Attachment #4522 for bug #27864

View | Details | Raw Unified | Return to bug 27864
Collapse All | Expand All




#!/bin/bash
# Test univention-dnsedit
eval "$(ucr shell)"

cleanup () {
    set +e
    univention-ldapsearch -xLLLb "zoneName=123.168.192.in-addr.arpa,cn=dns,$ldap_base" dn
    univention-ldapsearch -xLLLb "zoneName=test.$domainname,cn=dns,$ldap_base" dn
    udm dns/reverse_zone remove --dn "zoneName=123.168.192.in-addr.arpa,cn=dns,$ldap_base"
    udm dns/forward_zone remove --dn "zoneName=test.$domainname,cn=dns,$ldap_base"
}
trap cleanup EXIT
trap "echo ERROR" ERR
set -e

prog () {
    echo ">>> $*"
    ../univention-dnsedit "$@"
}
prog_old () { # Wrapper around old dnsedit to resort --options to front
    declare -a OPT=() ARG=()
    while [ $# -ge 1 ]
    do
        case "$1" in
        --*) OPT+=("$1") ;;
        *) ARG+=("$1") ;;
        esac
        shift
    done
    set -- "${OPT[@]}" "${ARG[@]}"
    echo ">>> $*"
    /usr/share/univention-directory-manager-tools/univention-dnsedit "$@"
}

# Create reverse zone
  prog --reverse 192.168.123 add zone "root@$domainname" 1 28800 7200 25200 10800 "$hostname.$domainname"
! prog --reverse 192.168.123 add zone "root@$domainname" 1 28800 7200 25200 10800 "$hostname.$domainname"
  prog --reverse 192.168.123 add zone "root@$domainname" 1 28800 7200 25200 10800 "$hostname.$domainname" --ignore-exists
# Test PTR
  prog  --reverse 192.168.123 add    ptr   42  host.fqdn.
! prog  --reverse 192.168.123 add    ptr   42  host.fqdn.
  prog  --reverse 192.168.123 add    ptr   42  host.fqdn. --ignore-exists
  prog  --reverse 192.168.123 add    ptr   42  host2.fqdn. --overwrite
# Create forward zone
  prog "test.$domainname" add zone "root@$domainname" 1 28800 7200 25200 10800 "$hostname.$domainname"
! prog "test.$domainname" add zone "root@$domainname" 1 28800 7200 25200 10800 "$hostname.$domainname"
  prog "test.$domainname" add zone "root@$domainname" 1 28800 7200 25200 10800 "$hostname.$domainname" --ignore-exists
# Test SRV
  prog "test.$domainname" add    srv   ldap tcp 0 100 7389 master.fqdn.
  prog "test.$domainname" add    srv   ldap tcp 0 100 7389 master.fqdn.
! prog "test.$domainname" remove srv   ldap tcp 0 100 7389 master.fqdn.
  prog "test.$domainname" add    srv   ldap tcp 1 100 7389 backup.fqdn.
  prog "test.$domainname" remove srv   ldap tcp 0 100 7389 master.fqdn.
# Test TXT
  prog "test.$domainname" add    txt   entry-name  "Some text"
  prog "test.$domainname" add    txt   entry-name  "Some text"
  prog "test.$domainname" add    txt   entry-name  "Some other text"
# Test CNAME
  prog "test.$domainname" add    cname univention-repository apt.knut.univention.de.
! prog "test.$domainname" add    cname univention-repository apt.knut.univention.de.
  prog "test.$domainname" add    cname univention-repository apt.knut.univention.de. --overwrite
# Test A
  prog "test.$domainname" add    a     host  1.2.3.4
  prog "test.$domainname" add    a     host  1.2.3.4
  prog "test.$domainname" add    a     host  1.2.3.4  5.6.7.8
echo "SUCCESS"




#!/usr/bin/python2.6
# -*- coding: utf-8 -*-
# pylint: disable-msg=E0611,W0621,C0103,E1101,W0601
#
# Univention Admin Modules
"""Create and modify dns objects easily."""
#
# Copyright 2004-2012 Univention GmbH
#

