diff options
| author | Martin Kosek <mkosek@redhat.com> | 2012-03-23 10:29:30 +0100 |
|---|---|---|
| committer | Martin Kosek <mkosek@redhat.com> | 2012-03-23 16:08:17 +0100 |
| commit | 11ef6708350c5575a77f0b1298107d3715e96ff8 (patch) | |
| tree | 11cc260198641fc4b997305c293f4c993fbdb64d | |
| parent | d9e8b9a3ed7b26e9cb6bb891cf0d5bb4fcd66dbf (diff) | |
| download | freeipa-11ef6708350c5575a77f0b1298107d3715e96ff8.tar.gz freeipa-11ef6708350c5575a77f0b1298107d3715e96ff8.tar.xz freeipa-11ef6708350c5575a77f0b1298107d3715e96ff8.zip | |
Avoid deleting DNS zone when a context is reused
When dnsrecord-del pre_callback detects that the record does
not contain any records, it sets a flag to connection context
and deletes the record object later. However, when more
dnsrecord-del commands share the same context (and this is
the case of "ipa-replica-manage del $MASTER" DNS cleanup), it
may reuse a positive flag from previous dnsrecord-del command
and delete the root DNS zone record and thus effectively delete
the zone.
This patch makes sure that this flag is always initialized to a
sane value in dnsrecord-del pre_callback to make sure that the DNS
zone is not deleted. It also fixes pre_callback function definition
to prevent adding attrs_list to "keys" parameter and thus confuse
developers.
https://fedorahosted.org/freeipa/ticket/2503
| -rw-r--r-- | ipalib/plugins/dns.py | 17 |
1 files changed, 12 insertions, 5 deletions
diff --git a/ipalib/plugins/dns.py b/ipalib/plugins/dns.py index eef6ab1de..96548099b 100644 --- a/ipalib/plugins/dns.py +++ b/ipalib/plugins/dns.py @@ -2414,7 +2414,7 @@ class dnsrecord_del(LDAPUpdate): continue yield option - def pre_callback(self, ldap, dn, entry_attrs, *keys, **options): + def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options): try: (dn_, old_entry) = ldap.get_entry( dn, _record_attributes, @@ -2443,13 +2443,19 @@ class dnsrecord_del(LDAPUpdate): value=val) entry_attrs[attr] = list(set(old_entry[attr])) + del_all = False if not self.obj.is_pkey_zone_record(*keys): - del_all = True + record_found = False for attr in old_entry: if old_entry[attr]: - del_all = False + record_found = True break - setattr(context, 'del_all', del_all) + del_all = not record_found + + # set del_all flag in context + # when the flag is enabled, the entire DNS record object is deleted + # in a post callback + setattr(context, 'del_all', del_all) return dn @@ -2465,7 +2471,8 @@ class dnsrecord_del(LDAPUpdate): result = super(dnsrecord_del, self).execute(*keys, **options) - if getattr(context, 'del_all', False): + if getattr(context, 'del_all', False) and not \ + self.obj.is_pkey_zone_record(*keys): return self.obj.methods.delentry(*keys) return result |