Commit e338d974 authored by Jeremy C. Reed's avatar Jeremy C. Reed
Browse files

[master]Merge branch 'master' of ssh://git.bind10.isc.org/var/bind10/git/bind10

parents a13aefbd efb5fff4
......@@ -160,6 +160,11 @@ The boss module is sending a SIGKILL signal to the given process.
% BIND10_SEND_SIGTERM sending SIGTERM to %1 (PID %2)
The boss module is sending a SIGTERM signal to the given process.
% BIND10_SETGID setting GID to %1
The boss switches the process group ID to the given value. This happens
when BIND 10 starts with the -u option, and the group ID will be set to
that of the specified user.
% BIND10_SETUID setting UID to %1
The boss switches the user it runs as to the given UID.
......
......@@ -169,8 +169,8 @@ class BoB:
def __init__(self, msgq_socket_file=None, data_path=None,
config_filename=None, clear_config=False, nocache=False,
verbose=False, nokill=False, setuid=None, username=None,
cmdctl_port=None, wait_time=10):
verbose=False, nokill=False, setuid=None, setgid=None,
username=None, cmdctl_port=None, wait_time=10):
"""
Initialize the Boss of BIND. This is a singleton (only one can run).
......@@ -208,6 +208,7 @@ class BoB:
self.components_to_restart = []
self.runnable = False
self.uid = setuid
self.gid = setgid
self.username = username
self.verbose = verbose
self.nokill = nokill
......@@ -1156,12 +1157,14 @@ def main():
# Check user ID.
setuid = None
setgid = None
username = None
if options.user:
# Try getting information about the user, assuming UID passed.
try:
pw_ent = pwd.getpwuid(int(options.user))
setuid = pw_ent.pw_uid
setgid = pw_ent.pw_gid
username = pw_ent.pw_name
except ValueError:
pass
......@@ -1175,6 +1178,7 @@ def main():
try:
pw_ent = pwd.getpwnam(options.user)
setuid = pw_ent.pw_uid
setgid = pw_ent.pw_gid
username = pw_ent.pw_name
except KeyError:
pass
......@@ -1205,7 +1209,7 @@ def main():
boss_of_bind = BoB(options.msgq_socket_file, options.data_path,
options.config_file, options.clear_config,
options.nocache, options.verbose, options.nokill,
setuid, username, options.cmdctl_port,
setuid, setgid, username, options.cmdctl_port,
options.wait_time)
startup_result = boss_of_bind.startup()
if startup_result:
......
......@@ -29,7 +29,6 @@ from isc.config.module_spec import ModuleSpecError
from isc.cc import SessionError, SessionTimeout, ProtocolError
import isc.util.process
import isc.util.cio.socketsession
from isc.notify.notify_out import ZONE_NEW_DATA_READY_CMD
import isc.server_common.tsig_keyring
from isc.server_common.dns_tcp import DNSTCPContext
from isc.datasrc import DataSourceClient
......@@ -543,7 +542,7 @@ class DDNSServer:
def __notify_xfrout(self, zname, zclass):
'''Notify xfrout of the update.'''
param = {'zone_name': zname.to_text(), 'zone_class': zclass.to_text()}
msg = create_command(ZONE_NEW_DATA_READY_CMD, param)
msg = create_command('notify', param)
self.__notify_update(XFROUT_MODULE_NAME, msg, zname, zclass)
def __notify_update(self, modname, msg, zname, zclass):
......
......@@ -71,7 +71,6 @@ AUTH_MODULE_NAME = 'Auth'
XFROUT_MODULE_NAME = 'Xfrout'
ZONE_MANAGER_MODULE_NAME = 'Zonemgr'
REFRESH_FROM_ZONEMGR = 'refresh_from_zonemgr'
ZONE_XFRIN_FAILED = 'zone_xfrin_failed'
# Constants for debug levels.
DBG_XFRIN_TRACE = logger.DBGLVL_TRACE_BASIC
......@@ -1580,7 +1579,7 @@ class Xfrin:
logger.error(XFRIN_MSGQ_SEND_ERROR, XFROUT_MODULE_NAME, ZONE_MANAGER_MODULE_NAME)
else:
msg = create_command(ZONE_XFRIN_FAILED, param)
msg = create_command(notify_out.ZONE_XFRIN_FAILED, param)
# catch the exception, in case msgq has been killed.
try:
seq = self._send_cc_session.group_sendmsg(msg, ZONE_MANAGER_MODULE_NAME)
......
