|
Lines 36-74
if [ -n "$bind_bindpw" -a "$bind_bindpw" != "/etc/machine.secret" ]; then
|
Link Here
|
|---|
|
|---|
| 36 |
exit 0 |
36 |
exit 0 |
| 37 |
fi |
37 |
fi |
| 38 |
|
38 |
|
| 39 |
bind_service () { |
|
|
| 40 |
local action="$1" |
| 41 |
|
| 42 |
# start / stop bind9 only if the ldap backend is configured |
| 43 |
if [ "$dns_backend" = "ldap" ]; then |
| 44 |
if [ "$action" = "start" ]; then |
| 45 |
# start bind9 only if it has been stopped by this script |
| 46 |
if [ "$dns_bind9_stoppedbyserverpasswordchange" = "yes" ] ; then |
| 47 |
echo "starting bind9 after server password change" | logger -t "server-password-change" |
| 48 |
invoke-rc.d bind9 start >/dev/null |
| 49 |
univention-config-registry unset dns/bind9/stoppedbyserverpasswordchange >/dev/null |
| 50 |
fi |
| 51 |
fi |
| 52 |
if [ "$action" = "stop" ]; then |
| 53 |
if invoke-rc.d bind9 status | grep -q "is running" ; then |
| 54 |
univention-config-registry set dns/bind9/stoppedbyserverpasswordchange=yes >/dev/null |
| 55 |
echo "stopping bind9 due to upcoming server password change" | logger -t "server-password-change" |
| 56 |
invoke-rc.d bind9 stop >/dev/null |
| 57 |
fi |
| 58 |
fi |
| 59 |
fi |
| 60 |
} |
| 61 |
|
| 62 |
if [ "$1" = "prechange" ] ; then |
| 63 |
bind_service stop |
| 64 |
fi |
| 65 |
|
| 66 |
if [ "$1" = "nochange" ] ; then |
| 67 |
bind_service start |
| 68 |
fi |
| 69 |
|
| 70 |
if [ "$1" = "postchange" ] ; then |
39 |
if [ "$1" = "postchange" ] ; then |
| 71 |
# update zone files |
40 |
# update zone files |
| 72 |
sed -i "s|\!x-bindpw=\(.*\),x-tls|\!x-bindpw=$(cat /etc/machine.secret),x-tls|" /etc/bind/univention.conf.d/* |
41 |
sed -i "s|\!x-bindpw=\(.*\),x-tls|\!x-bindpw=$(cat /etc/machine.secret),x-tls|" /etc/bind/univention.conf.d/* |
| 73 |
bind_service start |
42 |
# Reload or restart LDAP-BIND (if running) |
|
|
43 |
[ "$dns_backend" = "ldap" ] && |
| 44 |
systemctl reload-or-try-restart bind9.service |
| 74 |
fi |
45 |
fi |