Add a reverse zone with server's PTR record

Also, small cosmetic change in dns.ldif.
This commit is contained in:
Martin Nagy
2009-06-27 07:53:45 +02:00
parent 296ffe6c61
commit a09d2c3498
3 changed files with 43 additions and 7 deletions

View File

@@ -14,8 +14,8 @@ idnsName: $DOMAIN
idnsZoneActive: TRUE idnsZoneActive: TRUE
idnsAllowDynUpdate: TRUE idnsAllowDynUpdate: TRUE
idnsUpdatePolicy: grant $REALM krb5-self * A; idnsUpdatePolicy: grant $REALM krb5-self * A;
idnsSOAmName: $HOST.$DOMAIN. idnsSOAmName: $FQDN.
idnsSOArName: root.$HOST.$DOMAIN. idnsSOArName: root.$FQDN.
idnsSOAserial: 1 idnsSOAserial: 1
idnsSOArefresh: 10800 idnsSOArefresh: 10800
idnsSOAretry: 900 idnsSOAretry: 900

View File

@@ -0,0 +1,24 @@
dn: idnsName=$REVERSE_SUBNET.in-addr.arpa,cn=dns,$SUFFIX
changetype: add
objectClass: top
objectClass: idnsZone
objectClass: idnsRecord
idnsName: $REVERSE_SUBNET.in-addr.arpa
idnsZoneActive: TRUE
idnsAllowDynUpdate: TRUE
idnsUpdatePolicy: grant $REALM krb5-subdomain $REVERSE_SUBNET.in-addr.arpa. PTR;
idnsSOAmName: $FQDN.
idnsSOArName: root.$FQDN.
idnsSOAserial: 1
idnsSOArefresh: 10800
idnsSOAretry: 900
idnsSOAexpire: 604800
idnsSOAminimum: 86400
NSRecord: $FQDN.
dn: idnsName=$REVERSE_HOST,idnsName=$REVERSE_SUBNET.in-addr.arpa,cn=dns,$SUFFIX
changetype: add
objectClass: idnsRecord
objectClass: top
idnsName: $REVERSE_HOST
PTRRecord: $FQDN.

View File

@@ -71,6 +71,12 @@ class BindInstance(service.Service):
self.host = fqdn.split(".")[0] self.host = fqdn.split(".")[0]
self.suffix = util.realm_to_suffix(self.realm) self.suffix = util.realm_to_suffix(self.realm)
tmp = ip_address.split(".")
tmp.reverse()
self.reverse_host = tmp.pop(0)
self.reverse_subnet = ".".join(tmp)
self.__setup_sub_dict() self.__setup_sub_dict()
def create_sample_bind_zone(self): def create_sample_bind_zone(self):
@@ -90,15 +96,16 @@ class BindInstance(service.Service):
# FIXME: this need to be split off, as only the first server can do # FIXME: this need to be split off, as only the first server can do
# this operation # this operation
self.step("Setting up our zone", self.__setup_zone) self.step("Setting up our zone", self.__setup_zone)
self.step("setting up reverse zone", self.__setup_reverse_zone)
self.step("Setting up kerberos principal", self.__setup_principal) self.step("setting up kerberos principal", self.__setup_principal)
self.step("Setting up named.conf", self.__setup_named_conf) self.step("setting up named.conf", self.__setup_named_conf)
self.step("restarting named", self.__start) self.step("restarting named", self.__start)
self.step("configuring named to start on boot", self.__enable) self.step("configuring named to start on boot", self.__enable)
self.step("Changing resolv.conf to point to ourselves", self.__setup_resolv_conf) self.step("changing resolv.conf to point to ourselves", self.__setup_resolv_conf)
self.start_creation("Configuring bind:") self.start_creation("Configuring named:")
def __start(self): def __start(self):
try: try:
@@ -117,12 +124,17 @@ class BindInstance(service.Service):
DOMAIN=self.domain, DOMAIN=self.domain,
HOST=self.host, HOST=self.host,
REALM=self.realm, REALM=self.realm,
SUFFIX=self.suffix) SUFFIX=self.suffix,
REVERSE_HOST=self.reverse_host,
REVERSE_SUBNET=self.reverse_subnet)
def __setup_zone(self): def __setup_zone(self):
self.backup_state("domain", self.domain) self.backup_state("domain", self.domain)
self._ldap_mod("dns.ldif", self.sub_dict) self._ldap_mod("dns.ldif", self.sub_dict)
def __setup_reverse_zone(self):
self._ldap_mod("dns_reverse.ldif", self.sub_dict)
def __setup_principal(self): def __setup_principal(self):
dns_principal = "DNS/" + self.fqdn + "@" + self.realm dns_principal = "DNS/" + self.fqdn + "@" + self.realm
installutils.kadmin_addprinc(dns_principal) installutils.kadmin_addprinc(dns_principal)