......@@ -1008,7 +1008,7 @@ class XfroutServer:
self.shutdown()
answer = create_answer(0)
elif cmd == notify_out.ZONE_NEW_DATA_READY_CMD:
elif cmd == "notify":
zone_name = args.get('zone_name')
zone_class = args.get('zone_class')
if not zone_class:
......
......@@ -21,6 +21,7 @@ import os
import tempfile
from zonemgr import *
from isc.testutils.ccsession_mock import MockModuleCCSession
from isc.notify import notify_out
ZONE_NAME_CLASS1_IN = ("example.net.", "IN")
ZONE_NAME_CLASS1_CH = ("example.net.", "CH")
......@@ -684,7 +685,7 @@ class TestZonemgr(unittest.TestCase):
self.assertEqual(answer1, self.zonemgr._parse_cmd_params(params1, ZONE_NOTIFY_COMMAND))
params2 = {"zone_name" : "example.com.", "zone_class" : "IN"}
answer2 = ZONE_NAME_CLASS3_IN
self.assertEqual(answer2, self.zonemgr._parse_cmd_params(params2, ZONE_XFRIN_SUCCESS_COMMAND))
self.assertEqual(answer2, self.zonemgr._parse_cmd_params(params2, notify_out.ZONE_NEW_DATA_READY_CMD))
self.assertRaises(ZonemgrException, self.zonemgr._parse_cmd_params, params2, ZONE_NOTIFY_COMMAND)
params1 = {"zone_class" : "CH"}
self.assertRaises(ZonemgrException, self.zonemgr._parse_cmd_params, params2, ZONE_NOTIFY_COMMAND)
......
......@@ -39,6 +39,7 @@ from optparse import OptionParser, OptionValueError
from isc.config.ccsession import *
import isc.util.process
from isc.log_messages.zonemgr_messages import *
from isc.notify import notify_out
# Initialize logging for called modules.
isc.log.init("b10-zonemgr")
......@@ -78,8 +79,6 @@ XFRIN_MODULE_NAME = 'Xfrin'
AUTH_MODULE_NAME = 'Auth'
# define command name
ZONE_XFRIN_FAILED_COMMAND = 'zone_xfrin_failed'
ZONE_XFRIN_SUCCESS_COMMAND = 'zone_new_data_ready'
ZONE_REFRESH_COMMAND = 'refresh_from_zonemgr'
ZONE_NOTIFY_COMMAND = 'notify'
......@@ -623,7 +622,7 @@ class Zonemgr:
def command_handler(self, command, args):
"""Handle command receivd from command channel.
ZONE_NOTIFY_COMMAND is issued by Auth process;
ZONE_XFRIN_SUCCESS_COMMAND and ZONE_XFRIN_FAILED_COMMAND are issued by
ZONE_NEW_DATA_READY_CMD and ZONE_XFRIN_FAILED are issued by
Xfrin process;
shutdown is issued by a user or Boss process. """
answer = create_answer(0)
......@@ -637,7 +636,7 @@ class Zonemgr:
# Send notification to zonemgr timer thread
self._master_socket.send(b" ")# make self._slave_socket readble
elif command == ZONE_XFRIN_SUCCESS_COMMAND:
elif command == notify_out.ZONE_NEW_DATA_READY_CMD:
""" Handle xfrin success command"""
zone_name_class = self._parse_cmd_params(args, command)
logger.debug(DBG_ZONEMGR_COMMAND, ZONEMGR_RECEIVE_XFRIN_SUCCESS, zone_name_class[0], zone_name_class[1])
......@@ -645,7 +644,7 @@ class Zonemgr:
self._zone_refresh.zone_refresh_success(zone_name_class)
self._master_socket.send(b" ")# make self._slave_socket readble
elif command == ZONE_XFRIN_FAILED_COMMAND:
elif command == notify_out.ZONE_XFRIN_FAILED:
""" Handle xfrin fail command"""
zone_name_class = self._parse_cmd_params(args, command)
logger.debug(DBG_ZONEMGR_COMMAND, ZONEMGR_RECEIVE_XFRIN_FAILED, zone_name_class[0], zone_name_class[1])
......
