samba-tool: make provision check for bind version

(small corrections and TODO added following Jelmer's review by abartlet)
Signed-off-by: Garming Sam <garming@catalyst.net.nz>

Change-Id: Iba9a709641dad9f2ae05df0b26ac4cd2ebfc84f0
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sun Mar  9 02:52:50 CET 2014 on sn-devel-104

python/samba/provision/sambadns.py

@@ -26,6 +26,7 @@ import shutil
 import time
 import ldb
 from base64 import b64encode
+import subprocess
 import samba
 from samba.tdb_util import tdb_copy
 from samba.ndr import ndr_pack, ndr_unpack
@@ -870,7 +871,7 @@ def create_dns_update_list(lp, logger, paths):
     setup_file(setup_path("spn_update_list"), paths.spn_update_list, None)
 
 
-def create_named_conf(paths, realm, dnsdomain, dns_backend):
+def create_named_conf(paths, realm, dnsdomain, dns_backend, logger):
     """Write out a file containing zone statements suitable for inclusion in a
     named.conf file (including GSS-TSIG configuration).
 
@@ -879,8 +880,16 @@ def create_named_conf(paths, realm, dnsdomain, dns_backend):
     :param dnsdomain: DNS Domain name
     :param dns_backend: DNS backend type
     :param keytab_name: File name of DNS keytab file
+    :param logger: Logger object
     """
 
+    # TODO: This really should have been done as a top level import.
+    # It is done here to avoid a depencency loop.  That is, we move
+    # ProvisioningError to another file, and have all the provision
+    # scripts import it from there.
+
+    from samba.provision import ProvisioningError
+
     if dns_backend == "BIND9_FLATFILE":
         setup_file(setup_path("named.conf"), paths.namedconf, {
                     "DNSDOMAIN": dnsdomain,
@@ -894,9 +903,25 @@ def create_named_conf(paths, realm, dnsdomain, dns_backend):
         setup_file(setup_path("named.conf.update"), paths.namedconf_update)
 
     elif dns_backend == "BIND9_DLZ":
+        bind_info = subprocess.Popen(['named -V'], shell=True,
+                                     stdout=subprocess.PIPE,
+                                     stderr=subprocess.STDOUT,
+                                     cwd='.').communicate()[0]
+        bind98 = '#'
+        bind99 = '#'
+        if bind_info.upper().find('BIND 9.8') != -1:
+            bind98 = ''
+        elif bind_info.upper().find('BIND 9.9') != -1:
+            bind99 = ''
+        elif bind_info.upper().find('BIND 9.7') != -1:
+            raise ProvisioningError("DLZ option incompatible with BIND 9.7.")
+        else:
+            logger.warning("BIND version unknown, please modify %s manually." % paths.namedconf)
         setup_file(setup_path("named.conf.dlz"), paths.namedconf, {
                     "NAMED_CONF": paths.namedconf,
                     "MODULESDIR" : samba.param.modules_dir(),
+                    "BIND98" : bind98,
+                    "BIND99" : bind99
                     })
 
 
@@ -1151,7 +1176,8 @@ def setup_bind9_dns(samdb, secretsdb, domainsid, names, paths, lp, logger,
         create_samdb_copy(samdb, logger, paths, names, domainsid, domainguid)
 
     create_named_conf(paths, realm=names.realm,
-                      dnsdomain=names.dnsdomain, dns_backend=dns_backend)
+                      dnsdomain=names.dnsdomain, dns_backend=dns_backend,
+                      logger=logger)
 
     create_named_txt(paths.namedtxt,
                      realm=names.realm, dnsdomain=names.dnsdomain,

source4/scripting/bin/samba_upgradedns

@@ -463,7 +463,7 @@ if __name__ == '__main__':
         create_samdb_copy(ldbs.sam, logger, paths, names, domainsid,
                           domainguid)
 
-        create_named_conf(paths, names.realm, dnsdomain, opts.dns_backend)
+        create_named_conf(paths, names.realm, dnsdomain, opts.dns_backend, logger)
 
         create_named_txt(paths.namedtxt, names.realm, dnsdomain, dnsname,
                          paths.private_dir, paths.dns_keytab)

source4/setup/named.conf.dlz

@@ -11,9 +11,9 @@
 #
 dlz "AD DNS Zone" {
     # For BIND 9.8.0
-    database "dlopen ${MODULESDIR}/bind9/dlz_bind9.so";
+    ${BIND98} database "dlopen ${MODULESDIR}/bind9/dlz_bind9.so";
 
     # For BIND 9.9.0
-    # database "dlopen ${MODULESDIR}/bind9/dlz_bind9_9.so";
+    ${BIND99} database "dlopen ${MODULESDIR}/bind9/dlz_bind9_9.so";
 };