# Authors: Simo Sorce # # Copyright (C) 2007 Red Hat # see file 'COPYING' for use and warranty information # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License as # published by the Free Software Foundation; version 2 only # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # import logging import socket import errno import getpass import os import re import fileinput import sys import struct import fcntl from ipapython import ipautil from ipapython import dnsclient def get_fqdn(): fqdn = "" try: fqdn = socket.getfqdn() except: try: fqdn = socket.gethostname() except: fqdn = "" return fqdn def verify_fqdn(host_name,no_host_dns=False): if len(host_name.split(".")) < 2 or host_name == "localhost.localdomain": raise RuntimeError("Invalid hostname: " + host_name) try: hostaddr = socket.getaddrinfo(host_name, None) except: raise RuntimeError("Unable to resolve host name, check /etc/hosts or DNS name resolution") if len(hostaddr) == 0: raise RuntimeError("Unable to resolve host name, check /etc/hosts or DNS name resolution") for a in hostaddr: if a[4][0] == '127.0.0.1' or a[4][0] == '::1': raise RuntimeError("The IPA Server hostname cannot resolve to localhost (%s). A routable IP address must be used. Check /etc/hosts to see if %s is an alias for %s" % (a[4][0], host_name, a[4][0])) try: revname = socket.gethostbyaddr(a[4][0])[0] except: raise RuntimeError("Unable to resolve the reverse ip address, check /etc/hosts or DNS name resolution") if revname != host_name: raise RuntimeError("The host name %s does not match the reverse lookup %s" % (host_name, revname)) if no_host_dns: print "Warning: skipping DNS resolution of host", host_name return # Verify this is NOT a CNAME rs = dnsclient.query(host_name+".", dnsclient.DNS_C_IN, dnsclient.DNS_T_CNAME) if len(rs) != 0: for rsn in rs: if rsn.dns_type == dnsclient.DNS_T_CNAME: raise RuntimeError("The IPA Server Hostname cannot be a CNAME, only A names are allowed.") # Verify that it is a DNS A record rs = dnsclient.query(host_name+".", dnsclient.DNS_C_IN, dnsclient.DNS_T_A) if len(rs) == 0: print "Warning: Hostname (%s) not found in DNS" % host_name return rec = None for rsn in rs: if rsn.dns_type == dnsclient.DNS_T_A: rec = rsn break if rec == None: print "Warning: Hostname (%s) not found in DNS" % host_name return # Compare the forward and reverse forward = rec.dns_name addr = socket.inet_ntoa(struct.pack('