xref: /netbsd-src/external/bsd/nsd/dist/contrib/bind2nsd/scripts/s64-sync (revision d83a80ee7fb31190352cf1f781441e06ca6a86db)

#!/usr/bin/env python
# Copyright (c) 2007, Secure64 Software Corporation
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.
#
#
#
#	When named.conf changes, update the DNS machine
#
#

#-- imports
import getopt
import os
import os.path
import popen2
import re
import sys
import time

if os.path.exists('../bind2nsd/Config.py'):
   sys.path.append('../bind2nsd')
   from Config import *
   from Utils import *
   from NamedConf import *
   from NsdConf import *
else:
   from bind2nsd.Config import *
   from bind2nsd.Utils import *
   from bind2nsd.NamedConf import *
   from bind2nsd.NsdConf import *

if os.path.exists('../pexpect-2.1'):
   sys.path.append('../pexpect-2.1')
import pexpect
import pxssh

#-- globals
conf = Config()

#-- useful functions
def usage():
   print 's64-sync %s, copyright(c) 2007, Secure64 Software Corporation' \
               % (conf.getValue('version'))
   print
   print 'usage: s64-sync [-a|--analyze-only] [-h|--help] [-s|--sync-only]'
   print '                [-n|--now]'
   print '   -a | --analyze-only => look for and report errors, but do'
   print '                          not sync with the Secure64 server'
   print '   -h | --help         => print this message and quit'
   print '   -n | --now          => do not poll, sync immediately'
   print '   -s | --sync-only    => sync without translating BIND files'
   print '   -v | --verbose      => output lots of info'
   return

def rebuild_nsd_files():
   result = False
   xlate = conf.getValue('bind2nsd')
   if os.path.exists(xlate):
      result = run_cmd(xlate, 'running bind2nsd...')
   else:
      report_error('? could not find "%s" and have got to have it' % (xlate))
      report_error('  skipping rebuild of NSD files')
   return result

def scp_s64():
   #-- do the scp to an actual Secure64 server
   report_info('=> using scp to transfer to Secure64 system...')
   tmpdir = conf.getValue('tmpdir') 	# must have trailing '/'
   if not os.path.exists(tmpdir) and not os.path.isdir(tmpdir):
      bail('? cannot find "%s"...' % (tmpdir))

   #-- this feels a bit dodgy due to issues in pexpect when it goes
   #   up against passwd and other such nastiness from scp/ssh -- all
   #   we should have to do is child.wait() really, but that does not
   #   work as it should.
   #
   #   NB: it turn out that you can _not_ put a '*' at the end of the
   #   source path; pexpect.spawn() screws up and the parsing of the string
   #   and ends up ignoring everything up to the '*', meaning the command
   #   does not have the 'scp' part in it and does not get executed properly.
   #
   pwd = os.getcwd()
   os.chdir(tmpdir)
   #-- this is what i wanted to do...
   #cmd = 'scp -r ' + tmpdir + ' dns@' + conf.getValue('dest-ip') + ':'
   #-- this is what works...
   flist = os.listdir('.')
   fnames = ' '.join(flist)
   cmd  = 'scp -r ' + fnames
   cmd += ' ' + conf.getValue('destuser') + '@'
   cmd += conf.getValue('dest-ip') + ':'
   report_info('=> ' + cmd)
   child = pexpect.spawn(cmd)
   if len(conf.getValue('dnspw')) > 0:
      child.expect('.*ssword:')
      child.sendline(conf.getValue('dnspw'))
   child.expect('.*' + conf.getValue('nsd_conf') + '.*')
   child.expect(pexpect.EOF)
   child.close()
   os.chdir(pwd)

   return

def cp_files(analyze):
   #-- we assume everything has already been copied to the tmpdir by bind2nsd

   if analyze:
      return

   tmpdir = conf.getValue('tmpdir') 	# must have trailing '/'
   if not os.path.exists(tmpdir) and not os.path.isdir(tmpdir):
      bail('? cannot find "%s"...' % (tmpdir))

