new zone!" echo "Error: Zonefile for $2 does not exist. Use -n to create a new zone!"
return 1 exit 1
fi fi
#TODO: Validate input. #TODO: Validate input.
cat $ORIGDIR/master/new.domain|sed "s/new\.domain/$2/g">$ORIGDIR/master/$2 cat $ORIGDIR/master/new.domain|sed "s/new\.domain/$2/g">$ORIGDIR/master/$2
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
echo "Error: Failed to copy zone template to $ORIGDIR/master/$2" echo "Error: Failed to copy zone template to $ORIGDIR/master/$2"
return 1 exit 1
fi fi
read -p "Zone recreated. Hit return to open it for editing, or Ctrl-C to exit." read -p "Zone recreated. Hit return to open it for editing, or Ctrl-C to exit."
wdns $2 wdns $2
return 0 exit 0
elif [ "$1" == "-s" ]; then elif [ "$1" == "-s" ]; then
if [ "$2" == "" ]; then if [ "$2" == "" ]; then
echo "$USAGE" echo "$USAGE"
return 1 exit 1
fi fi
if [ ! -f $ORIGDIR/master/$2 ]; then if [ ! -f $ORIGDIR/master/$2 ]; then
echo "Error: Zonefile for $2 does not exist. Use -n to create a new zone!" echo "Error: Zonefile for $2 does not exist. Use -n to create a new zone!"
return 1 exit 1
fi fi
ZONE=$2 ZONE=$2
DNSSEC_DIR="$ORIGDIR/keys" DNSSEC_DIR="$ORIGDIR/keys"
DSKEYG_MSG="$(dnssec-keygen -f KSK -a RSASHA256 -b 2048 -K $DNSSEC_DIR -n ZONE $ZONE. 2>&1)" DSKEYG_MSG="$(dnssec-keygen -f KSK -a RSASHA256 -b 2048 -K $DNSSEC_DIR -n ZONE $ZONE. 2>&1)"
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
echo "DNSSEC signing key generation failed! Error: $DSKEYG_MSG" echo "DNSSEC signing key generation failed! Error: $DSKEYG_MSG"
return 1 exit 1
fi fi
DSKEYG_MSG="$(dnssec-keygen -a RSASHA256 -b 2048 -K $DNSSEC_DIR -n ZONE $ZONE. 2>&1)" DSKEYG_MSG="$(dnssec-keygen -a RSASHA256 -b 2048 -K $DNSSEC_DIR -n ZONE $ZONE. 2>&1)"
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
echo "DNSSEC zone signing key generation failed! Error: $DSKEYG_MSG" echo "DNSSEC zone signing key generation failed! Error: $DSKEYG_MSG"
return 1 exit 1
fi fi
echo "DNSSEC key generation complete. Add the following to the zone configuration in zones.conf: echo "DNSSEC key generation complete. Add the following to the zone configuration in zones.conf:
key-directory \"$ORIGDIR/keys\"; key-directory \"$ORIGDIR/keys\";
@ -120,30 +120,30 @@ auto-dnssec maintain;
inline-signing yes;" && echo inline-signing yes;" && echo
read -p "Press enter to open named.conf.zones for editing, or Ctrl-C to exit and add these later." read -p "Press enter to open named.conf.zones for editing, or Ctrl-C to exit and add these later."
wdns zones wdns zones
return 0 exit 0
elif [ "$1" == "-rs" ]; then elif [ "$1" == "-rs" ]; then
if [ "$2" == "" ]; then if [ "$2" == "" ]; then
echo "$USAGE" echo "$USAGE"
return 1 exit 1
fi fi
if [ ! -f $ORIGDIR/master/$2 ]; then if [ ! -f $ORIGDIR/master/$2 ]; then
echo "Error: Zonefile for $2 does not exist. Use -n to create a new zone!" echo "Error: Zonefile for $2 does not exist. Use -n to create a new zone!"
