Fix a regression in one of my earlier patches.

https://fedorahosted.org/freeipa/ticket/3194

--
PetrĀ³
From 3223c4e3bb7bec0c3daf8cbd36a6d72b339da0e3 Mon Sep 17 00:00:00 2001
From: Petr Viktorin <pvikt...@redhat.com>
Date: Fri, 19 Oct 2012 12:22:33 -0400
Subject: [PATCH] ipa-replica-install: Use configured IPA DNS servers in
 forward/reverse resolution check

Previously, ipa-replica-install tried to check DNS resolution on the master
being cloned. If that master was not a DNS server, the check failed.

Change the check to query the first available configured DNS server.

Log about the check before actually running it.
Log in the case the check is skipped (no IPA DNS servers installed).

https://fedorahosted.org/freeipa/ticket/3194
---
 install/tools/ipa-replica-install | 30 ++++++++++++++++++++++--------
 1 file changed, 22 insertions(+), 8 deletions(-)

diff --git a/install/tools/ipa-replica-install b/install/tools/ipa-replica-install
index b56fa2ea5826b6fe25e6db02c7e640e50bca0790..e39698914d066509279b9729212a58621bf95753 100755
--- a/install/tools/ipa-replica-install
+++ b/install/tools/ipa-replica-install
@@ -313,12 +313,23 @@ def check_bind():
         sys.exit(1)
 
 
-def check_dns_resolution(host_name, dns_server):
-    """Check forward and reverse resolution of host_name using dns_server
+def check_dns_resolution(host_name, dns_servers):
+    """Check forward and reverse resolution of host_name using dns_servers
     """
     # Point the resolver at specified DNS server
-    server_ips = list(
-            a[4][0] for a in socket.getaddrinfo(dns_server, None))
+    server_ips = []
+    for dns_server in dns_servers:
+        try:
+            server_ips = list(
+                a[4][0] for a in socket.getaddrinfo(dns_server, None))
+        except socket.error:
+            pass
+        else:
+            break
+    if not server_ips:
+        root_logger.error(
+            'Could not resolve any DNS server hostname: %s', dns_servers)
+        return False
     resolver = dns.resolver.Resolver()
     resolver.nameservers = server_ips
 
@@ -547,15 +558,18 @@ def main():
                 config.master_host_name, config.dirman_password):
             dns_masters = api.Object['dnsrecord'].get_dns_masters()
         if dns_masters:
-            master = config.master_host_name
             if not options.no_host_dns:
-                resolution_ok = (
-                    check_dns_resolution(master, master) and
-                    check_dns_resolution(config.host_name, master))
+                master = config.master_host_name
                 root_logger.debug('Check forward/reverse DNS resolution')
+                resolution_ok = (
+                    check_dns_resolution(master, dns_masters) and
+                    check_dns_resolution(config.host_name, dns_masters))
                 if not resolution_ok and not options.unattended:
                     if not ipautil.user_input("Continue?", False):
                         sys.exit(0)
+        else:
+            root_logger.debug('No IPA DNS servers, '
+                'skipping forward/reverse resolution check')
 
         # Check that we don't already have a replication agreement
         try:
-- 
1.7.11.7

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to