Renerate /etc/rndc.key during named service startup if doesn't exist
- increase startup timeout in systemd units to 90sec (default) Signed-off-by: Adam Tkac <atkac@redhat.com>
This commit is contained in:
parent
e73262808d
commit
0f7d49832f
@ -26,7 +26,7 @@ Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv
|
|||||||
Name: bind
|
Name: bind
|
||||||
License: ISC
|
License: ISC
|
||||||
Version: 9.9.2
|
Version: 9.9.2
|
||||||
Release: 5.%{PATCHVER}%{?dist}
|
Release: 6.%{PATCHVER}%{?dist}
|
||||||
Epoch: 32
|
Epoch: 32
|
||||||
Url: http://www.isc.org/products/BIND/
|
Url: http://www.isc.org/products/BIND/
|
||||||
Buildroot:%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
Buildroot:%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
||||||
@ -53,6 +53,7 @@ Source38: named-chroot.service
|
|||||||
Source39: named-sdb.service
|
Source39: named-sdb.service
|
||||||
Source40: named-sdb-chroot.service
|
Source40: named-sdb-chroot.service
|
||||||
Source41: setup-named-chroot.sh
|
Source41: setup-named-chroot.sh
|
||||||
|
Source42: generate-rndc-key.sh
|
||||||
|
|
||||||
# Common patches
|
# Common patches
|
||||||
Patch5: bind-nonexec.patch
|
Patch5: bind-nonexec.patch
|
||||||
@ -433,6 +434,7 @@ install -m 644 %{SOURCE40} ${RPM_BUILD_ROOT}%{_unitdir}
|
|||||||
|
|
||||||
mkdir -p ${RPM_BUILD_ROOT}%{_libexecdir}
|
mkdir -p ${RPM_BUILD_ROOT}%{_libexecdir}
|
||||||
install -m 755 %{SOURCE41} ${RPM_BUILD_ROOT}%{_libexecdir}/setup-named-chroot.sh
|
install -m 755 %{SOURCE41} ${RPM_BUILD_ROOT}%{_libexecdir}/setup-named-chroot.sh
|
||||||
|
install -m 755 %{SOURCE42} ${RPM_BUILD_ROOT}%{_libexecdir}/generate-rndc-key.sh
|
||||||
|
|
||||||
install -m 644 %SOURCE3 ${RPM_BUILD_ROOT}/etc/logrotate.d/named
|
install -m 644 %SOURCE3 ${RPM_BUILD_ROOT}/etc/logrotate.d/named
|
||||||
install -m 755 %SOURCE4 ${RPM_BUILD_ROOT}/etc/NetworkManager/dispatcher.d/13-named
|
install -m 755 %SOURCE4 ${RPM_BUILD_ROOT}/etc/NetworkManager/dispatcher.d/13-named
|
||||||
@ -618,6 +620,7 @@ rm -rf ${RPM_BUILD_ROOT}
|
|||||||
%{_sbindir}/rndc*
|
%{_sbindir}/rndc*
|
||||||
%{_sbindir}/named-compilezone
|
%{_sbindir}/named-compilezone
|
||||||
%{_sbindir}/isc-hmac-fixup
|
%{_sbindir}/isc-hmac-fixup
|
||||||
|
%{_libexecdir}/generate-rndc-key.sh
|
||||||
%{_mandir}/man1/arpaname.1*
|
%{_mandir}/man1/arpaname.1*
|
||||||
%{_mandir}/man5/named.conf.5*
|
%{_mandir}/man5/named.conf.5*
|
||||||
%{_mandir}/man5/rndc.conf.5*
|
%{_mandir}/man5/rndc.conf.5*
|
||||||
@ -769,6 +772,10 @@ rm -rf ${RPM_BUILD_ROOT}
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Dec 20 2012 Adam Tkac <atkac redhat com> 32:9.9.2-6.P1
|
||||||
|
- generate /etc/rndc.key during named service startup if doesn't exist
|
||||||
|
- increase startup timeout in systemd units to 90sec (default)
