diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2010-06-01 15:36:56 +0200 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2010-06-30 07:35:31 -0400 |
commit | 780ffc9f6d5e1fcd4df3d390b56cb98878223cc0 (patch) | |
tree | e0d94ce0260b4435f5ea882f356adeac41c8fee7 /src/config/upgrade_config.py | |
parent | 2dd3faebcd3cfd00efda38ffd2585d675e696b12 (diff) | |
download | sssd-780ffc9f6d5e1fcd4df3d390b56cb98878223cc0.tar.gz sssd-780ffc9f6d5e1fcd4df3d390b56cb98878223cc0.tar.xz sssd-780ffc9f6d5e1fcd4df3d390b56cb98878223cc0.zip |
Add dns_discovery_domain option
The service discovery used to use the SSSD domain name to perform DNS
queries. This is not an optimal solution, for example from the point of
view of authconfig.
This patch introduces a new option "dns_discovery_domain" that allows to set
the domain part of a DNS SRV query. If this option is not set, the
default behavior is to use the domain part of the machine's hostname.
Fixes: #479
Diffstat (limited to 'src/config/upgrade_config.py')
-rw-r--r-- | src/config/upgrade_config.py | 26 |
1 files changed, 25 insertions, 1 deletions
diff --git a/src/config/upgrade_config.py b/src/config/upgrade_config.py index d47fcd38c..ff22b489b 100644 --- a/src/config/upgrade_config.py +++ b/src/config/upgrade_config.py @@ -59,6 +59,28 @@ class SSSDConfigFile(SSSDChangeConf): if item: item['name'] = new_name + def _add_dns_domain_name(self, domain): + id_provider = self.findOpts(domain['value'], 'option', 'id_provider')[1] + dns_domain_name = { 'type' : 'option', + 'name' : 'dns_discovery_domain', + 'value' : domain['name'].lstrip('domain/') } + if id_provider['value'] == 'ldap': + server = self.findOpts(domain['value'], 'option', 'ldap_uri')[1] + if not server or "__srv__" in server['value']: + domain['value'].insert(0, dns_domain_name) + return + elif id_provider['value'] == 'ipa': + server = self.findOpts(domain['value'], 'option', 'ipa_server')[1] + if not server or "__srv__" in server['value']: + domain['value'].insert(0, dns_domain_name) + return + + auth_provider = self.findOpts(domain['value'], 'option', 'auth_provider')[1] + if auth_provider and auth_provider['value'] == 'krb5': + server = self.findOpts(domain['value'], 'option', 'krb5_kdcip')[1] + if not server or "__srv__" in server['value']: + domain['value'].insert(0, dns_domain_name) + def _do_v2_changes(self): # remove Data Provider srvlist = self.get_option_index('sssd', 'services')[1] @@ -69,9 +91,11 @@ class SSSDConfigFile(SSSDChangeConf): srvlist['value'] = ", ".join([srv for srv in services]) self.delete_option('section', 'dp') - # remove magic_private_groups from all domains for domain in [ s for s in self.sections() if s['name'].startswith("domain/") ]: + # remove magic_private_groups from all domains self.delete_option_subtree(domain['value'], 'option', 'magic_private_groups') + # check if we need to add dns_domain + self._add_dns_domain_name(domain) def _update_option(self, to_section_name, from_section_name, opts): to_section = [ s for s in self.sections() if s['name'].strip() == to_section_name ] |