# <http://www.gnu.org/licenses/>.


import sys, time
from optparse import OptionParser
import univention.debug as ud
ud.init('/var/log/univention/admin-cmd.log', 1, 1)

import univention.config_registry
import univention.admin.uldap as uldap
import univention.admin.config
import univention.admin.modules
import univention.admin.objects
import univention.admin.filter
import univention.admin.handlers.dns.forward_zone as forward_zone
import univention.admin.handlers.dns.reverse_zone as reverse_zone
import univention.admin.handlers.dns.host_record as host_record
import univention.admin.handlers.dns.txt_record as txt_record
import univention.admin.handlers.dns.ptr_record as ptr_record
import univention.admin.handlers.dns.srv_record as srv_record
import univention.admin.handlers.dns.alias as alias
import univention.admin.uexceptions


def parse():
    """Parse command line."""
    usage = 'Usage: %prog zone command type [args]'
    description = '''
%prog my.dns.zone add    srv   ldap tcp 0 100 7389 master.fqdn
%prog my.dns.zone remove srv   ldap tcp 0 100 7389 master.fqdn
%prog my.dns.zone add    txt   entry-name  "Some text"
%prog 192.168.122 add    ptr   42  host.fqdn  --reverse
%prog my.dns.zone add    cname univention-repository apt.knut.univention.de.
%prog my.dns.zone add    a     host  1.2.3.4  5.6.7.8
%prog my.dns.zone add    zone  root@fqdn 1 28800 7200 25200 10800 ns.fqdn
'''  # FIXME: OptionParser reformats this
    global parser
    parser = OptionParser(usage=usage, description=description)
    parser.add_option('--ignore-missing-zone',
            action='store_true', dest='ignore_missing_zone',
            help='Skip if zone does not exist')
    parser.add_option('--ignore-exists',
            action='store_true', dest='ignore_exists',
            help='Skip if entry already exists')
    parser.add_option('--quiet',
            action='store_true', dest='quiet',
            help='Turn off verbose messages')  # not implemented
    parser.add_option('--reverse',
            action='store_true', dest='reverse',
            help='Modify revers zone instead of forward zone')
    parser.add_option('--overwrite',
            action='store_true', dest='overwrite',
            help='Overwrite exising record')
    parser.add_option('--stoptls',
            action='store_true', dest='stoptls',
            help='Disable TLS')
    parser.add_option('--binddn',
            action='store', dest='binddn',
            help='bind DN')
    parser.add_option('--bindpwd',
            action='store', dest='bindpwd',
            help='bind password')

    options, arguments = parser.parse_args()
    msg = None
    if options.binddn and not options.bindpwd:
        msg = 'authentication error: missing --bindpwd'
    elif not options.binddn and options.bindpwd:
        msg = 'authentication error: missing --binddn'
    if msg:
        ud.debug(ud.ADMIN, ud.ERROR, msg)
        parser.error(msg)

    try:
        zone_name, command, typ = arguments[0:3]
    except ValueError:
        parser.error('Missing command or value. See --help.')

    return options, zone_name, command, typ, arguments[3:]


	start_tls=2

configRegistry=univention.config_registry.ConfigRegistry()
configRegistry.load()

timeout=time.time() + 120	# 2 minutes from now
def bind():
    """Bind to LDAP service."""
    ucr = univention.config_registry.ConfigRegistry()
    ucr.load()
    timeout = time.time() + 120  # 2 minutes from now
    if time.time() > timeout:
        err = '%s: LDAP server %s unreachable, aborting' % \
                (sys.argv[0], ucr['ldap/master'])
        ud.debug(ud.ADMIN, ud.WARN, err)
        print >> sys.stderr, err
        sys.exit(1)
    if options.stoptls:
        start_tls = 0
    else:
        start_tls = 2
    try:
        if options.binddn and options.bindpwd:
            lo = uldap.access(
                    host=ucr['ldap/master'],
                    port=int(ucr.get('ldap/master/port', '7389')),
                    base=ucr['ldap/base'],
                    binddn=options.binddn,
                    bindpw=options.bindpwd,
                    start_tls=start_tls)
            position = uldap.position(lo.base)
        else:
            lo, position = uldap.getAdminConnection(start_tls)
        return lo, position
    except univention.admin.uexceptions.authFail, ex:
        msg = 'authentication error: %s' % (ex,)
        ud.debug(ud.ADMIN, ud.WARN, msg)
        print >> sys.stderr, msg
        sys.exit(1)
    except (univention.admin.uexceptions.ldapError,
            uldap.ldap.LDAPError):
        msg = '%s: timeout while trying to contact LDAP server %s' % \
                (sys.argv[0], ucr['ldap/master'])
        ud.debug(ud.ADMIN, ud.WARN, msg)
        print >> sys.stderr, msg
        time.sleep(10)
        return bind()  # recursion

