diff options
author | Martin Basti <mbasti@redhat.com> | 2016-04-01 12:45:57 +0200 |
---|---|---|
committer | Martin Basti <mbasti@redhat.com> | 2016-04-13 17:44:56 +0200 |
commit | e8c8134eee159fa6eb7c8f2156c328798abdda80 (patch) | |
tree | 758e64af979d2a6a0fded2982e2f5371c5f43019 /ipalib/plugins | |
parent | 1e70d6b914656d670f9afed26ccd5f93e3aa54d5 (diff) | |
download | freeipa-e8c8134eee159fa6eb7c8f2156c328798abdda80.tar.gz freeipa-e8c8134eee159fa6eb7c8f2156c328798abdda80.tar.xz freeipa-e8c8134eee159fa6eb7c8f2156c328798abdda80.zip |
host_del: remove only A, AAAA, SSHFP, PTR records
only A, AAAA, SSHPF and PTR records are managed by IPA. The other
records should be removed by user.
https://fedorahosted.org/freeipa/ticket/5675
Reviewed-By: Petr Spacek <pspacek@redhat.com>
Diffstat (limited to 'ipalib/plugins')
-rw-r--r-- | ipalib/plugins/host.py | 38 |
1 files changed, 17 insertions, 21 deletions
diff --git a/ipalib/plugins/host.py b/ipalib/plugins/host.py index 5a85b95ae..ceb5afff2 100644 --- a/ipalib/plugins/host.py +++ b/ipalib/plugins/host.py @@ -35,7 +35,7 @@ from ipalib.plugins.service import (split_principal, validate_certificate, set_certificate_attrs, ticket_flags_params, update_krbticketflags, set_kerberos_attrs, rename_ipaallowedtoperform_from_ldap, rename_ipaallowedtoperform_to_ldap, revoke_certs) -from ipalib.plugins.dns import (dns_container_exists, _record_attributes, +from ipalib.plugins.dns import (dns_container_exists, add_records_for_host_validation, add_records_for_host, get_reverse_zone) from ipalib import _, ngettext @@ -121,15 +121,6 @@ register = Registry() host_pwd_chars = string.digits + string.ascii_letters + '_,.@+-=' -def remove_fwd_rec(ipaddr, host, domain, recordtype): - api.log.debug('deleting ipaddr %s', ipaddr) - try: - delkw = {recordtype: ipaddr} - api.Command['dnsrecord_del'](domain, host, **delkw) - except errors.NotFound: - api.log.debug('ipaddr %s not found', ipaddr) - - def remove_ptr_rec(ipaddr, host, domain): api.log.debug('deleting PTR record of ipaddr %s', ipaddr) try: @@ -764,26 +755,31 @@ class host_del(LDAPDelete): updatedns = False if updatedns: - # Remove DNS entries + # Remove A, AAAA, SSHFP and PTR records of the host parts = fqdn.split('.') domain = unicode('.'.join(parts[1:])) - # Get all forward resources for this host + # Get all resources for this host try: record = api.Command['dnsrecord_show']( domain, parts[0])['result'] except errors.NotFound: self.obj.handle_not_found(*keys) else: - for attr in _record_attributes: + # remove PTR records first + for attr in ('arecord', 'aaaarecord'): for val in record.get(attr, []): - if attr in ('arecord', 'aaaarecord'): - remove_fwd_rec(val, parts[0], domain, attr) - remove_ptr_rec(val, parts[0], domain) - elif (val.endswith(parts[0]) or - val.endswith(fqdn + '.')): - delkw = {unicode(attr): val} - api.Command['dnsrecord_del']( - domain, record['idnsname'][0], **delkw) + remove_ptr_rec(val, parts[0], domain) + try: + # remove all A, AAAA, SSHFP records of the host + api.Command['dnsrecord_mod']( + domain, + record['idnsname'][0], + arecord=[], + aaaarecord=[], + sshfprecord=[] + ) + except errors.EmptyModlist: + pass if self.api.Command.ca_is_enabled()['result']: try: |