diff options
| author | Martin Basti <mbasti@redhat.com> | 2016-07-21 13:18:34 +0200 |
|---|---|---|
| committer | Martin Basti <mbasti@redhat.com> | 2016-07-22 13:40:05 +0200 |
| commit | 8aba4f63439853d524e8b394b7919159c86d2a08 (patch) | |
| tree | af32ec9d6e08785bc9207c75221d55bb9faa23d2 | |
| parent | 359cfeb7c6798038f5638f9d0977dda351f21431 (diff) | |
| download | freeipa-8aba4f63439853d524e8b394b7919159c86d2a08.tar.gz freeipa-8aba4f63439853d524e8b394b7919159c86d2a08.tar.xz freeipa-8aba4f63439853d524e8b394b7919159c86d2a08.zip | |
Host-del: fix behavior of --updatedns and PTR records
* target for ptr record must be absolute domain name
* zone is detected using DNS system instead of random splitting of
hostname
https://fedorahosted.org/freeipa/ticket/6060
Reviewed-By: Petr Spacek <pspacek@redhat.com>
| -rw-r--r-- | ipaserver/plugins/host.py | 26 |
1 files changed, 15 insertions, 11 deletions
diff --git a/ipaserver/plugins/host.py b/ipaserver/plugins/host.py index f342b05c8..413dcf15e 100644 --- a/ipaserver/plugins/host.py +++ b/ipaserver/plugins/host.py @@ -18,6 +18,9 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. +from __future__ import absolute_import + +import dns.resolver import string import six @@ -134,7 +137,7 @@ register = Registry() host_pwd_chars = string.digits + string.ascii_letters + '_,.@+-=' -def remove_ptr_rec(ipaddr, host, domain): +def remove_ptr_rec(ipaddr, fqdn): """ Remove PTR record of IP address (ipaddr) :return: True if PTR record was removed, False if record was not found @@ -143,13 +146,12 @@ def remove_ptr_rec(ipaddr, host, domain): try: revzone, revname = get_reverse_zone(ipaddr) - # in case domain is in FQDN form with a trailing dot, we needn't add - # another one, in case it has no trailing dot, dnsrecord-del will - # normalize the entry - delkw = {'ptrrecord': "%s.%s" % (host, domain)} + # assume that target in PTR record is absolute name (otherwise it is + # non-standard configuration) + delkw = {'ptrrecord': u"%s" % fqdn.make_absolute()} api.Command['dnsrecord_del'](revzone, revname, **delkw) - except errors.NotFound: + except (errors.NotFound, errors.AttrValueNotFound): api.log.debug('PTR record of ipaddr %s not found', ipaddr) return False @@ -794,13 +796,15 @@ class host_del(LDAPDelete): if updatedns: # Remove A, AAAA, SSHFP and PTR records of the host - parts = fqdn.split('.') - domain = unicode('.'.join(parts[1:])) + fqdn_dnsname = DNSName(fqdn).make_absolute() + zone = DNSName(dns.resolver.zone_for_name(fqdn_dnsname)) + relative_hostname = fqdn_dnsname.relativize(zone) + # Get all resources for this host rec_removed = False try: record = api.Command['dnsrecord_show']( - domain, parts[0])['result'] + zone, relative_hostname)['result'] except errors.NotFound: pass else: @@ -808,13 +812,13 @@ class host_del(LDAPDelete): for attr in ('arecord', 'aaaarecord'): for val in record.get(attr, []): rec_removed = ( - remove_ptr_rec(val, parts[0], domain) or + remove_ptr_rec(val, fqdn_dnsname) or rec_removed ) try: # remove all A, AAAA, SSHFP records of the host api.Command['dnsrecord_mod']( - domain, + zone, record['idnsname'][0], arecord=[], aaaarecord=[], |