extern const char **environ;
-#define ZONE "kratochvil.vellum.cz"
+#define ZONES "jankratochvil.net","dyn.jankratochvil.net"
#define SETUID 0 /* user UID */
#define SETGID 0 /* group GID */
#define PERMITTED_ENV_LIST "PWD"
-#define EXEC_PATHNAME "/usr/sbin/ndc"
-#define EXEC_ARGV "/usr/sbin/ndc","reload",ZONE,NULL
+#define EXEC_PATHNAME "/usr/sbin/rndc"
+#define EXEC_ARGV(zone) "/usr/sbin/rndc","reload",(zone),NULL
#ifndef G_GNUC_NORETURN
#endif /* !G_GNUC_NORETURN */
#define EXITLOG(msg...) do {\
- openlog("pserverchroot",LOG_PID,LOG_DAEMON); \
+ openlog("ndc-reload-short",LOG_PID,LOG_DAEMON); \
syslog(LOG_CRIT,msg); \
closelog(); \
exit(EXIT_FAILURE); \
#define FUNCCHK(funcname,args...) do { \
if (errno=0,funcname(args)) \
- funcfail( #funcname ); \
+ funcfail( #funcname "()" ); \
} while (0)
static void funcfail(const char *funcname) G_GNUC_NORETURN;
static void funcfail(const char *funcname)
{
- EXITLOG("Unable to %s(2): %s",funcname,strerror(errno));
+ EXITLOG("Unable to %s: %s",funcname,strerror(errno));
}
int main(int argc,char **argv)
const char *allowed[]={ PERMITTED_ENV_LIST };
const char **allp,**envp;
char *dup=NULL,*s;
+const char *zones_allowed[]={ ZONES };
+
+ errno=0;
+ if (argc!=2)
+ funcfail("argc!=2");
+ for (allp=zones_allowed;allp<zones_allowed+LENGTH(zones_allowed);allp++)
+ if (!strcmp(*allp,argv[1]))
+ break;
+ if (allp>=zones_allowed+LENGTH(zones_allowed))
+ funcfail("zone rejected");
retry:
for (envp=environ;*envp;envp++) {
FUNCCHK(chdir,"/");
FUNCCHK(setgid,SETGID);
FUNCCHK(setuid,SETUID);
- errno=0,execl(EXEC_PATHNAME,EXEC_ARGV);
- funcfail("execl");
+ errno=0,execl(EXEC_PATHNAME,EXEC_ARGV(argv[1]));
+ funcfail("execl()");
}