|
|
|---|
| 72 |
"""Called before busy period.""" |
72 |
"""Called before busy period.""" |
| 73 |
listener.configRegistry.load() |
73 |
listener.configRegistry.load() |
| 74 |
|
74 |
|
| 75 |
def chgrp_bind(filename): |
75 |
def chgrp_bind(fd): |
| 76 |
try: |
76 |
try: |
| 77 |
bind_gid = grp.getgrnam("bind").gr_gid |
77 |
bind_gid = grp.getgrnam("bind").gr_gid |
| 78 |
except KeyError: |
78 |
except KeyError: |
| 79 |
ud.debug(ud.LISTENER, ud.WARNING, 'Failed to change grp to bind for %s. gid for bind not found' % filename) |
79 |
ud.debug(ud.LISTENER, ud.WARNING, 'Failed to change grp to bind for %s. gid for bind not found' % filename) |
| 80 |
return |
80 |
return |
| 81 |
|
81 |
|
| 82 |
os.chown(filename, 0, bind_gid) |
82 |
os.fchown(fd, 0, bind_gid) |
| 83 |
|
83 |
|
| 84 |
|
84 |
|
| 85 |
def handler(dn, new, old): |
85 |
def handler(dn, new, old): |
|
Lines 101-111
def handler(dn, new, old):
|
Link Here
|
|---|
|
|---|
| 101 |
# Create a file to trigger the postrun() |
101 |
# Create a file to trigger the postrun() |
| 102 |
zone = new['zoneName'][0] |
102 |
zone = new['zoneName'][0] |
| 103 |
zonefile = sanitized_path_join(PROXY_CACHE_DIR, "%s.zone" % (zone, )) |
103 |
zonefile = sanitized_path_join(PROXY_CACHE_DIR, "%s.zone" % (zone, )) |
| 104 |
proxy_cache = open(zonefile, 'w') |
104 |
with open(zonefile, 'wb') as proxy_cache: |
| 105 |
proxy_cache.write(zone) |
105 |
os.fchmod(proxy_cache, 0640) |
| 106 |
proxy_cache.close() |
106 |
chgrp_bind(proxy_cache) |
| 107 |
os.chmod(zonefile, 0640) |
107 |
proxy_cache.write(zone) |
| 108 |
chgrp_bind(zonefile) |
|
|
| 109 |
finally: |
108 |
finally: |
| 110 |
listener.unsetuid() |
109 |
listener.unsetuid() |
| 111 |
|
110 |
|
|
Lines 130-137
def _new_zone(ucr, zonename, dn):
|
Link Here
|
|---|
|
|---|
| 130 |
zonefile = sanitized_path_join(NAMED_CONF_DIR, zonename) |
129 |
zonefile = sanitized_path_join(NAMED_CONF_DIR, zonename) |
| 131 |
|
130 |
|
| 132 |
# Create empty file and restrict permission |
131 |
# Create empty file and restrict permission |
| 133 |
os.close(os.open(zonefile, os.O_CREAT|os.O_EXCL, 0640)) |
132 |
fd = os.open(zonefile, os.O_CREAT|os.O_EXCL, 0640) |
| 134 |
chgrp_bind(zonefile) |
133 |
chgrp_bind(fd) |
|
|
134 |
os.close(fd) |
| 135 |
|
135 |
|
| 136 |
# Now fill zone file |
136 |
# Now fill zone file |
| 137 |
ldap_uri = "ldap://%s:%s/%s%s" % ( |
137 |
ldap_uri = "ldap://%s:%s/%s%s" % ( |
|
Lines 150-164
def _new_zone(ucr, zonename, dn):
|
Link Here
|
|---|
|
|---|
| 150 |
|
150 |
|
| 151 |
# Create proxy configuration file |
151 |
# Create proxy configuration file |
| 152 |
proxy_file = sanitized_path_join(NAMED_CONF_DIR, zonename+'.proxy') |
152 |
proxy_file = sanitized_path_join(NAMED_CONF_DIR, zonename+'.proxy') |
| 153 |
proxy_zone = open(proxy_file, 'w') |
153 |
with open(proxy_file, 'w') as proxy_zone: |
| 154 |
