diff options
author | Martin Babinsky <mbabinsk@redhat.com> | 2016-07-14 17:14:59 +0200 |
---|---|---|
committer | Petr Vobornik <pvoborni@redhat.com> | 2016-07-15 14:13:32 +0200 |
commit | 37bfd1fdde8906b2b5712d1f99f3f4be8f91ca0a (patch) | |
tree | 59abe9891ec7d6176b1a34386fc1a19467eb4473 | |
parent | 49389ed1e06c786df489c0fd9f6e8183f00eedff (diff) | |
download | freeipa-37bfd1fdde8906b2b5712d1f99f3f4be8f91ca0a.tar.gz freeipa-37bfd1fdde8906b2b5712d1f99f3f4be8f91ca0a.tar.xz freeipa-37bfd1fdde8906b2b5712d1f99f3f4be8f91ca0a.zip |
DNS install: Ensure that DNS servers container exists
during DNS installation it is assumed that the cn=servers,cn=dns container is
always present in LDAP backend when migrating DNS server info to LDAP.
This may not always be the case (e.g. when a new replica is set up against
older master) so the code must take additional steps to ensure this container
is present.
https://fedorahosted.org/freeipa/ticket/6083
Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
-rw-r--r-- | ipaserver/install/bindinstance.py | 21 | ||||
-rw-r--r-- | ipaserver/install/plugins/dns.py | 13 |
2 files changed, 23 insertions, 11 deletions
diff --git a/ipaserver/install/bindinstance.py b/ipaserver/install/bindinstance.py index f4ed63141..844fb04a9 100644 --- a/ipaserver/install/bindinstance.py +++ b/ipaserver/install/bindinstance.py @@ -546,6 +546,26 @@ def remove_master_dns_records(hostname, realm): bind.remove_server_ns_records(hostname) +def ensure_dnsserver_container_exists(ldap, api_instance, logger=None): + """ + Create cn=servers,cn=dns,$SUFFIX container. If logger is not None, emit a + message that the container already exists when DuplicateEntry is raised + """ + + entry = ldap.make_entry( + DN(api_instance.env.container_dnsservers, api_instance.env.basedn), + { + u'objectclass': [u'top', u'nsContainer'], + u'cn': [u'servers'] + } + ) + try: + ldap.add_entry(entry) + except errors.DuplicateEntry: + if logger is not None: + logger.debug('cn=servers,cn=dns container already exists') + + class DnsBackup(object): def __init__(self, service): self.service = service @@ -942,6 +962,7 @@ class BindInstance(service.Service): ) def __setup_server_configuration(self): + ensure_dnsserver_container_exists(self.admin_conn, self.api) try: self.api.Command.dnsserver_add( self.fqdn, idnssoamname=DNSName(self.fqdn).make_absolute(), diff --git a/ipaserver/install/plugins/dns.py b/ipaserver/install/plugins/dns.py index 4fa30661e..32247eedb 100644 --- a/ipaserver/install/plugins/dns.py +++ b/ipaserver/install/plugins/dns.py @@ -29,6 +29,7 @@ from ipapython.dn import DN from ipapython import dnsutil from ipapython.ipa_log_manager import root_logger from ipaserver.install import sysupgrade +from ipaserver.install.bindinstance import ensure_dnsserver_container_exists from ipaserver.plugins.dns import dns_container_exists register = Registry() @@ -521,17 +522,7 @@ class update_dnsserver_configuration_into_ldap(DNSUpdater): return False, [] # create container first, if doesn't exist - entry = ldap.make_entry( - DN(self.api.env.container_dnsservers, self.api.env.basedn), - { - u'objectclass': [u'top', u'nsContainer'], - u'cn': [u'servers'] - } - ) - try: - ldap.add_entry(entry) - except errors.DuplicateEntry: - self.log.debug('cn=dnsservers container already exists') + ensure_dnsserver_container_exists(ldap, self.api, logger=self.log) try: self.api.Command.dnsserver_add(self.api.env.host) |