# $Id$
#
# File:		cf.dns
#
# Description:	DNS/BIND configuration rules for Cfengine
#		DNS database files generated using h2n
#		Creates chroot environment for secondary DNS servers
#		Solaris 8 config
#
# Author:	Ade Rixon
#

control:
	AddInstallable	= ( namedconf )

	# master source files
	masterdir =	( /home/cfengine/master )
	# master file server
	mainserver =	( adminhost )

	NAMEDDIR =	( /var/named )	# DNS data
	NAMEDROOT =	( /home/named )	# secondary chroot jail

######################################################################

groups:

	# DNS servers
	PrimaryDNS =	( dns1 )
	SecondaryDNS =	( dns2 dns3 )

######################################################################

filters:
	{ IsFile

	Type:	"reg"	# normal file
	Result: "Type"

	}

	{ IsChar

	Type:	"char"	# character device
	Result: "Type"

	}

######################################################################

directories:
   # DNS data
   PrimaryDNS::
   	$(NAMEDDIR)		mode=750 o=root g=root

   # BIND chroot environment on secondaries
   SecondaryDNS::
   	$(NAMEDROOT)		mode=750 o=root g=root
   	$(NAMEDROOT)/dev	mode=750 o=root g=root
   	$(NAMEDROOT)/etc	mode=750 o=root g=root
   	$(NAMEDROOT)/usr	mode=750 o=root g=root
   	$(NAMEDROOT)/usr/lib	mode=750 o=root g=root
   	$(NAMEDROOT)/usr/sbin	mode=750 o=root g=root
   	$(NAMEDROOT)/usr/share	mode=750 o=root g=root
   	$(NAMEDROOT)/usr/share/lib	mode=750 o=root g=root
   	$(NAMEDROOT)/var	mode=750 o=root g=root
   	#$(NAMEDROOT)/var/adm	mode=750 o=root g=root
   	$(NAMEDROOT)/var/run	mode=750 o=root g=root
   	$(NAMEDROOT)/var/tmp	mode=750 o=root g=root
   	$(NAMEDROOT)$(NAMEDDIR)	mode=750 o=root g=root

######################################################################

copy:
	PrimaryDNS::
		$(masterdir)/dns/named.conf.primary	dest=/etc/named.conf mode=0444 o=root g=other server=$(mainserver) define=namedconf
		$(masterdir)/dns/Makefile	dest=$(NAMEDDIR)/Makefile mode=0444 o=root g=other server=$(mainserver)
		$(masterdir)/dns/h2n.foobar.com	dest=$(NAMEDDIR)/h2n.foobar.com mode=0444 o=root g=other server=$(mainserver) define=dnsupd
		# root nameserver hints file:
		$(masterdir)/dns/db.cache	dest=$(NAMEDDIR)/db.cache mode=0444 o=root g=other server=$(mainserver)
		# master hosts file for DNS data:
		$(masterdir)/dns/hosts.foobar.com	dest=$(NAMEDDIR)/hosts.foobar.com mode=0444 o=root g=other server=$(mainserver) define=dnsupd

	# chroot environment
	SecondaryDNS::
		$(masterdir)/misc/init.named_chroot     dest=/etc/init.d/init.named_chroot mode=0544 o=root g=other server=$(mainserver)
		$(masterdir)/dns/named.conf.secondary	dest=$(NAMEDROOT)/etc/named.conf mode=0444 o=root g=other server=$(mainserver) define=namedconf
		$(masterdir)/dns/db.cache	dest=$(NAMEDROOT)$(NAMEDDIR)/db.cache mode=0444 o=root g=other server=$(mainserver)
		$(masterdir)/dns/db.127.0.0	dest=$(NAMEDROOT)$(NAMEDDIR)/db.127.0.0 mode=0444 o=root g=other server=$(mainserver)
		/dev		dest=$(NAMEDROOT)/dev
				r=1 filter=IsChar
				linktype=copy
				symlink=*
				include=conslog
				include=log
				include=null
				include=syscon
				include=tcp
				include=udp
				include=zero
		/etc		dest=$(NAMEDROOT)/etc
				timestamps=keep backup=false
				mode=0444 o=root g=other r=1 filter=IsFile
				include=netconfig
				include=syslog.conf
		/usr/sbin	dest=$(NAMEDROOT)/usr/sbin
				timestamps=keep backup=false
				mode=0555 o=root g=bin r=1 filter=IsFile inform=true
				include=in.named
				include=named-xfer
				include=ndc
				include=syslog.conf
		/usr/lib		dest=$(NAMEDROOT)/usr/lib
					timestamps=keep backup=false
					mode=0555 o=root g=bin r=1 filter=IsFile inform=true
					include=ld.so.1
					include=libc.so.1
					include=libdl.so.1
					include=libintl.so.1
					include=libl.so.1
					include=libmp.so.2
					include=libnsl.so.1
					include=libresolv.so.2
					include=libsocket.so.1
					include=libw.so.1
		/usr/share/lib/zoneinfo	dest=$(NAMEDROOT)/usr/share/lib/zoneinfo
					timestamps=keep backup=false
					mode=-0222 o=root g=bin r=3 filter=IsFile
					include=US
					include=GB

######################################################################

links:
	SecondaryDNS::
		/etc/rc3.d/S72named_chroot -> ../init.d/init.named_chroot
		/etc/rc0.d/K41named_chroot -> ../init.d/init.named_chroot
		$(NAMEDROOT)/usr/tmp -> ../var/tmp
		$(NAMEDROOT)/usr/ucblib -> $(NAMEDROOT)/usr/lib	type=relative

######################################################################

shellcommands:
	# DNS updates
	PrimaryDNS.dnsupd::
		"/usr/ccs/bin/make" chdir=$(NAMEDDIR)
	PrimaryDNS.namedconf::
		"/usr/sbin/ndc reconfig"

######################################################################

processes:
	PrimaryDNS::
		"in.named"	restart "/usr/sbin/in.named"

	SecondaryDNS::
		"in.named"	restart "/usr/sbin/chroot $(NAMEDROOT) /usr/sbin/in.named"

######################################################################