We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now

x

Restarting name server

bsufs
bsufs asked
on
Medium Priority
204 Views
Last Modified: 2010-03-05
I am trying to create a web interface for adding new domain names to a name server.  Creating the files and transferring them to the server is relatively easy using Cold Fusion but I am not sure how I could restart the name server after the process has been completed.  Is it possible to use a Perl script, called from the web browser, to restart the name server?
Comment
Watch Question

ozo
CERTIFIED EXPERT
Most Valuable Expert 2014
Top Expert 2015

Commented:
Is it possible to restart the name server without perl?

Author

Commented:
To restart the name server you have to find out its process ID and send a kill -HUP signal.  I was wondering if it is possible to send this signal using a perl script.
ozo
CERTIFIED EXPERT
Most Valuable Expert 2014
Top Expert 2015

Commented:
Perl has a kill function.
Does the name server accept kills from the user under which the http sertver runs scripts?

Author

Commented:
I don't know.  Could you tell me a bit more about the Perl kill function?
ozo
CERTIFIED EXPERT
Most Valuable Expert 2014
Top Expert 2015

Commented:
perldoc perlfunc
 . . . .
                 kill LIST
                         Sends  a signal to a list of processes.  The first
                         element of the list must be the  signal  to  send.
                         Returns   the  number  of  processes  successfully
                         signaled.
                             $cnt = kill 1, $child1, $child2;
                             kill 9, @goners;

                         Unlike in the shell, in  Perl  if  the  SIGNAL  is
                         negative,  it  kills  process  groups  instead  of
                         processes.   (On  System  V,  a  negative  PROCESS
                         number  will  also kill process groups, but that's
                         not portable.)  That means you usually want to use
                         positive not negative signals.  You may also use a
                         signal name in quotes.  See the section on Signals
                         in the perlipc manpage for details.

Most versions of named come with a "named.restart" script, which is installed in /usr/sbin on my system here.  It contains:-

exec /usr/sbin/ndc restart

It's better top call named.restart than "ndc", I think.

Author

Commented:
How would I call the named.restart script from a web browser?
ozo
CERTIFIED EXPERT
Most Valuable Expert 2014
Top Expert 2015

Commented:
system('/usr/sbin/named.restart');

Commented:
Be careful with this solution because the suid bit on named.restart must be on and I think exploits exist for some versions. Also, some webservers do not execute (root)-suid scripts, because of the potential security problems.

I choose to place a semaphore in a directory. A cronscript checks periodically and calls named.restart (and removes the sem) if the sem is there.

Author

Commented:
Thanks very much, bjornh.  This would seem the best way to do it.  I would be very grateful if you could provide me with more details about the semaphore and the cronscript (I am not an expert on Unix).

Thanks very much.

Commented:
This is the cronscript, it runs every minute:

#!/usr/bin/perl
if (-f "/tmp/named.restart")
{
        system ("/usr/sbin/named.restart");
        unlink ("/tmp/named.restart");
        open (TEMP, ">/tmp/named.restarted");
        close <TEMP>;
        system ("chown <webserveruser> /tmp/named.restarted");
}

Dont forget to chown the sem to the webserver-user otherwise the script wont be able to delete the named.restarted semaphore.

The cgi-script:

open (RESTART, ">/tmp/named.restart");
close (RESTART);

until ( -f "/tmp/named.restarted") {
        sleep 1
}

unlink ("/tmp/named.restarted");
unlink ("/tmp/named.restart");

Good luck, Bjorn
bjornh, I hope you don't have users in your linux box... what if someone does:

while :;do rm -f /tmp/restart;done &

Don't use /tmp. Preferably set a 700 directory somewhere else and give it to <webserveruser> ...
bjornh, I hope you don't have users in your linux box... what if someone does:

while :;do rm -f /tmp/restart;done &

Don't use /tmp. Preferably set a 700 directory somewhere else and give it to <webserveruser> ...

Commented:
You are right. /tmp is open for everybody. We dont have much shellusers on this machine but it still is dangerous.

Thanks!
Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.