From 8fd41d0434dddcd6959d460df7a9f8b736ac81ac Mon Sep 17 00:00:00 2001 From: Martin Nagy Date: Mon, 23 Nov 2009 16:16:58 +0100 Subject: [PATCH] Add A and PTR records during ipa-replica-prepare Fixes #528996 --- install/tools/ipa-replica-prepare | 23 ++++++++++++++++++++++- install/tools/man/ipa-replica-prepare.1 | 3 +++ 2 files changed, 25 insertions(+), 1 deletion(-) diff --git a/install/tools/ipa-replica-prepare b/install/tools/ipa-replica-prepare index d89d1a6ed..c9f1ad087 100755 --- a/install/tools/ipa-replica-prepare +++ b/install/tools/ipa-replica-prepare @@ -27,7 +27,8 @@ import krbV from optparse import OptionParser from ipapython import ipautil -from ipaserver.install import dsinstance, installutils, certs, httpinstance +from ipaserver.install import bindinstance, dsinstance, installutils, certs, httpinstance +from ipaserver.install.bindinstance import add_zone, add_reverze_zone, add_rr, add_ptr_rr from ipaserver import ipaldap from ipapython import version from ipalib import api @@ -48,6 +49,8 @@ def parse_options(): help="PIN for the Apache Server PKCS#12 file") parser.add_option("-p", "--password", dest="password", help="Directory Manager (existing master) password") + parser.add_option("--ip-address", dest="ip_address", + help="Add A and PTR records of the future replica") options, args = parser.parse_args() @@ -206,6 +209,11 @@ def main(): api.bootstrap(in_server=True) api.finalize() + if options.ip_address: + if not bindinstance.dns_container_exists(api.env.host, api.env.realm): + print "You can't add a DNS record because DNS is not set up." + sys.exit(1) + if not certs.ipa_self_signed() and not ipautil.file_exists("/var/lib/pki-ca/conf/CS.cfg") and not options.dirsrv_pin: sys.exit("The replica must be created on the primary IPA server.\nIf you installed IPA with your own certificates using PKCS#12 files you must provide PKCS#12 files for any replicas you create as well.") @@ -314,6 +322,19 @@ def main(): remove_file(replicafile) shutil.rmtree(dir) + if options.ip_address: + print "Adding DNS records for %s" % replica_fqdn + api.Backend.ldap2.connect(bind_dn="cn=Directory Manager", bind_pw=dirman_password) + + domain = replica_fqdn.split(".") + name = domain.pop(0) + domain = ".".join(domain) + + zone = add_zone(domain) + add_rr(zone, name, "A", options.ip_address) + add_reverze_zone(options.ip_address) + add_ptr_rr(options.ip_address, replica_fqdn) + try: if not os.geteuid()==0: sys.exit("\nYou must be root to run this script.\n") diff --git a/install/tools/man/ipa-replica-prepare.1 b/install/tools/man/ipa-replica-prepare.1 index 8eb49444a..5c0e0d156 100644 --- a/install/tools/man/ipa-replica-prepare.1 +++ b/install/tools/man/ipa-replica-prepare.1 @@ -42,6 +42,9 @@ The password of the Directory Server PKCS#12 file .TP \fB\-\-http_pin\fR=\fIHTTP_PIN\fR The password of the Apache Server PKCS#12 file +.TP +\fB\-\-ip\-address\fR=\fIIP_ADDRESS\fR +IP address of the replica server. If you provide this option, the A and PTR records will be added to the DNS. .SH "EXIT STATUS" 0 if the command was successful