From 6a850c2d7d68fbe561b3ad2627d9ea39ae260a4e Mon Sep 17 00:00:00 2001 From: doktornotor Date: Sat, 22 Aug 2015 06:51:51 +0200 Subject: bind - code style fixes - Fix copyright header - Code style fixes - Use safe_mkdir and {stop,restart}_service() --- config/bind/bind.inc | 222 +++++++++++++++++++++++++-------------------------- 1 file changed, 107 insertions(+), 115 deletions(-) (limited to 'config/bind') diff --git a/config/bind/bind.inc b/config/bind/bind.inc index 7b5b773e..39c12e13 100644 --- a/config/bind/bind.inc +++ b/config/bind/bind.inc @@ -1,10 +1,11 @@ -$bind_listenonv6 $bind_listenon"; + $bind_listenonv6 = $bind_listenonv6 == "" ? "none;" : $bind_listenonv6; + $bind_listenon = $bind_listenon == "" ? "none;" : $bind_listenon; + // Print "
$bind_listenonv6 $bind_listenon";
 	if (array_key_exists("ipv6allow", $config['system'])) {
 		$bind_conf .= "\tlisten-on-v6 { $bind_listenonv6 };\n";
 	}
 	$bind_conf .= "\tlisten-on { $bind_listenon };\n";
 
-	// forwarder config
+	// Forwarder config
 	if ($bind_forwarder == 'on') {
 		$bind_conf .= "\tforwarders { $forwarder_ips };\n";
 	}
@@ -249,9 +249,9 @@ EOD;
 			system("/usr/bin/killall -HUP syslogd");
 		}
 		$log_categories = explode(",", $bind['log_options']);
-		$log_severity = ($bind['log_severity'] ? $bind['log_severity'] : 'default');
+		$log_severity = $bind['log_severity'] ? $bind['log_severity'] : 'default';
 		if (sizeof($log_categories) > 0 && $log_categories[0] != "") {
-			// curly braces in the following << "localhost", "description" => "BIND Built-in ACL", "row" => array("value" => "", "description" => ""));
 		$config['installedpackages']['bindacls']['config'][] =
 			array("name" => "localnets", "description" => "BIND Built-in ACL", "row" => array("value" => "", "description" => ""));
-		write_config("Create BIND Built-in ACLs");
+		write_config("Created BIND Built-in ACLs");
 	}
 	$bindacls = $config['installedpackages']['bindacls']['config'];
 	for ($i = 0; $i < sizeof($bindacls); $i++) {
@@ -366,9 +366,7 @@ EOD;
 			// Ensure zone view folder exists
 			if ($zonetype != "forward") {
 				foreach ($zoneviewlist as $zoneview) {
-					if (!(is_dir(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview"))) {
-						mkdir(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview", 0755, true);
-					}
+					safe_mkdir(CHROOT_LOCALBASE . "/etc/namedb/$zonetype/$zoneview", 0755);
 				}
 			}
 
