mkrdns icon indicating copy to clipboard operation
mkrdns copied to clipboard
verified publisher icon oasys

Include statements are processed even when commented out.

Open manuthambi opened this issue 3 years ago • 5 comments

Include statements in /etc/bind/named.conf are processed even when commented out using //.

manuthambi avatar Feb 08 '22 14:02 manuthambi

Thanks for the report.

Can you provide a minimal test case that shows this behavior? I took a quick look at the code and the $INCLUDE match regex is anchored to the beginning of the line, so I must be misunderstanding your report (or the code).

oasys avatar Feb 08 '22 15:02 oasys

Thanks for looking into it!

I am not super familiar with Perl, but looks like the script is processing .conf files here without stripping out comments.

The $INCLUDE processing is in reverse maps?

manuthambi avatar Feb 08 '22 16:02 manuthambi

If you still need a test case, I'll try to build one later today.

manuthambi avatar Feb 08 '22 16:02 manuthambi

Here is minimal test case: named.conf

# include "does-not-exist.conf"

When running: mkrdns -debug ./named.conf produces:

Debugging turned on.
Version     = 3.3
C. Revision = $Id: mkrdns,v 1.59 2002/12/05 21:19:28 felicity Stab $
Help        = 0
Quiet Mode  = 0
Root Dir    = /
Hash Func   = 32-bit checksum

(debug) Include statement (# include "does-not-exist.conf") found.
(warn) Include found before named directory was specified!  Using ".".
(debug) Path changed from "./does-not-exist.conf" to "/does-not-exist.conf".
(debug) Including file /does-not-exist.conf.
(fatal) Can't open /does-not-exist.conf:No such file or directory at ./mkrdns/mkrdns line 201, <CONF> line 1.

manuthambi avatar Feb 15 '22 02:02 manuthambi

I got around this by mangling the commented include line in named.conf:

include "/etc/bind/named.conf.options";
// commented statement below mangled to let mkrdns work
// inXclude "/etc/bind/named.conf.default-zones";
include "/etc/bind/named.conf.local";

Everything was fine before I amended my config to have an external view and an internal view, which is when I commented that line and moved it to the internal view. The script really should remove comments before it processes includes, and then remove comments on the included file before processing any includes THAT file might contain. Getting that recursive nature handled might be difficult, depending on how the logic actually works ... my mangling solution is probably easier!

The best solution would be to use or write a processor that truly understands EVERYTHING bind config syntax can do, which would know to completely ignore anything that is commented with any of the available commenting syntax. I have no idea whether any such animal exists already or not.

elyograg avatar Sep 18 '22 16:09 elyograg