rpms/bind/devel bind-chroot-admin.in,1.5,1.6
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Tue Apr 18 23:54:17 UTC 2006
Author: jvdias
Update of /cvs/dist/rpms/bind/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv11677
Modified Files:
bind-chroot-admin.in
Log Message:
fix bug 188382; deal with redundant .rpmsave links; prevent redundant backups
Index: bind-chroot-admin.in
===================================================================
RCS file: /cvs/dist/rpms/bind/devel/bind-chroot-admin.in,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- bind-chroot-admin.in 3 Apr 2006 16:27:51 -0000 1.5
+++ bind-chroot-admin.in 18 Apr 2006 23:54:14 -0000 1.6
@@ -67,7 +67,10 @@
if [ -L "$BIND_CHROOT_PREFIX" ]; then
BIND_CHROOT_PREFIX=`/usr/bin/readlink "$BIND_CHROOT_PREFIX"`;
fi
-
+ if [ -e /etc/sysconfig/named ]; then
+ /bin/chown root:named /etc/sysconfig/named;
+ /bin/chmod 0640 /etc/sysconfig/named;
+ fi
/bin/mkdir -p ${BIND_DIR}/{slaves,data};
/bin/chown root:named ${BIND_DIR};
/bin/chown named:named ${BIND_DIR}/{slaves,data};
@@ -79,12 +82,13 @@
/bin/chmod 750 ${BIND_CHROOT_PREFIX}/{,etc,dev,var,var/{run,named/}};
/bin/chown named:named ${BIND_CHROOT_PREFIX}/var/{run/named,named/{data,slaves}};
/bin/chmod 770 ${BIND_CHROOT_PREFIX}/var/{run/named,named/{slaves,data}};
-
+
[ ! -e "${BIND_CHROOT_PREFIX}/dev/random" ] && /bin/mknod "${BIND_CHROOT_PREFIX}/dev/random" c 1 8
[ ! -e "${BIND_CHROOT_PREFIX}/dev/zero" ] && /bin/mknod "${BIND_CHROOT_PREFIX}/dev/zero" c 1 5
[ ! -e "${BIND_CHROOT_PREFIX}/dev/null" ] && /bin/mknod "${BIND_CHROOT_PREFIX}/dev/null" c 1 3
[ ! -e "${BIND_CHROOT_PREFIX}/etc/localtime" ] && [ -e /etc/localtime ] && /bin/cp -fp /etc/localtime "${BIND_CHROOT_PREFIX}/etc/localtime";
- chmod 666 "${BIND_CHROOT_PREFIX}"/dev/{random,null,zero};
+ chown root:named "${BIND_CHROOT_PREFIX}"/dev/{random,null,zero};
+ chmod 660 "${BIND_CHROOT_PREFIX}"/dev/{random,null,zero};
if [ -d /selinux ] && [ -e /selinux/enforce ] && [ -x /usr/bin/chcon ]; then
for dev in random zero null; do
/usr/bin/chcon --reference=/dev/$dev ${BIND_CHROOT_PREFIX}/dev/$dev;
@@ -121,7 +125,7 @@
fi
if [ -e "$dst" ]; then
if [ ! -L "$dst" ]; then
- if [ ! -s "$dst" ]; then
+ if [ ! -s "$dst" ] || /usr/bin/cmp "$dst" "$src" > /dev/null 2>&1; then
/bin/rm -f "$dst";
else
if [ "$src" -nt "$dst" ] || [ ! "$dst" -nt "$src" ] ; then
@@ -135,13 +139,15 @@
dstlnk=`/usr/bin/readlink "$dst"`
if [ "$dstlnk" != $src ]; then
/bin/rm -f $dst;
- if [ "$dstlnk" != "$dst" ] && [ -s $dstlnk ]; then
- if [ "$dstlnk" -nt "$src" ] || [ ! "$dstlnk" -nt "$src" ] ; then
- /bin/cp -fp "$dstlnk" "$dst".`/bin/date +'%Y-%m-%d_%H-%M-%S.%N'`;
- else
- /bin/mv "$src" "$src".`/bin/date +'%Y-%m-%d_%H-%M-%S.%N'`;
- /bin/cp -fp "$dstlnk" "$src";
- fi;
+ if ! /usr/bin/cmp "$dstlnk" "$src" > /dev/null 2>&1; then
+ if [ "$dstlnk" != "$dst" ] && [ -s $dstlnk ]; then
+ if [ "$dstlnk" -nt "$src" ] || [ ! "$dstlnk" -nt "$src" ] ; then
+ /bin/cp -fp "$dstlnk" "$dst".`/bin/date +'%Y-%m-%d_%H-%M-%S.%N'`;
+ else
+ /bin/mv "$src" "$src".`/bin/date +'%Y-%m-%d_%H-%M-%S.%N'`;
+ /bin/cp -fp "$dstlnk" "$src";
+ fi;
+ fi;
fi;