return 1 exit 1
fi fi
ZONE=$2 ZONE=$2
DNSSEC_DIR="$ORIGDIR/dnssec" DNSSEC_DIR="$ORIGDIR/dnssec"
if [ ! -f $ORIGDIR/master/$ZONE.signed ]; then if [ ! -f $ORIGDIR/master/$ZONE.signed ]; then
echo "Zone $ZONE doesn't appear to be DNSSEC-enabled! Use -s to sign an unsigned zone!" echo "Zone $ZONE doesn't appear to be DNSSEC-enabled! Use -s to sign an unsigned zone!"
return 1 exit 1
fi fi
if [ ! -f $DNSSEC_DIR/K$ZONE.KSK.key -o ! -f $DNSSEC_DIR/K$ZONE.ZSK.key ]; then if [ ! -f $DNSSEC_DIR/K$ZONE.KSK.key -o ! -f $DNSSEC_DIR/K$ZONE.ZSK.key ]; then
echo "Signing keys for $ZONE don't exist! Use -s to sign an unsigned zone!" echo "Signing keys for $ZONE don't exist! Use -s to sign an unsigned zone!"
return 1 exit 1
fi fi
DNSSEC_OUT="$(dnssec-signzone -o $ZONE -d $DNSSEC_DIR -K $DNSSEC_DIR -k $DNSSEC_DIR/K$ZONE.KSK.key $ORIGDIR/master/$ZONE $DNSSEC_DIR/K$ZONE.ZSK.key 2>&1)" DNSSEC_OUT="$(dnssec-signzone -o $ZONE -d $DNSSEC_DIR -K $DNSSEC_DIR -k $DNSSEC_DIR/K$ZONE.KSK.key $ORIGDIR/master/$ZONE $DNSSEC_DIR/K$ZONE.ZSK.key 2>&1)"
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
echo "DNSSEC signing failed! Error: $DNSSEC_OUT" echo "DNSSEC signing failed! Error: $DNSSEC_OUT"
return 1 exit 1
fi fi
echo "Zone $ZONE resigned." echo "Zone $ZONE resigned."
#Reload zones #Reload zones
@ -151,9 +151,9 @@ elif [ "$1" == "-rs" ]; then
/etc/rc.d/named reload /etc/rc.d/named reload
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
echo "Error while reloading named!" echo "Error while reloading named!"
return 1 exit 1
fi fi
return 0 exit 0
else else
#Check if we want to edit the master zones config #Check if we want to edit the master zones config
if [ "$1" == "zones" ]; then if [ "$1" == "zones" ]; then
@ -164,7 +164,7 @@ else
if [ ! -f $ORIGDIR/master/$1 ]; then if [ ! -f $ORIGDIR/master/$1 ]; then
#Error out if the zone doesn't exist. Zones should be created using the newzone function #Error out if the zone doesn't exist. Zones should be created using the newzone function
echo "Zone for $1 doesn't exist!" echo "Zone for $1 doesn't exist!"
return 1 exit 1
fi fi
echo "Editing zonefile for $1." echo "Editing zonefile for $1."
SUBDIR="/master/" SUBDIR="/master/"
@ -201,7 +201,7 @@ for (( ; ; )); do
NEWHASH=$(md5 -q /tmp/named.$RAND) NEWHASH=$(md5 -q /tmp/named.$RAND)
if [ "$ORIGHASH" == "$NEWHASH" ]; then if [ "$ORIGHASH" == "$NEWHASH" ]; then
echo "No changes made to $FILETOEDIT." echo "No changes made to $FILETOEDIT."
return 0 exit 0
fi fi
echo -n "Checking $FILETOEDIT for errors... " echo -n "Checking $FILETOEDIT for errors... "
CHECK_OUT=$($CHECKRUN) CHECK_OUT=$($CHECKRUN)
@ -219,7 +219,7 @@ for (( ; ; )); do
break break
else else
echo "Error while reloading named!" echo "Error while reloading named!"
return 1 exit 1
fi fi
else else
#Changes didn't clear named-checkzone #Changes didn't clear named-checkzone