Hello,

Patch 64:
ipa-dns-install offer IP addresses from resolv.conf as default forwarders

In non-interactive more option --auto-forwarders can be used to do the
same. --forward option can be used to supply additional IP addresses.

https://fedorahosted.org/freeipa/ticket/5438


Patch 65:
Remove global variable dns_forwarders from ipaserver.install.dns
It seems to me that the global thingy is not necessary, so I've ripped it out.

-- 
Petr^2 Spacek
From aeb8a1a3edafdf50d46968bee3a7f28c6039d4e1 Mon Sep 17 00:00:00 2001
From: Petr Spacek <pspa...@redhat.com>
Date: Tue, 10 Nov 2015 11:22:43 +0100
Subject: [PATCH] ipa-dns-install offer IP addresses from resolv.conf as
 default forwarders

In non-interactive more option --auto-forwarders can be used to do the
same. --forward option can be used to supply additional IP addresses.

https://fedorahosted.org/freeipa/ticket/5438
---
 ipaserver/install/dns.py                   | 12 ++++++++++--
 ipaserver/install/installutils.py          |  7 +++++++
 ipaserver/install/server/common.py         | 14 ++++++++++++++
 ipaserver/install/server/install.py        |  7 ++++---
 ipaserver/install/server/replicainstall.py |  7 ++++---
 5 files changed, 39 insertions(+), 8 deletions(-)

diff --git a/ipaserver/install/dns.py b/ipaserver/install/dns.py
index da24a6f2f4872581f4c0dc6194614b27a4006a0d..a26f4e3e7d44393ea948457e5e8db7a4b9bdc7f3 100644
--- a/ipaserver/install/dns.py
+++ b/ipaserver/install/dns.py
@@ -2,8 +2,11 @@
 # Copyright (C) 2015  FreeIPA Contributors see COPYING for license
 #
 
+from __future__ import absolute_import
 from __future__ import print_function
 
+# absolute import is necessary because IPA module dns clashes with python-dns
+from dns import resolver
 import sys
 
 from subprocess import CalledProcessError
@@ -232,8 +235,13 @@ def install_check(standalone, replica, options, hostname):
 
     if options.no_forwarders:
         dns_forwarders = ()
-    elif options.forwarders:
-        dns_forwarders = options.forwarders
+    elif options.forwarders or options.auto_forwarders:
+        if options.forwarders:
+            dns_forwarders = options.forwarders
+        else:
+            dns_forwarders = []
+        if options.auto_forwarders:
+            dns_forwarders += resolver.get_default_resolver().nameservers
     elif standalone or not replica:
         dns_forwarders = read_dns_forwarders()
 
diff --git a/ipaserver/install/installutils.py b/ipaserver/install/installutils.py
index 1d3551f8bb9cfcac1f6fa24043aea4b5d0a07719..39b5ba6eb2f3ddbe5fd6d68537330a482e966aec 100644
--- a/ipaserver/install/installutils.py
+++ b/ipaserver/install/installutils.py
@@ -295,6 +295,13 @@ def read_ip_addresses():
 def read_dns_forwarders():
     addrs = []
     if ipautil.user_input("Do you want to configure DNS forwarders?", True):
+        print("Following DNS servers are configured in /etc/resolv.conf: %s" %
+                ", ".join(resolver.get_default_resolver().nameservers))
+        if ipautil.user_input("Do you want to configure these servers as DNS "
+                "forwarders?", True):
+            addrs = resolver.default_resolver.nameservers[:]
+            print("All DNS servers from /etc/resolv.conf were added. You can "
+                  "enter additional addresses now:")
         while True:
             ip = ipautil.user_input("Enter an IP address for a DNS forwarder, "
                                     "or press Enter to skip", allow_empty=True)
diff --git a/ipaserver/install/server/common.py b/ipaserver/install/server/common.py
index 93c95dd8e8d2b24af193ee19368959188bcd6cb9..82c2c9eac253f82baeffbebfa388718dcc30d14a 100644
--- a/ipaserver/install/server/common.py
+++ b/ipaserver/install/server/common.py
@@ -167,6 +167,11 @@ class BaseServerDNS(common.Installable, core.Group, core.Composite):
         cli_name='forwarder',
     )
 
