Improve user awareness about dnsconfig

Global DNS configuration is a nice tool to maintain a common DNS settings stored in LDAP which are then used for all enrolled IPA servers. However, the settings stored in LDAP override local settings in named.conf on DNS servers. This patch adds more information about global DNS configuration options in install scripts and DNS module help. https://fedorahosted.org/freeipa/ticket/2525
2025-01-27 16:46:42 -06:00 · 2012-03-15 13:51:59 +01:00 · 2012-03-15 13:51:59 +01:00 · 52aa008b87
commit 52aa008b87
parent b944ad44b5
5 changed files with 52 additions and 0 deletions
--- a/install/tools/ipa-dns-install
+++ b/install/tools/ipa-dns-install
@ -232,6 +232,9 @@ def main():
    print "=============================================================================="
    print "Setup complete"
    print ""
+    bind.check_global_configuration()
+    print ""
+    print ""
    print "\tYou must make sure these network ports are open:"
    print "\t\tTCP Ports:"
    print "\t\t  * 53: bind"
--- a/install/tools/ipa-replica-install
+++ b/install/tools/ipa-replica-install
@ -229,6 +229,10 @@ def install_bind(config, options):
               config.domain_name, forwarders, options.conf_ntp, reverse_zone)
    bind.create_instance()

+    print ""
+    bind.check_global_configuration()
+    print ""
+
 def install_dns_records(config, options):

    if not bindinstance.dns_container_exists(config.master_host_name,
--- a/install/tools/ipa-server-install
+++ b/install/tools/ipa-server-install
@ -1019,6 +1019,9 @@ def main():
        api.Backend.ldap2.connect(bind_dn="cn=Directory Manager", bind_pw=dm_password)

        bind.create_instance()
+        print ""
+        bind.check_global_configuration()
+        print ""
    else:
        bind.create_sample_bind_zone()

--- a/ipalib/plugins/dns.py
+++ b/ipalib/plugins/dns.py
@ -189,6 +189,14 @@ EXAMPLES:
   ipa dns-resolve www.example.com
   ipa dns-resolve www

+
+GLOBAL DNS CONFIGURATION
+
+DNS configuration passed to command line install script is stored in a local
+configuration file on each IPA server where DNS service is configured. These
+local settings can be overridden with a common configuration stored in LDAP
+server:
+
 Show global DNS configuration:
   ipa dnsconfig-show

@ -2701,16 +2709,30 @@ class dnsconfig(LDAPObject):

        return entry

+    def postprocess_result(self, result):
+        if not any(param in result['result'] for param in self.params):
+            result['summary'] = unicode(_('Global DNS configuration is empty'))
+
 api.register(dnsconfig)


 class dnsconfig_mod(LDAPUpdate):
    __doc__ = _('Modify global DNS configuration.')

+    def execute(self, *keys, **options):
+        result = super(dnsconfig_mod, self).execute(*keys, **options)
+        self.obj.postprocess_result(result)
+        return result
+
 api.register(dnsconfig_mod)


 class dnsconfig_show(LDAPRetrieve):
    __doc__ = _('Show the current global DNS configuration.')

+    def execute(self, *keys, **options):
+        result = super(dnsconfig_show, self).execute(*keys, **options)
+        self.obj.postprocess_result(result)
+        return result
+
 api.register(dnsconfig_show)
--- a/ipaserver/install/bindinstance.py
+++ b/ipaserver/install/bindinstance.py
@ -637,6 +637,26 @@ class BindInstance(service.Service):
                # remove also master NS record from the reverse zone
                del_rr(rzone, "@", "NS", fqdn+".")

+    def check_global_configuration(self):
+        """
+        Check global DNS configuration in LDAP server and inform user when it
+        set and thus overrides his configured options in named.conf.
+        """
+        result = api.Command.dnsconfig_show()
+        global_conf_set = any(param in result['result'] for \
+                              param in api.Object['dnsconfig'].params)
+
+        if not global_conf_set:
+            print "Global DNS configuration in LDAP server is empty"
+            print "You can use 'dnsconfig-mod' command to set global DNS options that"
+            print "would override settings in local named.conf files"
+            return
+
+        print "Global DNS configuration in LDAP server is not empty"
+        print "The following configuration options override local settings in named.conf:"
+        print ""
+        textui = ipalib.cli.textui()
+        api.Command.dnsconfig_show.output_for_cli(textui, result, None, reverse=False)

    def uninstall(self):
        if self.is_configured():