#!/bin/bash #Copyright 2002 William Stearns #Released under the GPL. #FIXME - require-util Version='0.2.7' ConfFile='/etc/dns-check.conf' DataDir='/var/lib/dns-check/' RetVal=0 #True, everthing's unchanged from last time MaxTries=10 #Number of times we'll try to request a given record. usage () { echo "dns-check version $Version" >&2 echo "Usage:" >&2 echo " dns-check [-f ConfigFileName] [-d DataDirectory] [-h]" >&2 echo " default config file is /etc/dns-check.conf">&2 echo " default data directory is /var/lib/dns-check" >&2 echo " -h shows this help" >&2 echo "Exiting." >&2 exit 1 } if [ ! -d /dev/fd ]; then echo 'WARNING. /dev/fd is not a directory. It may be that you are running' >&2 echo 'devfs and are not running devfsd. To fix this, add the following' >&2 echo 'line to /etc/rc.d/rc.local or some other script that runs at boot time' >&2 echo '(and run it once by hand)' >&2 echo '' >&2 echo 'if [ ! -d /dev/fd ]; then cd /dev ; rm -f /dev/fd ; ln -sf ../proc/self/fd fd ; cd - >/dev/null ; fi' >&2 echo '' >&2 sleep 10 fi while [ -n "$1" ]; do case "$1" in -f) if [ -n "$2" ]; then ConfFile="$2" shift else echo Missing file name for '-f' option. Exiting. exit 1 fi ;; -d) if [ -n "$2" ]; then DataDir="$2" shift else echo Missing Data Directory for '-d' option. Exiting. exit 1 fi ;; -h) usage ;; *) echo Unrecognized command line option "$1" usage ;; esac shift done if [ ! -r "$ConfFile" ]; then echo Missing or unreadable configuration file "$ConfFile". Exiting. exit 1 fi if [ ! -d "$DataDir" ]; then echo Missing Data Directory "$DataDir". Exiting. exit 1 fi ChangedFileCount=0 #Two less-thans is correct, really. exec 5<&0 < <(cat "$ConfFile" | sed -e 's/#.*//' | grep -v '^$' ) while read Server DnsObject Type TsigKey ; do CurrentTries=0 DigOut='' while [ "$DigOut" = '' ] && [ $CurrentTries -lt $MaxTries ]; do if [ -n "$TsigKey" ]; then #echo Server "$Server" DnsObject "$DnsObject" Type "$Type" TsigKey "$TsigKey" Attempt $CurrentTries >&2 DigOut="`dig +noadditional +norecursive @$Server $DnsObject $Type -y $TsigKey | sed -e 's/;.*//' | grep -v '^$' | grep -v 'ANY.*TSIG' | awk '{print $1, $3, $4, $5, $6, $7, $8, $9}'`" else #echo Server "$Server" DnsObject "$DnsObject" Type "$Type" Attempt $CurrentTries >&2 DigOut="`dig +noadditional +norecursive @$Server $DnsObject $Type | sed -e 's/;.*//' | grep -v '^$' | grep -v 'ANY.*TSIG'| awk '{print $1, $3, $4, $5, $6, $7, $8, $9}'`" fi #echo 'XX'"$DigOut"'XX' >&2 CurrentTries=$[ $CurrentTries + 1 ] done if [ -f $DataDir/$Server-$DnsObject-$Type ]; then #Compare to exsting version if ! diff -q <(cat $DataDir/$Server-$DnsObject-$Type | tr 'A-Z' 'a-z' | sort | uniq) <(echo "$DigOut" | tr 'A-Z' 'a-z' | sort | uniq) >/dev/null 2>/dev/null ; then #if [ "`echo \"$DigOut\" | sort | uniq`" != "`cat $DataDir/$Server-$DnsObject-$Type | sort | uniq`" ]; then RetVal=1 #False, comething changed echo "$Server-$DnsObject-$Type mismatch!" diff -bd --unified=0 <(cat $DataDir/$Server-$DnsObject-$Type | tr 'A-Z' 'a-z' | sort | uniq) <(echo "$DigOut" | tr 'A-Z' 'a-z' | sort | uniq) | grep -v '^+++' | grep -v '^---' | grep -v '^@@' ChangedFileCount=$[ $ChangedFileCount + 1 ] if [ $ChangedFileCount -eq 1 ]; then ChangedFiles="$Server-$DnsObject-$Type" else ChangedFiles="$ChangedFiles,$Server-$DnsObject-$Type" fi fi else RetVal=1 #False, new content added; someone should look into this. #Write it out for the first time for future comparison echo "Writing the following to $DataDir/$Server-$DnsObject-$Type for future compare." echo "$DigOut" | sed -e 's/^/ /' echo "$DigOut" >"$DataDir/$Server-$DnsObject-$Type" fi done if [ $ChangedFileCount -eq 0 ]; then : elif [ $ChangedFileCount -eq 1 ]; then echo echo If you agree with all the above changes, the following command will remove echo the old file so it can be replaced with correct one on the next pass: echo ssh `whoami`@`hostname` \'rm -f $DataDir$ChangedFiles\' else echo echo If you agree with all the above changes, the following command will remove echo the old files so they can be replaced with correct ones on the next pass: echo ssh `whoami`@`hostname` \'rm -f $DataDir{$ChangedFiles}\' fi exec 0<&5 5<&- exit $RetVal