Catch DNS exceptions during emptyzones named.conf upgrade

For some reasons named may not be runnig and this cause fail of this upgrade step. This step is not critical so only ERROR message with recommendation is shown. https://fedorahosted.org/freeipa/ticket/6205 Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
2025-02-25 18:55:28 -06:00 · 2016-09-13 19:12:40 +02:00 · 2016-09-13 19:12:40 +02:00 · e39cc53d90
commit e39cc53d90
parent afeb4bd8a6
1 changed files with 14 additions and 3 deletions
--- a/ipaserver/install/server/upgrade.py
+++ b/ipaserver/install/server/upgrade.py
@ -11,6 +11,8 @@ import pwd
 import fileinput
 import sys

+import dns.exception
+
 import six
 from six.moves.configparser import SafeConfigParser

@ -840,9 +842,18 @@ def named_update_global_forwarder_policy():
        'forward_policy_conflict_with_empty_zones_handled',
        True
    )
+    try:
        if not dnsutil.has_empty_zone_addresses(api.env.host):
-        # guess: local server does not have IP addresses from private ranges
-        # so hopefully automatic empty zones are not a problem
+            # guess: local server does not have IP addresses from private
+            # ranges so hopefully automatic empty zones are not a problem
+            return False
+    except dns.exception.DNSException as ex:
+        root_logger.error(
+            'Skipping update of global DNS forwarder in named.conf: '
+            'Unable to determine if local server is using an '
+            'IP address belonging to an automatic empty zone. '
+            'Consider changing forwarding policy to "only". '
+            'DNS exception: %s', ex)
        return False

    if bindinstance.named_conf_get_directive(