Re: [Freeipa-devel] [PATCH 0064-0065] ipa-dns-install offers IP addresses from resolv.conf as default forwarder
On 1.12.2015 09:33, Petr Spacek wrote: On 26.11.2015 09:01, Jan Cholasta wrote: On 11.11.2015 15:27, Petr Spacek wrote: On 11.11.2015 09:36, Martin Babinsky wrote: On 11/11/2015 09:32 AM, Jan Cholasta wrote: On 11.11.2015 09:27, Martin Babinsky wrote: On 11/11/2015 08:12 AM, Jan Cholasta wrote: On 10.11.2015 16:58, Petr Spacek wrote: Hello, Patch 64: ipa-dns-install offer IP addresses from resolv.conf as default forwarders In non-interactive more option --auto-forwarders can be used to do the same. --forward option can be used to supply additional IP addresses. https://fedorahosted.org/freeipa/ticket/5438 IMO it's perverse to add option which effectively means "use default value" instead of actually using the value as default. This is inconsistent with every other option and I don't see what makes forwarders so special to require this. NACK unless you have a strong justification for this. Motivation: /etc/resolv.conf holds nearest DNS servers. On the other hand, you want to have backup forwarder which may not be local but could work even if local ones fail. Option --default-forwarders reads list of "local" servers from resolv.conf and --forwarder option allows you to add additional IP addresses to it. So your Ansible script can contain call like: ipa-server-install --setup-dns --default-forwarder --forwarder= and you do not need to worry about mapping sites to nearest servers etc. Is it possible to use default_getter decorator to fetch defaults for the 'forwarders' knob from the resolver if it is avaliable like so (warning: untested and possibly wrong)? Yes, this is exactly how it should be used (although the exception handling could be better). That was just a quick example off the top of my head without much thought going into it. Anyway, when running in interactive mode the installer can inform the user that he found these forwarders as defaults and prompt whether they shoud be used. After discussion in person we decided to not use default_getter decorator because that would change current behavior in an unexpected way. Original option --auto-forwarders was renamed to --default-forwarders because it sounds nicer :-D Turns out I misunderstood the intent here and after another discussion in person we decided to go with the --auto-forwarders option. ACK on the original patch. Petr, could you please rebase patch 65 on top of current master? Sure. I'm sorry for the delay! Thank you, ACK. Pushed to master: 8f5f0d6edd25d2ca747c0477366fb392a26390f2 -- Jan Cholasta -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
Re: [Freeipa-devel] [PATCH 0064-0065] ipa-dns-install offers IP addresses from resolv.conf as default forwarder
On 26.11.2015 09:01, Jan Cholasta wrote:
> On 11.11.2015 15:27, Petr Spacek wrote:
>> On 11.11.2015 09:36, Martin Babinsky wrote:
>>> On 11/11/2015 09:32 AM, Jan Cholasta wrote:
On 11.11.2015 09:27, Martin Babinsky wrote:
> On 11/11/2015 08:12 AM, Jan Cholasta wrote:
>> On 10.11.2015 16:58, Petr Spacek wrote:
>>> Hello,
>>>
>>> Patch 64:
>>> ipa-dns-install offer IP addresses from resolv.conf as default
>>> forwarders
>>>
>>> In non-interactive more option --auto-forwarders can be used to do the
>>> same. --forward option can be used to supply additional IP addresses.
>>>
>>> https://fedorahosted.org/freeipa/ticket/5438
>>
>> IMO it's perverse to add option which effectively means "use default
>> value" instead of actually using the value as default. This is
>> inconsistent with every other option and I don't see what makes
>> forwarders so special to require this.
>>
>> NACK unless you have a strong justification for this.
>>
>> Motivation:
>> /etc/resolv.conf holds nearest DNS servers. On the other hand, you want to
>> have backup forwarder which may not be local but could work even if local
>> ones
>> fail.
>>
>> Option --default-forwarders reads list of "local" servers from resolv.conf
>> and
>> --forwarder option allows you to add additional IP addresses to it.
>>
>> So your Ansible script can contain call like:
>> ipa-server-install --setup-dns --default-forwarder
>> --forwarder=
>> and you do not need to worry about mapping sites to nearest servers etc.
