Hello all,
short story: I'm writing a script to add and remove dns records in dns files. Its on a RHEL 5.5
So far i've locked up the basic operations in a couple of functions:
- validate the parameters
- search for existant ip in file when adding
- search for existant name records in file when adding
- duplicates
- backup the file
- restart dns service
The problem is the editing part.
Now to help me all the ip's i need to add or remove will be in a block of text
####Start
ip name_record
ip name_record
ip name_record
####End
right now too add a host i'm using:
add_host () {
sed -i "/####END/i $IP_ADDRESS\t$NAME_RECORD" $CONFIG_FILE
}
and to remove a host i'm using:
remove_host () {
sed -i "/^$IP_ADDRESS\t$NAME_RECORD/d" $CONFIG_FILE
}
Looks like it is working but since this is gonna be production i'm just wondering if i'm not forgeting something or if there is something far more simpler, robust or just that editing directly the file is BAD and i should use a simple temp file and move it right after.
I'm just not that confident when dealing with operations between blocks of texts.
I'm also wondering if i should not add logs of operations, mail with the changes,etc
Thanks.
Editing your originals is generally a bad idea... One mistake in your program and your config file will have been wiped out or mangled. If you use a template instead of editing the original, you can at least recover from that.
1 Like
Thanks for your answer
Even when backing up prior to any operations?
So pushing in a temp file and mv the file is the way to go?
Should i also do some type of checking on the temp file?
sed "/####END/i $IP_ADDRESS\t$NAME_RECORD" > $TEMP_FILE
#integrity check on temp file to make sure i can mv
[ -f $TEMP_FILE ] && mv $TEMP_FILE $CONFIG_FILE
What happens when you do two in a row and discover that your backup's been mangled?
That's what sed -i and the like do anyway.
1 Like
In this case I would run the editing script to produce a candidate file. I would visually scan the candidate file to make sure it is reasonable. Then I would move it into place and I would at least backup the previous file first. A better idea is to put these files under rcs control and do co and ci operations. That way you have a log of which admin made which change.
If you put a garbled file in place you run the risk that the named server will notice it and read it even before you do a manual "rndc reload". Then it can spit garbage out to the internet where it gets cached and will remain until the TTL expires.
1 Like
I normally use this method
remove_host () {
cp -p $CONFIG_FILE $CONFIG_FILE.old &&
awk '$1!=ip' ip="$IP_ADDRESS" $CONFIG_FILE.old > $CONFIG_FILE
}
Also avoids a theoretical problem with dots in a RE.
1 Like
Thanks for all the answers. I've modified my script. Works great.
Perderabo: i tought about rcs but its an automated process from our vmware team so maybe i'll try to pitch the idea to them but seeing about 100 backup copies of the files (no backup dir, no cleanups, etc) i think its safe to say they are asking for trouble. I'm only here for a project not related and the asked me if i could write a script for them. Its internal DNS for testing network so doesn't go on the net 