def _full_backup_and_restore_with_DNSSEC_zone(self, reinstall=False):
with restore_checker(self.master):
self.master.run_command([
'ipa',
'dnszone-add',
self.example_test_zone,
'--dnssec',
'true',
])
assert (wait_until_record_is_signed(
self.master.ip, self.example_test_zone)), "Zone is not signed"
backup_path = tasks.get_backup_dir(self.master)
self.master.run_command(
['ipa-server-install', '--uninstall', '-U'])
if reinstall:
tasks.install_master(self.master, setup_dns=True)
dirman_password = self.master.config.dirman_password
self.master.run_command(['ipa-restore', backup_path],
stdin_text=dirman_password + '\nyes')
if reinstall:
# If the server was reinstalled, reinstall may have changed
# the uid and restore reverts to the original value.
# clear the cache to make sure we get up-to-date values
tasks.clear_sssd_cache(self.master)
assert (wait_until_record_is_signed(
self.master.ip,
self.example_test_zone)), "Zone is not signed after restore"
tasks.kinit_admin(self.master)
self.master.run_command([
'ipa',
'dnszone-add',
self.example2_test_zone,
'--dnssec',
'true',
])
assert (wait_until_record_is_signed(
self.master.ip,
self.example2_test_zone)), "A new zone is not signed"
def _full_backup_and_restore_with_DNSSEC_zone(self, reinstall=False):
with restore_checker(self.master):
self.master.run_command([
'ipa',
'dnszone-add',
self.example_test_zone,
'--dnssec',
'true',
])
assert wait_until_record_is_signed(self.master.ip,
self.example_test_zone,
self.log), "Zone is not signed"
backup_path = backup(self.master)
self.master.run_command(
['ipa-server-install', '--uninstall', '-U'])
if reinstall:
tasks.install_master(self.master, setup_dns=True)
dirman_password = self.master.config.dirman_password
self.master.run_command(['ipa-restore', backup_path],
stdin_text=dirman_password + '\nyes')
assert wait_until_record_is_signed(
self.master.ip, self.example_test_zone,
self.log), ("Zone is not signed after "
"restore")
tasks.kinit_admin(self.master)
self.master.run_command([
'ipa',
'dnszone-add',
self.example2_test_zone,
'--dnssec',
'true',
])
assert wait_until_record_is_signed(
self.master.ip, self.example2_test_zone,
self.log), "A new zone is not signed"
def _full_backup_and_restore_with_DNSSEC_zone(self, reinstall=False):
with restore_checker(self.master):
self.master.run_command([
'ipa', 'dnszone-add',
self.example_test_zone,
'--dnssec', 'true',
])
assert (
wait_until_record_is_signed(
self.master.ip, self.example_test_zone)
), "Zone is not signed"
backup_path = backup(self.master)
self.master.run_command(['ipa-server-install',
'--uninstall',
'-U'])
if reinstall:
tasks.install_master(self.master, setup_dns=True)
dirman_password = self.master.config.dirman_password
self.master.run_command(['ipa-restore', backup_path],
stdin_text=dirman_password + '\nyes')
assert (
wait_until_record_is_signed(
self.master.ip, self.example_test_zone)
), "Zone is not signed after restore"
tasks.kinit_admin(self.master)
self.master.run_command([
'ipa', 'dnszone-add',
self.example2_test_zone,
'--dnssec', 'true',
])
assert (
wait_until_record_is_signed(
self.master.ip, self.example2_test_zone)
), "A new zone is not signed"