>>
> Is it possible to use default_getter decorator to fetch defaults for the
> 'forwarders' knob from the resolver if it is avaliable like so (warning:
> untested and possibly wrong)?
Yes, this is exactly how it should be used (although the exception
handling could be better).
>>> That was just a quick example off the top of my head without much thought
>>> going into it.
>>>
>>> Anyway, when running in interactive mode the installer can inform the user
>>> that he found these forwarders as defaults and prompt whether they shoud be
>>> used.
>>
>> After discussion in person we decided to not use default_getter decorator
>> because that would change current behavior in an unexpected way.
>>
>> Original option --auto-forwarders was renamed to --default-forwarders because
>> it sounds nicer :-D
>
> Turns out I misunderstood the intent here and after another discussion in
> person we decided to go with the --auto-forwarders option.
>
> ACK on the original patch.
>
> Petr, could you please rebase patch 65 on top of current master?
Sure. I'm sorry for the delay!
--
Petr^2 Spacek
From 6e046e7ecd59777f52d9ae703e1a4e1245a3af3a Mon Sep 17 00:00:00 2001
From: Petr Spacek
Date: Tue, 10 Nov 2015 11:22:43 +0100
Subject: [PATCH] ipa-dns-install offer IP addresses from resolv.conf as
default forwarders
In non-interactive more option --auto-forwarders can be used to do the
same. --forward option can be used to supply additional IP addresses.
https://fedorahosted.org/freeipa/ticket/5438
---
ipaserver/install/dns.py | 12 ++--
ipaserver/install/installutils.py | 7 +++
ipaserver/install/server/common.py | 14 ++
ipaserver/install/server/install.py| 7 ---
ipaserver/install/server/replicainstall.py | 7 ---
5 files changed, 39 insertions(+), 8 deletions(-)
diff --git a/ipaserver/install/dns.py b/ipaserver/install/dns.py
index 615bd557b2e675c3e5fa362d338a35c6b697932d..6c8e952f4ba44d64875f207c15c6a0f4bfcb05ec 100644
--- a/ipaserver/install/dns.py
+++ b/ipaserver/install/dns.py
@@ -2,8 +2,11 @@
# Copyright (C) 2015 FreeIPA Contributors see COPYING for license
#
+from __future__ import absolute_import
from __future__ import print_function
+# absolute import is necessary because IPA module dns clashes with python-dns
+from dns import resolver
import sys
from subprocess import CalledProcessError
@@ -230,8 +233,13 @@ def install_check(standalone, replica, options, hostname):
if options.no_forwarders:
dns_forwarders = ()
-elif options.forwarders:
-dns_forwarders = options.forwarders
+elif options.forwarders or options.auto_forwarders:
+if options.forwarders:
+dns_forwarders = options.forwarders
+else:
+dns_forwarders = []
+if options.auto_forwarders:
+dns_forwarders += resolver.get_default_resolver().nameservers
elif standalone or not replica:
dns_forwarders = read_dns_forwarders()
diff --git a/ipaserver/install/installutils.py b/ipaserver/install/installutils.py
index 489d03bdad0909ffe78736f720e4376206689a6a..156c8a5eb01a2e66f4dccc4b4d71605f09406dba 100644
--- a/ipaserver/install/installutils.py
+++ b/ipaserver/install/installutils.py
@@ -282,6 +282,13 @@ def read_ip_addresses():
def read_dns_forwarders():
addrs = []
if ipautil.user_input("Do you
Re: [Freeipa-devel] [PATCH 0064-0065] ipa-dns-install offers IP addresses from resolv.conf as default forwarder
On 11.11.2015 15:27, Petr Spacek wrote: On 11.11.2015 09:36, Martin Babinsky wrote: On 11/11/2015 09:32 AM, Jan Cholasta wrote: On 11.11.2015 09:27, Martin Babinsky wrote: On 11/11/2015 08:12 AM, Jan Cholasta wrote: On 10.11.2015 16:58, Petr Spacek wrote: Hello, Patch 64: ipa-dns-install offer IP addresses from resolv.conf as default forwarders In non-interactive more option --auto-forwarders can be used to do the same. --forward option can be used to supply additional IP addresses. https://fedorahosted.org/freeipa/ticket/5438 IMO it's perverse to add option which effectively means "use default value" instead of actually using the value as default. This is inconsistent with every other option and I don't see what makes forwarders so special to