Renerate /etc/rndc.key during named service startup if doesn't exist

- increase startup timeout in systemd units to 90sec (default) Signed-off-by: Adam Tkac <atkac@redhat.com>
2012-12-20 14:34:39 +01:00 · 2012-12-20 14:34:39 +01:00 · 0f7d49832f
parent e73262808d
commit 0f7d49832f
6 changed files with 31 additions and 5 deletions
--- a/bind.spec
+++ b/bind.spec
@ -26,7 +26,7 @@ Summary:  The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv
 Name:     bind
 License:  ISC
 Version:  9.9.2
-Release:  5.%{PATCHVER}%{?dist}
+Release:  6.%{PATCHVER}%{?dist}
 Epoch:    32
 Url:      http://www.isc.org/products/BIND/
 Buildroot:%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@ -53,6 +53,7 @@ Source38: named-chroot.service
 Source39: named-sdb.service
 Source40: named-sdb-chroot.service
 Source41: setup-named-chroot.sh
+Source42: generate-rndc-key.sh

 # Common patches
 Patch5:  bind-nonexec.patch
@ -433,6 +434,7 @@ install -m 644 %{SOURCE40} ${RPM_BUILD_ROOT}%{_unitdir}

 mkdir -p ${RPM_BUILD_ROOT}%{_libexecdir}
 install -m 755 %{SOURCE41} ${RPM_BUILD_ROOT}%{_libexecdir}/setup-named-chroot.sh
+install -m 755 %{SOURCE42} ${RPM_BUILD_ROOT}%{_libexecdir}/generate-rndc-key.sh

 install -m 644 %SOURCE3 ${RPM_BUILD_ROOT}/etc/logrotate.d/named
 install -m 755 %SOURCE4 ${RPM_BUILD_ROOT}/etc/NetworkManager/dispatcher.d/13-named
@ -618,6 +620,7 @@ rm -rf ${RPM_BUILD_ROOT}
 %{_sbindir}/rndc*
 %{_sbindir}/named-compilezone
 %{_sbindir}/isc-hmac-fixup
+%{_libexecdir}/generate-rndc-key.sh
 %{_mandir}/man1/arpaname.1*
 %{_mandir}/man5/named.conf.5*
 %{_mandir}/man5/rndc.conf.5*
@ -769,6 +772,10 @@ rm -rf ${RPM_BUILD_ROOT}
 %endif

 %changelog
+* Thu Dec 20 2012 Adam Tkac <atkac redhat com> 32:9.9.2-6.P1
+- generate /etc/rndc.key during named service startup if doesn't exist
+- increase startup timeout in systemd units to 90sec (default)
+
 * Wed Dec 05 2012 Tomas Hozza <thozza@redhat.com> 32:9.9.2-5.P1
 - update to bind-9.9.2-P1

--- a/generate-rndc-key.sh
+++ b/generate-rndc-key.sh
@ -0,0 +1,19 @@
+#!/bin/bash
+
+. /etc/rc.d/init.d/functions
+
+# This script generates /etc/rndc.key if doesn't exist
+
+if [ ! -s /etc/rndc.key ]; then
+  echo -n $"Generating /etc/rndc.key:"
+  if /usr/sbin/rndc-confgen -a > /dev/null 2>&1; then
+    chmod 640 /etc/rndc.key
+    chown root.named /etc/rndc.key
+    [ -x /sbin/restorecon ] && /sbin/restorecon /etc/rndc.key
+    success $"/etc/rndc.key generation"
+    echo
+  else
+    failure $"/etc/rndc.key generation"
+    echo
+  fi
+fi
--- a/named-chroot.service
+++ b/named-chroot.service
@ -14,6 +14,7 @@ EnvironmentFile=-/etc/sysconfig/named
 Environment=KRB5_KTNAME=/etc/named.keytab
 PIDFile=/var/named/chroot/var/run/named/named.pid

+ExecStartPre=/usr/libexec/generate-rndc-key.sh
 ExecStartPre=/usr/libexec/setup-named-chroot.sh /var/named/chroot on
 ExecStartPre=/usr/sbin/named-checkconf -t /var/named/chroot -z /etc/named.conf
 ExecStart=/usr/sbin/named -u named -t /var/named/chroot $OPTIONS
@ -24,7 +25,6 @@ ExecStop=/bin/sh -c '/usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MA
 ExecStopPost=/usr/libexec/setup-named-chroot.sh /var/named/chroot off

 PrivateTmp=false
-TimeoutSec=25

 [Install]
 WantedBy=multi-user.target
--- a/named-sdb-chroot.service
+++ b/named-sdb-chroot.service
@ -14,6 +14,7 @@ EnvironmentFile=-/etc/sysconfig/named
 Environment=KRB5_KTNAME=/etc/named.keytab
 PIDFile=/var/named/chroot/var/run/named/named.pid

+ExecStartPre=/usr/libexec/generate-rndc-key.sh
 ExecStartPre=/usr/libexec/setup-named-chroot.sh /var/named/chroot on
 ExecStartPre=/usr/sbin/named-checkconf -t /var/named/chroot -z /etc/named.conf
 ExecStart=/usr/sbin/named-sdb -u named -t /var/named/chroot $OPTIONS
@ -24,7 +25,6 @@ ExecStop=/bin/sh -c '/usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MA
 ExecStopPost=/usr/libexec/setup-named-chroot.sh /var/named/chroot off

 PrivateTmp=false
-TimeoutSec=25

 [Install]
 WantedBy=multi-user.target
--- a/named-sdb.service
+++ b/named-sdb.service
@ -10,6 +10,7 @@ EnvironmentFile=-/etc/sysconfig/named
 Environment=KRB5_KTNAME=/etc/named.keytab
 PIDFile=/var/run/named/named.pid

+ExecStartPre=/usr/libexec/generate-rndc-key.sh
 ExecStartPre=/usr/sbin/named-checkconf -z /etc/named.conf
 ExecStart=/usr/sbin/named-sdb -u named $OPTIONS

@ -18,7 +19,6 @@ ExecReload=/bin/sh -c '/usr/sbin/rndc reload > /dev/null 2>&1 || /bin/kill -HUP
 ExecStop=/bin/sh -c '/usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MAINPID'

 PrivateTmp=true
-TimeoutSec=25

 [Install]
 WantedBy=multi-user.target
--- a/named.service
+++ b/named.service
@ -10,6 +10,7 @@ EnvironmentFile=-/etc/sysconfig/named
 Environment=KRB5_KTNAME=/etc/named.keytab
 PIDFile=/run/named/named.pid

+ExecStartPre=/usr/libexec/generate-rndc-key.sh
 ExecStartPre=/usr/sbin/named-checkconf -z /etc/named.conf
 ExecStart=/usr/sbin/named -u named $OPTIONS

@ -18,7 +19,6 @@ ExecReload=/bin/sh -c '/usr/sbin/rndc reload > /dev/null 2>&1 || /bin/kill -HUP
 ExecStop=/bin/sh -c '/usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MAINPID'

 PrivateTmp=true
-TimeoutSec=25

 [Install]
 WantedBy=multi-user.target