+    auto_forwarders = Knob(
+        bool, False,
+        description="Use DNS forwarders configured in /etc/resolv.conf",
+    )
+
     no_forwarders = Knob(
         bool, False,
         description="Do not add any DNS forwarders, use root servers instead",
@@ -395,6 +400,10 @@ class BaseServer(common.Installable, common.Interactive, core.Composite):
                 raise RuntimeError(
                     "You cannot specify a --forwarder option without the "
                     "--setup-dns option")
+            if self.dns.auto_forwarders:
+                raise RuntimeError(
+                    "You cannot specify a --auto-forwarders option without "
+                    "the --setup-dns option")
             if self.dns.no_forwarders:
                 raise RuntimeError(
                     "You cannot specify a --no-forwarders option without the "
@@ -415,6 +424,10 @@ class BaseServer(common.Installable, common.Interactive, core.Composite):
             raise RuntimeError(
                 "You cannot specify a --forwarder option together with "
                 "--no-forwarders")
+        elif self.dns.auto_forwarders and self.dns.no_forwarders:
+            raise RuntimeError(
+                "You cannot specify a --auto-forwarders option together with "
+                "--no-forwarders")
         elif self.dns.reverse_zones and self.dns.no_reverse:
             raise RuntimeError(
                 "You cannot specify a --reverse-zone option together with "
@@ -441,6 +454,7 @@ class BaseServer(common.Installable, common.Interactive, core.Composite):
         self.skip_schema_check = self.ca.skip_schema_check
 
         self.forwarders = self.dns.forwarders
+        self.auto_forwarders = self.dns.auto_forwarders
         self.no_forwarders = self.dns.no_forwarders
         self.reverse_zones = self.dns.reverse_zones
         self.no_reverse = self.dns.no_reverse
diff --git a/ipaserver/install/server/install.py b/ipaserver/install/server/install.py
index 16539892dcffb3ad0e95aab0c5a3d85f3bb44c48..bd83634218f75d8e6ed340cd045b2b302c5f7220 100644
--- a/ipaserver/install/server/install.py
+++ b/ipaserver/install/server/install.py
@@ -1283,10 +1283,11 @@ class Server(BaseServer):
                     "and -a options")
             if self.setup_dns:
                 #pylint: disable=no-member
-                if not self.dns.forwarders and not self.dns.no_forwarders:
+                if (not self.dns.forwarders and not self.dns.no_forwarders
+                    and not self.dns.auto_forwarders):
                     raise RuntimeError(
-                        "You must specify at least one --forwarder option or "
-                        "--no-forwarders option")
+                        "You must specify at least one of --forwarder, "
+                        "--auto-forwarders, or --no-forwarders options")
 
         if self.idmax < self.idstart:
             raise RuntimeError(
diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py
index b01df9526bb3a7dce7abca67f85fc54cd95f6218..07b954dcb2063731047ad00b4e8049fc7bb90351 100644
--- a/ipaserver/install/server/replicainstall.py
+++ b/ipaserver/install/server/replicainstall.py
@@ -1215,10 +1215,11 @@ class Replica(BaseServer):
 
         if self.setup_dns:
             #pylint: disable=no-member
-            if not self.dns.forwarders and not self.dns.no_forwarders:
+            if (not self.dns.forwarders and not self.dns.no_forwarders
+                and not self.dns.auto_forwarders):
                 raise RuntimeError(
-                    "You must specify at least one --forwarder option or "
-                    "--no-forwarders option")
+                    "You must specify at least one of --forwarder, "
+                    "--auto-forwarders, or --no-forwarders options")
 
         self.password = self.dm_password
 
-- 
2.4.3

From ebd429020bc3623f696a2e44206b69c79e1461b2 Mon Sep 17 00:00:00 2001
From: Petr Spacek <pspa...@redhat.com>
Date: Tue, 10 Nov 2015 16:53:10 +0100
Subject: [PATCH] Remove global variable dns_forwarders from
 ipaserver.install.dns

---
 ipaserver/install/dns.py            | 27 ++++++++++++---------------
 ipaserver/install/server/install.py |  5 ++---
 2 files changed, 14 insertions(+), 18 deletions(-)

diff --git a/ipaserver/install/dns.py b/ipaserver/install/dns.py
index a26f4e3e7d44393ea948457e5e8db7a4b9bdc7f3..421afbc0c9f6b44c3c96748d58930ec82e36f14e 100644
--- a/ipaserver/install/dns.py
+++ b/ipaserver/install/dns.py
@@ -32,7 +32,6 @@ from ipaserver.install import odsexporterinstance
 from ipaserver.install import opendnssecinstance
 
 ip_addresses = []
-dns_forwarders = []
 reverse_zones = []
 
