5 kx #!/bin/sh
5 kx # Start/stop/restart the BIND name server daemon (named).
5 kx
5 kx # Start BIND. In the past it was more secure to run BIND as a non-root
5 kx # user (for example, with '-u daemon'), but the modern version of BIND
5 kx # knows how to use the kernel's capability mechanism to drop all root
5 kx # privileges except the ability to bind() to a privileged port and set
5 kx # process resource limits, so running as a non-root user is not needed.
5 kx # But if you want to run as a non-root user anyway, the command options
5 kx # can be set like this in /etc/default/named:
5 kx # NAMED_OPTIONS="-u daemon"
5 kx # So you will not have to edit this script.
5 kx #
5 kx # Please note that if you run BIND as a non-root user, your files in
5 kx # /var/named may need to be chowned to this user or else named will
5 kx # refuse to start.
5 kx
5 kx # You might also consider running BIND in a "chroot jail",
5 kx # a discussion of which may be found in
5 kx # /usr/doc/Linux-HOWTOs/Chroot-BIND-HOWTO.
5 kx
5 kx # One last note: rndc has a lot of other nice features that it is not
5 kx # within the scope of this start/stop/restart script to support.
5 kx # For more details, see "man rndc" or just type "rndc" to see the options.
5 kx
5 kx # Load command defaults:
5 kx if [ -f /etc/default/named ] ; then . /etc/default/named ; fi
5 kx if [ -f /etc/default/rndc ] ; then . /etc/default/rndc ; fi
5 kx
5 kx # Sanity check. If /usr/sbin/named is missing then it
5 kx # doesn't make much sense to try to run this script:
5 kx if [ ! -x /usr/sbin/named ]; then
5 kx echo "/etc/rc.d/rc.bind: no /usr/sbin/named found (or not executable); cannot start."
5 kx exit 1
5 kx fi
5 kx
5 kx # Function to find the user BIND is running as in $NAMED_OPTIONS:
5 kx find_bind_user() {
5 kx if echo $NAMED_OPTIONS | grep -wq "\-u" ; then
5 kx unset BIND_USER USER_FOUND
5 kx echo $NAMED_OPTIONS | tr ' ' '\n' | while read element ; do
5 kx if [ "$USER_FOUND" = "true" ]; then
5 kx BIND_USER="$element"
5 kx echo $BIND_USER
5 kx break
5 kx elif [ "$element" = "-u" ]; then
5 kx USER_FOUND="true"
5 kx fi
5 kx done
5 kx else
5 kx echo "root"
5 kx fi
5 kx }
5 kx
5 kx # Start BIND. As many times as you like. ;-)
5 kx # Seriously, don't run "rc.bind start" if BIND is already
5 kx # running or you'll get more than one copy running.
5 kx bind_start() {
5 kx # Make sure /var/run/named exists:
5 kx mkdir -p /var/run/named
5 kx # If we are running as a non-root user, we'll need to be sure that
5 kx # /var/run/named is chowned properly to that user. Your files in
5 kx # /var/named may need to be chowned as well, but that will be up to
5 kx # the sysadmin to do.
5 kx BIND_USER="$(find_bind_user)"
5 kx if [ ! "$BIND_USER" = "root" ]; then
5 kx chown -R $BIND_USER /var/run/named
5 kx else # prevent error if switching back to running as root:
5 kx chown -R root /var/run/named
5 kx fi
5 kx # Start named:
5 kx if [ -x /usr/sbin/named ]; then
5 kx echo "Starting BIND: /usr/sbin/named $NAMED_OPTIONS"
5 kx /usr/sbin/named $NAMED_OPTIONS
5 kx sleep 1
5 kx fi
5 kx # Make sure that named started:
5 kx if ! ps axc | grep -q named ; then
5 kx echo "WARNING: named did not start."
5 kx echo "Attempting to start named again: /usr/sbin/named $NAMED_OPTIONS"
5 kx /usr/sbin/named $NAMED_OPTIONS
5 kx sleep 1
5 kx if ps axc | grep -q named ; then
5 kx echo "SUCCESS: named started."
5 kx else
5 kx echo "FAILED: Sorry, a second attempt to start named has also failed."
5 kx echo "There may be a configuration error that needs fixing. Good luck!"
5 kx fi
5 kx fi
5 kx }
5 kx
5 kx # Stop all running copies of BIND (/usr/sbin/named):
5 kx bind_stop() {
5 kx echo "Stopping BIND: /usr/sbin/rndc $RDNC_OPTIONS stop"
5 kx /usr/sbin/rndc $RDNC_OPTIONS stop
5 kx # A problem with using "/usr/sbin/rndc stop" is that if you
5 kx # managed to get multiple copies of named running it will
5 kx # only stop one of them and then can't stop the others even
5 kx # if you run it again. So, after doing things the nice way
5 kx # we'll do them the old-fashioned way. If you don't like
5 kx # it you can comment it out, but unless you have a lot of
5 kx # other programs you run called "named" this is unlikely
5 kx # to have any ill effects:
5 kx sleep 1
5 kx if ps axc | grep -q named ; then
5 kx echo "Stopping all named processes in this namespace: /bin/killall --ns \$\$ named"
5 kx /bin/killall --ns $$ named 2> /dev/null
5 kx fi
5 kx }
5 kx
5 kx # Reload BIND:
5 kx bind_reload() {
5 kx /usr/sbin/rndc $RDNC_OPTIONS reload
5 kx }
5 kx
5 kx # Restart BIND:
5 kx bind_restart() {
5 kx bind_stop
5 kx bind_start
5 kx }
5 kx
5 kx # Get BIND status:
5 kx bind_status() {
5 kx /usr/sbin/rndc $RDNC_OPTIONS status
5 kx }
5 kx
5 kx case "$1" in
5 kx 'start')
5 kx bind_start
5 kx ;;
5 kx 'stop')
5 kx bind_stop
5 kx ;;
5 kx 'reload')
5 kx bind_reload
5 kx ;;
5 kx 'restart')
5 kx bind_restart
5 kx ;;
5 kx 'status')
5 kx bind_status
5 kx ;;
5 kx *)
5 kx echo "usage $0 start|stop|reload|restart|status"
5 kx esac
Radix cross Linux
The main Radix cross Linux repository contains the build scripts of packages, which have the most complete and common functionality for desktop machines
452 Commits
2 Branches
1 Tag