From 6a2dfde086bdda62964a9737a300818d2ab24a4b Mon Sep 17 00:00:00 2001
From: Martin Kosek <mkosek@redhat.com>
Date: Wed, 31 Aug 2011 14:42:57 +0200
Subject: Let Bind track data changes

Integrate new bind-dyndb-ldap features to automatically track
DNS data changes:

 1) Zone refresh
    Set --zone-refresh in installation to define number of seconds
    between bind-dyndb-ldap polls for new DNS zones. User now
    doesn't have to restart name server when a new zone is added.

 2) New zone notifications
    Use LDAP persistent search mechanism to immediately get
    notification when any new DNS zone is added. Use --zone-notif
    install option to enable. This option is mutually exclusive
    with Zone refresh.

To enable this functionality in existing IPA installations,
update a list of arguments for bind-dyndb-ldap in /etc/named.conf.
An example when zone refresh is disabled and DNS data change
notifications (argument psearch of bind-dyndb-ldap) are enabled:

dynamic-db "ipa" {
...
        arg "zone_refresh 0";
        arg "psearch yes";
};

This patch requires bind-dyndb-ldap-1.0.0-0.1.b1 or later.

https://fedorahosted.org/freeipa/ticket/826
---
 ipaserver/install/bindinstance.py | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

(limited to 'ipaserver/install/bindinstance.py')

diff --git a/ipaserver/install/bindinstance.py b/ipaserver/install/bindinstance.py
index 676b1a476..c91b62061 100644
--- a/ipaserver/install/bindinstance.py
+++ b/ipaserver/install/bindinstance.py
@@ -31,6 +31,7 @@ from ipaserver.install.dsinstance import realm_to_serverid
 from ipaserver.install.installutils import resolve_host
 from ipapython import sysrestore
 from ipapython import ipautil
+from ipalib.constants import DNS_ZONE_REFRESH
 
 import ipalib
 from ipalib import api, util, errors
@@ -342,7 +343,9 @@ class BindInstance(service.Service):
         else:
             self.fstore = sysrestore.FileStore('/var/lib/ipa/sysrestore')
 
-    def setup(self, fqdn, ip_address, realm_name, domain_name, forwarders, ntp, reverse_zone, named_user="named", zonemgr=None):
+    def setup(self, fqdn, ip_address, realm_name, domain_name, forwarders, ntp,
+              reverse_zone, named_user="named", zonemgr=None,
+              zone_refresh=DNS_ZONE_REFRESH, zone_notif=False):
         self.named_user = named_user
         self.fqdn = fqdn
         self.ip_address = ip_address
@@ -354,6 +357,8 @@ class BindInstance(service.Service):
         self.suffix = util.realm_to_suffix(self.realm)
         self.ntp = ntp
         self.reverse_zone = reverse_zone
+        self.zone_refresh = zone_refresh
+        self.zone_notif = zone_notif
 
         if zonemgr:
             self.zonemgr = zonemgr.replace('@','.')
@@ -439,7 +444,9 @@ class BindInstance(service.Service):
                              FORWARDERS=fwds,
                              SUFFIX=self.suffix,
                              OPTIONAL_NTP=optional_ntp,
-                             ZONEMGR=self.zonemgr)
+                             ZONEMGR=self.zonemgr,
+                             ZONE_REFRESH=self.zone_refresh,
+                             PERSISTENT_SEARCH=self.zone_notif and "yes" or "no")
 
     def __setup_dns_container(self):
         self._ldap_mod("dns.ldif", self.sub_dict)
-- 
cgit