   #-- scp the entire tmp directory
   if conf.getValue('DEMO-MODE'):
      report_info('** scp would go here, but cp -r for demonstration purposes')
      cmd = 'cp -r ' + tmpdir + '* ' + conf.getValue('destdir')
      run_cmd(cmd, 'using cp to transfer to demo system...')
   else:
      scp_s64()

   return

def restart_nsd():
   if conf.getValue('DEMO-MODE'):
      cmd = conf.getValue('stop_cmd')
      run_cmd(cmd, 'stopping nsd...')

      # BOZO: rebuild is not behaving when there are errors, so the hack is
      # to remove the existing db, run the zone compiler and restart nsd
      #cmd = conf.getValue('rebuild_cmd')
      #os.system(cmd)
      cmd = 'rm -f ' + conf.getValue('database')
      run_cmd(cmd, 'removing old zonedb...')
      cmd = conf.getValue('zonec_cmd')
      run_cmd(cmd, 'rebuilding zonedb...')

      cmd = conf.getValue('start_cmd')
      run_cmd(cmd, 'starting nsd...')
   else:
      cmd = 'ssh -a -x dns@' + conf.getValue('dest-ip')
      child = pexpect.spawn(cmd)
      if not child.isalive():
         bail('? cannot login to Secure64 system at %s' % \
	      (conf.getValue('dest-ip')))
      else:
         report_info('=> restarting Secure64 NSD on %s' % \
	             (conf.getValue('dest-ip')))
	 child.expect('.*ssword:')
	 child.sendline(conf.getValue('syspw'))
	 child.expect('\[view@.*> ')
	 report_info('=> now logged in')
	 child.sendline('enable dnsconfig')
	 child.expect('.*ssword:')
	 child.sendline(conf.getValue('dnspw'))
	 child.expect('\*.*')
	 report_info('=> issuing zonec')
	 child.sendline('zonec')
	 if isVerbose():
	    child.logfile = sys.stdout
	 child.expect('\[dnsconfig@.*# ')
	 report_info('=> issuing stop')
	 child.sendline('stop')
	 child.expect('\[dnsconfig@.*# ')
	 report_info('=> issuing start')
	 child.sendline('start')
	 child.expect('\[dnsconfig@.*# ')
	 child.sendline('exit')
	 child.expect('\[view@.*> ')
	 child.sendline('exit')
	 child.close()
         report_info('=> restart done')

   return

def quick_parse():
   #-- build an in-core representation of the named.conf file
   named_root  = conf.getValue('named_root')
   named_fname = conf.getValue('named_conf')
   report_info('=> parsing named.conf file \"%s\"...' % (named_fname))

   pwd = os.getcwd()
   if os.path.exists(named_root) and os.path.isdir(named_root):
      os.chdir(named_root)
   else:
      bail('? cannot find the named root directory "%s"' % (named_root))
   named = NamedConf(named_fname)
   os.chdir(pwd)

   return named

def run_named_check(named):
   #-- run named-checkconf on the config file and then run named-checkzone
   #   on each zone file
   chkconf = conf.getValue('named-checkconf')
   if os.path.exists(chkconf):
      fname = conf.getValue('named_root')
      fname += '/' + conf.getValue('named_conf')
      report_info('=> running "%s" on "%s"...' % (chkconf, fname))
      (output, errors) = run_cmd_capture(chkconf + ' ' + fname)
      if len(errors) > 0:
         report_info('? errors found --->')
	 report_info(errors)
      else:
         report_info('   all is well.')
   else:
      report_error("? wanted to run named-checkconf, dude, but it's not there.")

