Re: [Freeipa-devel] [PATCH 0453 - 0458] host-del: fix updatedns option

2016-04-13 Thread Martin Basti 



On 13.04.2016 17:05, Petr Spacek wrote:

On 13.4.2016 16:01, Petr Spacek wrote:

On 1.4.2016 18:30, Martin Basti wrote:

https://fedorahosted.org/freeipa/ticket/5675

Patches attached.

NACK, it breaks if the client does not have any corresponding DNS record.

[root@vm-033 git]# ipa host-add host.test. --force
--
Added host "host.test"
--
   Host name: host.test
   Principal name: host/host.t...@dom-033.abc.idm.lab.eng.brq.redhat.com
   Password: False
   Keytab: False
   Managed by: host.test

[root@vm-033 git]# ipa host-del host.test. --updatedns
ipa: ERROR: host.test: host not found

I think we already had a ticket to prevent this kind of error, no?

ACK as this is solved by separate patch.


pushed to master:
* 40e3a0bf63c766fc281517c9d192907376c2d353 host_del: fix removal of host 
records
* 9a0f92be0dc1dc22827c918b5808b1ccb4e4b409 host_del: replace dns-record 
find command with show
* bea066c33647c16a7b18deb1392838acb831ac88 host_del: remove unneeded 
dnszone-show command call
* 1e70d6b914656d670f9afed26ccd5f93e3aa54d5 host_del: split removing 
A/ and PTR records to separate functions
* e8c8134eee159fa6eb7c8f2156c328798abdda80 host_del: remove only A, 
, SSHFP, PTR records
* 54e3859595e1f5f2e669b8af20afdac1187d8cd7 host_del: update help for 
--updatedns option


--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Re: [Freeipa-devel] [PATCH 0453 - 0458] host-del: fix updatedns option

2016-04-13 Thread Petr Spacek 
On 13.4.2016 16:01, Petr Spacek wrote:
> On 1.4.2016 18:30, Martin Basti wrote:
>> https://fedorahosted.org/freeipa/ticket/5675
>>
>> Patches attached.
> 
> NACK, it breaks if the client does not have any corresponding DNS record.
> 
> [root@vm-033 git]# ipa host-add host.test. --force
> --
> Added host "host.test"
> --
>   Host name: host.test
>   Principal name: host/host.t...@dom-033.abc.idm.lab.eng.brq.redhat.com
>   Password: False
>   Keytab: False
>   Managed by: host.test
> 
> [root@vm-033 git]# ipa host-del host.test. --updatedns
> ipa: ERROR: host.test: host not found
> 
> I think we already had a ticket to prevent this kind of error, no?

ACK as this is solved by separate patch.

-- 
Petr^2 Spacek

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Re: [Freeipa-devel] [PATCH 0453 - 0458] host-del: fix updatedns option

2016-04-13 Thread Petr Spacek 
On 1.4.2016 18:30, Martin Basti wrote:
> https://fedorahosted.org/freeipa/ticket/5675
> 
> Patches attached.

NACK, it breaks if the client does not have any corresponding DNS record.

[root@vm-033 git]# ipa host-add host.test. --force
--
Added host "host.test"
--
  Host name: host.test
  Principal name: host/host.t...@dom-033.abc.idm.lab.eng.brq.redhat.com
  Password: False
  Keytab: False
  Managed by: host.test

[root@vm-033 git]# ipa host-del host.test. --updatedns
ipa: ERROR: host.test: host not found

I think we already had a ticket to prevent this kind of error, no?

-- 
Petr^2 Spacek

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

[Freeipa-devel] [PATCH 0453 - 0458] host-del: fix updatedns option

2016-04-01 Thread Martin Basti 

https://fedorahosted.org/freeipa/ticket/5675

Patches attached.
From b013cce6bdfb7dbe703a4781e0dde407e1153c43 Mon Sep 17 00:00:00 2001
From: Martin Basti 
Date: Wed, 2 Mar 2016 13:44:22 +0100
Subject: [PATCH 1/6] host_del: fix removal of host records

Originally only the first A/ record is removed, and one other record. This commit fixes it
and all records are removed.