require this. NACK unless you have a strong justification for this. Motivation: /etc/resolv.conf holds nearest DNS servers. On the other hand, you want to have backup forwarder which may not be local but could work even if local ones fail. Option --default-forwarders reads list of "local" servers from resolv.conf and --forwarder option allows you to add additional IP addresses to it. So your Ansible script can contain call like: ipa-server-install --setup-dns --default-forwarder --forwarder= and you do not need to worry about mapping sites to nearest servers etc. Is it possible to use default_getter decorator to fetch defaults for the 'forwarders' knob from the resolver if it is avaliable like so (warning: untested and possibly wrong)? Yes, this is exactly how it should be used (although the exception handling could be better). That was just a quick example off the top of my head without much thought going into it. Anyway, when running in interactive mode the installer can inform the user that he found these forwarders as defaults and prompt whether they shoud be used. After discussion in person we decided to not use default_getter decorator because that would change current behavior in an unexpected way. Original option --auto-forwarders was renamed to --default-forwarders because it sounds nicer :-D Turns out I misunderstood the intent here and after another discussion in person we decided to go with the --auto-forwarders option. ACK on the original patch. Petr, could you please rebase patch 65 on top of current master? -- Jan Cholasta -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
Re: [Freeipa-devel] [PATCH 0064-0065] ipa-dns-install offers IP addresses from resolv.conf as default forwarder
On 11.11.2015 09:36, Martin Babinsky wrote:
> On 11/11/2015 09:32 AM, Jan Cholasta wrote:
>> On 11.11.2015 09:27, Martin Babinsky wrote:
>>> On 11/11/2015 08:12 AM, Jan Cholasta wrote:
On 10.11.2015 16:58, Petr Spacek wrote:
> Hello,
>
> Patch 64:
> ipa-dns-install offer IP addresses from resolv.conf as default
> forwarders
>
> In non-interactive more option --auto-forwarders can be used to do the
> same. --forward option can be used to supply additional IP addresses.
>
> https://fedorahosted.org/freeipa/ticket/5438
IMO it's perverse to add option which effectively means "use default
value" instead of actually using the value as default. This is
inconsistent with every other option and I don't see what makes
forwarders so special to require this.
NACK unless you have a strong justification for this.
Motivation:
/etc/resolv.conf holds nearest DNS servers. On the other hand, you want to
have backup forwarder which may not be local but could work even if local ones
fail.
Option --default-forwarders reads list of "local" servers from resolv.conf and
--forwarder option allows you to add additional IP addresses to it.
So your Ansible script can contain call like:
ipa-server-install --setup-dns --default-forwarder
--forwarder=
and you do not need to worry about mapping sites to nearest servers etc.
>>> Is it possible to use default_getter decorator to fetch defaults for the
>>> 'forwarders' knob from the resolver if it is avaliable like so (warning:
>>> untested and possibly wrong)?
>>
>> Yes, this is exactly how it should be used (although the exception
>> handling could be better).
>>
> That was just a quick example off the top of my head without much thought
> going into it.
>
> Anyway, when running in interactive mode the installer can inform the user
> that he found these forwarders as defaults and prompt whether they shoud be
> used.
After discussion in person we decided to not use default_getter decorator
because that would change current behavior in an unexpected way.
Original option --auto-forwarders was renamed to --default-forwarders because
it sounds nicer :-D
> Patch 65:
> Remove global variable dns_forwarders from ipaserver.install.dns
> It seems to me that the global thingy is not necessary, so I've ripped
> it out.
ACK.
Rebased version of patch 65 is attached.
