[freeside-users] patch bind.export to rsync/ssh as non-root user

Ivan Kohler ivan at 420.am
Fri Mar 24 10:41:12 PST 2006 

On Fri, Mar 24, 2006 at 03:07:59AM -0800, Luke S Crawford wrote:
> 
> 
> I dono if there is a better way to do this or not, but I was trying to 
> run bind.export as user 'export' (that has permissions to write to the 
> named files and rndc)  but logging in as user 'root' is hard-coded into the 
> bind.export file.  This is a quick hack to make it login as '$user' (the 
> first argument to bind.export) rather than 'root'.

The first argument to bind.export is a freeside username.  It doesn't 
necessarily have any relation to system users.  Your patch would break 
every existing installation that uses the BIND export.  Why don't you 
make the remote user an export option instead, and default to "root"?

> let me know if this is the wrong place to send patches.

I guess -devel is slightly more appropriate if you're subscribed, but 
here is fine too.

-- 
_ivan


> 
> 
> --
> Luke Crawford
> http://prgmr.com/

> *** bind.export.orig	Fri Mar 24 02:35:37 2006
> --- bind.export	Fri Mar 24 02:35:56 2006
> ***************
> *** 114,131 ****
>     $rsync->exec( {
>       src       => "$prefix/",
>       recursive => 1,
> !     dest      => "root\@$machine:$zonepath/",
>       exclude   => [qw( *.import named.conf.HEADER named.conf )],
>     } ) or die "rsync to $machine failed: ". join(" / ", $rsync->err);
>    # warn $rsync->out;
>   
>     $rsync->exec( {
>       src     => "$prefix/named.conf",
> !     dest    => "root\@$machine:". $export->option('named_conf'),
>     } ) or die "rsync to $machine failed: ". join(" / ", $rsync->err);
>   #  warn $rsync->out;
>   
> !   ssh("root\@$machine", "$ndc_cmd reload");
>   
>   }
>   
> --- 114,131 ----
>     $rsync->exec( {
>       src       => "$prefix/",
>       recursive => 1,
> !     dest      => "$user\@$machine:$zonepath/",
>       exclude   => [qw( *.import named.conf.HEADER named.conf )],
>     } ) or die "rsync to $machine failed: ". join(" / ", $rsync->err);
>    # warn $rsync->out;
>   
>     $rsync->exec( {
>       src     => "$prefix/named.conf",
> !     dest    => "$user\@$machine:". $export->option('named_conf'),
>     } ) or die "rsync to $machine failed: ". join(" / ", $rsync->err);
>   #  warn $rsync->out;
>   
> !   ssh("$user\@$machine", "$ndc_cmd reload");
>   
>   }
>   
> ***************
> *** 178,188 ****
>   
>     $rsync->exec( {
>       src     => "$prefix/named.conf",
> !     dest    => "root\@$machine:". $sexport->option('named_conf'),
>     } ) or die "rsync to $machine failed: ". join(" / ", $rsync->err);
>   #  warn $rsync->out;
>   
> !   ssh("root\@$machine", "$ndc_cmd reload");
>   
>   }
>   close NAMED_CONF;
> --- 178,188 ----
>   
>     $rsync->exec( {
>       src     => "$prefix/named.conf",
> !     dest    => "$user\@$machine:". $sexport->option('named_conf'),
>     } ) or die "rsync to $machine failed: ". join(" / ", $rsync->err);
>   #  warn $rsync->out;
>   
> !   ssh("$user\@$machine", "$ndc_cmd reload");
>   
>   }
>   close NAMED_CONF;

> _______________________________________________
> freeside-users mailing list
> freeside-users at sisd.com
> http://420.am/cgi-bin/mailman/listinfo/freeside-users


-- 
_ivan

More information about the freeside-users mailing list