Require that hosts be resolvable in DNS. Use --force to ignore warnings.

This also requires a resolvable hostname on services as well. I want
people to think long and hard about adding things that aren't resolvable.

The cert plugin can automatically create services on the user's behalf when
issuing a cert. It will always set the force flag to True.

We use a lot of made-up host names in the test system, all of which require
the force flag now.

ticket #25

1 files changed, 7 insertions, 1 deletions

diff --git a/ipalib/plugins/host.py b/ipalib/plugins/host.py
index b42cbbcb7..78d4d5a02 100644
--- a/ipalib/plugins/host.py
+++ b/ipalib/plugins/host.py
@@ -84,7 +84,6 @@ def validate_host(ugettext, fqdn):
         return _('Fully-qualified hostname required')
     return None
 
-
 class host(LDAPObject):
     """
     Host object.
@@ -196,8 +195,15 @@ class host_add(LDAPCreate):
     """
 
     msg_summary = _('Added host "%(value)s"')
+    takes_options = (
+        Flag('force',
+            doc=_('force host name even if not in DNS'),
+        ),
+    )
 
     def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options):
+        if not options.get('force', False):
+            util.validate_host_dns(self.log, keys[-1])
         if 'locality' in entry_attrs:
             entry_attrs['l'] = entry_attrs['locality']
             del entry_attrs['locality']