Delete Site + DNS

[Tommahawk]

I find that deleting a site does not delete the DNS entry associated with the site.

Is this a bug:
Duplicate zone name. If two zones have the same name (named.conf) it causes DNS restart to fail and creates downtime.

[till]

Quote:

I find that deleting a site does not delete the DNS entry associated with the site.

Thats the intended bahaviour. If you delete a website, you do not nescessarily want to dele a dns zone as this dns zone might be used for email on other servers, subdomains on other servers, etc.

Quote:

Is this a bug:
Duplicate zone name. If two zones have the same name (named.conf) it causes DNS restart to fail and creates downtime.

Did you add the zones via the ISPConfig interface or remoting?

[Tommahawk]

Possibly the issues are like this.

1) If manual entries exist in named.conf they can be duplicated and cause the named server to fail to restart due to the duplication if. (I suggest you analyze these for yourself)

2) A reseller is created he is then able to create websites with the same zone name as manually added zones in named.conf. Via ISPConfig UI and as a Remoting User

3) A public remoting web script that allows user to add websites if the domain matches a manually added zone name in named.conf.

4) If the zone is manually added and a new site subdomain with the same zone name is created via remoting script

The question I see is should the function that checks for duplicate sites in named.conf be extended to include manually added entries and possible should subdomain zone names have the subdomain appended to them. If a server has manual entries and allows resellers I can dos (denial of service) that server.

ISPConfig does check for duplication with entries it creates. What file is the code that does the checking situated. Possibly the easiet solutions is to grep named.conf for the domain name before adding or better regular expression

[till]

There should no manually created zones exist. This is a prerequisite for ISPConfig.

If you want to change the ISPConfig libraries, have a look at the directory /root/ispconfig/scripts/lib/classes/, there you will find the bind configuration class.

[Tommahawk]

Possible Files:

/home/admispconfig/ispconfig/lib/classes
ispconfig_isp_web.lib.php
Line Approx: 239 Function: web_insert()
Line Approx: 545 Function: web_update() //protects against resellers

ispconfig_web.lib.php
Line Approx: 185 Function: web_insert()


==========================
For ispconfig_isp_web.lib.php - web_insert() & web_update()

////////////////////////////// Named.conf check for manual entries ////////////////////////

if (shell_exec('grep -A 10000 "//// MAKE MANUAL ENTRIES BELOW THIS LINE! ////" /etc/named.conf | grep -c "zone \"'.$web["web_domain"].'\""') > 0) {
if($die_on_error){
$go_api->errorMessage($go_api->lng("error_web_doppelt")." ".$web["web_domain"]." ".$go_api->l ng("angelegt").$go_api->lng("weiter_link"));
} else {
return $go_api->lng("error_web_doppelt")." ".$web["web_domain"]." ".$go_api->lng("angelegt");
}
}

//////////////////////////////////////////////////////////////////////

Only greps after //// MAKE MANUAL ENTRIES BELOW THIS LINE! //// a custom error message should be created wrnig the user that a DNS entry has not been made due to a zone match with the same name created manually, instead of dosing named 10000 should be EOF equiv


For ispconfig_web.lib.php

if (shell_exec('grep -c "zone \"'.$params["web_domain"].'\"" /etc/named.conf') == 1) $this->errorMessage .= "Parameter: web_domain is required.\r\n";

[Tommahawk]

The above will grep named.conf ->
1) when creating a new site
2) with remoting framework.

It will not guard against resellers and admins changing a site because it must differentiate between ISPConfig created entries and manually created entries. Perhaps a unix guru could forumulate a command to cat lines past "Add manual entries" then pipe the output to grep or similar

You ought to think about creating a custom error against this potential security hole. Even just to safeguard against possible DNS dos.


Worked it out: Returns positive non-zero or 0 true or false Except need EOF instead of 10000

grep -A 10000 "//// MAKE MANUAL ENTRIES BELOW THIS LINE! ////" /etc/named.conf | grep -c "zone \"'.$params["web_domain"].'\"

You should then be able to notify the user of a possible vulnerbility or even tag entries in ISPConfig that do not have a DNS record due to this case.

