logon_script: check DNS resolution before proceeding

If the IPA server FQDN cannot be resolved at startup (e.g. due to a
DNSSEC outage or network not yet ready), the logon script would silently
fail later. The new check prompts the user to retry, continue anyway, or
quit, so the problem is immediately visible.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

system_setup/logon_script.sh

@@ -17,6 +17,23 @@ if [ "$EUID" -eq 0 ]; then
     echo "Press any key to continue" && read -n 1 -s -r && exit 1
 fi
 
+# Check DNS resolution before proceeding - logon depends on IPA and Nextcloud being reachable
+_dns_target="${SERVERFQDN_IPA}"
+while ! getent hosts "${_dns_target}" >/dev/null 2>&1; do
+    elog_add "Warning: DNS resolution failed for ${_dns_target} - network or DNS not ready."
+    echo ""
+    echo "Warning: DNS resolution failed for ${_dns_target}."
+    echo "Please check your network connection and DNS settings before continuing."
+    echo ""
+    printf "  [R]etry  [C]ontinue anyway  [Q]uit: "
+    read -r _dns_choice
+    case "${_dns_choice}" in
+        [Cc]) elog_add "Continuing despite DNS failure (user choice)."; break ;;
+        [Qq]) elog_add "Script aborted by user due to DNS failure."; exit 1 ;;
+        *) elog_add "Retrying DNS check for ${_dns_target}..." ;;
+    esac
+done
+
 #Check for needed python-modules
 #For WEBDAV
 python -c "import webdav3">/dev/null 2>&1