@@ -422,7 +420,7 @@ EOD;
 							$bind_conf .= "\t\tallow-update { $zoneallowupdate; };\n";
 						}
 						if ($zone['dnssec'] == "on") {
-							//https://kb.isc.org/article/AA-00626/
+							// https://kb.isc.org/article/AA-00626/
 							$bind_conf .= "\n\t\t# look for dnssec keys here:\n";
 							$bind_conf .= "\t\tkey-directory \"/etc/namedb/keys\";\n\n";
 							$bind_conf .= "\t\t# publish and activate dnssec keys:\n";
@@ -442,7 +440,7 @@ EOD;
 						$bind_conf .= "\t\tforwarders { $zoneforwarders; };\n";
 						break;
 					case 'redirect':
-						$bind_conf .= "\t\t# While using redirect zones,NXDOMAIN Redirection will not override DNSSEC\n";
+						$bind_conf .= "\t\t# While using redirect zones, NXDOMAIN Redirection will not override DNSSEC\n";
 						$bind_conf .= "\t\t# If the client has requested DNSSEC records (DO=1) and the NXDOMAIN response is signed then no substitution will occur\n";
 						$bind_conf .= "\t\t# https://kb.isc.org/article/AA-00376/192/BIND-9.9-redirect-zones-for-NXDOMAIN-redirection.html\n";
 						$bind_conf .= "\t\tallow-query { $zoneallowquery; };\n";
@@ -462,17 +460,17 @@ EOD;
 				switch ($zonetype) {
 					case 'master':
 					case 'redirect':
-						// check/update slave dir permission
-						chown(CHROOT_LOCALBASE."/etc/namedb/$zonetype", "bind");
-						chown(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview", "bind");
-						$zonetll = ($zone['tll'] ? $zone['tll'] : "43200");
-						$zonemail = ($zone['mail'] ? $zone['mail'] : "zonemaster.{$zonename}");
+						// Check/update slave dir permission
+						chown(CHROOT_LOCALBASE . "/etc/namedb/$zonetype", "bind");
+						chown(CHROOT_LOCALBASE . "/etc/namedb/$zonetype/$zoneview", "bind");
+						$zonetll = $zone['tll'] ? $zone['tll'] : "43200";
+						$zonemail = $zone['mail'] ? $zone['mail'] : "zonemaster.{$zonename}";
 						$zonemail = preg_replace("/@/", ".", $zonemail);
 						$zoneserial = $zone['serial'];
-						$zonerefresh = ($zone['refresh'] ? $zone['refresh'] : "3600");
-						$zoneretry = ($zone['retry'] ? $zone['retry'] : "600");
-						$zoneexpire = ($zone['expire'] ? $zone['expire'] : "86400");
-						$zoneminimum = ($zone['minimum'] ? $zone['minimum'] : "3600");
+						$zonerefresh = $zone['refresh'] ? $zone['refresh'] : "3600";
+						$zoneretry = $zone['retry'] ? $zone['retry'] : "600";
+						$zoneexpire = $zone['expire'] ? $zone['expire'] : "86400";
+						$zoneminimum = $zone['minimum'] ? $zone['minimum'] : "3600";
 						$zonenameserver = $zone['nameserver'];
 						$zoneipns = $zone['ipns'];
 						$zonereverso = $zone['reverso'];
@@ -573,10 +571,10 @@ EOD;
 
 						$config['installedpackages']['bindzone']['config'][$x]['resultconfig'] = base64_encode($zone_conf);
 						$write_config++;
-						//check dnssec keys creation for master zones
+						// Check DNSSEC keys creation for master zones
 						if ($zone['dnssec'] == "on") {
 							$zone_found = 0;
-							foreach (glob(CHROOT_LOCALBASE."/etc/namedb/keys/*{$zonename}*key", GLOB_NOSORT) as $filename) {
+							foreach (glob(CHROOT_LOCALBASE . "/etc/namedb/keys/*{$zonename}*key", GLOB_NOSORT) as $filename) {
 								$zone_found++;
 							}
 							if ($zone_found == 0) {
@@ -596,16 +594,16 @@ EOD;
 								}
 								$dnssec_bin = "/usr/local/sbin/dnssec-keygen";
 								if (file_exists($dnssec_bin) && $key_restored == 0) {
-									exec("{$dnssec_bin} -K ".CHROOT_LOCALBASE."/etc/namedb/keys {$zonename}", $kout);
-									exec("{$dnssec_bin} -K ".CHROOT_LOCALBASE."/etc/namedb/keys -fk {$zonename}", $kout);
+									exec("{$dnssec_bin} -K " . CHROOT_LOCALBASE . "/etc/namedb/keys {$zonename}", $kout);
+									exec("{$dnssec_bin} -K " . CHROOT_LOCALBASE . "/etc/namedb/keys -fk {$zonename}", $kout);
 									foreach ($kout as $filename) {
-										chown(CHROOT_LOCALBASE."/etc/namedb/keys/{$filename}.key", "bind");
-										chown(CHROOT_LOCALBASE."/etc/namedb/keys/{$filename}.private", "bind");
+										chown(CHROOT_LOCALBASE . "/etc/namedb/keys/{$filename}.key", "bind");
+										chown(CHROOT_LOCALBASE . "/etc/namedb/keys/{$filename}.private", "bind");
 									}
 									log_error("[bind] DNSSEC keys for {$zonename} created.");
 								}
 							}
-							// get ds keys
+							// Get DS keys
 							$dsfromkey = "/usr/local/sbin/dnssec-dsfromkey";
 							foreach (glob(CHROOT_LOCALBASE."/etc/namedb/keys/*{$zonename}*key", GLOB_NOSORT) as $filename) {
 								$zone_key = file_get_contents($filename);
@@ -616,10 +614,10 @@ EOD;
 								}
 							}
 
