[Freeipa-devel] [Freeipa-interest] Announcing bind-dyndb-ldap version 5.3

Petr Spacek pspacek at redhat.com
Fri Sep 12 14:25:11 UTC 2014 

The FreeIPA team is proud to announce bind-dyndb-ldap version 5.3.

It can be downloaded from https://fedorahosted.org/released/bind-dyndb-ldap/

The new version has also been built for Fedora 21+ and and is on its way to 
updates-testing:
https://admin.fedoraproject.org/updates/bind-dyndb-ldap-5.3-1.fc21

This version is also available from FreeIPA COPR repo:
http://copr.fedoraproject.org/coprs/mkosek/freeipa/

5.3
====
[1] Internal locking was reworked to prevent crashes and deadlocks.

5.2
====
[1] Kerberos ticket expiration is now handled correctly.
     https://fedorahosted.org/bind-dyndb-ldap/ticket/131

[2] BIND no longer crashes after removing root zone from LDAP.
     https://fedorahosted.org/bind-dyndb-ldap/ticket/138

[3] Root zone handling was fixed to prevent accidental child zone removal.
     https://fedorahosted.org/bind-dyndb-ldap/ticket/122

[4] Temporary files for idnsZone objects are now inside master/ subdirectory.

[5] Temporary directories are created with ug=rwx,o= permissions to enable
     POSIX ACL usage.

[6] Naming rules for working directories have changed: See README section 6.

[7] Documentation clearly states that idnsZoneActive attribute is not supported.


== Upgrading ==
A server can be upgraded by installing updated RPM. BIND has to be restarted 
manually after the RPM installation.

!!! CAUTION !!!
idnsZone object class changed it's semantics in version 5.0. Please read
https://git.fedorahosted.org/cgit/bind-dyndb-ldap.git/plain/README
and update idnsForwarders and idnsForward policy attributes in your DNS zones 
accordingly.

Transition from idnsZone to idnsForwardZone object class can be made seamless 
if you change data in LDAP before you upgrade to version 5.x. All 
bind-dyndb-ldap versions >= 3.0 support the idnsForwardZone object class.


Users of FreeIPA < 4.0 should be careful when upgrading bind-dyndb-ldap to 
version >= 5.0 (if they do not upgrade to FreeIPA 4.x at the same time).

Configuration semantics related to conditional (per-zone) forwarding has 
changed and FreeIPA < 4.0 doesn't have appropriate user interface and API.

It is safe to upgrade if you use *only* global forwarders (shown by 'ipa 
dnsconfig-show') and *do not* use per-zone forwarders (shown by 'ipa 
dnszone-show').

Don't hesitate to ask freeipa-users mailing list if you need help with upgrade.
!!! CAUTION !!!

Downgrading back to any 4.x version is supported.


== Feedback ==
Please provide comments, report bugs and send any other feedback via the 
freeipa-users mailing list:
http://www.redhat.com/mailman/listinfo/freeipa-users

-- 
Petr^2 Spacek

More information about the Freeipa-devel mailing list