def execute(self, **options):
ldap = self.api.Backend.ldap2
if not dns_container_exists(ldap):
return False, []
try:
zones = self.api.Command.dnszone_find(all=True)['result']
except errors.NotFound:
self.log.debug('No DNS zone to update found')
return False, []
for zone in zones:
update = {}
if not zone.get('idnsallowquery'):
# allow query from any client by default
update['idnsallowquery'] = u'any;'
if not zone.get('idnsallowtransfer'):
# do not open zone transfers by default
update['idnsallowtransfer'] = u'none;'
old_policy = util.get_dns_forward_zone_update_policy(
self.api.env.realm, ('A', 'AAAA'))
if zone.get('idnsupdatepolicy', [''])[0] == old_policy:
update['idnsupdatepolicy'] = util.get_dns_forward_zone_update_policy(\
self.api.env.realm)
if update:
# FIXME: https://fedorahosted.org/freeipa/ticket/4722
self.api.Command.dnszone_mod(
zone[u'idnsname'][0].make_absolute(), **update)
return False, []
def execute(self, **options):
ldap = self.api.Backend.ldap2
if not dns_container_exists(ldap):
return False, []
try:
zones = self.api.Command.dnszone_find(all=True)['result']
except errors.NotFound:
self.log.debug('No DNS zone to update found')
return False, []
for zone in zones:
update = {}
if not zone.get('idnsallowquery'):
# allow query from any client by default
update['idnsallowquery'] = u'any;'
if not zone.get('idnsallowtransfer'):
# do not open zone transfers by default
update['idnsallowtransfer'] = u'none;'
old_policy = util.get_dns_forward_zone_update_policy(
self.api.env.realm, ('A', 'AAAA'))
if zone.get('idnsupdatepolicy', [''])[0] == old_policy:
update['idnsupdatepolicy'] = util.get_dns_forward_zone_update_policy(\
self.api.env.realm)
if update:
# FIXME: https://fedorahosted.org/freeipa/ticket/4722
self.api.Command.dnszone_mod(zone[u'idnsname'][0].make_absolute(),
**update)
return False, []
def execute(self, **options):
ldap = self.obj.backend
try:
zones = api.Command.dnszone_find(all=True)['result']
except errors.NotFound:
self.log.info('No DNS zone to update found')
return (False, False, [])
for zone in zones:
update = {}
if not zone.get('idnsallowquery'):
# allow query from any client by default
update['idnsallowquery'] = u'any;'
if not zone.get('idnsallowtransfer'):
# do not open zone transfers by default
update['idnsallowtransfer'] = u'none;'
old_policy = util.get_dns_forward_zone_update_policy(api.env.realm, ('A', 'AAAA'))
if zone.get('idnsupdatepolicy', [''])[0] == old_policy:
update['idnsupdatepolicy'] = util.get_dns_forward_zone_update_policy(\
api.env.realm)
if update:
api.Command.dnszone_mod(zone[u'idnsname'][0], **update)
return (False, False, [])
def execute(self, **options):
ldap = self.obj.backend
try:
zones = api.Command.dnszone_find(all=True)['result']
except errors.NotFound:
self.log.info('No DNS zone to update found')
return (False, False, [])
for zone in zones:
update = {}
if not zone.get('idnsallowquery'):
# allow query from any client by default
update['idnsallowquery'] = u'any;'
if not zone.get('idnsallowtransfer'):
# do not open zone transfers by default
update['idnsallowtransfer'] = u'none;'
old_policy = util.get_dns_forward_zone_update_policy(
api.env.realm, ('A', 'AAAA'))
if zone.get('idnsupdatepolicy', [''])[0] == old_policy:
update['idnsupdatepolicy'] = util.get_dns_forward_zone_update_policy(\
api.env.realm)
if update:
api.Command.dnszone_mod(zone[u'idnsname'][0], **update)
return (False, False, [])
def add_zone(name, zonemgr=None, dns_backup=None, ns_hostname=None,
update_policy=None, force=False, api=api):
# always normalize zones
name = normalize_zone(name)
if update_policy is None:
if zone_is_reverse(name):
update_policy = get_dns_reverse_zone_update_policy(api.env.realm, name)
else:
update_policy = get_dns_forward_zone_update_policy(api.env.realm)
if zonemgr is None:
zonemgr = 'hostmaster.%s' % name
if ns_hostname:
ns_hostname = normalize_zone(ns_hostname)
ns_hostname = unicode(ns_hostname)
try:
api.Command.dnszone_add(unicode(name),
idnssoamname=ns_hostname,
idnssoarname=unicode(zonemgr),
idnsallowdynupdate=True,
idnsupdatepolicy=unicode(update_policy),
idnsallowquery=u'any',
idnsallowtransfer=u'none',
force=force)
except (errors.DuplicateEntry, errors.EmptyModlist):
pass
def add_zone(name, zonemgr=None, dns_backup=None, ns_hostname=None,
update_policy=None, force=False, skip_overlap_check=False,
api=api):
# always normalize zones
name = normalize_zone(name)
if update_policy is None:
if zone_is_reverse(name):
update_policy = get_dns_reverse_zone_update_policy(api.env.realm, name)
else:
update_policy = get_dns_forward_zone_update_policy(api.env.realm)
if not zonemgr:
zonemgr = 'hostmaster.%s' % name
if ns_hostname:
ns_hostname = normalize_zone(ns_hostname)
ns_hostname = unicode(ns_hostname)
try:
api.Command.dnszone_add(unicode(name),
idnssoamname=ns_hostname,
idnssoarname=unicode(zonemgr),
idnsallowdynupdate=True,
idnsupdatepolicy=unicode(update_policy),
idnsallowquery=u'any',
idnsallowtransfer=u'none',
skip_overlap_check=skip_overlap_check,
force=force)
except (errors.DuplicateEntry, errors.EmptyModlist):
pass
def add_zone(name, zonemgr=None, dns_backup=None, ns_hostname=None, ns_ip_address=None,
update_policy=None, force=False):
if zone_is_reverse(name):
# always normalize reverse zones
name = normalize_zone(name)
if update_policy is None:
if zone_is_reverse(name):
update_policy = get_dns_reverse_zone_update_policy(api.env.realm, name)
else:
update_policy = get_dns_forward_zone_update_policy(api.env.realm)
if zonemgr is None:
zonemgr = 'hostmaster.%s' % name
if ns_hostname is None:
# automatically retrieve list of DNS masters
dns_masters = api.Object.dnsrecord.get_dns_masters()
if not dns_masters:
raise installutils.ScriptError(
"No IPA server with DNS support found!")
ns_main = dns_masters.pop(0)
ns_replicas = dns_masters
else:
ns_main = ns_hostname
ns_replicas = []
ns_main = normalize_zone(ns_main)
if ns_ip_address is not None:
ns_ip_address = unicode(ns_ip_address)
try:
api.Command.dnszone_add(unicode(name),
idnssoamname=unicode(ns_main),
idnssoarname=unicode(zonemgr),
ip_address=ns_ip_address,
idnsallowdynupdate=True,
idnsupdatepolicy=unicode(update_policy),
idnsallowquery=u'any',
idnsallowtransfer=u'none',
force=force)
except (errors.DuplicateEntry, errors.EmptyModlist):
pass
nameservers = ns_replicas + [ns_main]
for hostname in nameservers:
hostname = normalize_zone(hostname)
add_ns_rr(name, hostname, dns_backup=None, force=True)
