[Freeipa-devel] [PATCH 0110] DNS: Warn if forwarding policy conflicts with automatic empty zone
Martin Basti
mbasti at redhat.com
Wed May 25 10:30:06 UTC 2016
On 04.05.2016 10:43, Petr Spacek wrote:
> Hello,
>
> DNS: Warn if forwarding policy conflicts with automatic empty zones
>
> Forwarding policy "first" or "none" may conflicts with some automatic empty
> zones. Queries for zones specified by RFC 6303 will ignore
> forwarding and recursion and always result in NXDOMAIN answers.
>
> This is not detected and warned about. Global forwarding is equivalent
> to forward zone ".".
>
> Example:
> Forward zone 1.10.in-addr.arpa with policy "first"
> will not forward anything because BIND will automatically prefer
> automatic empty zone "10.in-addr.arpa." which is authoritative.
>
> https://fedorahosted.org/freeipa/ticket/5710
>
>
> This is last patch in the series so the ticket can be closed when all relevant
> patches are pushed.
>
>
>
You forgot to update tests
_____________________________________________________________________
test_dns.test_command[0087: dnsconfig_mod: Update global DNS settings]
______________________________________________________________________
self = <ipatests.test_xmlrpc.test_dns_plugin.test_dns object at
0x7fcef3ef2510>, index = 87
declarative_test_definition = {'command': ('dnsconfig_mod', [],
{'idnsforwarders': ['172.16.31.80'], 'version': '2.166'}), 'desc':
'Update global DN...arders': ['172.16.31.80']}, 'summary': None,
'value': None}, 'nice': '0087: dnsconfig_mod: Update global DNS settings'}
def test_command(self, index, declarative_test_definition):
"""Run an individual test
The arguments are provided by the pytest plugin.
"""
if callable(declarative_test_definition):
declarative_test_definition(self)
else:
> self.check(**declarative_test_definition)
test_xmlrpc/xmlrpc_test.py:313:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
test_xmlrpc/xmlrpc_test.py:325: in check
self.check_output(nice, cmd, args, options, expected, extra_check)
test_xmlrpc/xmlrpc_test.py:368: in check_output
assert_deepequal(expected, got, nice)
util.py:361: in assert_deepequal
assert_deepequal(e_sub, g_sub, doc, stack + (key,))
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
expected = [{'code': 13006, 'message': <function <lambda> at
0x7fcef426c758>, 'name': 'DNSServerValidationWarning', 'type': 'warning'}]
got = [{'code': 13021, 'message': "Forwarding policy conflicts with some
automatic empty zones. Queries for zones specified ...': The DNS
operation timed out after 10.0008428097 seconds.", 'name':
'DNSServerValidationWarning', 'type': 'warning'}]
doc = '0087: dnsconfig_mod: Update global DNS settings', stack =
('messages',)
def assert_deepequal(expected, got, doc='', stack=tuple()):
"""
Recursively check for type and equality.
If a value in expected is callable then it will used as a
callback to
test for equality on the got value. The callback is passed the got
value and returns True if equal, False otherwise.
If the tests fails, it will raise an ``AssertionError`` with
detailed
information, including the path to the offending value. For
example:
>>> expected = [u'Hello', dict(world=u'how are you?')]
>>> got = [u'Hello', dict(world='how are you?')]
>>> expected == got
True
>>> assert_deepequal(expected, got, doc='Testing my nested data')
Traceback (most recent call last):
...
AssertionError: assert_deepequal: type(expected) is not type(got).
Testing my nested data
type(expected) = <type 'unicode'>
type(got) = <type 'str'>
expected = u'how are you?'
got = 'how are you?'
path = (0, 'world')
Note that lists and tuples are considered equivalent, and the
order of
their elements does not matter.
"""
if isinstance(expected, tuple):
expected = list(expected)
if isinstance(got, tuple):
got = list(got)
if isinstance(expected, DN):
if isinstance(got, six.string_types):
got = DN(got)
if not (isinstance(expected, Fuzzy) or callable(expected) or
type(expected) is type(got)):
raise AssertionError(
TYPE % (doc, type(expected), type(got), expected, got,
stack)
)
if isinstance(expected, (list, tuple)):
if len(expected) != len(got):
raise AssertionError(
> LEN % (doc, len(expected), len(got), expected, got,
stack)
)
E AssertionError: assert_deepequal: list length mismatch.
E 0087: dnsconfig_mod: Update global DNS settings
E len(expected) = 1
E len(got) = 2
E expected = [{u'message': <function <lambda> at
0x7fcef426c758>, u'code': 13006, u'type': u'warning', u'name':
u'DNSServerValidationWarning'}]
E got = [{u'message': u"Forwarding policy conflicts with
some automatic empty zones. Queries for zones specified by RFC 6303 will
ignore forwarding and recursion and always result in NXDOMAIN answers.
To override this behavior use forward policy 'only'.", u'code': 13021,
u'type': u'warning', u'name': u'DNSForwardPolicyConflictWithEmptyZone'},
{u'message': u"DNS server 172.16.31.80: query '. SOA': The DNS operation
timed out after 10.0008428097 seconds.", u'code': 13006, u'type':
u'warning', u'name': u'DNSServerValidationWarning'}]
E path = (u'messages',)
util.py:332: AssertionError
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160525/c4ddab96/attachment.htm>
More information about the Freeipa-devel
mailing list