Add new DNS install argument for setting the zone mgr e-mail addr.

ticket 125

install/share/bind.zone.db.template

@@ -1,6 +1,6 @@
 $$ORIGIN $DOMAIN.
 $$TTL	86400
-@			IN SOA	$DOMAIN. root.$HOST.$DOMAIN. (
+@			IN SOA	$DOMAIN. $ZONEMGR. (
 				01		; serial 
 				3H		; refresh
 				15M		; retry

install/tools/ipa-dns-install

@@ -40,6 +40,8 @@ def parse_options():
                       help="Add a DNS forwarder")
     parser.add_option("--no-forwarders", dest="no_forwarders", action="store_true",
                       default=False, help="Do not add any DNS forwarders, use root servers instead")
+    parser.add_option("--zonemgr", dest="zonemgr", 
+                      help="DNS zone manager e-mail address. Defaults to root")
     parser.add_option("-U", "--unattended", dest="unattended", action="store_true",
                       default=False, help="unattended installation never prompts the user")
 
@@ -153,7 +155,7 @@ def main():
 
     # Create a BIND instance
     bind = bindinstance.BindInstance(fstore, dm_password)
-    bind.setup(api.env.host, ip_address, api.env.realm, api.env.domain, dns_forwarders, conf_ntp)
+    bind.setup(api.env.host, ip_address, api.env.realm, api.env.domain, dns_forwarders, conf_ntp, zonemgr=options.zonemgr)
     api.Backend.ldap2.connect(bind_dn="cn=Directory Manager", bind_pw=dm_password)
     bind.create_instance()
 

install/tools/ipa-server-install

@@ -96,6 +96,8 @@ def parse_options():
                       help="Add a DNS forwarder")
     parser.add_option("--no-forwarders", dest="no_forwarders", action="store_true",
                       default=False, help="Do not add any DNS forwarders, use root servers instead")
+    parser.add_option("--zonemgr", dest="zonemgr", 
+                      help="DNS zone manager e-mail address. Defaults to root")
     parser.add_option("-U", "--unattended", dest="unattended", action="store_true",
                       default=False, help="unattended installation never prompts the user")
     parser.add_option("", "--uninstall", dest="uninstall", action="store_true",
@@ -769,7 +771,7 @@ def main():
 
     # Create a BIND instance
     bind = bindinstance.BindInstance(fstore, dm_password)
-    bind.setup(host_name, ip_address, realm_name, domain_name, dns_forwarders, options.conf_ntp)
+    bind.setup(host_name, ip_address, realm_name, domain_name, dns_forwarders, options.conf_ntp, zonemgr=options.zonemgr)
     if options.setup_dns:
         api.Backend.ldap2.connect(bind_dn="cn=Directory Manager", bind_pw=dm_password)
 

install/tools/man/ipa-dns-install.1

@@ -37,6 +37,9 @@ A forwarder is a DNS server where queries for a specific non\-resolvable address
 \fB\-\-noforwarders\fR
 Do not add any DNS forwarders, send non\-resolvable addresses to the DNS root servers.
 .TP
+\fB\-\-zonemgr\fR
+The e\-mail address of the DNS zone manager. Defaults too root@host.domain
+.TP
 \fB\-d\fR, \fB\-\-debug\fR
 Enable debug logging when more verbose output is needed
 .TP

