[Freeipa-devel] [PATCH 0503-0513, 0515-0519, 0520-0528] DNS locations

Martin Basti mbasti at redhat.com
Thu Jun 16 20:14:35 UTC 2016 


On 16.06.2016 15:59, Petr Spacek wrote:
> On 16.6.2016 13:57, Martin Basti wrote:
>>
>> On 16.06.2016 12:09, Petr Spacek wrote:
>>> On 15.6.2016 17:24, Petr Spacek wrote:
>>>> On 15.6.2016 15:45, Martin Basti wrote:
>>>>> On 15.06.2016 14:52, Martin Basti wrote:
>>>>>> <snip>
>>>>>> Hydra patching: Updated patches attached + new patches for dnsserver-*
>>>>>> commands attached
>>>>>> Updated+rebased patches after Honza's interactive review
>>>>>>
>>>>>>
>>>>> Minor nitpick fixed
>>>>>
>>>>>
>>>>>
>>>> freeipa-mbasti-0503.3-DNS-Locations-add-index-for-ipalocation-attribute.patch
>>>> ACK
>>>>
>>>> freeipa-mbasti-0505.3-DNS-Locations-add-idnsTemplateObject-objectclass.patch
>>>> ACK
>>>>
>>>>
>>>> I will get to the rest later on.
>>> Problems I found (could be solved in separate patches if you wish):
>>>
>>> 1. NACK
>>> # ipa dns-update-system-records --dry-run
>>> ipa: ERROR: an internal error has occurred
>>> ValueError: dns_update_system_records.validate_output(): unexpected keys
>>> ['summary'] in { ...
>> Fixed
>>> 2. NACK
>>> Command ipa dns-update-system-records does not work with DNS Administrators
>>> privilege when some record is missing:
>>>
>>> ipa: WARNING: Update of system record
>>> '_kpasswd._tcp.dom-046.abc.idm.lab.eng.brq.redhat.com. 86400 IN SRV 0 100 464
>>> vm-046.abc.idm.lab.eng.brq.redhat.com.' failed with error: Insufficient
>>> access: Insufficient 'write' privilege to the 'objectClass' attribute of entry
>>> 'idnsname=_kpasswd._tcp,idnsname=dom-046.abc.idm.lab.eng.brq.redhat.com.,cn=dns,dc=suffix'.
>>>
>> Fixed (I hope)
>>> 3. NACK
>>> IPA server upgrade does not create idnsServerConfigObjects in cn=dns
>>> In fact the upgrade does not even add the object class into schema.
>>>
>> Fixed
>>> These needs to be fixed before we can proceed.
>>>
>> Updated patches attached
> 4. NACK
> ipa-ca-install does not add A/AAAA records for the new CA.
This should work, code is on the right place. Maybe it is a race condition.

... 2 hours later ...

I found that this is broken since 4.3.0, I will fix it separately
https://fedorahosted.org/freeipa/ticket/5966

Anyway I found bug in replicainstall (fixed) because copy&paste everywhere

>
> 5. NACK
> ipa-replica-manage del <replica> does not delete SRV records from the
> remaining master
>
> # ipa-replica-manage del vm-046.abc.idm.lab.eng.brq.redhat.com
> WARNING: yacc table file version is out of date
> Checking connectivity in topology suffix 'domain'
> Checking connectivity in topology suffix 'ca'
> Failed to cleanup vm-046.abc.idm.lab.eng.brq.redhat.com entries: invalid
> 'idnsserverid': must be Unicode text
> You may need to manually remove them from the tree
> Checking for deleted segments in suffix 'domain'
> Agreements deleted
> Checking for deleted segments in suffix 'ca'
> Agreements deleted
> Failed to cleanup vm-046.abc.idm.lab.eng.brq.redhat.com DNS entries:
> abc.idm.lab.eng.brq.redhat.com.: DNS zone not found
> You may need to manually remove them from the tree
Fixed
>
> Manual execution of ipa dns-update-system-records fixes that.
>
>
>
> Besides NACKs above one more thing is missing:
> Following config options are not migrated from named.conf to LDAP object:
>
> https://fedorahosted.org/bind-dyndb-ldap/wiki/Design/PerServerConfigInLDAP#Upgrade
>
> This can go to a separate patch set if you wish (at the very end).
I will leave this for later, bind-dyndb-ldap will continue working with 
local configuration as before, patches are of course welcome.