[mlz]

In my mind, you should not be manually adding DNS, but should be doing so in the DNS manager. If there is a shortcoming in using the manager (other then it's reliance on Bind) then perhaps we should bring it to the light of day and get it resolved.

I've never needed to do any manual editing of DNS, and I have a rather diverse group of clients using the server. My one fear is rather close to being realized, in that I'm about due for a second server, so I'm trying to grok a way to make things seemless and keep using ISPConfig.

[Tommahawk]

Either way the potential for the vulnerbility exists and the fix I will post does not impact adversely it just warns the user with an error. Something like "you should not create manual zone entries in named.conf" or create the site but tag the site if no DNS entry is created. This is better than blindly restarting bind without a return value. DNS fails to restart and your hosting server goes offline. Think about it, the patch is an improvement.

Quote:

Originally Posted by mlz

In my mind, you should not be manually adding DNS, but should be doing so in the DNS manager. If there is a shortcoming in using the manager (other then it's reliance on Bind) then perhaps we should bring it to the light of day and get it resolved.

I've never needed to do any manual editing of DNS, and I have a rather diverse group of clients using the server. My one fear is rather close to being realized, in that I'm about due for a second server, so I'm trying to grok a way to make things seemless and keep using ISPConfig.

-----------------------------------------------------------------------------------------
/home/admispconfig/ispconfig/lib/classes
ispconfig_isp_web.lib.php
Line Approx: 240 Function: web_insert()
Line Approx: 545 Function: web_update() //protects against resellers changing domains

////////////////////////////// Named.conf check for manual entries ////////////////////////

if (shell_exec('grep -A 10000 "//// MAKE MANUAL ENTRIES BELOW THIS LINE! ////" /etc/named.conf | grep -c "zone \"'.$web["web_domain"].'\""') > 0) {
if($die_on_error){
$go_api->errorMessage($go_api->lng("error_web_doppelt")." ".$web["web_domain"]." ".$go_api->l ng("angelegt").$go_api->lng("weiter_link"));
} else {
return $go_api->lng("error_web_doppelt")." ".$web["web_domain"]." ".$go_api->lng("angelegt");
}
}

//////////////////////////////////////////////////////////////////////

ispconfig_web.lib.php
Line Approx: 185 Function: web_add()
Line Approx: ### Function: web_update()

if (shell_exec('grep -A 10000 "//// MAKE MANUAL ENTRIES BELOW THIS LINE! ////" /etc/named.conf | grep -c "zone \"'.$web["web_domain"].'\""') > 0) $this->errorMessage .= "Parameter: web_domain is required.\r\n";


Only greps after //// MAKE MANUAL ENTRIES BELOW THIS LINE! ////
protect against against 2 zones with same name 1 manual / 1 ISPConfig generated causes bind to fail to restart.
The 10000 should be EOF may also be useful elsewhere in ISPConfig, such as two virtual hosts with the same name etc. Probably more effective in the insert DNS functions in both files

[till]

I added this to the bugtracker as a possible todo list item. But your scripts do not prevent the addition of duplicate DNS records, you just prevent that someone adds a website where already a dns record exists as the functions you used were not called when you create a dns record in dns-manager.

Additionally, I manage many servers and never had to add a DNS zone manually as the ISPConfig DNS-Manager has everything you need in the daily work as mlz pointed out. It seems as you do not use the dns manager and just use the dns auto create function if the website management part, which of course did not allow much fine tuning of the records.

[Tommahawk]

One would have manual entries if one did not or could not import websites when installing ISPConfig or has websites not required to be administered through ISPConfig.

The action I desire is to not have the website not created if their is an identical zone name existing in named.conf, the restart causes bind to fail. Where should my code be added so I can return false on such as incident?

I thought
ISPConfig_isp_web.php ->
function web_insert
function web_update

but the site seems to be still created? Any ideas thanks in advance