diff options
Diffstat (limited to 'install/tools/ipa-upgradeconfig')
-rw-r--r-- | install/tools/ipa-upgradeconfig | 54 |
1 files changed, 29 insertions, 25 deletions
diff --git a/install/tools/ipa-upgradeconfig b/install/tools/ipa-upgradeconfig index c690544fa..dbbffe321 100644 --- a/install/tools/ipa-upgradeconfig +++ b/install/tools/ipa-upgradeconfig @@ -727,31 +727,35 @@ def migrate_crl_publish_dir(ca): 'request pki-ca restart') return True -def add_server_cname_records(): - root_logger.info('[Add missing server CNAME records]') +def add_ca_dns_records(): + root_logger.info('[Add missing CA DNS records]') - if not sysupgrade.get_upgrade_state('dns', 'ipa_ca_cname'): - try: - api.Backend.ldap2.connect(autobind=True) - except ipalib.errors.PublicError, e: - root_logger.error("Cannot connect to LDAP to add DNS records: %s", e) - else: - ret = api.Command['dns_is_enabled']() - if not ret['result']: - root_logger.info('DNS is not configured') - sysupgrade.set_upgrade_state('dns', 'ipa_ca_cname', True) - return - - bind = bindinstance.BindInstance() - # DNS is enabled, so let bindinstance find out if CA is enabled - # and let it add the CNAME in that case - bind.add_ipa_ca_cname(api.env.host, api.env.domain, ca_configured=None) - sysupgrade.set_upgrade_state('dns', 'ipa_ca_cname', True) - finally: - if api.Backend.ldap2.isconnected(): - api.Backend.ldap2.disconnect() - else: - root_logger.info('IPA CA CNAME already processed') + if sysupgrade.get_upgrade_state('dns', 'ipa_ca_records'): + root_logger.info('IPA CA DNS records already processed') + return + + try: + api.Backend.ldap2.connect(autobind=True) + except ipalib.errors.PublicError, e: + root_logger.error("Cannot connect to LDAP to add DNS records: %s", e) + return + + ret = api.Command['dns_is_enabled']() + if not ret['result']: + root_logger.info('DNS is not configured') + sysupgrade.set_upgrade_state('dns', 'ipa_ca_records', True) + return + + bind = bindinstance.BindInstance() + + bind.convert_ipa_ca_cnames(api.env.domain) + + # DNS is enabled, so let bindinstance find out if CA is enabled + # and let it add the record in that case + bind.add_ipa_ca_dns_records(api.env.host, api.env.domain, + ca_configured=None) + + sysupgrade.set_upgrade_state('dns', 'ipa_ca_records', True) def main(): """ @@ -845,7 +849,7 @@ def main(): cleanup_kdc(fstore) setup_firefox_extension(fstore) - add_server_cname_records() + add_ca_dns_records() changed_psearch = named_enable_psearch() changed_autoincrement = named_enable_serial_autoincrement() changed_gssapi_conf = named_update_gssapi_configuration() |