define-list sign-views {}
define-list signzone-command \
[list "$BINDPROGS/dnssec-signzone" \
- "-g" \
"-S" \
"-K%h/key" \
"-d%h/ds" \
return [string map [list %v $view] $ZONECFG(conf-file)]
}
+proc temporary-directory {} {
+ ## Create a temporary directory and set as the working directory.
+
+ global ZONECFG
+ set tmp [file join $ZONECFG(home-dir) "tmp"]
+ file mkdir $tmp
+ cd $tmp
+ return $tmp
+}
+
proc compute-zone-properties {view config} {
## Derive interesting information from the zone configuration plist CONFIG,
## relative to the stated server VIEW. Return a new plist.
isolate [list confspc-eval toplevel [list source $CONFFILE]]
## Make sure there's a temporary directory.
- file mkdir [file join $ZONECFG(home-dir) "tmp"]
+ set tmpdir [temporary-directory]
## Keep track of cleanup jobs.
set cleanup {}
## Make a new temporary file to read the zone into.
set pid [pid]
for {set i 0} {$i < 1000} {incr i} {
- set tmp [file join $ZONECFG(home-dir) "tmp" \
- "tmp.$pid.$i.$user.$name"]
+ set tmp [file join $tmpdir "tmp.$pid.$i.$user.$name"]
if {![catch { set chan [open $tmp {WRONLY CREAT EXCL}] } msg]} {
break
} elseif {[string equal [lindex $errorCode 0] POSIX] && \
## Read the configuration.
isolate [list confspc-eval toplevel [list source $CONFFILE]]
+ ## Sometimes `dnssec-signzone' tries to write temporary files to the
+ ## current directory. Make sure this is sensible.
+ temporary-directory
+
## Grind through all of the zones.
array unset seen
foreach view $ZONECFG(all-views) {
~mdw / zoneconf / blobdiff