mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-24 16:10:02 -06:00
host_del: remove only A, AAAA, SSHFP, PTR records
only A, AAAA, SSHPF and PTR records are managed by IPA. The other records should be removed by user. https://fedorahosted.org/freeipa/ticket/5675 Reviewed-By: Petr Spacek <pspacek@redhat.com>
This commit is contained in:
parent
1e70d6b914
commit
e8c8134eee
@ -35,7 +35,7 @@ from ipalib.plugins.service import (split_principal, validate_certificate,
|
||||
set_certificate_attrs, ticket_flags_params, update_krbticketflags,
|
||||
set_kerberos_attrs, rename_ipaallowedtoperform_from_ldap,
|
||||
rename_ipaallowedtoperform_to_ldap, revoke_certs)
|
||||
from ipalib.plugins.dns import (dns_container_exists, _record_attributes,
|
||||
from ipalib.plugins.dns import (dns_container_exists,
|
||||
add_records_for_host_validation, add_records_for_host,
|
||||
get_reverse_zone)
|
||||
from ipalib import _, ngettext
|
||||
@ -121,15 +121,6 @@ register = Registry()
|
||||
host_pwd_chars = string.digits + string.ascii_letters + '_,.@+-='
|
||||
|
||||
|
||||
def remove_fwd_rec(ipaddr, host, domain, recordtype):
|
||||
api.log.debug('deleting ipaddr %s', ipaddr)
|
||||
try:
|
||||
delkw = {recordtype: ipaddr}
|
||||
api.Command['dnsrecord_del'](domain, host, **delkw)
|
||||
except errors.NotFound:
|
||||
api.log.debug('ipaddr %s not found', ipaddr)
|
||||
|
||||
|
||||
def remove_ptr_rec(ipaddr, host, domain):
|
||||
api.log.debug('deleting PTR record of ipaddr %s', ipaddr)
|
||||
try:
|
||||
@ -764,26 +755,31 @@ class host_del(LDAPDelete):
|
||||
updatedns = False
|
||||
|
||||
if updatedns:
|
||||
# Remove DNS entries
|
||||
# Remove A, AAAA, SSHFP and PTR records of the host
|
||||
parts = fqdn.split('.')
|
||||
domain = unicode('.'.join(parts[1:]))
|
||||
# Get all forward resources for this host
|
||||
# Get all resources for this host
|
||||
try:
|
||||
record = api.Command['dnsrecord_show'](
|
||||
domain, parts[0])['result']
|
||||
except errors.NotFound:
|
||||
self.obj.handle_not_found(*keys)
|
||||
else:
|
||||
for attr in _record_attributes:
|
||||
# remove PTR records first
|
||||
for attr in ('arecord', 'aaaarecord'):
|
||||
for val in record.get(attr, []):
|
||||
if attr in ('arecord', 'aaaarecord'):
|
||||
remove_fwd_rec(val, parts[0], domain, attr)
|
||||
remove_ptr_rec(val, parts[0], domain)
|
||||
elif (val.endswith(parts[0]) or
|
||||
val.endswith(fqdn + '.')):
|
||||
delkw = {unicode(attr): val}
|
||||
api.Command['dnsrecord_del'](
|
||||
domain, record['idnsname'][0], **delkw)
|
||||
remove_ptr_rec(val, parts[0], domain)
|
||||
try:
|
||||
# remove all A, AAAA, SSHFP records of the host
|
||||
api.Command['dnsrecord_mod'](
|
||||
domain,
|
||||
record['idnsname'][0],
|
||||
arecord=[],
|
||||
aaaarecord=[],
|
||||
sshfprecord=[]
|
||||
)
|
||||
except errors.EmptyModlist:
|
||||
pass
|
||||
|
||||
if self.api.Command.ca_is_enabled()['result']:
|
||||
try:
|
||||
|
Loading…
Reference in New Issue
Block a user