mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-02-25 18:55:28 -06:00
Deleting a non-fully-qualified hostname should still delete its services
We were being left with orphan services if the host entry was not removed using the FQDN.
This commit is contained in:
Rob Crittenden
@@ -40,7 +40,7 @@ def validate_host(ugettext, fqdn):
|
|||||||
Require at least one dot in the hostname (to support localhost.localdomain)
|
Require at least one dot in the hostname (to support localhost.localdomain)
|
||||||
"""
|
"""
|
||||||
if fqdn.find('.') == -1:
|
if fqdn.find('.') == -1:
|
||||||
return 'Fully-qualified hostname required'
|
return _('Fully-qualified hostname required')
|
||||||
return None
|
return None
|
||||||
|
|
||||||
|
|
||||||
@@ -181,11 +181,17 @@ class host_del(LDAPDelete):
|
|||||||
msg_summary = _('Deleted host "%(value)s"')
|
msg_summary = _('Deleted host "%(value)s"')
|
||||||
|
|
||||||
def pre_callback(self, ldap, dn, *keys, **options):
|
def pre_callback(self, ldap, dn, *keys, **options):
|
||||||
|
# If we aren't given a fqdn, find it
|
||||||
|
if validate_host(None, keys[-1]) is not None:
|
||||||
|
hostentry = api.Command['host_show'](keys[-1])['result']
|
||||||
|
fqdn = hostentry['fqdn'][0]
|
||||||
|
else:
|
||||||
|
fqdn = keys[-1]
|
||||||
# Remove all service records for this host
|
# Remove all service records for this host
|
||||||
truncated = True
|
truncated = True
|
||||||
while truncated:
|
while truncated:
|
||||||
try:
|
try:
|
||||||
ret = api.Command['service_find'](keys[-1])
|
ret = api.Command['service_find'](fqdn)
|
||||||
truncated = ret['truncated']
|
truncated = ret['truncated']
|
||||||
services = ret['result']
|
services = ret['result']
|
||||||
except errors.NotFound:
|
except errors.NotFound:
|
||||||
@@ -194,7 +200,7 @@ class host_del(LDAPDelete):
|
|||||||
for entry_attrs in services:
|
for entry_attrs in services:
|
||||||
principal = entry_attrs['krbprincipalname'][0]
|
principal = entry_attrs['krbprincipalname'][0]
|
||||||
(service, hostname, realm) = split_principal(principal)
|
(service, hostname, realm) = split_principal(principal)
|
||||||
if hostname.lower() == keys[-1]:
|
if hostname.lower() == fqdn:
|
||||||
api.Command['service_del'](principal)
|
api.Command['service_del'](principal)
|
||||||
return dn
|
return dn
|
||||||
|
|
||||||
|
|||||||
@@ -71,3 +71,13 @@ taskgroup = [
|
|||||||
u'groupofnames',
|
u'groupofnames',
|
||||||
u'top'
|
u'top'
|
||||||
]
|
]
|
||||||
|
|
||||||
|
service = [
|
||||||
|
u'krbprincipal',
|
||||||
|
u'krbprincipalaux',
|
||||||
|
u'krbticketpolicyaux',
|
||||||
|
u'ipaobject',
|
||||||
|
u'ipaservice',
|
||||||
|
u'pkiuser',
|
||||||
|
u'top',
|
||||||
|
]
|
||||||
|
|||||||
@@ -28,13 +28,17 @@ from tests.test_xmlrpc import objectclasses
|
|||||||
|
|
||||||
|
|
||||||
fqdn1 = u'testhost1.%s' % api.env.domain
|
fqdn1 = u'testhost1.%s' % api.env.domain
|
||||||
|
short1 = u'testhost1'
|
||||||
dn1 = u'fqdn=%s,cn=computers,cn=accounts,%s' % (fqdn1, api.env.basedn)
|
dn1 = u'fqdn=%s,cn=computers,cn=accounts,%s' % (fqdn1, api.env.basedn)
|
||||||
|
service1 = u'dns/%s@%s' % (fqdn1, api.env.realm)
|
||||||
|
service1dn = u'krbprincipalname=%s,cn=services,cn=accounts,%s' % (service1.lower(), api.env.basedn)
|
||||||
|
|
||||||
|
|
||||||
class test_host(Declarative):
|
class test_host(Declarative):
|
||||||
|
|
||||||
cleanup_commands = [
|
cleanup_commands = [
|
||||||
('host_del', [fqdn1], {}),
|
('host_del', [fqdn1], {}),
|
||||||
|
('service_del', [service1], {}),
|
||||||
]
|
]
|
||||||
|
|
||||||
tests = [
|
tests = [
|
||||||
@@ -252,4 +256,66 @@ class test_host(Declarative):
|
|||||||
expected=errors.NotFound(reason='no such entry'),
|
expected=errors.NotFound(reason='no such entry'),
|
||||||
),
|
),
|
||||||
|
|
||||||
|
# Test deletion using a non-fully-qualified hostname. Services
|
||||||
|
# associated with this host should also be removed.
|
||||||
|
dict(
|
||||||
|
desc='Re-create %r' % fqdn1,
|
||||||
|
command=('host_add', [fqdn1],
|
||||||
|
dict(
|
||||||
|
description=u'Test host 1',
|
||||||
|
l=u'Undisclosed location 1',
|
||||||
|
),
|
||||||
|
),
|
||||||
|
expected=dict(
|
||||||
|
value=fqdn1,
|
||||||
|
summary=u'Added host "%s"' % fqdn1,
|
||||||
|
result=dict(
|
||||||
|
dn=dn1,
|
||||||
|
fqdn=[fqdn1],
|
||||||
|
description=[u'Test host 1'],
|
||||||
|
l=[u'Undisclosed location 1'],
|
||||||
|
krbprincipalname=[u'host/%s@%s' % (fqdn1, api.env.realm)],
|
||||||
|
objectclass=objectclasses.host,
|
||||||
|
ipauniqueid=[fuzzy_uuid],
|
||||||
|
),
|
||||||
|
),
|
||||||
|
),
|
||||||
|
|
||||||
|
dict(
|
||||||
|
desc='Add a service to host %r' % fqdn1,
|
||||||
|
command=('service_add', [service1], {}),
|
||||||
|
expected=dict(
|
||||||
|
value=service1,
|
||||||
|
summary=u'Added service "%s"' % service1,
|
||||||
|
result=dict(
|
||||||
|
dn=service1dn,
|
||||||
|
krbprincipalname=[service1],
|
||||||
|
objectclass=objectclasses.service,
|
||||||
|
ipauniqueid=[fuzzy_uuid],
|
||||||
|
),
|
||||||
|
),
|
||||||
|
),
|
||||||
|
|
||||||
|
dict(
|
||||||
|
desc='Delete using host name %r' % short1,
|
||||||
|
command=('host_del', [short1], {}),
|
||||||
|
expected=dict(
|
||||||
|
value=short1,
|
||||||
|
summary=u'Deleted host "%s"' % short1,
|
||||||
|
result=True,
|
||||||
|
),
|
||||||
|
),
|
||||||
|
|
||||||
|
dict(
|
||||||
|
desc='Search for services for %r' % fqdn1,
|
||||||
|
command=('service_find', [fqdn1], {}),
|
||||||
|
expected=dict(
|
||||||
|
count=0,
|
||||||
|
truncated=False,
|
||||||
|
summary=None,
|
||||||
|
result=[
|
||||||
|
],
|
||||||
|
),
|
||||||
|
),
|
||||||
|
|
||||||
]
|
]
|
||||||
|
|||||||
Reference in New Issue
Block a user