-							// save dnssec keys to xml
+							// Save DNSSEC keys to xml
 							if ($zone['backupkeys'] == "on") {
 								$dnssec_keys = 0;
-								foreach (glob(CHROOT_LOCALBASE."/etc/namedb/keys/*{$zonename}*", GLOB_NOSORT) as $filename) {
+								foreach (glob(CHROOT_LOCALBASE . "/etc/namedb/keys/*{$zonename}*", GLOB_NOSORT) as $filename) {
 									$file_found = 0;
 									if (is_array($config['installedpackages']['dnsseckeys']) && is_array($config['installedpackages']['dnsseckeys']['config'])) {
 										foreach ($config['installedpackages']['dnsseckeys']['config'] as $filer) {
@@ -643,21 +641,21 @@ EOD;
 						}
 						break;
 					case 'slave':
-						// check/update slave dir permission
-						chown(CHROOT_LOCALBASE."/etc/namedb/$zonetype", "bind");
-						chown(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview", "bind");
+						// Check/update slave dir permission
+						chown(CHROOT_LOCALBASE . "/etc/namedb/$zonetype", "bind");
+						chown(CHROOT_LOCALBASE . "/etc/namedb/$zonetype/$zoneview", "bind");
 						// check if exists slave zone file
 						$rsconfig = "";
 						if ($zone['dnssec'] == "on") {
-							if (file_exists(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview/$zonename.DB.signed")) {
-								exec("/usr/local/sbin/named-checkzone -D -f raw -o - {$zonename} ".CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview/$zonename.DB.signed", $slave_file);
+							if (file_exists(CHROOT_LOCALBASE . "/etc/namedb/$zonetype/$zoneview/$zonename.DB.signed")) {
+								exec("/usr/local/sbin/named-checkzone -D -f raw -o - {$zonename} " . CHROOT_LOCALBASE . "/etc/namedb/$zonetype/$zoneview/$zonename.DB.signed", $slave_file);
 							}
 						} else {
-							if (file_exists(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview/$zonename.DB")) {
-								$slave_file = file(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview/$zonename.DB");
+							if (file_exists(CHROOT_LOCALBASE . "/etc/namedb/$zonetype/$zoneview/$zonename.DB")) {
+								$slave_file = file(CHROOT_LOCALBASE . "/etc/namedb/$zonetype/$zoneview/$zonename.DB");
 							}
 						}
-						// TODO is is_array() the best test to use?  is it only checking for existence?
+						// TODO: is is_array() the best test to use? Is it only checking for existence?
 						if (is_array($slave_file)) {
 							foreach ($slave_file as $zfile) {
 								$rsconfig .= $zfile;
@@ -667,7 +665,7 @@ EOD;
 						$write_config++;
 						break;
 					case 'forward':
-						// forwarder zone does not have a DB file
+						// Forwarder zone does not have a DB file
 						$config['installedpackages']['bindzone']['config'][$x]['resultconfig'] = '';
 						$write_config++;
 						break;
@@ -683,18 +681,16 @@ EOD;
 			$bind_conf .= "\t};\n\n";
 		}
 		if ($write_config > 0) {
-			write_config("save result config file for zone on xml");
+			write_config("BIND: Saved resulting config file for zone in xml");
 		}
 		$bind_conf .= "};\n";
 	}
 	$dirs = array("/etc/namedb/keys", "/var/run/named", "/var/dump", "/var/log", "/var/stats", "/dev");
 	foreach ($dirs as $dir) {
-		if (!is_dir(CHROOT_LOCALBASE.$dir)) {
-			mkdir(CHROOT_LOCALBASE.$dir, 0755, true);
-		}
+		safe_mkdir(CHROOT_LOCALBASE . $dir, 0755);
 	}
-	// dev dirs for chroot
-	$bind_dev_dir = CHROOT_LOCALBASE."/dev";
+	// Handle /dev dirs for chroot
+	$bind_dev_dir = CHROOT_LOCALBASE . "/dev";
 	if (!file_exists("$bind_dev_dir/random")) {
 		$dev_dirs = array("null", "zero", "random", "urandom");
 		exec("/sbin/mount -t devfs devfs {$bind_dev_dir}", $dout);
@@ -706,41 +702,40 @@ EOD;
 		exec("/sbin/devfs -m {$bind_dev_dir} rule applyset", $dout);
 	}
 	// http://www.unixwiz.net/techtips/bind9-chroot.html
-	file_put_contents(CHROOT_LOCALBASE.'/etc/namedb/named.conf', $bind_conf);
-	file_put_contents(CHROOT_LOCALBASE.'/etc/namedb/rndc.conf', $rndc_file);
+	file_put_contents(CHROOT_LOCALBASE . '/etc/namedb/named.conf', $bind_conf);
+	file_put_contents(CHROOT_LOCALBASE . '/etc/namedb/rndc.conf', $rndc_file);
 
