[Freeipa-devel] [PATCH 0155] DNS server upgrade: do not fail when DNS server did not respond
Martin Basti
mbasti at redhat.com
Tue Aug 16 12:26:38 UTC 2016
On 11.08.2016 17:38, Martin Basti wrote:
>
>
> On 11.08.2016 15:18, Petr Spacek wrote:
>> On 11.8.2016 15:08, Petr Spacek wrote:
>>> Hello,
>>>
>>> DNS server upgrade: do not fail when DNS server did not respond
>>>
>>> Previously, update_dnsforward_emptyzones failed with an exeception if
>>> DNS query failed for some reason. Now the error is logged and upgrade
>>> continues.
>>>
>>> I assume that this is okay because the DNS query is used as heuristics
>>> of last resort in the upgrade logic and failure to do so should not
>>> have
>>> catastrophics consequences: In the worst case, the admin needs to
>>> manually change forwarding policy from 'first' to 'only'.
>>>
>>> In the end I have decided not to auto-start BIND because BIND
>>> depends on
>>> GSSAPI for authentication, which in turn depends on KDC ... Alternative
>>> like reconfiguring BIND to use LDAPI+EXTERNAL and reconfiguring DS to
>>> accept LDAP external bind from named user are too complicated.
>>>
>>> https://fedorahosted.org/freeipa/ticket/6205
>> Here is variant for master branch. Enjoy.
>>
> ACK
>
master:
* f2fe35721967531257bc952b766a7c77e71be826 DNS server upgrade: do not
fail when DNS server did not respond
ipa-4-3:
* 27534f8d7294536364147b18b76ecb2bac67870f DNS server upgrade: do not
fail when DNS server did not respond
More information about the Freeipa-devel
mailing list