else
return 0;
@@ -207,6 +213,11 @@
replace_with_link ${BIND_CHROOT_PREFIX}/$f $f;
[ ! -e $changed ] && touch $changed;
done;
+ /usr/bin/find /etc/{named.*,rndc.*}.rpmsave ${BIND_DIR}/*.rpmsave -maxdepth 0 -type l 2>/dev/null |
+ while read f;
+ do
+ /bin/rm -f $f >/dev/null 2>&1;
+ done
pfx=${BIND_CHROOT_PREFIX}
else # chroot is disabled
/usr/bin/find /var/named/chroot/{etc/{named.*,rndc.*},var/named{/*,/data/*,/slaves/*}} -maxdepth 0 |
@@ -225,27 +236,32 @@
};' > /etc/rndc.key;
elif /bin/egrep -q '@KEY@' /etc/rndc.key; then
/bin/sed -i -e 's^@KEY@^'`/usr/sbin/dns-keygen`'^' /etc/rndc.key ;
- fi
- chown root:named ${pfx}/var/named/* >/dev/null 2>&1;
+ fi
+ chown -h root:named /var/named/* >/dev/null 2>&1;
+ chown -h root:named ${BIND_CHROOT_PREFIX}/var/named/* >/dev/null 2>&1;
+ chown -h root:named /etc/{named,rndc}.* >/dev/null 2>&1;
+ chown -h root:named ${BIND_CHROOT_PREFIX}/etc/{named,rndc}.* >/dev/null 2>&1;
chmod 750 ${pfx}/var/named >/dev/null 2>&1;
chmod 640 ${pfx}/var/named/* >/dev/null 2>&1;
chmod 750 ${pfx}/var/named/*/. >/dev/null 2>&1;
- chown named:named ${pfx}/var/named/{data{,/*},slaves{,*/}} >/dev/null 2>&1;
+ chown -h named:named /var/named/{data{,/*},slaves{,*/}} >/dev/null 2>&1;
+ chown -h named:named ${BIND_CHROOT_PREFIX}/var/named/{data{,/*},slaves{,*/}} >/dev/null 2>&1;
chmod 770 ${pfx}/var/named/{data,slaves} >/dev/null 2>&1;
chmod 660 ${pfx}/var/named/{data/*,slaves/*} >/dev/null 2>&1;
chmod 770 ${pfx}/var/named/{data/*/.,slaves/*/.} >/dev/null 2>&1;
if [ -e $changed ]; then
if [ -e /selinux/enforce ] && [ -x /sbin/restorecon ]; then
- if [ -n "$pfx" ]; then
- /sbin/restorecon -R $pfx/etc $pfx/var/named $pfx/var/run/named >/dev/null 2>&1;
- if [ -e $pfx/etc/localtime ] && [ -e /etc/localtime ] ; then
- /usr/bin/chcon --reference=/etc/localtime $pfx/etc/localtime >/dev/null 2>&1;
- fi;
- else
- /sbin/restorecon /etc/{named,rndc}.* >/dev/null 2>&1;
- /usr/bin/chcon --reference=/etc/named.conf /etc/named.* >/dev/null 2>&1;
- /sbin/restorecon -e /var/named/chroot /var/named{/,/data/,/slaves/}* >/dev/null 2>&1;
- fi;
+ /sbin/restorecon -R ${BIND_CHROOT_PREFIX}/etc ${BIND_CHROOT_PREFIX}/var/named ${BIND_CHROOT_PREFIX}/var/run/named >/dev/null 2>&1;
+ if [ -e ${BIND_CHROOT_PREFIX}/etc/localtime ] && [ -e /etc/localtime ] ; then
+ /usr/bin/chcon --reference=/etc/localtime ${BIND_CHROOT_PREFIX}/etc/localtime >/dev/null 2>&1;
+ fi;
+ /usr/bin/chcon -h --reference=/etc/named.conf /etc/named.* >/dev/null 2>&1;
+ /usr/bin/chcon -h --reference=/etc/rndc.key /etc/rndc.key >/dev/null 2>&1;
+ /usr/bin/chcon -h --reference=/etc/rndc.conf /etc/rndc.conf >/dev/null 2>&1;
+ /usr/bin/chcon -h --reference=/var/named /var/named{/,/*} >/dev/null 2>&1;
+ /usr/bin/chcon -h --reference=/var/named/slaves /var/named/{slaves,data}{/,/*} >/dev/null 2>&1;
+ /sbin/restorecon /var/named/named.ca ${BIND_CHROOT_PREFIX}/var/named/named.ca >/dev/null 2>&1;
+ /usr/bin/chcon -h --reference=${BIND_CHROOT_PREFIX}/var/named/named.ca /var/named/named.ca >/dev/null 2>&1;
fi;
/sbin/service named condrestart
rm -f $changed;
More information about the fedora-cvs-commits
mailing list