From 79b9982b86b68c708275afaaf1927c24db7c2eb1 Mon Sep 17 00:00:00 2001
From: Christian Heimes <cheimes@redhat.com>
Date: Sep 23 2020 14:44:26 +0000
Subject: Create systemd-resolved configuration on update


Create systemd-resolved drop-in and restart the service when the drop-in
config file is missing and /etc/resolv.conf points to stub resolver
config file.

Signed-off-by: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>

---

diff --git a/ipaserver/install/bindinstance.py b/ipaserver/install/bindinstance.py
index eda19e1..aae2fe6 100644
--- a/ipaserver/install/bindinstance.py
+++ b/ipaserver/install/bindinstance.py
@@ -770,7 +770,10 @@ class BindInstance(service.Service):
         # self.step("restarting named", self.__start)
 
         self.step("configuring named to start on boot", self.switch_service)
-        self.step("changing resolv.conf to point to ourselves", self.__setup_resolv_conf)
+        self.step(
+            "changing resolv.conf to point to ourselves",
+            self.setup_resolv_conf
+        )
         self.start_creation()
 
     def start_named(self):
@@ -1116,7 +1119,7 @@ class BindInstance(service.Service):
 
         sysupgrade.set_upgrade_state('dns', 'server_config_to_ldap', True)
 
-    def __setup_resolv_conf(self):
+    def setup_resolv_conf(self):
         searchdomains = [self.domain]
         nameservers = []
         resolve1_enabled = dnsforwarders.detect_resolve1_resolv_conf()
diff --git a/ipaserver/install/server/upgrade.py b/ipaserver/install/server/upgrade.py
index 600484a..332f8b2 100644
--- a/ipaserver/install/server/upgrade.py
+++ b/ipaserver/install/server/upgrade.py
@@ -29,6 +29,7 @@ import ipalib.util
 import ipalib.errors
 from ipaclient.install import timeconf
 from ipaclient.install.client import sssd_enable_ifp
+from ipalib.install.dnsforwarders import detect_resolve1_resolv_conf
 from ipaplatform import services
 from ipaplatform.tasks import tasks
 from ipapython import ipautil, version
@@ -1446,6 +1447,13 @@ def upgrade_bind(fstore):
     bind_old_states(bind)
     bind_old_upgrade_states()
 
+    # only upgrade with drop-in is missing and /etc/resolv.conf is a link to
+    # resolve1's stub resolver config file.
+    has_resolved_ipa_conf = os.path.isfile(paths.SYSTEMD_RESOLVED_IPA_CONF)
+    if not has_resolved_ipa_conf and detect_resolve1_resolv_conf():
+        bind.setup_resolv_conf()
+        logger.info("Updated systemd-resolved configuration")
+
     if bind.is_configured() and not bind.is_running():
         # some upgrade steps may require bind running
         bind_started = True