[Freeipa-devel] [PATCH 0052] Create server-dns sub-package
Petr Spacek
pspacek at redhat.com
Wed Jul 1 13:25:49 UTC 2015
On 1.7.2015 15:13, Jan Cholasta wrote:
> Hi,
>
> Dne 1.7.2015 v 14:12 Petr Spacek napsal(a):
>> Hello,
>>
>> Create server-dns sub-package.
>>
>> This allows us to automatically pull in package bind-pkcs11
>> and thus create upgrade path for on CentOS 7.1 -> 7.2.
>>
>> IPA previously had no requires on BIND packages and these had to be
>> installed manually before first ipa-dns-install run.
>> We need to pull additional bind-pkcs11 package during RPM upgrade
>> so ipa-dns-install cannot help with this.
>>
>> https://fedorahosted.org/freeipa/ticket/4058
>
> Can this be done without adding server-core?
I'm not aware of such method (except of adding all DNS dependencies as
Requires straight into freeipa-server package).
> Because it's not server core,
> it's the whole thing! Or maybe just rename it to server-common?
I'm fine with 'common'. Ticket 4058 calls for sub-package for CA too so my
idea was to create 'core' package which will be gradually reduced more and more.
> To me it seems that the real problem is that IPA should continue to work with
> plain bind after upgrade, without DNSSEC which is optional anyway, but it does
> not. Why not fix that instead?
Because it is impossible to support and debug. Differences between bind and
bind-pkcs11 are quite subtle and I'm not willing to spend my and support's
time on debugging subtle bugs in someone's deployment.
We do not need more newspapers to hide our packaging problems, we need to get
rid of them.
--
Petr^2 Spacek
More information about the Freeipa-devel
mailing list