IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

host_del: remove only A, AAAA, SSHFP, PTR records

Browse Source 
only A, AAAA, SSHPF and PTR records are managed by IPA. The other
records should be removed by user.

https://fedorahosted.org/freeipa/ticket/5675

Reviewed-By: Petr Spacek <pspacek@redhat.com>
This commit is contained in:
Martin Basti 2016-04-01 12:45:57 +02:00
parent 1e70d6b914
commit e8c8134eee
1 changed files with 17 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
ipalib/plugins/host.py
View File

@ -35,7 +35,7 @@ from ipalib.plugins.service import (split_principal, validate_certificate,
set_certificate_attrs, ticket_flags_params, update_krbticketflags, set_certificate_attrs, ticket_flags_params, update_krbticketflags,
set_kerberos_attrs, rename_ipaallowedtoperform_from_ldap, set_kerberos_attrs, rename_ipaallowedtoperform_from_ldap,
rename_ipaallowedtoperform_to_ldap, revoke_certs) rename_ipaallowedtoperform_to_ldap, revoke_certs)
from ipalib.plugins.dns import (dns_container_exists, _record_attributes, from ipalib.plugins.dns import (dns_container_exists,
add_records_for_host_validation, add_records_for_host, add_records_for_host_validation, add_records_for_host,
get_reverse_zone) get_reverse_zone)
from ipalib import _, ngettext from ipalib import _, ngettext
@ -121,15 +121,6 @@ register = Registry()
host_pwd_chars = string.digits + string.ascii_letters + '_,.@+-=' host_pwd_chars = string.digits + string.ascii_letters + '_,.@+-='
def remove_fwd_rec(ipaddr, host, domain, recordtype):
api.log.debug('deleting ipaddr %s', ipaddr)
try:
delkw = {recordtype: ipaddr}
api.Command['dnsrecord_del'](domain, host, **delkw)
except errors.NotFound:
api.log.debug('ipaddr %s not found', ipaddr)
def remove_ptr_rec(ipaddr, host, domain): def remove_ptr_rec(ipaddr, host, domain):
api.log.debug('deleting PTR record of ipaddr %s', ipaddr) api.log.debug('deleting PTR record of ipaddr %s', ipaddr)
try: try:
@ -764,26 +755,31 @@ class host_del(LDAPDelete):
updatedns = False updatedns = False
if updatedns: if updatedns:
# Remove DNS entries # Remove A, AAAA, SSHFP and PTR records of the host
parts = fqdn.split('.') parts = fqdn.split('.')
domain = unicode('.'.join(parts[1:])) domain = unicode('.'.join(parts[1:]))
# Get all forward resources for this host # Get all resources for this host
try: try:
record = api.Command['dnsrecord_show']( record = api.Command['dnsrecord_show'](
domain, parts[0])['result'] domain, parts[0])['result']
except errors.NotFound: except errors.NotFound:
self.obj.handle_not_found(*keys) self.obj.handle_not_found(*keys)
else: else:
for attr in _record_attributes: # remove PTR records first
for attr in ('arecord', 'aaaarecord'):
for val in record.get(attr, []): for val in record.get(attr, []):
if attr in ('arecord', 'aaaarecord'): remove_ptr_rec(val, parts[0], domain)
remove_fwd_rec(val, parts[0], domain, attr) try:
remove_ptr_rec(val, parts[0], domain) # remove all A, AAAA, SSHFP records of the host
elif (val.endswith(parts[0]) or api.Command['dnsrecord_mod'](
val.endswith(fqdn + '.')): domain,
delkw = {unicode(attr): val} record['idnsname'][0],
api.Command['dnsrecord_del']( arecord=[],
domain, record['idnsname'][0], **delkw) aaaarecord=[],
sshfprecord=[]
)
except errors.EmptyModlist:
pass
if self.api.Command.ca_is_enabled()['result']: if self.api.Command.ca_is_enabled()['result']:
try: try: