#!/bin/sh # # meant to be installed as /sbin/ifup-local or called from there # [ a patch should be sent to the initscripts maintainers to add this ] # # # Calling arguments available in /etc/sysconfig/network-scripts/ifcfg-DEV: # # UPDATEDNS=yes # enables this script to do its thing # # NSUPDATE=nsupdate # The name (or path) to the nsupdate binary # # UPDATEDNSNAME="HOSTNAME" # UPDATEDNSNAME="NAME1 NAME2" # updates this dns HOSTNAME (or multiple names). If not specified, the # output of hostname will be used. # # UPDATEAAAA=yes # enables updating AAAA (IPv6 old style records) if a global IPv6 # has been assigned to the device. # # If a secure (via a TSIG key) transaction is to be used, then one of # these should be used (in order of precedence. For simplicity, you # probably want to pick option 1, 4 or 5): # # /etc/sysconfig/network-scripts/key-HOSTNAME.key # /etc/sysconfig/network-scripts/key-HOSTNAME.private # Keys to use for authenticating an update for a single host, as # generated by the dnssec-keygen program. This is the only way # currently to specify different keys to be used for updating # different hosts. Both files are required. # # KEYARGS=args # Specifies your own keying arguments passed to nsupdate. # Overrides the above arguments. # # UPDATEDNSKEYFILE=KEYFILE # Should point to a dnssec (TSIG) key file if one should be used. # Note that both the .key and .private files must be present, but # just the .key file needs to be pointed to. It will be used for # all the transactions for all updates. # # UPDATEDNSKEY=DNSKEY # Should be a DNSKEY value suitable for passing to nsupdate's -y # argument # # /etc/sysconfig/network-scripts/key-DEVICE.key # /etc/sysconfig/network-scripts/key-DEVICE.private # Keys to use for authenticating updates for addresses on a # particular DEVICE (like "eth0"). Both files are required. # # # To generate key files use: # dnssec-keygen -a HMAC-MD5 -b 128 -n ENTITY HOSTNAME # (only replace the HOSTNAME argument with the fully qualified # hostname. The command will output a file name (2 actually: a # .key and a .private) that can be moved to the above locations cd /etc/sysconfig/network-scripts . network-functions [ -f ../network ] && . ../network DEVICE=$1 CONFIG=/etc/sysconfig/network-scripts/ifcfg-$DEVICE CFGKEYFILE=/etc/sysconfig/network-scripts/key-ifcfg-$DEVICE.key source_config if [ "$UPDATEDNS" ] ; then # # defaults # [ -z "$UPDATEDNSNAME" ] && UPDATEDNSNAME=`hostname` [ -z "$UPDATEDNSTTL" ] && UPDATEDNSTTL=600 [ -z "$NSUPDATE" ] && NSUPDATE="nsupdate" # # get the device's ip address # IPADDR=`LANG= LC_ALL= ifconfig ${DEVICE} | grep 'inet addr' | awk -F: '{ print $2 } ' | awk '{ print $1 }'` if [ "$UPDATEAAAA" = "yes" ] ; then IP6ADDR=`LANG= LC_ALL= ifconfig ${DEVICE} | grep 'inet6 addr' | grep 'Global' | sed 's/.*addr: *//;s/\/.*//;'` fi # # see if a key or a key file has been specified or is found # if [ -z "$KEYARGS" ] ; then if [ -n "$UPDATEDNSKEYFILE" ] ; then KEYARGS="-k $UPDATEDNSKEYFILE" elif [ -n "$UPDATEDNSKEY" ] ; then KEYARGS="-y $UPDATEDNSKEY" elif [ -f${CFGKEYFILE} ] ; then KEYARGS="-k ${CFGKEYFILE}" fi fi for name in $UPDATEDNSNAME ; do if [ "$UPDATEAAAA" = "yes" ] ; then IP6AAAALINE="update add ${name}. $UPDATEDNSTTL IN AAAA $IP6ADDR" fi # # allow for host-specific keys # if [ -f key-${name}.key ] ; then LOCALKEYARGS="-k key-${name}.key" else LOCALKEYARGS="$KEYARGS" fi # # perform the update # - delete the old records for the name # - adds the new address to the now empty record name # $NSUPDATE $LOCALKEYARGS <<EOF update delete ${name}. update add ${name}. $UPDATEDNSTTL IN A $IPADDR $IP6AAAALINE send EOF done fi