IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Fine tuning DNS options

Browse Source 
Add pointer to self to /etc/hosts to avoid chicken/egg problems when
restarting DNS.

On servers set both dns_lookup_realm and dns_lookup_kdc to false so we don't
attempt to do any resolving. Leave it to true on clients.

Set rdns to false on both server and client.

https://fedorahosted.org/freeipa/ticket/931
This commit is contained in:
Jakub Hrozek 2011-02-10 21:47:45 +01:00 committed by Rob Crittenden
parent c9431749a0
commit 22c3a681da
4 changed files with 27 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
install/share/krb5.conf.template
View File

@ -5,8 +5,9 @@
[libdefaults] [libdefaults]
default_realm = $REALM default_realm = $REALM
dns_lookup_realm = true dns_lookup_realm = false
dns_lookup_kdc = true dns_lookup_kdc = false
rdns = false
ticket_lifetime = 24h ticket_lifetime = 24h
forwardable = yes forwardable = yes

1
ipa-client/ipa-install/ipa-client-install
View File

@ -408,6 +408,7 @@ def configure_krb5_conf(fstore, cli_basedn, cli_realm, cli_domain, cli_server, d
else: else:
libopts.append({'name':'dns_lookup_realm', 'type':'option', 'value':'true'}) libopts.append({'name':'dns_lookup_realm', 'type':'option', 'value':'true'})
libopts.append({'name':'dns_lookup_kdc', 'type':'option', 'value':'true'}) libopts.append({'name':'dns_lookup_kdc', 'type':'option', 'value':'true'})
libopts.append({'name':'rdns', 'type':'option', 'value':'false'})
libopts.append({'name':'ticket_lifetime', 'type':'option', 'value':'24h'}) libopts.append({'name':'ticket_lifetime', 'type':'option', 'value':'24h'})
libopts.append({'name':'forwardable', 'type':'option', 'value':'yes'}) libopts.append({'name':'forwardable', 'type':'option', 'value':'yes'})

3
ipaserver/install/bindinstance.py
View File

@ -297,6 +297,9 @@ class BindInstance(service.Service):
# get a connection to the DS # get a connection to the DS
self.ldap_connect() self.ldap_connect()
if not installutils.record_in_hosts(self.ip_address, self.fqdn):
installutils.add_record_to_hosts(self.ip_address, self.fqdn)
if not dns_container_exists(self.fqdn, self.suffix): if not dns_container_exists(self.fqdn, self.suffix):
self.step("adding DNS container", self.__setup_dns_container) self.step("adding DNS container", self.__setup_dns_container)
if not dns_zone_exists(self.domain): if not dns_zone_exists(self.domain):

24
ipaserver/install/installutils.py
View File

@ -156,6 +156,25 @@ def verify_ip_address(ip):
is_ok = False is_ok = False
return is_ok return is_ok
def record_in_hosts(ip, host_name, file="/etc/hosts"):
hosts = open(file, 'r').readlines()
for line in hosts:
hosts_ip = line.split()[0]
if hosts_ip != ip:
continue
names = line.split()[1:]
if host_name in names:
return True
return False
def add_record_to_hosts(ip, host_name, file="/etc/hosts"):
hosts_fd = open(file, 'r+')
hosts_fd.seek(0, 2)
hosts_fd.write(ip+'\t'+host_name+' '+host_name.split('.')[0]+'\n')
hosts_fd.close()
def read_ip_address(host_name, fstore): def read_ip_address(host_name, fstore):
while True: while True:
ip = ipautil.user_input("Please provide the IP address to be used for this host name", allow_empty = False) ip = ipautil.user_input("Please provide the IP address to be used for this host name", allow_empty = False)
@ -169,10 +188,7 @@ def read_ip_address(host_name, fstore):
print "Adding ["+ip+" "+host_name+"] to your /etc/hosts file" print "Adding ["+ip+" "+host_name+"] to your /etc/hosts file"
fstore.backup_file("/etc/hosts") fstore.backup_file("/etc/hosts")
hosts_fd = open('/etc/hosts', 'r+') add_record_to_hosts(ip, host_name)
hosts_fd.seek(0, 2)
hosts_fd.write(ip+'\t'+host_name+' '+host_name.split('.')[0]+'\n')
hosts_fd.close()
return ip return ip