   chkzone = conf.getValue('named-checkzone')
   if os.path.exists(chkzone):
      zdict = named.getZones()
      zlist = zdict.keys()
      zlist.sort()
      rname = named.getOptions().getDirectory().replace('"','')
      report_info('=> running "%s" on all zones...' % (chkzone))
      prog = re.compile(':[0-9][0-9]*:')
      for ii in zlist:
         zone = zdict[ii].getName()
	 zfile = rname + '/' + zdict[ii].getFile()
         (output, errors) = run_cmd_capture(chkzone + ' ' + zone + ' ' + zfile)
         if len(output) > 0 and prog.search(output) != None:
	    report_info(output.strip())
   else:
      report_error("? wanted to run named-checkzone, dude, but it's not there.")

   return

def run_zonec():
   zonec = conf.getValue('zonec_cmd')
   if os.path.exists(zonec):
      report_info('=> running the zone compiler "%s"...' % (zonec))
      fname = conf.getValue('nsd_conf')
      tmpdir = conf.getValue('tmpdir')
      cmd = zonec + ' -c ' + tmpdir + '/' + fname + ' -d ' + tmpdir
      cmd += ' -f ' + tmpdir + '/zone.db'
      os.system('rm -f ' + tmpdir + '/zone.db')
      (output, errors) = run_cmd_capture(cmd)
      if len(errors) > 0:
         report_info('? errors found --->')
	 report_info(errors)
      else:
         report_info('   all is well.')
   else:
      report_error("? hmph.  wanted to run zonec, but it's not there.")

   return


#-- main ---------------------------------------------------------------
def main():

   try:
      opts, args = getopt.getopt(sys.argv[1:],
                                 'ahnsv',
				 ['analyze-only', 'help', 'now', 'sync-only',
				  'verbose']
				)
   except getopt.GetoptError:
      usage()
      sys.exit(1)

   now = False
   analyze_only = False
   sync_only = False
   for ii, val in opts:
      if ii in ('-a', '--analyze-only'):
         analyze_only = True
      if ii in ('-h', '--help'):
         usage()
	 sys.exit(0)
      if ii in ('-n', '--now'):
         now = True
      if ii in ('-s', '--sync-only'):
         sync_only = True
      if ii in ('-v', '--verbose'):
         set_verbosity(True)

   last_stat = {}
   this_stat = {}

   #-- don't poll unless we need to...
   if now:
      rebuild_nsd_files()
      cp_files(analyze_only)
      restart_nsd()
      sys.exit(0)

   #-- ...and don't poll if we just need to sync up to the Secure64 machine...
   if sync_only:
      cp_files(analyze_only)
      restart_nsd()
      sys.exit(0)

   #-- ...and don't poll if we're just checking things out...
   if analyze_only:
      #-- well, and do a couple of extra things, too
      set_verbosity(True)
      report_info( \
            's64-sync %s, copyright(c) 2007, Secure64 Software Corporation' \
            % (conf.getValue('version')))
      named = quick_parse()
      rebuild_nsd_files()
      run_named_check(named)
      cp_files(analyze_only)
      run_zonec()
      sys.exit(0)

   #-- apparently we need to poll...
   tmplist = conf.getValue('named_watchlist').split()
   watchlist = []
   for ii in tmplist:
      watchlist.append(ii.strip())
   while True:
      for ii in watchlist:
         if ii in last_stat.keys():
            statinfo = os.stat(ii)
            this_stat[ii] = (statinfo.st_size, statinfo.st_mtime)
            (old_size, old_mtime) = last_stat[ii]
            (new_size, new_mtime) = this_stat[ii]
            if old_size != new_size or old_mtime != new_mtime:
               report_info('aha! "%s" has changed!' % (ii))
	       last_stat[ii] = (new_size, new_mtime)
	       rebuild_nsd_files()
               cp_files(analyze_only)
	       restart_nsd()
         else:
            statinfo = os.stat(ii)
            last_stat[ii] = (statinfo.st_size, statinfo.st_mtime)
            this_stat[ii] = last_stat[ii]

      time.sleep(int(conf.getValue('sleep_time')))

   sys.exit(0)

#-- just in case
if __name__ == '__main__':
   main()