--
Petr^2 Spacek
From ad97c62d747eed85505d5a2a54bdca1cad531d36 Mon Sep 17 00:00:00 2001
From: Petr Spacek
Date: Tue, 10 Nov 2015 11:22:43 +0100
Subject: [PATCH] ipa-dns-install offer IP addresses from resolv.conf as
default forwarders
In non-interactive more option --auto-forwarders can be used to do the
same. --forward option can be used to supply additional IP addresses.
https://fedorahosted.org/freeipa/ticket/5438
---
ipaserver/install/dns.py | 12 ++--
ipaserver/install/installutils.py | 7 +++
ipaserver/install/server/common.py | 14 ++
ipaserver/install/server/install.py| 7 ---
ipaserver/install/server/replicainstall.py | 7 ---
5 files changed, 39 insertions(+), 8 deletions(-)
diff --git a/ipaserver/install/dns.py b/ipaserver/install/dns.py
index da24a6f2f4872581f4c0dc6194614b27a4006a0d..8e2f1ba28180c4356d82a9caa17d491889c36558 100644
--- a/ipaserver/install/dns.py
+++ b/ipaserver/install/dns.py
@@ -2,8 +2,11 @@
# Copyright (C) 2015 FreeIPA Contributors see COPYING for license
#
+from __future__ import absolute_import
from __future__ import print_function
+# absolute import is necessary because IPA module dns clashes with python-dns
+from dns import resolver
import sys
from subprocess import CalledProcessError
@@ -232,8 +235,13 @@ def install_check(standalone, replica, options, hostname):
if options.no_forwarders:
dns_forwarders = ()
-elif options.forwarders:
-dns_forwarders = options.forwarders
+elif options.forwarders or options.default_forwarders:
+if options.forwarders:
+dns_forwarders = options.forwarders
+else:
+dns_forwarders = []
+if options.default_forwarders:
+dns_forwarders += resolver.get_default_resolver().nameservers
elif standalone or not replica:
dns_forwarders = read_dns_forwarders()
diff --git a/ipaserver/install/installutils.py b/ipaserver/install/installutils.py
index 1d3551f8bb9cfcac1f6fa24043aea4b5d0a07719..39b5ba6eb2f3ddbe5fd6d68537330a482e966aec 100644
--- a/ipaserver/install/installutils.py
+++ b/ipaserver/install/installutils.py
@@ -295,6 +295,13 @@ def read_ip_addresses():
def read_dns_forwarders():
addrs = []
if ipautil.user_input("Do you want to configure DNS forwarders?", True):
+print("Following DNS servers are configured in /etc/resolv.conf: %s" %
+", ".join(resolver.get_default_resolver().nameservers))
+if ipautil.user_input("Do you want to co
Re: [Freeipa-devel] [PATCH 0064-0065] ipa-dns-install offers IP addresses from resolv.conf as default forwarder
On 11/11/2015 09:32 AM, Jan Cholasta wrote:
On 11.11.2015 09:27, Martin Babinsky wrote:
On 11/11/2015 08:12 AM, Jan Cholasta wrote:
On 10.11.2015 16:58, Petr Spacek wrote:
Hello,
Patch 64:
ipa-dns-install offer IP addresses from resolv.conf as default
forwarders
In non-interactive more option --auto-forwarders can be used to do the
same. --forward option can be used to supply additional IP addresses.
https://fedorahosted.org/freeipa/ticket/5438
IMO it's perverse to add option which effectively means "use default
value" instead of actually using the value as default. This is
inconsistent with every other option and I don't see what makes
forwarders so special to require this.
NACK unless you have a strong justification for this.
Is it possible to use default_getter decorator to fetch defaults for the
'forwarders' knob from the resolver if it is avaliable like so (warning:
untested and possibly wrong)?
Yes, this is exactly how it should be used (although the exception
handling could be better).
That was just a quick example off the top of my head without much
thought going into it.
Anyway, when running in interactive mode the installer can inform the
user that he found these forwarders as defaults and prompt whether they
shoud be used.
