Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 16 May 2009 20:55:28 +0000 (UTC)
From:      Doug Barton <dougb@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r192215 - in head: etc/defaults etc/namedb etc/rc.d share/man/man5
Message-ID:  <200905162055.n4GKtSIM002316@svn.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: dougb
Date: Sat May 16 20:55:28 2009
New Revision: 192215
URL: http://svn.freebsd.org/changeset/base/192215

Log:
  1. New feature; option to have the script loop until a specified hostname
  (localhost by default) can be successfully looked up. Off by default.
  2. New feature: option to create a forwarder configuration file based on
  the contents of /etc/resolv.conf. This allows you to utilize a local
  resolver for better performance, less network traffic, custom zones, etc.
  while still relying on the benefits of your local network resolver.
  Off by default.
  3. Add named-checkconf into the startup routine. This will prevent named
  from trying to start in a situation where it would not be possible to do
  so.

Modified:
  head/etc/defaults/rc.conf
  head/etc/namedb/named.conf
  head/etc/rc.d/named
  head/share/man/man5/rc.conf.5

Modified: head/etc/defaults/rc.conf
==============================================================================
--- head/etc/defaults/rc.conf	Sat May 16 20:51:28 2009	(r192214)
+++ head/etc/defaults/rc.conf	Sat May 16 20:55:28 2009	(r192215)
@@ -247,6 +247,7 @@ inetd_flags="-wW -C 60"		# Optional flag
 #
 named_enable="NO"		# Run named, the DNS server (or NO).
 named_program="/usr/sbin/named" # Path to named, if you want a different one.
+named_conf="/etc/namedb/named.conf" 	# Path to the configuration file
 #named_flags="-c /etc/namedb/named.conf" # Uncomment for named not in /usr/sbin
 named_pidfile="/var/run/named/pid" # Must set this in named.conf as well
 named_uid="bind" 		# User to run named as
@@ -254,6 +255,10 @@ named_chrootdir="/var/named"	# Chroot di
 named_chroot_autoupdate="YES"	# Automatically install/update chrooted
 				# components of named. See /etc/rc.d/named.
 named_symlink_enable="YES"	# Symlink the chrooted pid file
+named_wait="NO" 		# Wait for working name service before exiting
+named_wait_host="localhost" 	# Hostname to check if named_wait is enabled
+named_auto_forward="NO" 	# Set up forwarders from /etc/resolv.conf
+named_auto_forward_only="NO" 	# Do "forward only" instead of "forward first"
 
 #
 # kerberos. Do not run the admin daemons on slave servers

Modified: head/etc/namedb/named.conf
==============================================================================
--- head/etc/namedb/named.conf	Sat May 16 20:51:28 2009	(r192214)
+++ head/etc/namedb/named.conf	Sat May 16 20:55:28 2009	(r192215)
@@ -31,12 +31,6 @@ options {
 	disable-empty-zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
 	disable-empty-zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
 
-// In addition to the "forwarders" clause, you can force your name
-// server to never initiate queries of its own, but always ask its
-// forwarders only, by enabling the following line:
-//
-//	forward only;
-
 // If you've got a DNS server around at your upstream provider, enter
 // its IP address here, and enable the line below.  This will make you
 // benefit from its cache, thus reduce overall DNS traffic in the Internet.
@@ -45,6 +39,20 @@ options {
 		127.0.0.1;
 	};
 */
+
+// If the 'forwarders' clause is not empty the default is to 'forward first'
+// which will fall back to sending a query from your local server if the name
+// servers in 'forwarders' do not have the answer.  Alternatively you can
+// force your name server to never initiate queries of its own by enabling the
+// following line:
+//	forward only;
+
+// If you wish to have forwarding configured automatically based on
+// the entries in /etc/resolv.conf, uncomment the following line and
+// set named_auto_forward=yes in /etc/rc.conf.  You can also enable
+// named_auto_forward_only (the effect of which is described above).
+//	include "/etc/namedb/auto_forward.conf";
+
 	/*
 	   Modern versions of BIND use a random UDP port for each outgoing
 	   query by default in order to dramatically reduce the possibility

Modified: head/etc/rc.d/named
==============================================================================
--- head/etc/rc.d/named	Sat May 16 20:51:28 2009	(r192214)
+++ head/etc/rc.d/named	Sat May 16 20:55:28 2009	(r192215)
@@ -16,7 +16,7 @@ command="/usr/sbin/named"
 extra_commands="reload"
 
 start_precmd="named_precmd"
-start_postcmd="make_symlinks"
+start_postcmd="named_poststart"
 reload_cmd="named_reload"
 stop_cmd="named_stop"
 stop_postcmd="named_poststop"
@@ -97,6 +97,17 @@ make_symlinks()
 	    ln -fs "${named_chrootdir}${pidfile}" ${pidfile}
 }
 
+named_poststart () {
+	make_symlinks
+
+	if checkyesno named_wait; then
+		until ${command%/sbin/named}/bin/host $named_wait_host >/dev/null 2>&1; do
+			echo "	Waiting for nameserver to resolve $named_wait_host"
+			sleep 1
+		done
+	fi
+}
+
 named_reload()
 {
 	${command%/named}/rndc reload
@@ -135,8 +146,19 @@ named_poststop()
 	fi
 }
 
