diff options
| author | Petr Spacek <pspacek@redhat.com> | 2015-12-16 13:37:39 +0100 |
|---|---|---|
| committer | Petr Vobornik <pvoborni@redhat.com> | 2015-12-16 15:25:53 +0100 |
| commit | 58331208a5ded367e521d42d99de2835f329fab7 (patch) | |
| tree | a7d55a992523207543ea9bc50b0fdbbaf5248005 | |
| parent | c265e8736e51d5b4fede94a414d83b3e0ada2853 (diff) | |
| download | freeipa-58331208a5ded367e521d42d99de2835f329fab7.tar.gz freeipa-58331208a5ded367e521d42d99de2835f329fab7.tar.xz freeipa-58331208a5ded367e521d42d99de2835f329fab7.zip | |
dns: Handle SERVFAIL in check if domain already exists.
In cases where domain is already delegated to IPA prior installation
we might get timeout or SERVFAIL. The answer depends on the recursive
server we are using for the check.
Reviewed-By: David Kupka <dkupka@redhat.com>
| -rw-r--r-- | ipapython/ipautil.py | 11 | ||||
| -rw-r--r-- | ipaserver/install/bindinstance.py | 2 | ||||
| -rw-r--r-- | ipaserver/install/dns.py | 6 |
3 files changed, 10 insertions, 9 deletions
diff --git a/ipapython/ipautil.py b/ipapython/ipautil.py index 466667879..bd1cf78fa 100644 --- a/ipapython/ipautil.py +++ b/ipapython/ipautil.py @@ -41,7 +41,7 @@ import locale import collections from dns import resolver, rdatatype, reversename -from dns.exception import DNSException, Timeout +from dns.exception import DNSException import six from six.moves import input from six.moves import urllib @@ -1046,7 +1046,7 @@ def reverse_record_exists(ip_address): return True -def check_zone_overlap(zone, raise_on_timeout=True): +def check_zone_overlap(zone, raise_on_error=True): root_logger.info("Checking DNS domain %s, please wait ..." % zone) if not isinstance(zone, DNSName): zone = DNSName(zone).make_absolute() @@ -1058,10 +1058,9 @@ def check_zone_overlap(zone, raise_on_timeout=True): try: containing_zone = resolver.zone_for_name(zone) - except Timeout as e: - msg = ("DNS check for domain %s failed: %s. Please make sure that the " - "domain is properly delegated to this IPA server." % (zone, e)) - if raise_on_timeout: + except DNSException as e: + msg = ("DNS check for domain %s failed: %s." % (zone, e)) + if raise_on_error: raise ValueError(msg) else: root_logger.warning(msg) diff --git a/ipaserver/install/bindinstance.py b/ipaserver/install/bindinstance.py index 93744875e..8daca552d 100644 --- a/ipaserver/install/bindinstance.py +++ b/ipaserver/install/bindinstance.py @@ -291,7 +291,7 @@ def read_reverse_zone(default, ip_address, allow_zone_overlap=False): continue if not allow_zone_overlap: try: - ipautil.check_zone_overlap(zone, raise_on_timeout=False) + ipautil.check_zone_overlap(zone, raise_on_error=False) except ValueError as e: root_logger.error("Reverse zone %s will not be used: %s" % (zone, e)) diff --git a/ipaserver/install/dns.py b/ipaserver/install/dns.py index 94e9017b6..763b2aca4 100644 --- a/ipaserver/install/dns.py +++ b/ipaserver/install/dns.py @@ -126,10 +126,12 @@ def install_check(standalone, replica, options, hostname): domain = dnsutil.DNSName(util.normalize_zone(api.env.domain)) print("Checking DNS domain %s, please wait ..." % domain) try: - ipautil.check_zone_overlap(domain, raise_on_timeout=False) + ipautil.check_zone_overlap(domain, raise_on_error=False) except ValueError as e: if options.force or options.allow_zone_overlap: - root_logger.warning(e.message) + root_logger.warning("%s Please make sure that the domain is " + "properly delegated to this IPA server.", + e.message) else: raise e |