			lo, position = bind()
			return lo, position
		except univention.admin.uldap.ldap.LDAPError, e:
			msg = '%s: timeout while trying to contact LDAP server %s' % (sys.argv[0], configRegistry['ldap/master'])
			univention.debug.debug(univention.debug.ADMIN, univention.debug.WARN, msg)
			print msg
			time.sleep(10)
			lo, position = bind()
			return lo, position
	elif options['binddn']:
		univention.debug.debug(univention.debug.ADMIN, univention.debug.WARN, 'authentication error: missing --bindpwd')
		print 'authentication error: missing --bindpwd'
		sys.exit(1)
	else:	# options['bindpwd']
		univention.debug.debug(univention.debug.ADMIN, univention.debug.WARN, 'authentication error: missing --binddn')
		print 'authentication error: missing --binddn'
		sys.exit(1)
lo, position = bind()

def lookup_zone(zone_name):
    """Lookup zone and return UDM object."""
    if not options.reverse:
        zones = forward_zone.lookup(co, lo, '(zone=%s)' % (zone_name,),
                scope='domain', base=position.getDomain(), unique=1)
    else:
        zones = reverse_zone.lookup(co, lo, '(subnet=%s)' % (zone_name,),
                scope='domain', base=position.getDomain(), unique=1)
    if not zones:
        if options.ignore_missing_zone:
            sys.exit(0)
        else:
            print >> sys.stderr, 'E: Zone %s does not exist.' % (zone_name,)
            sys.exit(1)
    return zones[0]


def add_srv_record(service, protocol, priority, weight, port, host):
    """Add DNS service record."""
    name = [service, protocol]
    location = [priority, weight, port, host]
    filt = univention.admin.filter.expression('name', name)

    records = srv_record.lookup(co, lo, filt, scope='domain',
            base=position.getDomain(), superordinate=zone, unique=1)
    if records:
        record = records[0]
    else:
        record = srv_record.object(co, lo, position, superordinate=zone)
        record['name'] = name

    loc = record['location']
    if location in loc:
        return
    loc.append(location)
    record['location'] = loc

    if records:
        record.modify()
    else:
        record.create()


def remove_srv_record(service, protocol, priority, weight, port, host):
    """Remove DNS service record."""
    name = [service, protocol]
    location = [priority, weight, port, host]
    filt = univention.admin.filter.expression('name', name)

    records = srv_record.lookup(co, lo, filt, scope='domain',
            base=position.getDomain(), superordinate=zone, unique=1)
    if records:
        record = records[0]
    else:
        record = srv_record.object(co, lo, position, superordinate=zone)
        record['name'] = name

    loc = record['location']
    if location in loc:
        loc.remove(location)
        record['location'] = loc

    if records:
        record.modify()


def add_txt_record(name, text):
    """Add DNS text record."""
    filt = univention.admin.filter.expression('name', name)
    records = txt_record.lookup(co, lo, filt, scope='domain',
            base=position.getDomain(), superordinate=zone, unique=1)
    if records:
        record = records[0]
    else:
        record = txt_record.object(co, lo, position, superordinate=zone)
        record['name'] = name
        record['zonettl'] = ['80600']

    tmp = record['txt']
    if text in tmp:
        return
    tmp.append(text)
    record['txt'] = tmp

    if records:
        record.modify()
    else:
        record.create()


def add_a_record(name, *adresses):
    """Add DNS IPv4 address records."""
    filt = univention.admin.filter.expression('name', name)
    records = host_record.lookup(co, lo, filt, scope='domain',
            base=position.getDomain(), superordinate=zone, unique=1)
    if records:
        record = records[0]
    else:
        record = host_record.object(co, lo, position, superordinate=zone)
        record['name'] = name
        record['zonettl'] = ['80600']