Updated patches attached, + hydra patching

Martin^2


-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mbasti-0503.5-DNS-Locations-add-index-for-ipalocation-attribute.patch
Type: text/x-patch
Size: 1662 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160616/05318c6d/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mbasti-0504.5-DNS-Locations-fix-location-del.patch
Type: text/x-patch
Size: 1021 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160616/05318c6d/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mbasti-0505.5-DNS-Locations-add-idnsTemplateObject-objectclass.patch
Type: text/x-patch
Size: 3849 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160616/05318c6d/attachment-0002.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mbasti-0506.5-DNS-Locations-DNS-data-management.patch
Type: text/x-patch
Size: 15980 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160616/05318c6d/attachment-0003.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mbasti-0507.5-DNS-Locations-permission-allow-to-read-status-of-ser.patch
Type: text/x-patch
Size: 3707 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160616/05318c6d/attachment-0004.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mbasti-0508.5-DNS-Locations-add-ACI-for-template-attribute.patch
Type: text/x-patch
Size: 9190 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160616/05318c6d/attachment-0005.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mbasti-0509.5-DNS-Locations-command-dns-update-system-records.patch
Type: text/x-patch
Size: 10811 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160616/05318c6d/attachment-0006.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mbasti-0510.5-DNS-Locations-use-dns_update_service_records-in-inst.patch
Type: text/x-patch
Size: 15115 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160616/05318c6d/attachment-0007.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mbasti-0511.5-DNS-Locations-adtrustinstance-simplify-dns-managemen.patch
Type: text/x-patch
Size: 4112 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160616/05318c6d/attachment-0008.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mbasti-0512.5-DNS-Locations-use-automatic-records-update-in-ipa-ad.patch
Type: text/x-patch
Size: 3528 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160616/05318c6d/attachment-0009.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mbasti-0513.5-DNS-Locations-server-mod-add-automatic-records-updat.patch
Type: text/x-patch
Size: 1947 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160616/05318c6d/attachment-0010.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mbasti-0515.5-DNS-Locations-dnsservers-add-required-objectclasses.patch
Type: text/x-patch
Size: 4547 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160616/05318c6d/attachment-0011.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mbasti-0516.5-DNS-Locations-dnsserver-commands.patch
Type: text/x-patch
Size: 25083 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160616/05318c6d/attachment-0012.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mbasti-0517.5-DNS-Locations-dnsserver-put-server_id-option-into-na.patch
Type: text/x-patch
Size: 7389 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160616/05318c6d/attachment-0013.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mbasti-0518.5-DNS-Locations-dnsserver-use-the-newer-config-way-in-.patch
Type: text/x-patch
Size: 3301 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160616/05318c6d/attachment-0014.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mbasti-0519.5-DNS-Locations-dnsserver-remove-config-when-replica-i.patch
Type: text/x-patch
Size: 1705 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160616/05318c6d/attachment-0015.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mbasti-0520.1-DNS-Locations-set-proper-substitution-variable.patch
Type: text/x-patch
Size: 1349 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160616/05318c6d/attachment-0016.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mbasti-0521.1-DNS-Locations-require-to-restart-named-pkcs11-affter.patch
Type: text/x-patch
Size: 2126 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160616/05318c6d/attachment-0017.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mbasti-0522.1-DNS-Locations-show-warning-if-there-is-no-DNS-server.patch
Type: text/x-patch
Size: 4396 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160616/05318c6d/attachment-0018.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mbasti-0523.1-DNS-Locations-prevent-to-remove-used-locations.patch
Type: text/x-patch
Size: 1781 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160616/05318c6d/attachment-0019.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mbasti-0524.1-DNS-Locations-do-not-generate-location-records-for-u.patch
Type: text/x-patch
Size: 2323 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160616/05318c6d/attachment-0020.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mbasti-0525.1-DNS-Locations-location-del-remove-location-record.patch
Type: text/x-patch
Size: 3633 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160616/05318c6d/attachment-0021.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mbasti-0526.1-DNS-Locations-Rename-ipalocationweight-to-ipaservice.patch
Type: text/x-patch
Size: 17868 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160616/05318c6d/attachment-0022.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mbasti-0527.1-DNS-Locations-generate-NTP-records.patch
Type: text/x-patch
Size: 4223 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160616/05318c6d/attachment-0023.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mbasti-0528.1-upgrade-don-t-fail-if-zone-does-not-exists-in-in-fin.patch
Type: text/x-patch
Size: 1154 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160616/05318c6d/attachment-0024.bin>

More information about the Freeipa-devel mailing list