IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Avoid deleting DNS zone when a context is reused

Browse Source 
When dnsrecord-del pre_callback detects that the record does
not contain any records, it sets a flag to connection context
and deletes the record object later. However, when more
dnsrecord-del commands share the same context (and this is
the case of "ipa-replica-manage del $MASTER" DNS cleanup), it
may reuse a positive flag from previous dnsrecord-del command
and delete the root DNS zone record and thus effectively delete
the zone.

This patch makes sure that this flag is always initialized to a
sane value in dnsrecord-del pre_callback to make sure that the DNS
zone is not deleted. It also fixes pre_callback function definition
to prevent adding attrs_list to "keys" parameter and thus confuse
developers.

https://fedorahosted.org/freeipa/ticket/2503
This commit is contained in:
Martin Kosek
2012-03-23 10:29:30 +01:00
parent d9e8b9a3ed
commit 11ef670835
1 changed files with 12 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
ipalib/plugins/dns.py
View File

@@ -2414,7 +2414,7 @@ class dnsrecord_del(LDAPUpdate):
continue continue
yield option yield option
def pre_callback(self, ldap, dn, entry_attrs, *keys, **options): def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options):
try: try:
(dn_, old_entry) = ldap.get_entry( (dn_, old_entry) = ldap.get_entry(
dn, _record_attributes, dn, _record_attributes,
@@ -2443,13 +2443,19 @@ class dnsrecord_del(LDAPUpdate):
value=val) value=val)
entry_attrs[attr] = list(set(old_entry[attr])) entry_attrs[attr] = list(set(old_entry[attr]))
del_all = False
if not self.obj.is_pkey_zone_record(*keys): if not self.obj.is_pkey_zone_record(*keys):
del_all = True record_found = False
for attr in old_entry: for attr in old_entry:
if old_entry[attr]: if old_entry[attr]:
del_all = False record_found = True
break break
setattr(context, 'del_all', del_all) del_all = not record_found
# set del_all flag in context
# when the flag is enabled, the entire DNS record object is deleted
# in a post callback
setattr(context, 'del_all', del_all)
return dn return dn
@@ -2465,7 +2471,8 @@ class dnsrecord_del(LDAPUpdate):
result = super(dnsrecord_del, self).execute(*keys, **options) result = super(dnsrecord_del, self).execute(*keys, **options)
if getattr(context, 'del_all', False): if getattr(context, 'del_all', False) and not \
self.obj.is_pkey_zone_record(*keys):
return self.obj.methods.delentry(*keys) return self.obj.methods.delentry(*keys)
return result return result