diff options
| author | David Kupka <dkupka@redhat.com> | 2015-12-10 12:54:08 +0100 |
|---|---|---|
| committer | Tomas Babej <tbabej@redhat.com> | 2015-12-14 18:53:53 +0100 |
| commit | 1534061d9b527d8e15f5107d27c2a8c9c62c26ed (patch) | |
| tree | 48791ac74bf58754e085eb51ad1a81bfab0ae138 /ipaserver/install | |
| parent | 8d19da49c4259411ff333946019f4b981fab2bcf (diff) | |
| download | freeipa-1534061d9b527d8e15f5107d27c2a8c9c62c26ed.tar.gz freeipa-1534061d9b527d8e15f5107d27c2a8c9c62c26ed.tar.xz freeipa-1534061d9b527d8e15f5107d27c2a8c9c62c26ed.zip | |
dns: Add --auto-reverse option.
Introducing '--auto-reverse' option. When specified reverse records for
all server's IP addresses are checked and when record nor reverse zone
does not exist reverse zone is created.
Reviewed-By: Petr Spacek <pspacek@redhat.com>
Diffstat (limited to 'ipaserver/install')
| -rw-r--r-- | ipaserver/install/bindinstance.py | 5 | ||||
| -rw-r--r-- | ipaserver/install/server/common.py | 14 |
2 files changed, 18 insertions, 1 deletions
diff --git a/ipaserver/install/bindinstance.py b/ipaserver/install/bindinstance.py index f590badb4..93744875e 100644 --- a/ipaserver/install/bindinstance.py +++ b/ipaserver/install/bindinstance.py @@ -482,7 +482,10 @@ def check_reverse_zones(ip_addresses, reverse_zones, options, unattended, # create reverse zone for IP addresses that does not have one for (ip, rz) in get_auto_reverse_zones(ips_missing_reverse): - if unattended: + if options.auto_reverse: + root_logger.info("Reverse zone %s will be created" % rz) + checked_reverse_zones.append(rz) + elif unattended: root_logger.warning("Missing reverse record for IP address %s" % ip) else: diff --git a/ipaserver/install/server/common.py b/ipaserver/install/server/common.py index 3ea0cdead..19a1cc821 100644 --- a/ipaserver/install/server/common.py +++ b/ipaserver/install/server/common.py @@ -197,6 +197,11 @@ class BaseServerDNS(common.Installable, core.Group, core.Composite): description="Do not create new reverse DNS zone", ) + auto_reverse = Knob( + bool, False, + description="Create necessary reverse zones", + ) + no_dnssec_validation = Knob( bool, False, description="Disable DNSSEC validation", @@ -424,6 +429,10 @@ class BaseServer(common.Installable, common.Interactive, core.Composite): raise RuntimeError( "You cannot specify a --reverse-zone option without the " "--setup-dns option") + if self.dns.auto_reverse: + raise RuntimeError( + "You cannot specify a --auto-reverse option without the " + "--setup-dns option") if self.dns.no_reverse: raise RuntimeError( "You cannot specify a --no-reverse option without the " @@ -444,6 +453,10 @@ class BaseServer(common.Installable, common.Interactive, core.Composite): raise RuntimeError( "You cannot specify a --reverse-zone option together with " "--no-reverse") + elif self.dns.auto_reverse and self.dns.no_reverse: + raise RuntimeError( + "You cannot specify a --auto-reverse option together with " + "--no-reverse") # Automatically disable pkinit w/ dogtag until that is supported self.no_pkinit = True @@ -470,6 +483,7 @@ class BaseServer(common.Installable, common.Interactive, core.Composite): self.no_forwarders = self.dns.no_forwarders self.reverse_zones = self.dns.reverse_zones self.no_reverse = self.dns.no_reverse + self.auto_reverse = self.dns.auto_reverse self.allow_zone_overlap = self.dns.allow_zone_overlap self.no_dnssec_validation = self.dns.no_dnssec_validation self.dnssec_master = self.dns.dnssec_master |