https://fedorahosted.org/freeipa/ticket/5675
---
 ipalib/plugins/host.py | 31 ++-
 1 file changed, 10 insertions(+), 21 deletions(-)

diff --git a/ipalib/plugins/host.py b/ipalib/plugins/host.py
index 6ff751ca88187bb37ac64ca291234eed56e26e6f..97c9e158851158c1ce96b5e3bc566a1135534942 100644
--- a/ipalib/plugins/host.py
+++ b/ipalib/plugins/host.py
@@ -35,7 +35,7 @@ from ipalib.plugins.service import (split_principal, validate_certificate,
 set_certificate_attrs, ticket_flags_params, update_krbticketflags,
 set_kerberos_attrs, rename_ipaallowedtoperform_from_ldap,
 rename_ipaallowedtoperform_to_ldap, revoke_certs)
-from ipalib.plugins.dns import (dns_container_exists, _record_types,
+from ipalib.plugins.dns import (dns_container_exists, _record_attributes,
 add_records_for_host_validation, add_records_for_host,
 get_reverse_zone)
 from ipalib import _, ngettext
@@ -772,26 +772,15 @@ class host_del(LDAPDelete):
 # Get all forward resources for this host
 records = api.Command['dnsrecord_find'](domain, idnsname=parts[0])['result']
 for record in records:
-if 'arecord' in record:
-remove_fwd_ptr(record['arecord'][0], parts[0],
-   domain, 'arecord')
-if 'record' in record:
-remove_fwd_ptr(record['record'][0], parts[0],
-   domain, 'record')
-else:
-# Try to delete all other record types too
-_attribute_types = [str('%srecord' % t.lower())
-for t in _record_types]
-for attr in _attribute_types:
-if attr not in ['arecord', 'record'] and attr in record:
-for val in record[attr]:
-if (val.endswith(parts[0]) or
-val.endswith(fqdn + '.')):
-delkw = {unicode(attr): val}
-api.Command['dnsrecord_del'](domain,
-record['idnsname'][0],
-**delkw)
-break
+for attr in _record_attributes:
+for val in record.get(attr, []):
+if attr in ('arecord', 'record'):
+remove_fwd_ptr(val, parts[0], domain, attr)
+elif (val.endswith(parts[0]) or
+val.endswith(fqdn + '.')):
+delkw = {unicode(attr): val}
+api.Command['dnsrecord_del'](
+domain, record['idnsname'][0], **delkw)
 
 if self.api.Command.ca_is_enabled()['result']:
 try:
-- 
2.5.5

From 32f35058dc86a1913fb4f515ef90ac0ae25a29fe Mon Sep 17 00:00:00 2001
From: Martin Basti 
Date: Wed, 2 Mar 2016 15:53:27 +0100
Subject: [PATCH 2/6] host_del: replace dns-record find command with show

Due the configuration of dnsrecord_find, it works as dnsrecord-show,
thus it can be replaced.

https://fedorahosted.org/freeipa/ticket/5675
---
 ipalib/plugins/host.py | 29 +
 1 file changed, 17 insertions(+), 12 deletions(-)

diff --git a/ipalib/plugins/host.py b/ipalib/plugins/host.py
index 97c9e158851158c1ce96b5e3bc566a1135534942..ef0738041e4fb72780b67f880028bf857c3f9485 100644
--- a/ipalib/plugins/host.py
+++ b/ipalib/plugins/host.py
@@ -769,18 +769,23 @@ class host_del(LDAPDelete):
 domain = result['idnsname'][0]
 except errors.NotFound:
 self.obj.handle_not_found(*keys)
-# Get all forward resources for this host
-records = api.Command['dnsrecord_find'](domain, idnsname=parts[0])['result']
-for record in records:
-for attr in _record_attributes:
-for val in record.get(attr, []):
-if attr in ('arecord', 'record'):
-remove_fwd_ptr(val, parts[0], domain, attr)
-elif (val.endswith(parts[0]) or
-val.endswith(fqdn + '.')):
-delkw = {unicode(attr): val}
-api.Command['dnsrecord_del'](
-domain, record['idnsname'][0], **delkw)
+else:
+# Get all forward resources for