|
||||||
|
|
||||||
* Wed Dec 05 2012 Tomas Hozza <thozza@redhat.com> 32:9.9.2-5.P1
|
* Wed Dec 05 2012 Tomas Hozza <thozza@redhat.com> 32:9.9.2-5.P1
|
||||||
- update to bind-9.9.2-P1
|
- update to bind-9.9.2-P1
|
||||||
|
|
||||||
|
19
generate-rndc-key.sh
Executable file
19
generate-rndc-key.sh
Executable file
@ -0,0 +1,19 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
. /etc/rc.d/init.d/functions
|
||||||
|
|
||||||
|
# This script generates /etc/rndc.key if doesn't exist
|
||||||
|
|
||||||
|
if [ ! -s /etc/rndc.key ]; then
|
||||||
|
echo -n $"Generating /etc/rndc.key:"
|
||||||
|
if /usr/sbin/rndc-confgen -a > /dev/null 2>&1; then
|
||||||
|
chmod 640 /etc/rndc.key
|
||||||
|
chown root.named /etc/rndc.key
|
||||||
|
[ -x /sbin/restorecon ] && /sbin/restorecon /etc/rndc.key
|
||||||
|
success $"/etc/rndc.key generation"
|
||||||
|
echo
|
||||||
|
else
|
||||||
|
failure $"/etc/rndc.key generation"
|
||||||
|
echo
|
||||||
|
fi
|
||||||
|
fi
|
@ -14,6 +14,7 @@ EnvironmentFile=-/etc/sysconfig/named
|
|||||||
Environment=KRB5_KTNAME=/etc/named.keytab
|
Environment=KRB5_KTNAME=/etc/named.keytab
|
||||||
PIDFile=/var/named/chroot/var/run/named/named.pid
|
PIDFile=/var/named/chroot/var/run/named/named.pid
|
||||||
|
|
||||||
|
ExecStartPre=/usr/libexec/generate-rndc-key.sh
|
||||||
ExecStartPre=/usr/libexec/setup-named-chroot.sh /var/named/chroot on
|
ExecStartPre=/usr/libexec/setup-named-chroot.sh /var/named/chroot on
|
||||||
ExecStartPre=/usr/sbin/named-checkconf -t /var/named/chroot -z /etc/named.conf
|
ExecStartPre=/usr/sbin/named-checkconf -t /var/named/chroot -z /etc/named.conf
|
||||||
ExecStart=/usr/sbin/named -u named -t /var/named/chroot $OPTIONS
|
ExecStart=/usr/sbin/named -u named -t /var/named/chroot $OPTIONS
|
||||||
@ -24,7 +25,6 @@ ExecStop=/bin/sh -c '/usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MA
|
|||||||
ExecStopPost=/usr/libexec/setup-named-chroot.sh /var/named/chroot off
|
ExecStopPost=/usr/libexec/setup-named-chroot.sh /var/named/chroot off
|
||||||
|
|
||||||
PrivateTmp=false
|
PrivateTmp=false
|
||||||
TimeoutSec=25
|
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
WantedBy=multi-user.target
|
WantedBy=multi-user.target
|
||||||
|
@ -14,6 +14,7 @@ EnvironmentFile=-/etc/sysconfig/named
|
|||||||
Environment=KRB5_KTNAME=/etc/named.keytab
|
Environment=KRB5_KTNAME=/etc/named.keytab
|
||||||
PIDFile=/var/named/chroot/var/run/named/named.pid
|
PIDFile=/var/named/chroot/var/run/named/named.pid
|
||||||
|
|
||||||
|
ExecStartPre=/usr/libexec/generate-rndc-key.sh
|
||||||
ExecStartPre=/usr/libexec/setup-named-chroot.sh /var/named/chroot on
|
ExecStartPre=/usr/libexec/setup-named-chroot.sh /var/named/chroot on
|
||||||
ExecStartPre=/usr/sbin/named-checkconf -t /var/named/chroot -z /etc/named.conf
