From e10af0b764fb2d042c6ad730866af508f231c8cb Mon Sep 17 00:00:00 2001
From: Martin Kosek <mkosek@redhat.com>
Date: Mon, 20 Feb 2012 13:40:13 +0100
Subject: Ease zonemgr restrictions

Admin e-mail validator currently requires an email to be in
a second-level domain (hostmaster@example.com). This is too
restrictive. Top level domain e-mails (hostmaster@testrelm)
should also be allowed.

This patch also fixes default zonemgr value in help texts and man
pages.

https://fedorahosted.org/freeipa/ticket/2272
---
 install/tools/ipa-dns-install          | 2 +-
 install/tools/ipa-server-install       | 2 +-
 install/tools/man/ipa-dns-install.1    | 2 +-
 install/tools/man/ipa-server-install.1 | 2 +-
 ipalib/util.py                         | 9 +++------
 5 files changed, 7 insertions(+), 10 deletions(-)

diff --git a/install/tools/ipa-dns-install b/install/tools/ipa-dns-install
index 70cc00d33..c9014371e 100755
--- a/install/tools/ipa-dns-install
+++ b/install/tools/ipa-dns-install
@@ -51,7 +51,7 @@ def parse_options():
                       default=False, help="Do not create new reverse DNS zone")
     parser.add_option("--zonemgr", action="callback", callback=bindinstance.zonemgr_callback,
                       type="string",
-                      help="DNS zone manager e-mail address. Defaults to root")
+                      help="DNS zone manager e-mail address. Defaults to hostmaster@DOMAIN")
     parser.add_option("--zone-notif", dest="zone_notif",
                       action="store_true", default=False,
                       help="Let name server receive notification when a new zone is added." \
diff --git a/install/tools/ipa-server-install b/install/tools/ipa-server-install
index 284362206..47f999b4e 100755
--- a/install/tools/ipa-server-install
+++ b/install/tools/ipa-server-install
@@ -192,7 +192,7 @@ def parse_options():
                       default=False, help="Do not create reverse DNS zone")
     dns_group.add_option("--zonemgr", action="callback", callback=bindinstance.zonemgr_callback,
                       type="string",
-                      help="DNS zone manager e-mail address. Defaults to root")
+                      help="DNS zone manager e-mail address. Defaults to hostmaster@DOMAIN")
     dns_group.add_option("--zone-notif", dest="zone_notif",
                       action="store_true", default=False,
                       help="Let name server receive notification when a new zone is added." \
diff --git a/install/tools/man/ipa-dns-install.1 b/install/tools/man/ipa-dns-install.1
index c9dfbb560..3f40ab7ab 100644
--- a/install/tools/man/ipa-dns-install.1
+++ b/install/tools/man/ipa-dns-install.1
@@ -47,7 +47,7 @@ The reverse DNS zone to use
 Do not create new reverse DNS zone. If used on a replica and a reverse DNS zone already exists for the subnet, it will be used.
 .TP
 \fB\-\-zonemgr\fR
-The e\-mail address of the DNS zone manager. Defaults too root@host.domain
+The e\-mail address of the DNS zone manager. Defaults to hostmaster@DOMAIN
 .TP
 \fB\-\-zone\-notif\fR
 Let name server receive notifications when a new zone is added. New zone is then immediately loaded by the name server. This feature uses an LDAP Persistent Search mechanism to receive the data. Zone refresh is turned off when zone notifications are enabled.
diff --git a/install/tools/man/ipa-server-install.1 b/install/tools/man/ipa-server-install.1
index 9870022aa..b69c72059 100644
--- a/install/tools/man/ipa-server-install.1
+++ b/install/tools/man/ipa-server-install.1
@@ -143,7 +143,7 @@ The reverse DNS zone to use
 Do not create reverse DNS zone
 .TP
 \fB\-\-zonemgr\fR
-The e\-mail address of the DNS zone manager. Defaults to root@host.domain
+The e\-mail address of the DNS zone manager. Defaults to hostmaster@DOMAIN
 .TP
 \fB\-\-zone\-notif\fR
 Let name server receive notifications when a new zone is added. New zone is then immediately loaded by the name server. This feature uses an LDAP Persistent Search mechanism to receive the data. Zone refresh is turned off when zone notifications are enabled.
diff --git a/ipalib/util.py b/ipalib/util.py
index 365dd3399..eb6702dc9 100644
--- a/ipalib/util.py
+++ b/ipalib/util.py
@@ -231,6 +231,8 @@ def validate_zonemgr(zonemgr):
         local_part, dot, domain = zonemgr.partition('@')
         if not regex_local_part.match(local_part):
             raise ValueError(local_part_errmsg)
+        if not domain:
+            raise ValueError(_('missing address domain'))
     elif zonemgr.count('@') > 1:
         raise ValueError(_('too many \'@\' characters'))
     else:
@@ -238,8 +240,7 @@ def validate_zonemgr(zonemgr):
         if last_fake_sep != -1: # there is a 'fake' local-part/domain separator
             sep = zonemgr.find('.', last_fake_sep+2)
             if sep == -1:
-                raise ValueError(_('address domain is not fully qualified ' \
-                          '("example.com" instead of just "example")'))
+                raise ValueError(_('missing address domain'))
             local_part = zonemgr[:sep]
             domain = zonemgr[sep+1:]
 
@@ -251,10 +252,6 @@ def validate_zonemgr(zonemgr):
             if not regex_local_part.match(local_part):
                 raise ValueError(local_part_errmsg)
 
-    if '.' not in domain:
-        raise ValueError(_('address domain is not fully qualified ' \
-                          '("example.com" instead of just "example")'))
-
     if not all(regex_domain.match(part) for part in domain.split(".")):
         raise ValueError(_('domain name may only include letters, numbers, and -'))
 
-- 
cgit