#!/bin/sh

# Paul Wouters <pwouters@redhat.com>

# This folds back zone updates, dynamic updates, etc that nsd records
# in the nsd.db file back into the zone files

# Only check when nsd is actively running
# systemd:
systemctl -q is-active nsd.service 2>/dev/null || exit 0
# sysvinit: (service nsd status has useless return codes)
# pidof nsd > /dev/null  || exit 0

# Default settings - do not edit these but /etc/sysconfig/nsd instead!
NSD_CONF="/etc/nsd/nsd.conf"
NSDC_PROG="/usr/sbin/nsd-control"
NSD_CHECKCONF_PROG="/usr/sbin/nsd-checkconf"
NSD_AUTOREBUILD="yes"

# Read in local settings.
[ -r /etc/sysconfig/nsd ] && . /etc/sysconfig/nsd

# needed to avoid useless AVC rhbz#989218
cd ~nsd

$NSDC_PROG -c $NSD_CONF write > /dev/null 2>&1

# We try to only rebuild/reload when neccessary. If 1 zone is newer,
# we need to rebuild the db file.
# This might give problems with huge zones, eg TLD's, which cannot
# complete this operation within an hour, but it should work fine for
# most other uses.

case "$NSD_AUTOREBUILD" in
	[Yy]|[Yy][Ee][Ss])
		database="`$NSD_CHECKCONF_PROG -o database $NSD_CONF`"
		$NSD_CHECKCONF_PROG -v $NSD_CONF | grep zonefile: | sed "s/^.*\"\(.*\)\"/\1/" | while read zonefile
		do
			if [ $zonefile -nt $database ]
			then
				echo "Zone $zonefile update requires database rebuild"
				# use service not nsdc, as we do rebuild+reload+notify
				/sbin/service nsd reload > /dev/null 2>&1
				break
			fi
		done
		;;
	*)
		;;	
esac