[Freeipa-devel] [PATCHES 0114-0115] DNS: allow to add root zone '.'

[Martin Basti]

On 02/09/14 17:46, Petr Spacek wrote:
> On 25.8.2014 14:52, Martin Basti wrote:
>> Patches attached.
>>
>> Ticket: https://fedorahosted.org/freeipa/ticket/4149
>>
>> There is a bug in bind-dyndb-ldap (or worse in dirsrv), which cause 
>> the named
>> service is stopped after deleting zone.
>> Bug ticket: https://fedorahosted.org/bind-dyndb-ldap/ticket/138
>
> Functional ACK, it works for me. It can be pushed if Python gurus are 
> okay with the code.
>
> # ipa dnszone-add .
> Authoritative nameserver: @
> Administrator e-mail address [hostmaster.]:
> >>> Administrator e-mail address: missing address domain
> Administrator e-mail address [hostmaster.]: hostmaster.
> >>> Administrator e-mail address: missing address domain
> Administrator e-mail address [hostmaster.]: hostmaster.test.
> Nameserver IP address: 127.0.0.1
>   Zone name: .
>   Active zone: TRUE
>   Authoritative nameserver: @
>   Administrator e-mail address: hostmaster.test.
>   SOA serial: 1409672572
>   SOA refresh: 3600
>   SOA retry: 900
>   SOA expire: 1209600
>   SOA minimum: 3600
>   BIND update policy: grant IPA.EXAMPLE krb5-self * A; grant 
> IPA.EXAMPLE krb5-self * AAAA; grant IPA.EXAMPLE krb5-self * SSHFP;
>   Dynamic update: FALSE
>   Allow query: any;
>   Allow transfer: none;
>
> # ipa dnszone-mod . --expire=555
>   Zone name: .
>   Active zone: TRUE
>   Authoritative nameserver: @
>   Administrator e-mail address: hostmaster.test.
>   SOA serial: 1409672710
>   SOA refresh: 3600
>   SOA retry: 900
>   SOA expire: 555
>   SOA minimum: 3600
>   Allow query: any;
>   Allow transfer: none;
>
> # ipa dnszone-del .
> --------------------
> Deleted DNS zone "."
> --------------------
>
> "Administrator e-mail address: missing address domain" failure is IMHO 
> acceptable in this case. It seems unlikely that root domain will have 
> MX records :-)
>
I noticed that during patch creation, the behavior seems good to me.

-- 
Martin Basti