 NEW_MASTER_MARK = 'NEW_DNSSEC_MASTER'
@@ -102,7 +101,6 @@ def _disable_dnssec():
 
 def install_check(standalone, replica, options, hostname):
     global ip_addresses
-    global dns_forwarders
     global reverse_zones
     fstore = sysrestore.FileStore(paths.SYSRESTORE)
 
@@ -234,25 +232,24 @@ def install_check(standalone, replica, options, hostname):
                                          True, options.ip_addresses)
 
     if options.no_forwarders:
-        dns_forwarders = ()
+        options.forwarders = []
     elif options.forwarders or options.auto_forwarders:
-        if options.forwarders:
-            dns_forwarders = options.forwarders
-        else:
-            dns_forwarders = []
+        if not options.forwarders:
+            options.forwarders = []
         if options.auto_forwarders:
-            dns_forwarders += resolver.get_default_resolver().nameservers
+            options.forwarders += resolver.get_default_resolver().nameservers
     elif standalone or not replica:
-        dns_forwarders = read_dns_forwarders()
+        options.forwarders = read_dns_forwarders()
 
     # test DNSSEC forwarders
-    if dns_forwarders:
-        if (not bindinstance.check_forwarders(dns_forwarders, root_logger) and
-                not options.no_dnssec_validation):
+    if options.forwarders:
+        if (not bindinstance.check_forwarders(options.forwarders,
+                                              root_logger)
+                and not options.no_dnssec_validation):
             options.no_dnssec_validation = True
             print("WARNING: DNSSEC validation will be disabled")
 
-    root_logger.debug("will use dns_forwarders: %s\n", dns_forwarders)
+    root_logger.debug("will use DNS forwarders: %s\n", options.forwarders)
 
     if not standalone:
         search_reverse_zones = False
@@ -275,7 +272,6 @@ def install_check(standalone, replica, options, hostname):
 
 def install(standalone, replica, options, api=api):
     global ip_addresses
-    global dns_forwarders
     global reverse_zones
 
     local_dnskeysyncd_dn = DN(('cn', 'DNSKeySync'), ('cn', api.env.host),
@@ -294,7 +290,8 @@ def install(standalone, replica, options, api=api):
     bind = bindinstance.BindInstance(fstore, ldapi=True, api=api,
                                      autobind=AUTOBIND_ENABLED)
     bind.setup(api.env.host, ip_addresses, api.env.realm, api.env.domain,
-               dns_forwarders, conf_ntp, reverse_zones, zonemgr=options.zonemgr,
+               options.forwarders, conf_ntp, reverse_zones,
+               zonemgr=options.zonemgr,
                no_dnssec_validation=options.no_dnssec_validation,
                ca_configured=options.setup_ca)
 
diff --git a/ipaserver/install/server/install.py b/ipaserver/install/server/install.py
index bd83634218f75d8e6ed340cd045b2b302c5f7220..2c3b11504300dd1afefbb471c12f957aba2e075f 100644
--- a/ipaserver/install/server/install.py
+++ b/ipaserver/install/server/install.py
@@ -630,8 +630,8 @@ def install_check(installer):
     if options.setup_dns:
         print("BIND DNS server will be configured to serve IPA domain with:")
         print("Forwarders:    %s" % (
-            "No forwarders" if not dns.dns_forwarders
-            else ", ".join([str(ip) for ip in dns.dns_forwarders])
+            "No forwarders" if not options.forwarders
+            else ", ".join([str(ip) for ip in options.forwarders])
         ))
         print("Reverse zone(s):  %s" % (
             "No reverse zone" if options.no_reverse or not dns.reverse_zones
@@ -769,7 +769,6 @@ def install(installer):
             options.dm_password = dm_password
             options.admin_password = admin_password
             options.host_name = host_name
-            options.forwarders = dns.dns_forwarders
             options.reverse_zones = dns.reverse_zones
             cache_vars = {n: getattr(options, n) for o, n in installer.knobs()}
             write_cache(cache_vars)
-- 
2.4.3

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to