#!/bin/sh
# Start/stop/restart the BIND name server daemon (named).

# Start bind.  In the past it was more secure to run BIND
# as a non-root user (for example, with '-u daemon'), but
# the modern version of BIND knows how to use the kernel's
# capability mechanism to drop all root privileges except
# the ability to bind() to a privileged port and set process
# resource limits, so -u should not be needed.  If you wish
# to use it anyway, chown the /var/run/named directory to
# the non-root user.
#

# You might also consider running BIND in a "chroot jail",
# a discussion of which may be found in
# /usr/doc/Linux-HOWTOs/Chroot-BIND-HOWTO.
 
# One last note:  rndc has a lot of other nice features that
# it is not within the scope of this start/stop/restart script
# to support.  For more details, see "man rndc" or just type
# "rndc" to see the options.


# Sanity check.  If either /usr/sbin/named or /etc/named.conf
# aren't ready, it doesn't make much sense to try to run this
# script:
if [ ! -x /usr/sbin/named ]; then
  echo "/etc/rc.d/rc.bind:  no /usr/sbin/named found (or not executable); cannot start."
  exit 1
elif [ ! -f /etc/named.conf ]; then
  echo "/etc/rc.d/rc.bind:  no /etc/named.conf found; cannot start /usr/sbin/named."
  exit 1
fi

# Start BIND.  As many times as you like.  ;-)
# Seriously, don't run "rc.bind start" if BIND is already
# running or you'll get more than one copy running.
bind_start() {
  if [ -x /usr/sbin/named ]; then
    echo "Starting BIND:  /usr/sbin/named"
    /usr/sbin/named
    sleep 1
  fi
  if ! ps axc | grep -q named ; then
    echo "WARNING:  named did not start."
    echo "Attempting to start named again:  /usr/sbin/named"
    /usr/sbin/named
    sleep 1
    if ps axc | grep -q named ; then
      echo "SUCCESS:  named started."
    else
      echo "FAILED:  Sorry, a second attempt to start named has also failed."
      echo "There may be a configuration error that needs fixing.  Good luck!"
    fi
  fi
}

# Stop all running copies of BIND (/usr/sbin/named):
bind_stop() {
  echo "Stopping BIND:  /usr/sbin/rndc stop"
  /usr/sbin/rndc stop
  # A problem with using "/usr/sbin/rndc stop" is that if you
  # managed to get multiple copies of named running it will
  # only stop one of them and then can't stop the others even
  # if you run it again.  So, after doing things the nice way
  # we'll do them the old-fashioned way.  If you don't like
  # it you can comment it out, but unless you have a lot of
  # other programs you run called "named" this is unlikely
  # to have any ill effects:
  sleep 1
  if ps axc | grep -q named ; then
    echo "Using "killall named" on additional BIND processes..."
    /bin/killall named 2> /dev/null
  fi
}

# Reload BIND:
bind_reload() {
  /usr/sbin/rndc reload
}

# Restart BIND:
bind_restart() {
  bind_stop
  bind_start
}

# Get BIND status:
bind_status() {
  /usr/sbin/rndc status
}

case "$1" in
'start')
  bind_start
  ;;
'stop')
  bind_stop
  ;;
'reload')
  bind_reload
  ;;
'restart')
  bind_restart
  ;;
'status')
  bind_status
  ;;
*)
  echo "usage $0 start|stop|reload|restart|status"
esac