dns: Handle SERVFAIL in check if domain already exists.

In cases where domain is already delegated to IPA prior installation we might get timeout or SERVFAIL. The answer depends on the recursive server we are using for the check. Reviewed-By: David Kupka <dkupka@redhat.com>
2025-02-25 18:55:28 -06:00 · 2015-12-16 13:37:39 +01:00 · 2015-12-16 13:37:39 +01:00 · 58331208a5
commit 58331208a5
parent c265e8736e
3 changed files with 10 additions and 9 deletions
--- a/ipapython/ipautil.py
+++ b/ipapython/ipautil.py
@ -41,7 +41,7 @@ import locale
 import collections

 from dns import resolver, rdatatype, reversename
-from dns.exception import DNSException, Timeout
+from dns.exception import DNSException
 import six
 from six.moves import input
 from six.moves import urllib
@ -1046,7 +1046,7 @@ def reverse_record_exists(ip_address):
    return True


-def check_zone_overlap(zone, raise_on_timeout=True):
+def check_zone_overlap(zone, raise_on_error=True):
    root_logger.info("Checking DNS domain %s, please wait ..." % zone)
    if not isinstance(zone, DNSName):
        zone = DNSName(zone).make_absolute()
@ -1058,10 +1058,9 @@ def check_zone_overlap(zone, raise_on_timeout=True):

    try:
        containing_zone = resolver.zone_for_name(zone)
-    except Timeout as e:
-        msg = ("DNS check for domain %s failed: %s. Please make sure that the "
-               "domain is properly delegated to this IPA server." % (zone, e))
-        if raise_on_timeout:
+    except DNSException as e:
+        msg = ("DNS check for domain %s failed: %s." % (zone, e))
+        if raise_on_error:
            raise ValueError(msg)
        else:
            root_logger.warning(msg)
--- a/ipaserver/install/bindinstance.py
+++ b/ipaserver/install/bindinstance.py
@ -291,7 +291,7 @@ def read_reverse_zone(default, ip_address, allow_zone_overlap=False):
            continue
        if not allow_zone_overlap:
            try:
-                ipautil.check_zone_overlap(zone, raise_on_timeout=False)
+                ipautil.check_zone_overlap(zone, raise_on_error=False)
            except ValueError as e:
                root_logger.error("Reverse zone %s will not be used: %s"
                                  % (zone, e))
--- a/ipaserver/install/dns.py
+++ b/ipaserver/install/dns.py
@ -126,10 +126,12 @@ def install_check(standalone, replica, options, hostname):
        domain = dnsutil.DNSName(util.normalize_zone(api.env.domain))
        print("Checking DNS domain %s, please wait ..." % domain)
        try:
-            ipautil.check_zone_overlap(domain, raise_on_timeout=False)
+            ipautil.check_zone_overlap(domain, raise_on_error=False)
        except ValueError as e:
            if options.force or options.allow_zone_overlap:
-                root_logger.warning(e.message)
+                root_logger.warning("%s Please make sure that the domain is "
+                                    "properly delegated to this IPA server.",
+                                    e.message)
            else:
                raise e