summaryrefslogtreecommitdiffstats
path: root/ipaserver
diff options
context:
space:
mode:
authorMartin Kosek <mkosek@redhat.com>2011-05-27 17:05:45 +0200
committerMartin Kosek <mkosek@redhat.com>2011-05-27 18:00:47 +0200
commit17c3f9e84efcbeb3b5ae1de83d799974de3bb078 (patch)
treec219902aa7d2a98c63ac7605e712c33f59166dc8 /ipaserver
parent58c1950566f9fb03b61461f40074e47614113194 (diff)
downloadfreeipa-17c3f9e84efcbeb3b5ae1de83d799974de3bb078.zip
freeipa-17c3f9e84efcbeb3b5ae1de83d799974de3bb078.tar.gz
freeipa-17c3f9e84efcbeb3b5ae1de83d799974de3bb078.tar.xz
Fix reverse zone creation in ipa-replica-prepare
When a new reverse zone was created in ipa-replica-prepare (this may happen when a new replica is from different subnet), the master DNS address was corrupted by invalid A/AAAA record. This caused problems for example in installing replica. https://fedorahosted.org/freeipa/ticket/1223
Diffstat (limited to 'ipaserver')
-rw-r--r--ipaserver/install/bindinstance.py7
-rw-r--r--ipaserver/install/installutils.py15
2 files changed, 19 insertions, 3 deletions
diff --git a/ipaserver/install/bindinstance.py b/ipaserver/install/bindinstance.py
index 3208688..fa27451 100644
--- a/ipaserver/install/bindinstance.py
+++ b/ipaserver/install/bindinstance.py
@@ -138,7 +138,7 @@ def add_zone(name, zonemgr=None, dns_backup=None, nsaddr=None, update_policy=Non
add_rr(name, "@", "NS", api.env.host+'.', dns_backup, force=True)
return name
-def add_reverse_zone(ip_address, update_policy=None, dns_backup=None):
+def add_reverse_zone(ip_address, ns_ip_address, update_policy=None, dns_backup=None):
zone, name = get_reverse_zone(ip_address)
if not update_policy:
update_policy = "grant %s krb5-subdomain %s. PTR;" % (api.env.realm, zone)
@@ -146,7 +146,7 @@ def add_reverse_zone(ip_address, update_policy=None, dns_backup=None):
api.Command.dnszone_add(unicode(zone),
idnssoamname=unicode(api.env.host+"."),
idnsallowdynupdate=True,
- ip_address=unicode(ip_address),
+ ip_address=unicode(ns_ip_address),
idnsupdatepolicy=unicode(update_policy))
except (errors.DuplicateEntry, errors.EmptyModlist):
pass
@@ -394,7 +394,8 @@ class BindInstance(service.Service):
add_ptr_rr(self.ip_address, self.fqdn)
def __setup_reverse_zone(self):
- add_reverse_zone(self.ip_address, dns_backup=self.dns_backup)
+ add_reverse_zone(self.ip_address, self.ip_address,
+ dns_backup=self.dns_backup)
def __setup_principal(self):
dns_principal = "DNS/" + self.fqdn + "@" + self.realm
diff --git a/ipaserver/install/installutils.py b/ipaserver/install/installutils.py
index 3868c4d..554e9b1 100644
--- a/ipaserver/install/installutils.py
+++ b/ipaserver/install/installutils.py
@@ -33,6 +33,9 @@ import time
from ipapython import ipautil
from ipapython import dnsclient
+class HostnameLocalhost(Exception):
+ pass
+
def get_fqdn():
fqdn = ""
try:
@@ -421,3 +424,15 @@ def wait_for_open_ports(host, ports, timeout=0):
else:
raise e
+def resolve_host(host_name):
+ try:
+ addrinfos = socket.getaddrinfo(host_name, None,
+ socket.AF_UNSPEC, socket.SOCK_STREAM)
+ for ai in addrinfos:
+ ip = ai[4][0]
+ if ip == "127.0.0.1" or ip == "::1":
+ raise HostnameLocalhost("The hostname resolves to the localhost address")
+
+ return addrinfos[0][4][0]
+ except:
+ return None