"""
@@ -160,20 +162,27 @@ class BaseServerCA(common.Installable, core.Group,
core.Composite):
class BaseServerDNS(common.Installable, core.Group, core.Composite):
description = "DNS"
forwarders = Knob(
(list, 'ip'), None,
description=("Add a DNS forwarder. This option can be used
multiple "
"times"),
cli_name='forwarder',
)
+@forwarders.default_getter
+def forwarders(self):
+try:
+return resolver.get_default_resolver().nameservers
+except Exception:
+return None
+
no_forwarders = Knob(
bool, False,
description="Do not add any DNS forwarders, use root servers
instead",
)
reverse_zones = Knob(
(list, str), [],
description=("The reverse DNS zone to use. This option can be
used "
"""
Patch 65:
Remove global variable dns_forwarders from ipaserver.install.dns
It seems to me that the global thingy is not necessary, so I've ripped
it out.
ACK.
--
Martin^3 Babinsky
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
Re: [Freeipa-devel] [PATCH 0064-0065] ipa-dns-install offers IP addresses from resolv.conf as default forwarder
On 11.11.2015 09:27, Martin Babinsky wrote:
On 11/11/2015 08:12 AM, Jan Cholasta wrote:
On 10.11.2015 16:58, Petr Spacek wrote:
Hello,
Patch 64:
ipa-dns-install offer IP addresses from resolv.conf as default
forwarders
In non-interactive more option --auto-forwarders can be used to do the
same. --forward option can be used to supply additional IP addresses.
https://fedorahosted.org/freeipa/ticket/5438
IMO it's perverse to add option which effectively means "use default
value" instead of actually using the value as default. This is
inconsistent with every other option and I don't see what makes
forwarders so special to require this.
NACK unless you have a strong justification for this.
Is it possible to use default_getter decorator to fetch defaults for the
'forwarders' knob from the resolver if it is avaliable like so (warning:
untested and possibly wrong)?
Yes, this is exactly how it should be used (although the exception
handling could be better).
"""
@@ -160,20 +162,27 @@ class BaseServerCA(common.Installable, core.Group,
core.Composite):
class BaseServerDNS(common.Installable, core.Group, core.Composite):
description = "DNS"
forwarders = Knob(
(list, 'ip'), None,
description=("Add a DNS forwarder. This option can be used
multiple "
"times"),
cli_name='forwarder',
)
+@forwarders.default_getter
+def forwarders(self):
+try:
+return resolver.get_default_resolver().nameservers
+except Exception:
+return None
+
no_forwarders = Knob(
bool, False,
description="Do not add any DNS forwarders, use root servers
instead",
)
reverse_zones = Knob(
(list, str), [],
description=("The reverse DNS zone to use. This option can be
used "
"""
Patch 65:
Remove global variable dns_forwarders from ipaserver.install.dns
It seems to me that the global thingy is not necessary, so I've ripped
it out.
ACK.
--
Jan Cholasta
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
Re: [Freeipa-devel] [PATCH 0064-0065] ipa-dns-install offers IP addresses from resolv.conf as default forwarder
On 11/11/2015 08:12 AM, Jan Cholasta wrote:
On 10.11.2015 16:58, Petr Spacek wrote:
Hello,
Patch 64:
ipa-dns-install offer IP addresses from resolv.conf as default forwarders
In non-interactive more option --auto-forwarders can be used to do the
same. --forward option can be used to supply additional IP addresses.
https://fedorahosted.org/freeipa/ticket/5438
IMO it's perverse to add option which effectively means "use default
value" instead of actually using the value as default. This is
inconsistent with every other option and I don't see what makes
forwarders so special to require this.
NACK unless you have a strong justification for this.
Is it possible to use default_getter decorator to fetch defaults for the
'forwarders' knob from the resolver if it is avaliable like so (warning:
untested and possibly wrong)?
"""
@@ -160,20 +162,27 @@ class BaseServerCA(common.Installable, core.Group,
core.Composite):
class BaseServerDNS(common.Installable, core.Group, core.Composite):
description = "DNS"
forwarders = Knob(
(list, 'ip'), None,
description=("Add a DNS forwarder. This option can be used
multiple "
"times"),
cli_name='forwarder',
)
+@forwarders.default_getter
+def forwarders(self):
+try:
+return resolver.get_default_resolver().nameservers
+except Exception:
+return None
+
no_forwarders = Knob(
bool, False,
description="Do not add any DNS forwarders, use root servers
instead",
)
reverse_zones = Knob(
(list, str), [],
description=("The reverse DNS zone to use. This option can be
used "
"""
Patch 65:
Remove global variable dns_forwarders from ipaserver.install.dns
It seems to me that the global thingy is not necessary, so I've ripped
it out.