-	if (!file_exists(CHROOT_LOCALBASE."/etc/namedb/named.root")) {
+	if (!file_exists(CHROOT_LOCALBASE . "/etc/namedb/named.root")) {
 		// dig +tcp @a.root-servers.net > CHROOT_LOCALBASE."/etc/namedb/named.root"
 		$named_root = file_get_contents("http://www.internic.net/domain/named.root");
-		file_put_contents(CHROOT_LOCALBASE."/etc/namedb/named.root", $named_root, LOCK_EX);
+		file_put_contents(CHROOT_LOCALBASE . "/etc/namedb/named.root", $named_root, LOCK_EX);
 	}
 	if (!file_exists(CHROOT_LOCALBASE."/etc/localtime")) {
-		copy("/etc/localtime", CHROOT_LOCALBASE."/etc/localtime");
+		copy("/etc/localtime", CHROOT_LOCALBASE . "/etc/localtime");
 	}
 
 	bind_write_rcfile();
-	chown(CHROOT_LOCALBASE."/etc/namedb/keys", "bind");
-	chown(CHROOT_LOCALBASE."/etc/namedb", "bind");
-	chown(CHROOT_LOCALBASE."/var/log", "bind");
-	chown(CHROOT_LOCALBASE."/var/run/named", "bind");
-	chgrp(CHROOT_LOCALBASE."/var/log", "bind");
+	chown(CHROOT_LOCALBASE . "/etc/namedb/keys", "bind");
+	chown(CHROOT_LOCALBASE . "/etc/namedb", "bind");
+	chown(CHROOT_LOCALBASE . "/var/log", "bind");
+	chown(CHROOT_LOCALBASE . "/var/run/named", "bind");
+	chgrp(CHROOT_LOCALBASE . "/var/log", "bind");
 	$bind_sh = "/usr/local/etc/rc.d/named.sh";
 	if ($bind_enable == "on") {
 		chmod($bind_sh, 0755);
-		mwexec("{$bind_sh} restart");
+		restart_service("named");
 	} elseif (is_service_running('named')) {
-		mwexec("{$bind_sh} stop");
+		stop_service("named");
 		chmod($bind_sh, 0644);
 	}
-	// sync to backup servers
+	// Sync to backup servers
 	bind_sync_on_changes();
 	conf_mount_ro();
 }
 
-function bind_print_javascript_type_zone()
-{
+function bind_print_javascript_type_zone() {
 	?>
-