samba_dnsupdate: Make nsupdate use the server given by the SOA record

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>

diff --git a/source4/scripting/bin/samba_dnsupdate b/source4/scripting/bin/samba_dnsupdate
index ba167da2876c3aae9b96419ef8d6706bf5fd3e54..80a5a6f484d44b16210f46978b75185974cdb1ad 100755 (executable)
--- a/source4/scripting/bin/samba_dnsupdate
+++ b/source4/scripting/bin/samba_dnsupdate
@@ -237,7 +237,7 @@ def hostname_match(h1, h2):
     h2 = str(h2)
     return h1.lower().rstrip('.') == h2.lower().rstrip('.')
 
-def check_one_dns_name(name, name_type, d=None):
+def get_resolver(d=None):
     resolv_conf = os.getenv('RESOLV_CONF')
     if not resolv_conf:
         resolv_conf = '/etc/resolv.conf'
@@ -245,7 +245,12 @@ def check_one_dns_name(name, name_type, d=None):
 
     if d is not None and d.nameservers != []:
         resolver.nameservers = d.nameservers
-    elif d is not None:
+
+    return resolver
+
+def check_one_dns_name(name, name_type, d=None):
+    resolver = get_resolver(d)
+    if d is not None and len(d.nameservers) == 0:
         d.nameservers = resolver.nameservers
 
     ans = resolver.query(name, name_type)
@@ -438,10 +443,18 @@ def call_nsupdate(d, op="add"):
     # NS record may point to, even as we get a ticket to that other
     # server.
     #
-    # Therefore we must not set this in production.
+    # Therefore we must not set this in production, instead we want
+    # to find the name of a SOA for the zone and use that server.
 
     if os.getenv('RESOLV_CONF') and d.nameservers != []:
         f.write('server %s\n' % d.nameservers[0])
+    else:
+        resolver = get_resolver(d)
+        zone = dns.resolver.zone_for_name(normalised_name,
+                                          resolver=resolver)
+        soa = resolver.query(zone, "SOA")
+
+        f.write('server %s\n' % soa[0].mname)
 
     if d.type == "A":
         f.write("update %s %s %u A %s\n" % (op, normalised_name, default_ttl, d.ip))