|
ExecStartPre=/usr/sbin/named-checkconf -t /var/named/chroot -z /etc/named.conf
|
||||||
ExecStart=/usr/sbin/named-sdb -u named -t /var/named/chroot $OPTIONS
|
ExecStart=/usr/sbin/named-sdb -u named -t /var/named/chroot $OPTIONS
|
||||||
@ -24,7 +25,6 @@ ExecStop=/bin/sh -c '/usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MA
|
|||||||
ExecStopPost=/usr/libexec/setup-named-chroot.sh /var/named/chroot off
|
ExecStopPost=/usr/libexec/setup-named-chroot.sh /var/named/chroot off
|
||||||
|
|
||||||
PrivateTmp=false
|
PrivateTmp=false
|
||||||
TimeoutSec=25
|
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
WantedBy=multi-user.target
|
WantedBy=multi-user.target
|
||||||
|
@ -10,6 +10,7 @@ EnvironmentFile=-/etc/sysconfig/named
|
|||||||
Environment=KRB5_KTNAME=/etc/named.keytab
|
Environment=KRB5_KTNAME=/etc/named.keytab
|
||||||
PIDFile=/var/run/named/named.pid
|
PIDFile=/var/run/named/named.pid
|
||||||
|
|
||||||
|
ExecStartPre=/usr/libexec/generate-rndc-key.sh
|
||||||
ExecStartPre=/usr/sbin/named-checkconf -z /etc/named.conf
|
ExecStartPre=/usr/sbin/named-checkconf -z /etc/named.conf
|
||||||
ExecStart=/usr/sbin/named-sdb -u named $OPTIONS
|
ExecStart=/usr/sbin/named-sdb -u named $OPTIONS
|
||||||
|
|
||||||
@ -18,7 +19,6 @@ ExecReload=/bin/sh -c '/usr/sbin/rndc reload > /dev/null 2>&1 || /bin/kill -HUP
|
|||||||
ExecStop=/bin/sh -c '/usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MAINPID'
|
ExecStop=/bin/sh -c '/usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MAINPID'
|
||||||
|
|
||||||
PrivateTmp=true
|
PrivateTmp=true
|
||||||
TimeoutSec=25
|
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
WantedBy=multi-user.target
|
WantedBy=multi-user.target
|
||||||
|
@ -10,6 +10,7 @@ EnvironmentFile=-/etc/sysconfig/named
|
|||||||
Environment=KRB5_KTNAME=/etc/named.keytab
|
Environment=KRB5_KTNAME=/etc/named.keytab
|
||||||
PIDFile=/run/named/named.pid
|
PIDFile=/run/named/named.pid
|
||||||
|
|
||||||
|
ExecStartPre=/usr/libexec/generate-rndc-key.sh
|
||||||
ExecStartPre=/usr/sbin/named-checkconf -z /etc/named.conf
|
ExecStartPre=/usr/sbin/named-checkconf -z /etc/named.conf
|
||||||
ExecStart=/usr/sbin/named -u named $OPTIONS
|
ExecStart=/usr/sbin/named -u named $OPTIONS
|
||||||
|
|
||||||
@ -18,7 +19,6 @@ ExecReload=/bin/sh -c '/usr/sbin/rndc reload > /dev/null 2>&1 || /bin/kill -HUP
|
|||||||
ExecStop=/bin/sh -c '/usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MAINPID'
|
ExecStop=/bin/sh -c '/usr/sbin/rndc stop > /dev/null 2>&1 || /bin/kill -TERM $MAINPID'
|
||||||
|
|
||||||
PrivateTmp=true
|
PrivateTmp=true
|
||||||
TimeoutSec=25
|
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
WantedBy=multi-user.target
|
WantedBy=multi-user.target
|
||||||
|
Loading…
Reference in New Issue
Block a user