From 8f4daa869f01ef203efa73ce4926f0945a0f1b11 Mon Sep 17 00:00:00 2001 From: Diego Rivera Date: Wed, 24 Dec 2025 11:01:53 -0600 Subject: [PATCH] Add some scripts to automatically handle JNL file pollution --- dns/bind/src/etc/rc.syshook.d/early/99-named | 11 +++++++ dns/bind/src/etc/rc.syshook.d/stop/99-named | 31 +++++++++++++++++++ .../opnsense/scripts/OPNsense/Bind/setup.sh | 10 ++++++ 3 files changed, 52 insertions(+) create mode 100755 dns/bind/src/etc/rc.syshook.d/early/99-named create mode 100755 dns/bind/src/etc/rc.syshook.d/stop/99-named diff --git a/dns/bind/src/etc/rc.syshook.d/early/99-named b/dns/bind/src/etc/rc.syshook.d/early/99-named new file mode 100755 index 0000000000..b4bca42c0a --- /dev/null +++ b/dns/bind/src/etc/rc.syshook.d/early/99-named @@ -0,0 +1,11 @@ +#!/bin/sh + +# +# It's OK to delete these files on bootup because we clean them out +# during a clean shutdown. Therefore if these files still exist on +# bootup, it means that the system wasn't shut down cleanly and as +# a result these files are suspect and likely broken, so they need +# to be removed to avoid any BIND9 bootup issues. +# +echo "Clearing out vestigial BIND9 journal files ..." +find /usr/local/etc/namedb/primary -type f -name '*.jnl' -delete -print diff --git a/dns/bind/src/etc/rc.syshook.d/stop/99-named b/dns/bind/src/etc/rc.syshook.d/stop/99-named new file mode 100755 index 0000000000..24116eb357 --- /dev/null +++ b/dns/bind/src/etc/rc.syshook.d/stop/99-named @@ -0,0 +1,31 @@ +#!/bin/sh + +BINDHOME="/usr/local/etc/namedb" + +log() +{ + [ ${#} -gt 0 ] || return 0 + logger -is -t "bind-cleanup" "${@}" +} + +# +# First, do things the easy way (only possible if BIND9 is running!) +# +if service named status 1>/dev/null 2>&1 ; then + log "Clearing out pending BIND9 journal files..." + OUT="$(rndc sync -clean 2>&1)" || log "RNDC SYNC failed (rc=${?}): ${OUT}" + + log "Stopping BIND ..." + OUT="$(service named stop 2>&1)" || log "Could not stop BIND (rc=${?}): ${OUT}" +fi + +# +# If the easy way didn't work, we do things the hard way because these +# journal files can cause a LOT of issues when BIND9 next tries to start +# +if OUT="$(cd "${BINDHOME}/primary" && find * -type f -name '*.jnl' | fgrep '.jnl')" ; then + log "WARNING: BIND9 journal files still exist - [${OUT}]" + find "${BINDHOME}/primary" -type f -name '*.jnl' -delete -print +fi + +exit 0 diff --git a/dns/bind/src/opnsense/scripts/OPNsense/Bind/setup.sh b/dns/bind/src/opnsense/scripts/OPNsense/Bind/setup.sh index 64b2fd7083..71f4e5c88d 100755 --- a/dns/bind/src/opnsense/scripts/OPNsense/Bind/setup.sh +++ b/dns/bind/src/opnsense/scripts/OPNsense/Bind/setup.sh @@ -5,3 +5,13 @@ for DIR in /var/run/named /var/dump /var/stats /var/log/named /usr/local/etc/nam chown -R bind:bind ${DIR} chmod 755 ${DIR} done + +# This should help clean out orphaned journal files +if ! rndc sync -clean ; then + # If the RNDC command didn't work, we should probably clean + # the files out manually because on a clean shutdown they + # would be cleared out by "service named stop" ... so if + # they're still around it means something went down HARD and + # thus the files are suspect and could derail BIND9 startup + find /usr/local/etc/namedb/primary -type f -name '*.jnl' -print -delete +fi