ACK.
--
Martin^3 Babinsky
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
Re: [Freeipa-devel] [PATCH 0064-0065] ipa-dns-install offers IP addresses from resolv.conf as default forwarder
On 10.11.2015 16:58, Petr Spacek wrote: Hello, Patch 64: ipa-dns-install offer IP addresses from resolv.conf as default forwarders In non-interactive more option --auto-forwarders can be used to do the same. --forward option can be used to supply additional IP addresses. https://fedorahosted.org/freeipa/ticket/5438 IMO it's perverse to add option which effectively means "use default value" instead of actually using the value as default. This is inconsistent with every other option and I don't see what makes forwarders so special to require this. NACK unless you have a strong justification for this. Patch 65: Remove global variable dns_forwarders from ipaserver.install.dns It seems to me that the global thingy is not necessary, so I've ripped it out. ACK. -- Jan Cholasta -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
Re: [Freeipa-devel] [PATCH 0064-0065] ipa-dns-install offers IP addresses from resolv.conf as default forwarder
On 10.11.2015 17:07, Gabe Alford wrote: > Does this also fix https://fedorahosted.org/freeipa/ticket/3926? Yes. Good catch, I did not know about this ticket :-) Petr Spacek @ Red Hat > On Tue, Nov 10, 2015 at 8:58 AM, Petr Spacek wrote: > >> Hello, >> >> Patch 64: >> ipa-dns-install offer IP addresses from resolv.conf as default forwarders >> >> In non-interactive more option --auto-forwarders can be used to do the >> same. --forward option can be used to supply additional IP addresses. >> >> https://fedorahosted.org/freeipa/ticket/5438 >> >> >> Patch 65: >> Remove global variable dns_forwarders from ipaserver.install.dns >> It seems to me that the global thingy is not necessary, so I've ripped it >> out. >> >> -- >> Petr^2 Spacek -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
Re: [Freeipa-devel] [PATCH 0064-0065] ipa-dns-install offers IP addresses from resolv.conf as default forwarder
Does this also fix https://fedorahosted.org/freeipa/ticket/3926? On Tue, Nov 10, 2015 at 8:58 AM, Petr Spacek wrote: > Hello, > > Patch 64: > ipa-dns-install offer IP addresses from resolv.conf as default forwarders > > In non-interactive more option --auto-forwarders can be used to do the > same. --forward option can be used to supply additional IP addresses. > > https://fedorahosted.org/freeipa/ticket/5438 > > > Patch 65: > Remove global variable dns_forwarders from ipaserver.install.dns > It seems to me that the global thingy is not necessary, so I've ripped it > out. > > -- > Petr^2 Spacek > > -- > Manage your subscription for the Freeipa-devel mailing list: > https://www.redhat.com/mailman/listinfo/freeipa-devel > Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code > -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
[Freeipa-devel] [PATCH 0064-0065] ipa-dns-install offers IP addresses from resolv.conf as default forwarder
Hello,
Patch 64:
ipa-dns-install offer IP addresses from resolv.conf as default forwarders
In non-interactive more option --auto-forwarders can be used to do the
same. --forward option can be used to supply additional IP addresses.
https://fedorahosted.org/freeipa/ticket/5438
Patch 65:
Remove global variable dns_forwarders from ipaserver.install.dns
It seems to me that the global thingy is not necessary, so I've ripped it out.
