named-checkzone

Thu Jun 24 20:42:38 UTC 2010

If you wanted to throw CVS into the mix, it would make all this pretty easy.  You can have it run scripts on checkin, and you know all the files changed from a cvs diff, so it’s easy to run that through the named-checkzone.

CVS doesn’t have to make things much more complicated.  You could create a script that when run (ex: vizone zonename) would checkout the zonefiles project, and open a vi for the session.  then, when closed, it would checkin the zonefile and run the verification script.  Heck, you could just alias “vi” to your script if that is all your user does with vi, or if you use a unique account for DNS changes.

t.

From: bind-users-bounces+tsnyder=rim.com at lists.isc.org [mailto:bind-users-bounces+tsnyder=rim.com at lists.isc.org] On Behalf Of P.A
Sent: Thursday, June 24, 2010 4:38 PM
To: 'Taylor, Gord'; bind-users at isc.org
Subject: named-checkzone

I was thinking more instantaneous without moving things around. I looked at vim vimrc autocmd but I couldn’t get named-checkzone to execute and I would still have to somehow have named-checkzone look at the last zone that was edited.

Good suggestion though.

From: Taylor, Gord [mailto:gord.taylor at rbc.com]
Sent: Thursday, June 24, 2010 4:32 PM
To: P.A; bind-users at isc.org
Subject: RE: named-checkzone

My suggestion is to create a backup copy of the (current) zone files in another directory. Only allow the users to edit those files, then execute a shell script that checks them, and only moves them to the production directory once the named-checkzone (and named-checkconf) works correctly. Otherwise, returns an error.

The only thing we don't check is that the SOA serial has been incremented because our DNS file editor does that automatically...

________________________________
From: bind-users-bounces+gord.taylor=rbc.com at lists.isc.org [mailto:bind-users-bounces+gord.taylor=rbc.com at lists.isc.org] On Behalf Of P.A
Sent: 2010, June, 24 3:47 PM
To: bind-users at isc.org
Subject: named-checkzone
Hi, im trying to get some ideas how I can exec named-checkzone on a zone file that has just been executed. We have com users who edit zone files but forget to run the command when they are do editing the file.  Trying to figure out if anyone has a good way of enforcing that the zone gets checked after its been edited.

Thanks Paul.
_______________________________________________________________________

This e-mail may be privileged and/or confidential, and the sender does not waive
any related rights and obligations. Any distribution, use or copying of this e-mail or the information
it contains by other than an intended recipient is unauthorized.
If you received this e-mail in error, please advise me (by return e-mail or otherwise) immediately.

Ce courriel peut contenir des renseignements protégés et confidentiels.
L’expéditeur ne renonce pas aux droits et obligations qui s’y rapportent.
Toute diffusion, utilisation ou copie de ce courriel ou des renseignements qu’il contient
par une personne autre que le destinataire désigné est interdite.
Si vous recevez ce courriel par erreur, veuillez m’en aviser immédiatement,
par retour de courriel ou par un autre moyen.

---------------------------------------------------------------------
This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20100624/ba00275e/attachment.html>