proxy_zone.write('zone "%s" {\n' % (zonename,)) |
154 |
os.fchmod(proxy_zone, 0640) |
| 155 |
proxy_zone.write('\ttype slave;\n') |
155 |
chgrp_bind(proxy_zone) |
| 156 |
proxy_zone.write('\tfile "%s.zone";\n' % (sanitize_filename(zonename), )) |
156 |
proxy_zone.write('zone "%s" {\n' % (zonename,)) |
| 157 |
proxy_zone.write('\tmasters port 7777 { 127.0.0.1; };\n') |
157 |
proxy_zone.write('\ttype slave;\n') |
| 158 |
proxy_zone.write('};\n') |
158 |
proxy_zone.write('\tfile "%s.zone";\n' % (sanitize_filename(zonename), )) |
| 159 |
proxy_zone.close() |
159 |
proxy_zone.write('\tmasters port 7777 { 127.0.0.1; };\n') |
| 160 |
os.chmod(proxy_file, 0640) |
160 |
proxy_zone.write('};\n') |
| 161 |
chgrp_bind(proxy_file) |
|
|
| 162 |
|
161 |
|
| 163 |
global __zone_created_or_removed |
162 |
global __zone_created_or_removed |
| 164 |
__zone_created_or_removed = True |
163 |
__zone_created_or_removed = True |
|
|
|---|
| 188 |
try: |
187 |
try: |
| 189 |
if os.path.exists(NAMED_CONF_FILE): |
188 |
if os.path.exists(NAMED_CONF_FILE): |
| 190 |
os.unlink(NAMED_CONF_FILE) |
189 |
os.unlink(NAMED_CONF_FILE) |
| 191 |
open(NAMED_CONF_FILE, 'w').close() |
190 |
open(NAMED_CONF_FILE, 'w').close() # FIXME: wrong permissions? |
| 192 |
|
191 |
|
| 193 |
if os.path.isdir(NAMED_CONF_DIR): |
192 |
if os.path.isdir(NAMED_CONF_DIR): |
| 194 |
for f in os.listdir(NAMED_CONF_DIR): |
193 |
for f in os.listdir(NAMED_CONF_DIR): |
|
|
|---|
| 295 |
listener.setuid(0) |
294 |
listener.setuid(0) |
| 296 |
try: |
295 |
try: |
| 297 |
# Re-create named and proxy inclusion file |
296 |
# Re-create named and proxy inclusion file |
| 298 |
named_conf = open(NAMED_CONF_FILE, 'w') |
297 |
with open(NAMED_CONF_FILE, 'w') as named_conf, open(PROXY_CONF_FILE, 'w') as proxy_conf: |
| 299 |
proxy_conf = open(PROXY_CONF_FILE, 'w') |
298 |
os.fchmod(named_conf, 0644) |
| 300 |
if os.path.isdir(NAMED_CONF_DIR): |
299 |
os.fchmod(proxy_conf, 0644) |
| 301 |
for f in os.listdir(NAMED_CONF_DIR): |
300 |
if os.path.isdir(NAMED_CONF_DIR): |
| 302 |
if not f.endswith('.proxy'): |
301 |
for f in os.listdir(NAMED_CONF_DIR): |
| 303 |
named_conf.write('include "%s";\n' % os.path.join(NAMED_CONF_DIR, f)) |
302 |
if not f.endswith('.proxy'): |
| 304 |
else: |
303 |
named_conf.write('include "%s";\n' % os.path.join(NAMED_CONF_DIR, f)) |
| 305 |
proxy_conf.write('include "%s";\n' % os.path.join(NAMED_CONF_DIR, f)) |
304 |
else: |
| 306 |
named_conf.close() |
305 |
proxy_conf.write('include "%s";\n' % os.path.join(NAMED_CONF_DIR, f)) |
| 307 |
proxy_conf.close() |
|
|
| 308 |
|
| 309 |
os.chmod(NAMED_CONF_FILE, 0644) |
| 310 |
os.chmod(PROXY_CONF_FILE, 0644) |
| 311 |
|
306 |
|
| 312 |
# Restart is needed when new zones are added or old zones removed. |
307 |
# Restart is needed when new zones are added or old zones removed. |
| 313 |
restart = False |
308 |
restart = False |