def execute(self, **options): ldap = self.api.Backend.ldap2 if not dns_container_exists(ldap): return False, [] try: zones = self.api.Command.dnszone_find(all=True)['result'] except errors.NotFound: self.log.debug('No DNS zone to update found') return False, [] for zone in zones: update = {} if not zone.get('idnsallowquery'): # allow query from any client by default update['idnsallowquery'] = u'any;' if not zone.get('idnsallowtransfer'): # do not open zone transfers by default update['idnsallowtransfer'] = u'none;' old_policy = util.get_dns_forward_zone_update_policy( self.api.env.realm, ('A', 'AAAA')) if zone.get('idnsupdatepolicy', [''])[0] == old_policy: update['idnsupdatepolicy'] = util.get_dns_forward_zone_update_policy(\ self.api.env.realm) if update: # FIXME: https://fedorahosted.org/freeipa/ticket/4722 self.api.Command.dnszone_mod( zone[u'idnsname'][0].make_absolute(), **update) return False, []
def execute(self, **options): ldap = self.api.Backend.ldap2 if not dns_container_exists(ldap): return False, [] try: zones = self.api.Command.dnszone_find(all=True)['result'] except errors.NotFound: self.log.debug('No DNS zone to update found') return False, [] for zone in zones: update = {} if not zone.get('idnsallowquery'): # allow query from any client by default update['idnsallowquery'] = u'any;' if not zone.get('idnsallowtransfer'): # do not open zone transfers by default update['idnsallowtransfer'] = u'none;' old_policy = util.get_dns_forward_zone_update_policy( self.api.env.realm, ('A', 'AAAA')) if zone.get('idnsupdatepolicy', [''])[0] == old_policy: update['idnsupdatepolicy'] = util.get_dns_forward_zone_update_policy(\ self.api.env.realm) if update: # FIXME: https://fedorahosted.org/freeipa/ticket/4722 self.api.Command.dnszone_mod(zone[u'idnsname'][0].make_absolute(), **update) return False, []
def execute(self, **options): ldap = self.obj.backend try: zones = api.Command.dnszone_find(all=True)['result'] except errors.NotFound: self.log.info('No DNS zone to update found') return (False, False, []) for zone in zones: update = {} if not zone.get('idnsallowquery'): # allow query from any client by default update['idnsallowquery'] = u'any;' if not zone.get('idnsallowtransfer'): # do not open zone transfers by default update['idnsallowtransfer'] = u'none;' old_policy = util.get_dns_forward_zone_update_policy(api.env.realm, ('A', 'AAAA')) if zone.get('idnsupdatepolicy', [''])[0] == old_policy: update['idnsupdatepolicy'] = util.get_dns_forward_zone_update_policy(\ api.env.realm) if update: api.Command.dnszone_mod(zone[u'idnsname'][0], **update) return (False, False, [])
def execute(self, **options): ldap = self.obj.backend try: zones = api.Command.dnszone_find(all=True)['result'] except errors.NotFound: self.log.info('No DNS zone to update found') return (False, False, []) for zone in zones: update = {} if not zone.get('idnsallowquery'): # allow query from any client by default update['idnsallowquery'] = u'any;' if not zone.get('idnsallowtransfer'): # do not open zone transfers by default update['idnsallowtransfer'] = u'none;' old_policy = util.get_dns_forward_zone_update_policy( api.env.realm, ('A', 'AAAA')) if zone.get('idnsupdatepolicy', [''])[0] == old_policy: update['idnsupdatepolicy'] = util.get_dns_forward_zone_update_policy(\ api.env.realm) if update: api.Command.dnszone_mod(zone[u'idnsname'][0], **update) return (False, False, [])
def add_zone(name, zonemgr=None, dns_backup=None, ns_hostname=None, update_policy=None, force=False, api=api): # always normalize zones name = normalize_zone(name) if update_policy is None: if zone_is_reverse(name): update_policy = get_dns_reverse_zone_update_policy(api.env.realm, name) else: update_policy = get_dns_forward_zone_update_policy(api.env.realm) if zonemgr is None: zonemgr = 'hostmaster.%s' % name if ns_hostname: ns_hostname = normalize_zone(ns_hostname) ns_hostname = unicode(ns_hostname) try: api.Command.dnszone_add(unicode(name), idnssoamname=ns_hostname, idnssoarname=unicode(zonemgr), idnsallowdynupdate=True, idnsupdatepolicy=unicode(update_policy), idnsallowquery=u'any', idnsallowtransfer=u'none', force=force) except (errors.DuplicateEntry, errors.EmptyModlist): pass
def add_zone(name, zonemgr=None, dns_backup=None, ns_hostname=None, update_policy=None, force=False, skip_overlap_check=False, api=api): # always normalize zones name = normalize_zone(name) if update_policy is None: if zone_is_reverse(name): update_policy = get_dns_reverse_zone_update_policy(api.env.realm, name) else: update_policy = get_dns_forward_zone_update_policy(api.env.realm) if not zonemgr: zonemgr = 'hostmaster.%s' % name if ns_hostname: ns_hostname = normalize_zone(ns_hostname) ns_hostname = unicode(ns_hostname) try: api.Command.dnszone_add(unicode(name), idnssoamname=ns_hostname, idnssoarname=unicode(zonemgr), idnsallowdynupdate=True, idnsupdatepolicy=unicode(update_policy), idnsallowquery=u'any', idnsallowtransfer=u'none', skip_overlap_check=skip_overlap_check, force=force) except (errors.DuplicateEntry, errors.EmptyModlist): pass
def add_zone(name, zonemgr=None, dns_backup=None, ns_hostname=None, ns_ip_address=None, update_policy=None, force=False): if zone_is_reverse(name): # always normalize reverse zones name = normalize_zone(name) if update_policy is None: if zone_is_reverse(name): update_policy = get_dns_reverse_zone_update_policy(api.env.realm, name) else: update_policy = get_dns_forward_zone_update_policy(api.env.realm) if zonemgr is None: zonemgr = 'hostmaster.%s' % name if ns_hostname is None: # automatically retrieve list of DNS masters dns_masters = api.Object.dnsrecord.get_dns_masters() if not dns_masters: raise installutils.ScriptError( "No IPA server with DNS support found!") ns_main = dns_masters.pop(0) ns_replicas = dns_masters else: ns_main = ns_hostname ns_replicas = [] ns_main = normalize_zone(ns_main) if ns_ip_address is not None: ns_ip_address = unicode(ns_ip_address) try: api.Command.dnszone_add(unicode(name), idnssoamname=unicode(ns_main), idnssoarname=unicode(zonemgr), ip_address=ns_ip_address, idnsallowdynupdate=True, idnsupdatepolicy=unicode(update_policy), idnsallowquery=u'any', idnsallowtransfer=u'none', force=force) except (errors.DuplicateEntry, errors.EmptyModlist): pass nameservers = ns_replicas + [ns_main] for hostname in nameservers: hostname = normalize_zone(hostname) add_ns_rr(name, hostname, dns_backup=None, force=True)