| Server IP : 212.252.79.165 / Your IP : 216.73.217.172 [ Web Server : Apache System : Linux 212-252-79-165.cprapid.com 5.15.0-153-generic #163-Ubuntu SMP Thu Aug 7 16:37:18 UTC 2025 x86_64 User : cehaburo ( 1001) PHP Version : 8.1.33 Disable Function : exec,passthru,shell_exec,system Domains : 48 Domains MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /home/cehaburo/public_html/images/product/anon_sym/anon/var/lib/dpkg/info/ |
Upload File : |
#!/bin/bash
# powerdns
set -e
SERVICE=pdns.service
export POWERDNS_CONF=/etc/pdns/pdns.conf
## <asset scriplets/post>
set -e
# CentOS: https://docs.fedoraproject.org/en-US/packaging-guidelines/Scriptlets/#_syntax
# Debian: https://wiki.debian.org/MaintainerScripts
## Variables to define
# export POWERDNS_CONF=%{_sysconfdir}/%{upstream_name}/pdns.conf
# Shared/hardcoded variables
DNSSEC_DIR=/var/cpanel/pdns
DNSSEC_DB=${DNSSEC_DIR}/dnssec.db
OLD_DNSSEC_DB=/etc/pdns/dnssec.db
DNSSEC_SCHEMA_FILE="${DNSSEC_DIR}/bind-dnssec.4.2.0_to_4.3.0_schema.sqlite3.sql"
USER=named
GROUP=${USER}
checkUser() {
local NOSHELL="/usr/local/cpanel/bin/noshell"
echo "Check user & group $USER"
# add group
/usr/bin/getent group $GROUP >/dev/null || \
/usr/sbin/groupadd -r $GROUP
if [ -x "/sbin/nologin" ]; then
NOSHELL="/sbin/nologin"
fi
# add user if needed
/usr/bin/getent passwd $USER >/dev/null || \
/usr/sbin/useradd -r -g $GROUP -M -d /var/named -s $NOSHELL $USER
}
checkPerms() {
echo "Check permissions"
# ensure directories, perms & ownership
# required for Ubuntu, not necessary for CentOS
mkdir -p -m 0700 ${DNSSEC_DIR}
chmod 700 ${DNSSEC_DIR}
chown ${USER}:${GROUP} ${DNSSEC_DIR}
# Make sure pdns.conf is owned by named. It is left as root owned in some cases.
if [ -e $POWERDNS_CONF ]; then
chown ${USER}:${GROUP} $POWERDNS_CONF
fi
}
# main entry point
runPost() {
# Just be sure the file is there in some form or pdns will get angry.
/bin/touch /etc/named.conf
checkUser;
checkPerms; # need to happen twice
# Generate an api-key and webserver-password on fresh installs.
# was previously only run on install: no harm to always run it
sed -i \
"s,@@REPLACE@@,`openssl rand -hex 16`,g; s,@@REPLACE_PASS@@,`openssl rand -hex 16`,g" \
$POWERDNS_CONF
if [ ! -e "${DNSSEC_DB}" ]; then
# Check for the old db and move it if it exists.
if [ -e "${OLD_DNSSEC_DB}" ]; then
mv ${OLD_DNSSEC_DB} ${DNSSEC_DB}
else
/usr/bin/pdnsutil create-bind-db ${DNSSEC_DB}
fi
fi
# enforce perms & ownership
chmod 600 ${DNSSEC_DB}
chown ${USER}:${GROUP} ${DNSSEC_DB}
# A lot of the configuration directives changed in 4.1, so
# this simple check tries to rename/remove the outdated directives
# was previously only run on upgrades: no harm always running it
/usr/libexec/cpanel-pdns/migrate-pdns-conf
# Make sure nothing is stealing our port
if [ -e /etc/portreserve ]; then
#Be nice, don't whack portreserve if we don't have to
portrelease named
#Prevent portreserve from stealing port on boot
grep -rl "^rndc\/tcp$" /etc/portreserve | xargs rm ||:
fi
checkPerms; # make sure conf & other files are ok
#Restart the service, something else could be stealing the port (it runs kill_apps_on_ports)
if [ -x /usr/local/cpanel/scripts/restartsrv_pdns ]; then
/usr/local/cpanel/scripts/restartsrv_pdns --stop
# Update DNSSEC table schema
if [ -x /usr/local/cpanel/3rdparty/bin/sqlite3 ] && [ -f "${DNSSEC_SCHEMA_FILE}" ]; then
PUBLISHED_COLUMN=$(/usr/local/cpanel/3rdparty/bin/sqlite3 ${DNSSEC_DB} "SELECT COUNT(*) FROM pragma_table_info('cryptokeys') WHERE name='published';")
if [ "${PUBLISHED_COLUMN:-0}" == "0" ]; then
/usr/local/cpanel/3rdparty/bin/sqlite3 ${DNSSEC_DB} < ${DNSSEC_SCHEMA_FILE}
fi
fi
/usr/local/cpanel/scripts/restartsrv_pdns --start
fi
}
## </asset>
prep() {
# Add 'DNSStubListener=no' to /etc/systemd/resolved.conf
/bin/egrep -q '^DNSStubListener=no' /etc/systemd/resolved.conf || /bin/echo 'DNSStubListener=no' >> /etc/systemd/resolved.conf
/usr/bin/systemctl restart systemd-resolved
/usr/bin/systemctl unmask ${SERVICE} ||:
}
case "$1" in
configure)
prep;
runPost;
;;
esac
exit 0