|
Programming C, bash, Python, Perl, PHP, Java, you name it. |
|
Thread Tools | Display Modes |
|
|||
Appending to file on remote host via SSH
Hey guys! I'm playing around with scripting for (basically) my first time. I found out most of what I needed through examples I found on google and have finished with about the first three-fourths of the script. Essentially, I am creating a script that makes my life easier when adding domains to my DNS servers. In one of our DNS farms we have 5 servers (1 master, not public facing, and 4 slaves which *are* public facing). In any case, creating the initial zone file and then modifying 5 instances of named.conf can get quite tedious when you're adding almost a new domain every day, so I'm trying to come up with a solution.
The script, when complete, will do this: 1) Create an initial zone file in /etc/namedb/master/ 2) Add the zone to named.conf 3) Reload named, to read in the new named.conf 4) via SSH, append the new zone to named.conf on the slaves 5) via rndc, reload the slaves remotely This part all works EXCEPT for #4 above: Code:
if [ -z "$1" ] || [ -z "$2" ] then echo "Proper usage of this script is `basename $0` [domain-name] [IP address]" exit fi #Let's do the zone file ... echo "Creating initial zone file ..." echo "\$TTL 300 $1. IN SOA ns1.pwned.com. hostmaster.pwned.com. ( 2008060401 ; serial 1H ; refresh 10M ; retry 1D ; expire 1D ; minimum ) NS ns1.pwned.com. NS ns2.pwned.com. A $2 www CNAME @ " > /etc/namedb/master/db.$1 echo "Changing ownership on db.$1 ..." chown bind:bind /etc/namedb/master/db.$1 # Let's update named.conf ... echo "Updating named.conf ..." echo zone \"$1\"" { type master; file \"master/db.$1\"; }; " >> /etc/namedb/named.conf # Reload named for changes to take effect ... echo "Reloading named ..." rndc reload Code:
ssh ns2 echo "zone \"test.com\" { type slave; file \"sec/db.test.com\"; masters { 72.26.x.x; }; }; " >> /etc/namedb/named.conf Code:
bash: line 1: type: slave: not found bash: -c: line 3: syntax error near unexpected token `}' bash: -c: line 3: ` masters { 72.26.x.x; }; Thanks. I hope I was clear enough. Last edited by splooge; 7th June 2008 at 02:37 AM. |
|
|||
An alternative solution is you can put the data to a file locally, then SCP that file to the remote box.
Example: I want to add today's date to file foo, and copy it to another box. Code:
echo `date` >> /path/to/foo scp /path/to/foo foouser@barserver:/path/to/foo
__________________
I just saved a bunch of money on my car insurance by fleeing the scene of the accident! |
|
|||
i don't understand what you're trying to do - is this DNS replication?
Why don't you just force a zone transfer?
__________________
"No, that's wrong, Cartman. But don't worry, there are no stupid answers, just stupid people." -- Mr. Garrison Forum Netiquette |
|
|||
Quote:
|
|
|||
Quote:
In my environment, with figuratively thousands of zones, I'm looking to simply automate the addition of new zones to all my name servers. How does one add a new zone to name servers? (Rhetorical question there.) Here's the 5 steps I take to accomplish this task: 1) Create the new zone file in /etc/namedb/master. (db.zone.com) 2) Add the new zone to named.conf on the master dns server. 3) Reload the master name server, which reads in the new settings in named.conf 4) Add the new zones to the slaves servers' named.conf file. 5) Reload the slave name servers, again, to read in the changes in named.conf. Reloading the slaves at this point automagically initiates a zone transfer from the master. This is what I am trying to automate. The only part I'm missing is for a clean way to append the new entries in named.conf on the slave servers without logging into them and doing it manually. Sorry, I tend to add a lot of irrelevant information. |
|
||||
Some thing like this?
Code:
Terry@dixie$ ssh2v 'echo "zone \"test.com\" { 2:45 quote> type slave; quote> file \"sec/db.test.com\"; quote> masters { 72.26.x.x; }; quote>}; quote>">> /tmp/test.out' ######################### # WARNING # ######################### All activity is logged ! Terry@dixie$ ssh2v 'cat /tmp/test.out' 2:45 ######################### # WARNING # ######################### All activity is logged ! zone "test.com" { type slave; file "sec/db.test.com"; masters { 72.26.x.x; }; }; Terry@dixie$ 2:46 I find it is best to quote all arguments meant to be passed onto ssh to be run as a command on the server (and most similar situations comparable to sh -c 'commands'), helps remind me if I want things like >> redirections to files that I have to pass it to the servers shell, not my clients shell. I can think of at least one other possible way of doing it, if I"m reading your right but it's just as cheesy I'm sure... (read only network shares) I'd rather hope that there is an appropriate program available to take care of such things as this without having to resort to ssh or nfs/friends.
__________________
My Journal Thou shalt check the array bounds of all strings (indeed, all arrays), for surely where thou typest ``foo'' someone someday shall type ``supercalifragilisticexpialidocious''. |
|
|||
Thanks Terry! Using the ticks worked out really well! What I forgot to mention was that I am trying to pass a variable ("$1") that doesn't seem to work.
