[Freeipa-devel] [PATCH] 281 Enable SOA serial autoincrement
Martin Kosek
mkosek at redhat.com
Thu Jul 12 14:25:17 UTC 2012
On 07/02/2012 08:45 AM, Martin Kosek wrote:
> On 06/29/2012 09:00 PM, Rob Crittenden wrote:
>> Martin Kosek wrote:
>>> This patch enables currently developed SOA serial autoincrement feature in
>>> bind-dyndb-ldap. The patch may be updated if any assumptions about this feature
>>> are changed (or somebody finds a bug).
>>>
>>> ---
>>>
>>> SOA serial autoincrement is a requirement for major DNS features,
>>> e.g. zone transfers or DNSSEC. Enable it by default in named.conf
>>> both for new and upgraded installations. Name of the bind-dyndb-ldap
>>> option is "serial_autoincrement".
>>>
>>>> From now on, idnsSOAserial attribute also has to be put to
>>> replication agreement exclude list as serial will be incremented
>>> on each DNS server separately and won't be shared. Exclude list
>>> has to be updated both for new replication agreements and the
>>> current ones.
>>>
>>> https://fedorahosted.org/freeipa/ticket/2554
>>
>> What version of bind/bind-dyndb-ldap is needed for serial_autoincrement?
>>
>> rob
>
> Such version is not ready yet, there is only a semi-working patch from Petr
> Spacek on freeipa-devel list.
>
> When a working version of bind-dyndb-ldap package with working
> serial_autoincrement feature, it should be enough to simply bump package
> version in bind-dyndb-ldap (that's why I tagged this patch as [WIP]).
>
> But otherwise, this patch is reviewable, it should prepare our install tools
> for the new feature, turn it on in named.conf on upgrades and also update
> replication agreements to not replicate SOA serial from now on.
>
> Martin
Sending a rebased and updated patch with few more fixes:
1) Minimum number of connections has been rised to 4 to cover the most recent
requirements for bind-dyndb-ldap's serial_automember feature
2) ipa-upgradeconfig named.conf has been fixed to not crash when the updated
options are not in the file
I think that we can choose to push this patch earlier before bind-dyndb-ldap
with serial_automember released. We just need to make sure this patch sets
serial_automember option in named.conf correctly + does the right thing with
replication agreement exclude list update.
Later on, we would just need to bump bind-dyndb-ldap version in our spec file
when that's released.
Martin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mkosek-281-2-enable-soa-serial-autoincrement.patch
Type: text/x-patch
Size: 22965 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20120712/ed70ac64/attachment.bin>
More information about the Freeipa-devel
mailing list