From: Pieter Lexis Date: Wed, 4 May 2016 14:55:59 +0000 (+0200) Subject: pdns_control bind-add-zone check for zonefile X-Git-Tag: auth-4.0.0-rc1~49^2~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c0475277537dadcdf085134b00cd7ed45258391c;p=thirdparty%2Fpdns.git pdns_control bind-add-zone check for zonefile We now check if we can access the zonefile before we add a zone to the bindbackend via `pdns_control bind-add-zone`. By sheer luck, this function worked on relative names (names were relative to the PWD of the pdns_server process), so we now force the use of absolute names (unless we are chrooted). Closes #3078 Update the pdns_control(1) manpage with the bind commands. --- diff --git a/docs/manpages/pdns_control.1.md b/docs/manpages/pdns_control.1.md index 0cc96206ee..28e24a553d 100644 --- a/docs/manpages/pdns_control.1.md +++ b/docs/manpages/pdns_control.1.md @@ -3,7 +3,7 @@ % December 2002 # NAME -**pdns_control** - Contreol the PowerDNS nameserver +**pdns_control** - Control the PowerDNS nameserver # SYNOPSIS **pdns_control** [*OPTION*]... *COMMAND* @@ -38,6 +38,21 @@ # COMMANDS +bind-add-zone *DOMAIN* *FILENAME* +: When using the bindbackend, add a zone. This zone is added in-memory and served + immediately. Note that this does not add the zone to the bind-config file. + *FILENAME* must be an absolute path. + +bind-domain-status [*DOMAIN*...] +: When using the bindbackend, list status of all domains. Optionally, append + *DOMAIN*s to get the status of specific zones. + +bind-list-rejects +: When using the bindbackend, get a list of all rejected domains. + +bind-reload-now *DOMAIN* [*DOMAIN*...] +: When using the bindbackend, immediately reload *DOMAIN* from disk. + ccounts : Show the content of the cache. diff --git a/modules/bindbackend/bindbackend2.cc b/modules/bindbackend/bindbackend2.cc index 79321e0c7a..75ccac3aa7 100644 --- a/modules/bindbackend/bindbackend2.cc +++ b/modules/bindbackend/bindbackend2.cc @@ -576,6 +576,14 @@ string Bind2Backend::DLAddDomainHandler(const vector&parts, Utility::pid BB2DomainInfo bbd; if(safeGetBBDomainInfo(domainname, &bbd)) return "Already loaded"; + + if (!boost::starts_with(filename, "/") && ::arg()["chroot"].empty()) + return "Unable to load zone " + domainname.toStringRootDot() + " from " + filename + " as the filename is not absolute."; + + struct stat buf; + if (stat(filename.c_str(), &buf) != 0) + return "Unable to load zone " + domainname.toStringRootDot() + " from " + filename + ": " + strerror(errno); + Bind2Backend bb2; // createdomainentry needs access to our configuration bbd=bb2.createDomainEntry(domainname, filename); bbd.d_filename=filename; diff --git a/regression-tests/tests/bind-add-zone/command b/regression-tests/tests/bind-add-zone/command index c95a8355c6..28ddc1979d 100755 --- a/regression-tests/tests/bind-add-zone/command +++ b/regression-tests/tests/bind-add-zone/command @@ -6,10 +6,10 @@ fi cleandig ns1.addzone.com A cleandig ns1.test.com A -$PDNSCONTROL --config-name=bind --socket-dir=. --no-config bind-add-zone addzone.com zones/addzone.com +$PDNSCONTROL --config-name=bind --socket-dir=. --no-config bind-add-zone addzone.com ${PWD}/zones/addzone.com $PDNSCONTROL --config-name=bind --socket-dir=. --no-config purge addzone.com sleep 1 -$PDNSCONTROL --config-name=bind --socket-dir=. --no-config bind-add-zone addzone.com zones/addzone.com +$PDNSCONTROL --config-name=bind --socket-dir=. --no-config bind-add-zone addzone.com ${PWD}/zones/addzone.com sleep 1 cleandig ns1.addzone.com A cleandig ns1.test.com A