If you wanted to throw CVS into the mix, it would make all this pretty easy. You can have it run scripts on checkin, and you know all the files changed from a cvs diff, so it’s easy to run that through the named-checkzone.
CVS doesn’t have to make things much more complicated. You could create a script that when run (ex: vizone zonename) would checkout the zonefiles project, and open a vi for the session. then, when closed, it would checkin the zonefile and run the verification script. Heck, you could just alias “vi” to your script if that is all your user does with vi, or if you use a unique account for DNS changes. t. From: bind-users-bounces+tsnyder=rim....@lists.isc.org [mailto:bind-users-bounces+tsnyder=rim....@lists.isc.org] On Behalf Of P.A Sent: Thursday, June 24, 2010 4:38 PM To: 'Taylor, Gord'; bind-us...@isc.org Subject: named-checkzone I was thinking more instantaneous without moving things around. I looked at vim vimrc autocmd but I couldn’t get named-checkzone to execute and I would still have to somehow have named-checkzone look at the last zone that was edited. Good suggestion though. From: Taylor, Gord [mailto:gord.tay...@rbc.com] Sent: Thursday, June 24, 2010 4:32 PM To: P.A; bind-us...@isc.org Subject: RE: named-checkzone My suggestion is to create a backup copy of the (current) zone files in another directory. Only allow the users to edit those files, then execute a shell script that checks them, and only moves them to the production directory once the named-checkzone (and named-checkconf) works correctly. Otherwise, returns an error. The only thing we don't check is that the SOA serial has been incremented because our DNS file editor does that automatically... ________________________________ From: bind-users-bounces+gord.taylor=rbc....@lists.isc.org [mailto:bind-users-bounces+gord.taylor=rbc....@lists.isc.org] On Behalf Of P.A Sent: 2010, June, 24 3:47 PM To: bind-us...@isc.org Subject: named-checkzone Hi, im trying to get some ideas how I can exec named-checkzone on a zone file that has just been executed. We have com users who edit zone files but forget to run the command when they are do editing the file. Trying to figure out if anyone has a good way of enforcing that the zone gets checked after its been edited. Thanks Paul. _______________________________________________________________________ This e-mail may be privileged and/or confidential, and the sender does not waive any related rights and obligations. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. If you received this e-mail in error, please advise me (by return e-mail or otherwise) immediately. Ce courriel peut contenir des renseignements protégés et confidentiels. Lexpéditeur ne renonce pas aux droits et obligations qui sy rapportent. Toute diffusion, utilisation ou copie de ce courriel ou des renseignements quil contient par une personne autre que le destinataire désigné est interdite. Si vous recevez ce courriel par erreur, veuillez men aviser immédiatement, par retour de courriel ou par un autre moyen. --------------------------------------------------------------------- This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful.
_______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
