diff options
| -rw-r--r-- | install/share/bind.named.conf.template | 4 | ||||
| -rw-r--r-- | ipaserver/install/bindinstance.py | 23 |
2 files changed, 23 insertions, 4 deletions
diff --git a/install/share/bind.named.conf.template b/install/share/bind.named.conf.template index 571df0270..e8ea8fba0 100644 --- a/install/share/bind.named.conf.template +++ b/install/share/bind.named.conf.template @@ -8,9 +8,6 @@ options { statistics-file "data/named_stats.txt"; memstatistics-file "data/named_mem_stats.txt"; - forward $FORWARD_POLICY; - forwarders {$FORWARDERS}; - // Any host is permitted to issue recursive queries allow-recursion { any; }; @@ -50,7 +47,6 @@ dynamic-db "ipa" { library "ldap.so"; arg "uri ldapi://%2fvar%2frun%2fslapd-$SERVER_ID.socket"; arg "base cn=dns, $SUFFIX"; - arg "fake_mname $FQDN."; arg "server_id $FQDN"; arg "auth_method sasl"; arg "sasl_mech GSSAPI"; diff --git a/ipaserver/install/bindinstance.py b/ipaserver/install/bindinstance.py index 9df4f7ad9..e49abce23 100644 --- a/ipaserver/install/bindinstance.py +++ b/ipaserver/install/bindinstance.py @@ -40,6 +40,7 @@ from ipaserver.install import sysupgrade from ipaserver.install.cainstance import IPA_CA_RECORD from ipapython import sysrestore, ipautil, ipaldap from ipapython import dnsutil +from ipapython.dnsutil import DNSName from ipapython.ipa_log_manager import root_logger from ipapython.dn import DN import ipalib @@ -699,6 +700,8 @@ class BindInstance(service.Service): self.step("setting up kerberos principal", self.__setup_principal) self.step("setting up named.conf", self.__setup_named_conf) + self.step("setting up server configuration", + self.__setup_server_configuration) # named has to be started after softhsm initialization # self.step("restarting named", self.__start) @@ -983,6 +986,26 @@ class BindInstance(service.Service): 'forward_policy_conflict_with_empty_zones_handled', True ) + def __setup_server_configuration(self): + try: + self.api.Command.dnsserver_add( + self.fqdn, idnssoamname=DNSName(self.fqdn).make_absolute(), + ) + except errors.DuplicateEntry: + # probably reinstallation of DNS + pass + + try: + self.api.Command.dnsserver_mod( + self.fqdn, + idnsforwarders=[unicode(f) for f in self.forwarders], + idnsforwardpolicy=unicode(self.forward_policy) + ) + except errors.EmptyModlist: + pass + + sysupgrade.set_upgrade_state('dns', 'server_config_to_ldap', True) + def __setup_resolv_conf(self): if not self.fstore.has_file(RESOLV_CONF): self.fstore.backup_file(RESOLV_CONF) |