--
Petr^2 Spacek
From aeb8a1a3edafdf50d46968bee3a7f28c6039d4e1 Mon Sep 17 00:00:00 2001
From: Petr Spacek
Date: Tue, 10 Nov 2015 11:22:43 +0100
Subject: [PATCH] ipa-dns-install offer IP addresses from resolv.conf as
default forwarders
In non-interactive more option --auto-forwarders can be used to do the
same. --forward option can be used to supply additional IP addresses.
https://fedorahosted.org/freeipa/ticket/5438
---
ipaserver/install/dns.py | 12 ++--
ipaserver/install/installutils.py | 7 +++
ipaserver/install/server/common.py | 14 ++
ipaserver/install/server/install.py| 7 ---
ipaserver/install/server/replicainstall.py | 7 ---
5 files changed, 39 insertions(+), 8 deletions(-)
diff --git a/ipaserver/install/dns.py b/ipaserver/install/dns.py
index da24a6f2f4872581f4c0dc6194614b27a4006a0d..a26f4e3e7d44393ea948457e5e8db7a4b9bdc7f3 100644
--- a/ipaserver/install/dns.py
+++ b/ipaserver/install/dns.py
@@ -2,8 +2,11 @@
# Copyright (C) 2015 FreeIPA Contributors see COPYING for license
#
+from __future__ import absolute_import
from __future__ import print_function
+# absolute import is necessary because IPA module dns clashes with python-dns
+from dns import resolver
import sys
from subprocess import CalledProcessError
@@ -232,8 +235,13 @@ def install_check(standalone, replica, options, hostname):
if options.no_forwarders:
dns_forwarders = ()
-elif options.forwarders:
-dns_forwarders = options.forwarders
+elif options.forwarders or options.auto_forwarders:
+if options.forwarders:
+dns_forwarders = options.forwarders
+else:
+dns_forwarders = []
+if options.auto_forwarders:
+dns_forwarders += resolver.get_default_resolver().nameservers
elif standalone or not replica:
dns_forwarders = read_dns_forwarders()
diff --git a/ipaserver/install/installutils.py b/ipaserver/install/installutils.py
index 1d3551f8bb9cfcac1f6fa24043aea4b5d0a07719..39b5ba6eb2f3ddbe5fd6d68537330a482e966aec 100644
--- a/ipaserver/install/installutils.py
+++ b/ipaserver/install/installutils.py
@@ -295,6 +295,13 @@ def read_ip_addresses():
def read_dns_forwarders():
addrs = []
if ipautil.user_input("Do you want to configure DNS forwarders?", True):
+print("Following DNS servers are configured in /etc/resolv.conf: %s" %
+", ".join(resolver.get_default_resolver().nameservers))
+if ipautil.user_input("Do you want to configure these servers as DNS "
+"forwarders?", True):
+addrs = resolver.default_resolver.nameservers[:]
+print("All DNS servers from /etc/resolv.conf were added. You can "
+ "enter additional addresses now:")
while True:
ip = ipautil.user_input("Enter an IP address for a DNS forwarder, "
"or press Enter to skip", allow_empty=True)
diff --git a/ipaserver/install/server/common.py b/ipaserver/install/server/common.py
index 93c95dd8e8d2b24af193ee19368959188bcd6cb9..82c2c9eac253f82baeffbebfa388718dcc30d14a 100644
--- a/ipaserver/install/server/common.py
+++ b/ipaserver/install/server/common.py
@@ -167,6 +167,11 @@ class BaseServerDNS(common.Installable, core.Group, core.Composite):
cli_name='forwarder',
)
+auto_forwarders = Knob(
+bool, False,
+description="Use DNS forwarders configured in /etc/resolv.conf",
+)
+
no_forwarders = Knob(
bool, False,
description="Do not add any DNS forwarders, use root servers instead",
@@ -395,6 +400,10 @@ class BaseServer(common.Installable, common.Interactive, core.Composite):
raise RuntimeError(
"You cannot specify a --forwarder option without the "
"--setup-dns option")
+if self.dns.auto_forwarders:
+raise RuntimeError(
+"You cannot specify a --auto-forwarders option without "
+"the --setup-dns option")
if self.dns.no_forwarders:
raise RuntimeError(
"You cannot specify a --no-forwarders option without the "
@@ -415,6 +424,10 @@ class BaseServer(common.Installable, common.Interactive, core.Composite):
raise RuntimeError(
"You cannot specify a --forwarder option together with "
"--no-forwarders")
+elif self.dns.auto_forwarders an
