0

I am trying to delete an existing zone record from bind's named.conf file (on a centos 7 release).

The zone record looks like that:

zone "example.com" IN {
        type master;
        file "example.com.zone";
};

The command:

sed -nie '/\"example.com\"/,/^\};$/d;p;' /etc/named.conf

deletes that record (as supposed to).

Next, I have created the following shell script (rm-zone.sh) with executable permissions to do the same job:

#!/bin/sh

[ $# -lt 1 ] && {
        echo "usage: $0 <domain>"
        exit 1
}

domain=$1

sed -nie '/\"$domain\"/,/^\};$/d;p;' /etc/named.conf

rndc reload

echo Zone: $domain deleted successfully

When I log in as root and run the command:

./rm-zone.sh example.com

I see the message "Zone example.com deleted successfully" but the zone is still in my named.conf file...

Again, when I give the above mentioned command from cli:

sed -nie '/\"example.com\"/,/^\};$/d;p;' /etc/named.conf

the zone is properly deleted!!!

Apparently there is something wrong in the shell script, but haven't managed to find out what it is...

Any ideas as to what I'm missing here will be greatly appreciated!

Theo Orphanos
  • 133
  • 1
  • 10

2 Answers2

3

Regarding the actual problem you are solving, I think it'd probably be worth looking into using rndc addzone/rndc delzone (reliant on the allow-new-zones option) to allow automation of adding/deleting zones rather than scripting modification of named.conf yourself.

While I'm not sure what exactly goes wrong in your script, the way it is written it will just steamroll through and unconditionally print the "deleted successfully" message at the end, no matter what happens.

Maybe adding set -ex early in the script would help for troubleshooting? (And the -e may be a good idea in general?)

It may also be prudent to keep some kind of backup that you can revert to in case of failure, and maybe invoking named-checkconf to check that the new file seems somewhat sane?

Håkan Lindqvist
  • 35,011
  • 5
  • 69
  • 94
2

Try

sed -nie "/\"$domain\"/,/^\};"'$/d;p;' /etc/named.conf

instead of 

sed -nie '/\"$domain\"/,/^\};$/d;p;' /etc/named.conf

The single quotes disable the shell's interpretation of either \| or $domain.

kubanczyk
  • 13,812
  • 5
  • 41
  • 55
  • That didn't work either... it just needed a couple more single quotes around the $domain, and worked like charm: sed -nie '/\"'$domain'\"/,/^\};$/d;p;' /etc/named.conf – Theo Orphanos Apr 24 '18 at 17:20