+create_file () {
+	if [ -e "$1" ]; then
+		unlink $1
+	fi
+	> $1
+	chown root:wheel $1
+	chmod 644 $1
+}
+
 named_precmd()
 {
+	local line nsip firstns
+
 	# Is the user using a sandbox?
 	#
 	if [ -n "$named_chrootdir" ]; then
@@ -161,6 +183,80 @@ named_precmd()
 	else
 		$confgen_command
 	fi
+
+	# Create a forwarder configuration based on /etc/resolv.conf
+	if checkyesno named_auto_forward; then
+		if [ ! -s /etc/resolv.conf ]; then
+			warn "named_auto_forward enabled, but no /etc/resolv.conf"
+
+			# Empty the file in case it is included in named.conf
+			[ -s "${named_chrootdir}/etc/namedb/auto_forward.conf" ] &&
+			    create_file ${named_chrootdir}/etc/namedb/auto_forward.conf
+
+			${command%/named}/named-checkconf $named_conf ||
+			    err 3 'named-checkconf for $named_conf failed'
+			return
+		fi
+
+		create_file /var/run/naf-resolv.conf
+		create_file /var/run/auto_forward.conf
+
+		echo '	forwarders {' > /var/run/auto_forward.conf
+
+		while read line; do
+			case "$line" in
+			'nameserver '*|'nameserver	'*)
+				nsip=${line##nameserver[         ]}
+
+				if [ -z "$firstns" ]; then
+					if [ ! "$nsip" = '127.0.0.1' ]; then
+						echo 'nameserver 127.0.0.1'
+						echo "		${nsip};" >> /var/run/auto_forward.conf
+					fi
+
+					firstns=1
+				else
+					[ "$nsip" = '127.0.0.1' ] && continue
+					echo "		${nsip};" >> /var/run/auto_forward.conf
+				fi
+				;;
+			esac
+
+			echo $line
+		done < /etc/resolv.conf > /var/run/naf-resolv.conf
+
+		echo '	};' >> /var/run/auto_forward.conf
+		echo '' >> /var/run/auto_forward.conf
+		if checkyesno named_auto_forward_only; then
+			echo "	forward only;" >> /var/run/auto_forward.conf
+		else
+			echo "	forward first;" >> /var/run/auto_forward.conf
+		fi
+
+		if cmp -s /etc/resolv.conf /var/run/naf-resolv.conf; then
+			unlink /var/run/naf-resolv.conf
+		else
+			[ -e /etc/resolv.conf ] && unlink /etc/resolv.conf
+			mv /var/run/naf-resolv.conf /etc/resolv.conf
+		fi
+
+		if cmp -s ${named_chrootdir}/etc/namedb/auto_forward.conf \
+		    /var/run/auto_forward.conf; then
+			unlink /var/run/auto_forward.conf
+		else
+			[ -e "${named_chrootdir}/etc/namedb/auto_forward.conf" ] &&
+			    unlink ${named_chrootdir}/etc/namedb/auto_forward.conf
+			mv /var/run/auto_forward.conf \
+			    ${named_chrootdir}/etc/namedb/auto_forward.conf
+		fi
+	else
+		# Empty the file in case it is included in named.conf
+		[ -s "${named_chrootdir}/etc/namedb/auto_forward.conf" ] &&
+		    create_file ${named_chrootdir}/etc/namedb/auto_forward.conf
+	fi
+
+	${command%/named}/named-checkconf $named_conf ||
+	    err 3 'named-checkconf for $named_conf failed'
 }
 
 load_rc_config $name

Modified: head/share/man/man5/rc.conf.5
==============================================================================
--- head/share/man/man5/rc.conf.5	Sat May 16 20:51:28 2009	(r192214)
+++ head/share/man/man5/rc.conf.5	Sat May 16 20:55:28 2009	(r192215)
@@ -1631,6 +1631,12 @@ Path to
 .Xr named 8
 (default
 .Pa /usr/sbin/named ) .
+.It Va named_conf
+.Pq Vt str
+Path to
+.Xr named 8
+configuration file, (default
+.Pa /etc/namedb/named.conf ) .
 .It Va named_flags
 .Pq Vt str
 If
@@ -1678,6 +1684,26 @@ daemon's PID file
 into the
 .Xr chroot 8
 environment.
+.It Va named_wait
+.Pq Vt bool
+Set to have
+.Pa /etc/rc.d/named
+loop until working name service is established.
+.It Va named_wait_host
+.Pq Vt str
+Name of host to lookup for the named_wait option.
+(Default localhost)
+.It Va named_auto_forward
+.Pq Vt bool
+Set to enable automatic creation of a forwarder
+configuration file derived from
+.Pa /etc/resolv.conf .
+.It Va named_auto_forward_only
+.Pq Vt bool
+Set to change the default forwarder configuration from
+.Dq forward first
+to
+.Dq forward only .
 .It Va kerberos5_server_enable
 .Pq Vt bool
 Set to



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200905162055.n4GKtSIM002316>