Code:
omni# cat terry.sh ssh ns2 'echo "zone \"$1\" { type slave; file \"sec/db.$1\"; masters { 72.26.x.x; }; }; " >> test' omni# ./terry.sh test.com Code:
zone "" { type slave; file "sec/db."; masters { 72.26.x.x; }; }; Code:
omni# cat terry.sh ssh ns2 'echo "zone \"'$1'\" { type slave; file \"sec/db.'$1'\"; masters { 72.26.x.x; }; }; " >> test' Code:
omni# ./terry.sh test.com Code:
zone "test.com" { type slave; file "sec/db.test.com"; masters { 72.26.x.x; }; }; Here are the results: Code:
omni# ./newdomain.sh test.com 1.1.1.1 Creating initial zone file ... Changing ownership on db.test.com ... Updating named.conf ... Reloading named ... server reload successful Populating named.conf on ns2 ... Reloading named on ns2 ... server reload successful Code:
omni# host www.test.com ns1 www.test.com is an alias for test.com. test.com has address 1.1.1.1 omni# host www.test.com ns2 www.test.com is an alias for test.com. test.com has address 1.1.1.1 splooge |
|
|||
Here's the final script, for completeness sake:
(NOTE: This required ssh keys and rndc keys for remote file access and remotely reloading named on the slave) Code:
if [ -z "$1" ] || [ -z "$2" ] then echo "Proper usage of this script is `basename $0` [domain-name] [IP address]" exit fi #Let's do the zone file ... echo "Creating initial zone file ..." echo "\$TTL 300 $1. IN SOA ns1.pwned.com. hostmaster.pwned.com. ( 2008060401 ; serial 1H ; refresh 10M ; retry 1D ; expire 1D ; minimum ) NS ns1.pwned.com. NS ns2.pwned.com. A $2 www CNAME @ " > /etc/namedb/master/db.$1 echo "Changing ownership on db.$1 ..." chown bind:bind /etc/namedb/master/db.$1 # Let's update named.conf ... echo "Updating named.conf ..." echo zone \"$1\"" { type master; file \"master/db.$1\"; }; " >> /etc/namedb/named.conf # Reload named for changes to take effect ... echo "Reloading named ..." rndc reload #Populate named.conf on ns2 echo "Populating named.conf on ns2 ..." ssh ns2 'echo "zone \"'$1'\" { type slave; file \"sec/db.'$1'\"; masters { 72.26.x.x; }; }; " >> /etc/bind/named.conf' # Reload named on ns2 echo "Reloading named on ns2 ..." rndc -s ns2 reload Last edited by splooge; 7th June 2008 at 04:06 AM. |
|
|||
Glad you got this worked out
__________________
I just saved a bunch of money on my car insurance by fleeing the scene of the accident! |
|
||||
The shells way of handling quoting can be a bit irksome at first but eventually you will love it (or curse it).
This awk tutorial gives a good overview of it when it talks about embedding awk programs within shell script. Or for the programmer summery... '' -- no interpolation "" -- variable interpolation `` -- execute shell commands and return output (as a scalar value I believe) group of words within qoutes -- string strings separated by white spaces are automatically concatenated (e.g. 'foo'$var'bar' is the same as foo${var}bar)
__________________
My Journal Thou shalt check the array bounds of all strings (indeed, all arrays), for surely where thou typest ``foo'' someone someday shall type ``supercalifragilisticexpialidocious''. |
|
|||
By using the "here" document construct of the shell will save you a lot of quoting or escaping
Code:
$ cat inline #!/bin/sh FILE=named.conf cat <<END >${FILE} zone $1 { type master; file "master/db.$1"; }; END Code:
$ sh inline xyz.com $ cat named.conf zone xyz.com { type master; file "master/db.xyz.com"; }; Code:
$ cat inline_redir #!/bin/sh FILE=$(mktemp) echo ${FILE} cat <<END > ${FILE} zone "$1" { type slave; file "sec/db.$1"; masters { 72.26.x.x; }; }; END $ sh inline_redir gorilla.com /tmp/tmp.XwKYS14669 $ cat /tmp/tmp.XwKYS14669 zone "gorilla.com" { type slave; file "sec/db.gorilla.com"; masters { 72.26.x.x; }; }; Code:
$ cat ssh_append #!/bin/sh FILE=test.zone ssh j65nko@parmenides "cat <<END > ${FILE} zone "$1" { type slave; file "sec/db.$1"; masters { 72.26.x.x; }; }; END " $ sh ssh_append mickey_mouse.com $ ssh j65nko@parmenides 'cat test.zone' zone mickey_mouse.com { type slave; file sec/db.mickey_mouse.com; masters { 72.26.x.x; }; }; A fixed version Code:
$ cat ssh_append #!/bin/sh FILE=test.zone ssh j65nko@parmenides "cat <<END > ${FILE} zone \"$1\" { type slave; file \"sec/db.$1\"; masters { 72.26.x.x; }; }; END " $ sh ssh_append chimpansee.org $ ssh j65nko@parmenides 'cat test.zone' zone "chimpansee.org" { type slave; file "sec/db.chimpansee.org"; masters { 72.26.x.x; }; };
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
PHP read file contents - Maximum file size | cksraj | Programming | 1 | 21st September 2009 11:38 AM |
ssh/rdesktop into host behind NAT | JMJ_coder | General software and network | 18 | 13th January 2009 08:19 PM |
Print on remote WinXP from web host | drhowarddrfine | General software and network | 5 | 13th October 2008 05:41 PM |
Remote Access to File Server | Oko | OpenBSD Security | 7 | 23rd June 2008 05:17 PM |
Changing IP to host www, mail and etc in FreeBSSD | neubie | FreeBSD General | 5 | 19th June 2008 07:34 AM |