From 12aa018861b46c70f6af3609c2f6e1054f0bec03 Mon Sep 17 00:00:00 2001 From: Frank Brehm Date: Mon, 7 Aug 2017 14:26:03 +0200 Subject: [PATCH] Continued generation of named.conf --- pp_lib/config_named_app.py | 39 ++++++++++++++++++++++++++++++++++---- 1 file changed, 35 insertions(+), 4 deletions(-) diff --git a/pp_lib/config_named_app.py b/pp_lib/config_named_app.py index 4dea5f5..f539567 100644 --- a/pp_lib/config_named_app.py +++ b/pp_lib/config_named_app.py @@ -38,7 +38,7 @@ from .cfg_app import PpCfgAppError, PpConfigApplication from .pidfile import PidFileError, InvalidPidFileError, PidFileInUseError, PidFile -__version__ = '0.5.2' +__version__ = '0.5.3' LOG = logging.getLogger(__name__) @@ -217,6 +217,12 @@ class PpConfigNamedApp(PpConfigApplication): """The file for configuration of all own zones.""" return os.path.join(self.named_conf_dir, self._named_zones_cfg_file) + # ------------------------------------------- + @property + def rndc_config_file(self): + """The config file for RNDC (included in named.conf)""" + return os.path.join(self.named_conf_dir, 'rndc.key') + # ------------------------------------------- @property def named_pidfile(self): @@ -317,6 +323,7 @@ class PpConfigNamedApp(PpConfigApplication): res['named_def_zones_file'] = self.named_def_zones_file res['named_log_cfg_file'] = self.named_log_cfg_file res['named_zones_cfg_file'] = self.named_zones_cfg_file + res['rndc_config_file'] = self.rndc_config_file res['named_dump_dir'] = self.named_dump_dir res['named_dump_file'] = self.named_dump_file res['named_stats_dir'] = self.named_stats_dir @@ -706,9 +713,6 @@ class PpConfigNamedApp(PpConfigApplication): cur_date = datetime.datetime.now().isoformat(' ') - stats_dir = os.path.join(self.named_basedir, 'stats') - stats_file = os.path.join(stats_dir, 'named.stats') - lines = [] lines.append('###############################################################') lines.append('') @@ -746,12 +750,20 @@ class PpConfigNamedApp(PpConfigApplication): option_lines.append('\tpid-file "{}";'.format(self.named_pidfile)) option_lines.append('\tdump-file "{}";'.format(self.named_dump_file)) option_lines.append('\tstatistics-file "{}";'.format(self.named_stats_file)) + option_lines.append('\tsession-keyfile "{}";'.format(self.named_session_keyfile)) option_lines.append('') option_lines.append('\t// DNSSEC') option_lines.append('\tdnssec-enable yes;') option_lines.append('\tdnssec-validation yes;') + option_lines.append('') + option_lines.append('\t// Path to ISC DLV key') + option_lines.append('\tbindkeys-file "{}";'.format(self.named_bindkeys_file)) + + option_lines.append('') + option_lines.append('\tmanaged-keys-directory "{}";'.format(self.named_managed_keysdir)) + option_lines.append('') option_lines.append('\tallow-transfer {') option_lines.append('\t\tallow-transfer;') @@ -770,6 +782,25 @@ class PpConfigNamedApp(PpConfigApplication): option_lines.append('};') content += '\n' + '\n'.join(option_lines) + '\n' + if not os.path.exists(self.rndc_config_file): + LOG.error("File {!r} does not exists, please generate it with `rndc-confgen`.".format( + self.rndc_config_file)) + if not self.simulate: + self.exit(8) + elif not os.path.isfile(self.rndc_config_file): + LOG.error("File {!r} is not a regular file.".format(self.rndc_config_file)) + self.exit(8) + content += '\n// Managed Keys of RNDC\n' + content += 'include "{}";\n'.format(self.rndc_config_file) + content += '\ncontrols {\n' + content += '\tinet 127.0.0.1 port 953 allow {\n' + content += '\t\t127.0.0.1;\n' + content += '\t\t::1/128;\n' + content += '\t} keys {\n' + content += '\t\t"rndc-key";\n' + content += '\t};\n' + content += '};\n' + content += '\n// vim: ts=8 filetype=named noet noai\n' with open(self.temp_named_conf, 'w', **self.open_args) as fh: -- 2.39.5