5
if [ "$1" = configure ]; then
8
# lets give them a bind user/group in all cases.
9
# I wish there was an easier way to tell if it's there..
10
touch /var/run/bind9.$$
11
chgrp bind /var/run/bind9.$$ >/dev/null 2>&1 || addgroup --system bind
12
chown bind /var/run/bind9.$$ >/dev/null 2>&1 ||
13
adduser --system --home /var/cache/bind --no-create-home \
14
--disabled-password --ingroup bind bind
15
rm -f /var/run/bind9.$$
17
if [ ! -s /etc/bind/rndc.key ]; then
18
rndc-confgen -r /dev/urandom -a
22
if [ ! -f /etc/default/bind9 ]; then
23
for file in /etc/bind/named.conf /etc/bind/named.conf.local; do
24
theirs=$(md5sum $file | sed 's/ .*$//')
25
mine=$(dpkg --status bind9 | grep "^ $file " | sed -n 's/.* //p')
26
if [ "$mine" != "$theirs" ]; then
30
if [ -n "$localconf" ]; then
31
echo 'OPTIONS=""' >> /etc/default/bind9
33
echo 'OPTIONS="-u bind"' >> /etc/default/bind9
35
echo '# Set RESOLVCONF=no to not run resolvconf' >> /etc/default/bind9
36
echo 'RESOLVCONF=yes' >> /etc/default/bind9
39
# Deal with the aftermath of 9.2.1-5 - it's a hack, but hey..
40
if [ "$lastversion" = "9.2.1-5" ]; then
41
ugid=$(ls -l /etc/bind/rndc.key | awk '{print $3 $4}')
42
if [ "$ugid" = "bindbind" ]; then
43
chown root:root /etc/bind/rndc.key
44
chown root:bind /var/run/bind/run
45
chown root:bind /var/cache/bind
49
uid=$(ls -ln /etc/bind/rndc.key | awk '{print $3}')
50
if [ "$uid" = "0" ]; then
51
[ -n "$localconf" ] || chown bind /etc/bind/rndc.key
54
chgrp bind /etc/bind/rndc.key /var/run/bind/run /var/cache/bind
55
chgrp bind /etc/bind/named.conf*
56
chmod g+r /etc/bind/rndc.key /etc/bind/named.conf*
57
chmod g+rwx /var/run/bind/run /var/cache/bind
60
if [ -x /etc/init.d/bind9 ]; then
61
update-rc.d bind9 defaults 15 85 >/dev/null