install/tools/man/ipa-server-install.1

@@ -22,7 +22,7 @@ ipa\-server\-install \- Configure an IPA server
 .SH "SYNOPSIS"
 ipa\-server\-install [\fIOPTION\fR]...
 .SH "DESCRIPTION"
-Configures the services needed by an IPA server. This includes setting up a Kerberos Key Distribution Center (KDC) with an LDAP back\-end, configuring Apache, configuring NTP and starting some IPA\-provided services: ipa_kpasswd and ipa_webgui. By default a dogtag-based CA will be configured to issue server certificates.
+Configures the services needed by an IPA server. This includes setting up a Kerberos Key Distribution Center (KDC) with an LDAP back\-end, configuring Apache, configuring NTP and starting some IPA\-provided services: ipa_kpasswd and ipa_webgui. By default a dogtag\-based CA will be configured to issue server certificates.
 .SH "OPTIONS"
 .TP
 \fB\-u\fR, \fB\-\-user\fR=\fIDS_USER\fR
@@ -47,7 +47,7 @@ The password for the IPA admin user
 Enable debug logging when more verbose output is needed
 .TP
 \fB\-\-selfsign\fR
-Configure a self-signed CA instance for issuing server certificates instead of using dogtag for certificates
+Configure a self\-signed CA instance for issuing server certificates instead of using dogtag for certificates
 .TP
 \fB\-\-hostname\fR=\fIHOST_NAME\fR
 The fully\-qualified DNS name of this server
@@ -71,6 +71,9 @@ the \fB\-\-no\-forwarders\fR option is specified.
 \fB\-\-no\-forwarders\fR
 Do not add any DNS forwarders. Root DNS servers will be used instead.
 .TP
+\fB\-\-zonemgr\fR
+The e\-mail address of the DNS zone manager. Defaults too root@host.domain
+.TP
 \fB\-\-no\-host\-dns\fR
 Do not use DNS for hostname lookup during installation
 .TP

ipaserver/install/bindinstance.py

@@ -91,13 +91,14 @@ def get_reverse_zone(ip_address):
 
     return zone, name
 
-def add_zone(name, update_policy=None, dns_backup=None):
+def add_zone(name, update_policy=None, zonemgr=None, dns_backup=None):
     if not update_policy:
         update_policy = "grant %s krb5-self * A;" % api.env.realm
 
     try:
         api.Command.dns_add(unicode(name),
                             idnssoamname=unicode(api.env.host+"."),
+                            idnssoarname=unicode(zonemgr),
                             idnsallowdynupdate=True,
                             idnsupdatepolicy=unicode(update_policy))
     except (errors.DuplicateEntry, errors.EmptyModlist):
@@ -202,7 +203,7 @@ class BindInstance(service.Service):
         else:
             self.fstore = sysrestore.FileStore('/var/lib/ipa/sysrestore')
 
-    def setup(self, fqdn, ip_address, realm_name, domain_name, forwarders, ntp, named_user="named"):
+    def setup(self, fqdn, ip_address, realm_name, domain_name, forwarders, ntp, named_user="named", zonemgr=None):
         self.named_user = named_user
         self.fqdn = fqdn
         self.ip_address = ip_address
@@ -213,6 +214,11 @@ class BindInstance(service.Service):
         self.suffix = util.realm_to_suffix(self.realm)
         self.ntp = ntp
 
+        if zonemgr:
+            self.zonemgr = zonemgr.replace('@','.')
+        else:
+            self.zonemgr = 'root.%s.%s' % (self.host, self.domain)
+
         tmp = ip_address.split(".")
         tmp.reverse()
 
@@ -283,7 +289,8 @@ class BindInstance(service.Service):
                              SERVER_ID=realm_to_serverid(self.realm),
                              FORWARDERS=fwds,
                              SUFFIX=self.suffix,
-                             OPTIONAL_NTP=optional_ntp)
+                             OPTIONAL_NTP=optional_ntp,
+                             ZONEMGR=self.zonemgr)
 
     def __setup_dns_container(self):
         self._ldap_mod("dns.ldif", self.sub_dict)
@@ -301,7 +308,7 @@ class BindInstance(service.Service):
             ("_kpasswd._udp", "SRV", "0 100 464 %s" % self.host),
         )
 
-        zone = add_zone(self.domain, dns_backup=self.dns_backup)
+        zone = add_zone(self.domain, zonemgr=self.zonemgr, dns_backup=self.dns_backup)
 
         for (host, type, rdata) in resource_records:
             if type == "SRV":