[Freeipa-devel] [PATCH 0155] DNS server upgrade: do not fail when DNS server did not respond
Petr Spacek
pspacek at redhat.com
Thu Aug 11 13:18:43 UTC 2016
On 11.8.2016 15:08, Petr Spacek wrote:
> Hello,
>
> DNS server upgrade: do not fail when DNS server did not respond
>
> Previously, update_dnsforward_emptyzones failed with an exeception if
> DNS query failed for some reason. Now the error is logged and upgrade
> continues.
>
> I assume that this is okay because the DNS query is used as heuristics
> of last resort in the upgrade logic and failure to do so should not have
> catastrophics consequences: In the worst case, the admin needs to
> manually change forwarding policy from 'first' to 'only'.
>
> In the end I have decided not to auto-start BIND because BIND depends on
> GSSAPI for authentication, which in turn depends on KDC ... Alternative
> like reconfiguring BIND to use LDAPI+EXTERNAL and reconfiguring DS to
> accept LDAP external bind from named user are too complicated.
>
> https://fedorahosted.org/freeipa/ticket/6205
Here is variant for master branch. Enjoy.
--
Petr^2 Spacek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-pspacek-0157-DNS-server-upgrade-do-not-fail-when-DNS-server-did-n.patch
Type: text/x-patch
Size: 2479 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160811/efc20394/attachment.bin>
More information about the Freeipa-devel
mailing list