def test_removes_existing_dnssec_validation_config(self):
options_file = self.make_file(contents=OPTIONS_FILE_WITH_DNSSEC)
call_command("edit_named_options",
config_path=options_file,
stdout=self.stdout)
# Check that the file was re-written without dnssec-validation (since
# that's now in the included file).
options = read_isc_file(options_file)
self.assertThat(make_isc_string(options),
Not(Contains("dnssec-validation")))
def test_removes_existing_forwarders_config_if_migrate_set(self):
options_file = self.make_file(contents=OPTIONS_FILE_WITH_FORWARDERS)
call_command(
"edit_named_options", config_path=options_file,
migrate_conflicting_options=True, stdout=self.stdout)
# Check that the file was re-written without forwarders (since
# that's now in the included file).
options = read_isc_file(options_file)
self.assertThat(
make_isc_string(options),
Not(Contains('forwarders')))
def test_normal_operation(self):
options_file = self.make_file(contents=OPTIONS_FILE)
self.run_command('--config-path', options_file)
expected_path = os.path.join(os.path.dirname(options_file), "maas",
MAAS_NAMED_CONF_OPTIONS_INSIDE_NAME)
# Check that the file was re-written with the include statement.
options = read_isc_file(options_file)
self.assertThat(make_isc_string(options),
Contains('include "%s";' % expected_path))
# Check that the backup was made.
options_file_base = os.path.dirname(options_file)
files = os.listdir(options_file_base)
self.assertEqual(2, len(files))
files.remove(os.path.basename(options_file))
[backup_file] = files
backup_file = os.path.join(options_file_base, backup_file)
self.assertThat(backup_file, FileContains(OPTIONS_FILE))
def handle(self, *args, **options):
"""Entry point for BaseCommand."""
# Read stuff in, validate.
config_path = options.get('config_path')
dry_run = options.get('dry_run')
force = options.get('force')
stdout = options.get('stdout')
if stdout is None:
stdout = sys.stdout
migrate_conflicting_options = options.get(
'migrate_conflicting_options')
options_file = self.read_file(config_path)
config_dict = self.parse_file(config_path, options_file)
original_config = deepcopy(config_dict)
options_block = config_dict['options']
# Modify the configuration (if necessary).
self.set_up_include_statement(options_block, config_path)
if migrate_conflicting_options:
self.migrate_forwarders(options_block, dry_run, stdout)
self.migrate_dnssec_validation(options_block, dry_run, stdout)
# Re-parse the new configuration, so we can detect any changes.
new_content = make_isc_string(config_dict)
new_config = parse_isc_string(new_content)
if original_config != new_config or force:
# The configuration has changed. Back up and write new file.
if dry_run:
self.write_new_named_conf_options(stdout, config_path,
new_content)
else:
backup_filename = self.back_up_existing_file(config_path)
with open(config_path, "w", encoding="ascii") as fd:
self.write_new_named_conf_options(fd, backup_filename,
new_content)
def test_parse_then_make_then_parse_generates_identical_config(self):
testdata = dedent("""\
acl canonical-int-ns { 91.189.90.151; 91.189.89.192; };
options {
directory "/var/cache/bind";
forwarders {
91.189.94.2;
91.189.94.2;
};
dnssec-validation auto;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
allow-query { any; };
allow-transfer { 10.222.64.1; canonical-int-ns; };
notify explicit;
also-notify { 91.189.90.151; 91.189.89.192; };
allow-query-cache { 10.222.64.0/18; };
recursion yes;
};
zone "." { type master; file "/etc/bind/db.special"; };
""")
config = parse_isc_string(testdata)
config_string = make_isc_string(config)
config = parse_isc_string(config_string)
self.assertEqual(
OrderedDict([
(
"acl canonical-int-ns",
OrderedDict([("91.189.90.151", True),
("91.189.89.192", True)]),
),
(
"options",
OrderedDict([
("directory", '"/var/cache/bind"'),
(
"forwarders",
OrderedDict([("91.189.94.2", True)]),
),
("dnssec-validation", "auto"),
("auth-nxdomain", "no"),
("listen-on-v6", OrderedDict([("any", True)])),
("allow-query", OrderedDict([("any", True)])),
(
"allow-transfer",
OrderedDict([
("10.222.64.1", True),
("canonical-int-ns", True),
]),
),
("notify", "explicit"),
(
"also-notify",
OrderedDict([
("91.189.90.151", True),
("91.189.89.192", True),
]),
),
(
"allow-query-cache",
OrderedDict([("10.222.64.0/18", True)]),
),
("recursion", "yes"),
]),
),
(
'zone "."',
OrderedDict([
("type", "master"),
("file", '"/etc/bind/db.special"'),
]),
),
]),
config,
)