    tmp = record['a']
    for addr in adresses:
        if not addr in tmp:
            tmp.append(addr)
    record['a'] = tmp

    if records:
        record.modify()
    else:
        record.create()


def add_cname_record(name, cname):
    """Add DNS canonical name record."""
    filt = univention.admin.filter.expression('name', name)
    records = alias.lookup(co, lo, filt, scope='domain',
            base=position.getDomain(), superordinate=zone, unique=1)
    if records:
        record = records[0]
    else:
        record = alias.object(co, lo, position, superordinate=zone)
        record['name'] = name
        record['zonettl'] = ['80600']

    if record['cname'] and not (record['cname'] == cname or
            options.overwrite or options.ignore_exists):
        print >> sys.stderr, 'E: Record exists and points to different address'
        sys.exit(1)
    if record['cname'] == cname:
        return
    record['cname'] = cname

    if records:
        record.modify()
    else:
        record.create()


def add_ptr_record(address, ptr):
    """Add DNS pointer record."""
    filt = univention.admin.filter.expression('address', address)
    records = ptr_record.lookup(co, lo, filt, scope='domain',
            base=position.getDomain(), superordinate=zone, unique=1)
    if records:
        record = records[0]
    else:
        record = ptr_record.object(co, lo, position, superordinate=zone)
        record['address'] = address

    if record['ptr_record'] and not (record['ptr_record'] == ptr or
            options.overwrite):
        print >> sys.stderr, 'E: Record exists and points to different address'
        sys.exit(1)
    if record['ptr_record'] == ptr:
        return
    record['ptr_record'] = ptr

    if records:
        record.modify()
    else:
        record.create()


def add_zone(contact, serial, refresh, retry, expire, ttl, *nameserver):
    """Add DNS zone."""
    if not options.reverse:
        zone = forward_zone.object(co, lo, position)
        zone['zone'] = zone_name
    else:
        zone = reverse_zone.object(co, lo, position)
        zone['subnet'] = zone_name
    zone['contact'] = contact
    zone['serial'] = serial
    zone['refresh'] = [refresh]
    zone['retry'] = [retry]
    zone['expire'] = [expire]
    zone['ttl'] = [ttl]
    zone['nameserver'] = list(nameserver)
    zone.create()


def main():
    """Run DNS edit."""
    global options
    global zone_name
    options, zone_name, command, typ, args = parse()
    global co
    co = None
    global lo
    global position
    lo, position = bind()

    if typ != 'zone' or command == 'remove':
        global zone
        zone = lookup_zone(zone_name)
        position.setDn(zone.dn)
    else:
        position.setDn(univention.admin.config.getDefaultContainer(lo, 'dns/'))

    try:
        if command == 'add':
            print 'Adding %s record "%s" to zone %s...' % \
                    (typ.upper(), ' '.join(args), zone_name)
            if typ == 'srv':
                add_srv_record(*args)
            elif typ == 'txt':
                add_txt_record(*args)
            elif typ == 'ptr' and options.reverse:
                add_ptr_record(*args)
            elif typ == 'cname':
                add_cname_record(*args)
            elif typ == 'a':
                add_a_record(*args)
            elif typ == 'zone':
                add_zone(*args)
            else:
                parser.error('Unknown type "%s"' % (typ,))
            print 'done'
        elif command == 'remove':
            if typ == 'srv':
                remove_srv_record(*args)
            else:
                parser.error('Unknown type "%s"' % (typ,))
        else:
            parser.error('E: No valid command "%s". See --help.' % (command,))
    except univention.admin.uexceptions.objectExists, ex:
        if not options.ignore_exists:
            print >> sys.stderr, 'E: Object "%s" exists' % (ex,)
            sys.exit(1)
    except (ValueError, TypeError,
            univention.admin.uexceptions.valueInvalidSyntax,
            univention.admin.uexceptions.valueRequired), ex:
        print >> sys.stderr, 'E: failed %s' % (ex,)
        sys.exit(1)


if __name__ == '__main__':
    main()

Return to bug 27864