......@@ -37,6 +37,7 @@ class SockCreator(BaseComponent):
BaseComponent.__init__(self, boss, kind)
self.__creator = None
self.__uid = boss.uid
self.__gid = boss.gid
def _start_internal(self):
self._boss.curproc = 'b10-sockcreator'
......@@ -45,6 +46,9 @@ class SockCreator(BaseComponent):
self._boss.register_process(self.pid(), self)
self._boss.set_creator(self.__creator)
self._boss.log_started(self.pid())
if self.__gid is not None:
logger.info(BIND10_SETGID, self.__gid)
posix.setgid(self.__gid)
if self.__uid is not None:
logger.info(BIND10_SETUID, self.__uid)
posix.setuid(self.__uid)
......
......@@ -104,6 +104,8 @@ class ComponentTests(BossUtils, unittest.TestCase):
self.__stop_process_params = None
self.__start_simple_params = None
# Pretending to be boss
self.gid = None
self.__gid_set = None
self.uid = None
self.__uid_set = None
......@@ -609,6 +611,9 @@ class ComponentTests(BossUtils, unittest.TestCase):
self.assertTrue(process.killed)
self.assertFalse(process.terminated)
def setgid(self, gid):
self.__gid_set = gid
def setuid(self, uid):
self.__uid_set = uid
......@@ -637,7 +642,9 @@ class ComponentTests(BossUtils, unittest.TestCase):
"""
component = isc.bind10.special_component.SockCreator(None, self,
'needed', None)
orig_setgid = isc.bind10.special_component.posix.setgid
orig_setuid = isc.bind10.special_component.posix.setuid
isc.bind10.special_component.posix.setgid = self.setgid
isc.bind10.special_component.posix.setuid = self.setuid
orig_creator = \
isc.bind10.special_component.isc.bind10.sockcreator.Creator
......@@ -645,18 +652,22 @@ class ComponentTests(BossUtils, unittest.TestCase):
isc.bind10.special_component.isc.bind10.sockcreator.Creator = \
lambda path: self.FakeCreator()
component.start()
# No uid set in boss, nothing called.
# No gid/uid set in boss, nothing called.
self.assertIsNone(self.__gid_set)
self.assertIsNone(self.__uid_set)
# Doesn't do anything, but doesn't crash
component.stop()
component.kill()
component.kill(True)
self.gid = 4200
self.uid = 42
component = isc.bind10.special_component.SockCreator(None, self,
'needed', None)
component.start()
# This time, it get's called
self.assertEqual(4200, self.__gid_set)
self.assertEqual(42, self.__uid_set)
isc.bind10.special_component.posix.setgid = orig_setgid
isc.bind10.special_component.posix.setuid = orig_setuid
isc.bind10.special_component.isc.bind10.sockcreator.Creator = \
orig_creator
......
......@@ -34,7 +34,9 @@ logger = isc.log.Logger("notify_out")
# initialized yet. see trac ticket #1103
from isc.dns import *
ZONE_NEW_DATA_READY_CMD = 'notify'
ZONE_NEW_DATA_READY_CMD = 'zone_new_data_ready'
ZONE_XFRIN_FAILED = 'zone_xfrin_failed'
_MAX_NOTIFY_NUM = 30
_MAX_NOTIFY_TRY_NUM = 5
_EVENT_NONE = 0
......
......@@ -26,6 +26,7 @@ Feature: Xfrin
A query for www.example.org should have rcode REFUSED
When I send bind10 the command Xfrin retransfer example.org IN ::1 47807
Then wait for new bind10 stderr message XFRIN_TRANSFER_SUCCESS not XFRIN_XFR_PROCESS_FAILURE
Then wait for new bind10 stderr message ZONEMGR_RECEIVE_XFRIN_SUCCESS
A query for www.example.org should have rcode NOERROR
# The transferred zone should have 11 non-NSEC3 RRs and 1 NSEC3 RR.
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment