#!/bin/sh

PATH=/sbin:/bin:/usr/sbin:/usr/bin

# for a chrooted server:
# bind_user=bind
# bind_chroot=/srv/bind/chroot
# bind_chroot_img=/srv/bind/chroot.img
# Don't modify these lines, change or create /etc/default/bind9.
OPTIONS=""
bind_user=bind
bind_chroot_dir=/srv/bind/chroot
bind_chroot_img=/srv/bind/chroot.dmg
bind_use_loopback="no"

test -f /etc/default/bind9 && . /etc/default/bind9

test -x /usr/sbin/rndc || exit 0

function setup_chroot
{
	oldumask=$(umask)
	umask 022

	if [ ! -d "$bind_chroot_dir" ]; then
		mkdir -p "$bind_chroot_dir"
		chown root:root "$bind_chroot_dir"
		chmod 0755 "$bind_chroot_dir"
	fi
	if [ x$bind_use_loopback = xyes ]; then
		if [ ! -f "$bind_chroot_img" ]; then
			dd if=/dev/zero of="$bind_chroot_img" bs=1M count=32 \
				> /dev/null 2>&1
		fi
		chmod 0600 "$bind_chroot_img"
		chown root:root "$bind_chroot_img"

		if ! file "$bind_chroot_img" | grep -q 'ext2 filesystem'; then
			mkfs.ext2 -F -m 0 -q "$bind_chroot_img" > /dev/null 2>&1
		fi

		if ! mount | grep -q "$bind_chroot_dir"; then
			fsck.ext2 -p "$bind_chroot_img" > /dev/null
			mount -o loop,rw,noexec,nosuid "$bind_chroot_img" \
				"$bind_chroot_dir"
		fi
	fi
	
	pushd $bind_chroot_dir > /dev/null
	# BIND 9.2.1 puts its pid file in /var/run.
	# BIND 9.2.2+ puts its pid file in /var/run/bind/run.
	# Setup both to handle woody and sarge.
	mkdir -p dev etc var/cache/bind var/run/bind/run
	test -c dev/null || mknod -m 0666 dev/null c 1 3
	test -c dev/random || mknod -m 0666 dev/random c 1 8
	chown root:${bind_user} var/cache/bind var/run var/run/bind/run
	chmod 0775 var/cache/bind var/run var/run/bind/run
	cp /etc/localtime etc
	cp -a /etc/bind etc
	chgrp ${bind_user} etc/bind/rndc.key
	chmod 0640 etc/bind/rndc.key
	popd > /dev/null
	umask $oldumask
}

OPTIONS="-u $bind_user -t $bind_chroot_dir"

case "$1" in
    start)
	echo -n "Starting domain name service: named"

	modprobe capability >/dev/null 2>&1 || true

	# dirs under /var/run can go away on reboots.
	mkdir -p /var/run/bind/run
	chmod 775 /var/run/bind/run
	chown root:${bind_user} /var/run/bind/run >/dev/null 2>&1 || true

	if [ ! -x /usr/sbin/named ]; then
	    echo "named binary missing - not starting"
	    exit 1
	fi
	setup_chroot
	if start-stop-daemon --start --quiet --exec /usr/sbin/named \
		--pidfile /var/run/bind/run/named.pid -- $OPTIONS; then
	    if [ -x /sbin/resolvconf ] ; then
		echo "nameserver 127.0.0.1" | /sbin/resolvconf -a lo
	    fi
	fi
	echo "."	
    ;;

    stop)
	echo -n "Stopping domain name service: named"
	if [ -x /sbin/resolvconf ]; then
	    /sbin/resolvconf -d lo
	fi
	/usr/sbin/rndc stop
	echo "."	
    ;;

    reload)
    	setup_chroot # We do this to catch config changes.
	/usr/sbin/rndc reload
    ;;

    restart|force-reload)
	$0 stop
	sleep 2
	$0 start
    ;;
    
    *)
	echo "Usage: /etc/init.d/bind {start|stop|reload|restart|force-reload}" >&2
	exit 1
    ;;
esac

exit 0