pdns_control bind-add-zone check for zonefile

We now check if we can access the zonefile before we add a zone to the
bindbackend via `pdns_control bind-add-zone`. By sheer luck, this
function worked on relative names (names were relative to the PWD of the
pdns_server process), so we now force the use of absolute names (unless
we are chrooted). Closes #3078

Update the pdns_control(1) manpage with the bind commands.

diff --git a/docs/manpages/pdns_control.1.md b/docs/manpages/pdns_control.1.md
index 0cc96206ee89b5bfc4e178debe010a323301a557..28e24a553d19a3295a3ecb272727a1e341d9c431 100644 (file)
--- a/docs/manpages/pdns_control.1.md
+++ b/docs/manpages/pdns_control.1.md
@@ -3,7 +3,7 @@
 % December 2002
 
 # NAME
-**pdns_control** - Contreol the PowerDNS nameserver
+**pdns_control** - Control the PowerDNS nameserver
 
 # SYNOPSIS
 **pdns_control** [*OPTION*]... *COMMAND*
@@ -38,6 +38,21 @@
 
 
 # COMMANDS
+bind-add-zone *DOMAIN* *FILENAME*
+:    When using the bindbackend, add a zone. This zone is added in-memory and served
+     immediately. Note that this does not add the zone to the bind-config file.
+     *FILENAME* must be an absolute path.
+
+bind-domain-status [*DOMAIN*...]
+:    When using the bindbackend, list status of all domains. Optionally, append
+     *DOMAIN*s to get the status of specific zones.
+
+bind-list-rejects
+:    When using the bindbackend, get a list of all rejected domains.
+
+bind-reload-now *DOMAIN* [*DOMAIN*...]
+:    When using the bindbackend, immediately reload *DOMAIN* from disk.
+
 ccounts
 :    Show the content of the cache.
 

diff --git a/modules/bindbackend/bindbackend2.cc b/modules/bindbackend/bindbackend2.cc
index 79321e0c7a7a487b6912d6f7202de524c95d9bf0..75ccac3aa7c2df44f5ddb0fac7e7d02f42a6a68b 100644 (file)
--- a/modules/bindbackend/bindbackend2.cc
+++ b/modules/bindbackend/bindbackend2.cc
@@ -576,6 +576,14 @@ string Bind2Backend::DLAddDomainHandler(const vector<string>&parts, Utility::pid
   BB2DomainInfo bbd;
   if(safeGetBBDomainInfo(domainname, &bbd))
     return "Already loaded";
+
+  if (!boost::starts_with(filename, "/") && ::arg()["chroot"].empty())
+    return "Unable to load zone " + domainname.toStringRootDot() + " from " + filename + " as the filename is not absolute.";
+
+  struct stat buf;
+  if (stat(filename.c_str(), &buf) != 0)
+    return "Unable to load zone " + domainname.toStringRootDot() + " from " + filename + ": " + strerror(errno);
+
   Bind2Backend bb2; // createdomainentry needs access to our configuration
   bbd=bb2.createDomainEntry(domainname, filename);
   bbd.d_filename=filename;

diff --git a/regression-tests/tests/bind-add-zone/command b/regression-tests/tests/bind-add-zone/command
index c95a8355c6d2b398db7e234681668481bdd1a5be..28ddc1979d173f8eebe605881dc8c024381926c6 100755 (executable)
--- a/regression-tests/tests/bind-add-zone/command
+++ b/regression-tests/tests/bind-add-zone/command
@@ -6,10 +6,10 @@ fi
 
 cleandig ns1.addzone.com A
 cleandig ns1.test.com A
-$PDNSCONTROL --config-name=bind --socket-dir=. --no-config bind-add-zone addzone.com zones/addzone.com
+$PDNSCONTROL --config-name=bind --socket-dir=. --no-config bind-add-zone addzone.com ${PWD}/zones/addzone.com
 $PDNSCONTROL --config-name=bind --socket-dir=. --no-config purge addzone.com
 sleep 1
-$PDNSCONTROL --config-name=bind --socket-dir=. --no-config bind-add-zone addzone.com zones/addzone.com
+$PDNSCONTROL --config-name=bind --socket-dir=. --no-config bind-add-zone addzone.com ${PWD}/zones/addzone.com
 sleep 1
 cleandig ns1.addzone.com A
 cleandig ns1.test.com A