DNS install: Ensure that DNS servers container exists

during DNS installation it is assumed that the cn=servers,cn=dns container is always present in LDAP backend when migrating DNS server info to LDAP. This may not always be the case (e.g. when a new replica is set up against older master) so the code must take additional steps to ensure this container is present. https://fedorahosted.org/freeipa/ticket/6083 Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
2025-02-25 18:55:28 -06:00 · 2016-07-14 17:14:59 +02:00
parent 49389ed1e0
commit 37bfd1fdde
2 changed files with 23 additions and 11 deletions
--- a/ipaserver/install/bindinstance.py
+++ b/ipaserver/install/bindinstance.py
@@ -546,6 +546,26 @@ def remove_master_dns_records(hostname, realm):
    bind.remove_server_ns_records(hostname)


+def ensure_dnsserver_container_exists(ldap, api_instance, logger=None):
+    """
+    Create cn=servers,cn=dns,$SUFFIX container. If logger is not None, emit a
+    message that the container already exists when DuplicateEntry is raised
+    """
+
+    entry = ldap.make_entry(
+        DN(api_instance.env.container_dnsservers, api_instance.env.basedn),
+        {
+            u'objectclass': [u'top', u'nsContainer'],
+            u'cn': [u'servers']
+        }
+    )
+    try:
+        ldap.add_entry(entry)
+    except errors.DuplicateEntry:
+        if logger is not None:
+            logger.debug('cn=servers,cn=dns container already exists')
+
+
 class DnsBackup(object):
    def __init__(self, service):
        self.service = service
@@ -942,6 +962,7 @@ class BindInstance(service.Service):
        )

    def __setup_server_configuration(self):
+        ensure_dnsserver_container_exists(self.admin_conn, self.api)
        try:
            self.api.Command.dnsserver_add(
                self.fqdn, idnssoamname=DNSName(self.fqdn).make_absolute(),
--- a/ipaserver/install/plugins/dns.py
+++ b/ipaserver/install/plugins/dns.py
@@ -29,6 +29,7 @@ from ipapython.dn import DN
 from ipapython import dnsutil
 from ipapython.ipa_log_manager import root_logger
 from ipaserver.install import sysupgrade
+from ipaserver.install.bindinstance import ensure_dnsserver_container_exists
 from ipaserver.plugins.dns import dns_container_exists

 register = Registry()
@@ -521,17 +522,7 @@ class update_dnsserver_configuration_into_ldap(DNSUpdater):
            return False, []

        # create container first, if doesn't exist
-        entry = ldap.make_entry(
-            DN(self.api.env.container_dnsservers, self.api.env.basedn),
-            {
-                u'objectclass': [u'top', u'nsContainer'],
-                u'cn': [u'servers']
-            }
-        )
-        try:
-            ldap.add_entry(entry)
-        except errors.DuplicateEntry:
-            self.log.debug('cn=dnsservers container already exists')
+        ensure_dnsserver_container_exists(ldap, self.api, logger=self.log)

        try:
            self.api.Command.dnsserver_add(self.api.env.host)