Bug 1100796
Summary: | New dispatcher script does not work with latest unbound | ||||||
---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Tomáš Hozza <thozza> | ||||
Component: | dnssec-trigger | Assignee: | Pavel Šimerda (pavlix) <psimerda> | ||||
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
Severity: | urgent | Docs Contact: | |||||
Priority: | urgent | ||||||
Version: | 20 | CC: | psimerda, pspacek, pwouters, thozza, vonsch | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | Unspecified | ||||||
OS: | Unspecified | ||||||
Whiteboard: | |||||||
Fixed In Version: | dnssec-trigger-0.12-13.fc20 | Doc Type: | Bug Fix | ||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2014-09-19 10:07:09 UTC | Type: | Bug | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | |||||||
Bug Blocks: | 1070631 | ||||||
Attachments: |
|
Description
Tomáš Hozza
2014-05-23 13:03:32 UTC
(In reply to Tomas Hozza from comment #0) > Description of problem: > The new dispatcher script adds functionality that checks if forward zones > configured in unbound are validated or not. This requires a patch for unbound > that is accepted upstream, but not yet in Fedora and in the latest stable > version of unbound. > > The new script should be backwards compatible and don't rely on the > functionality. The new script ends with traceback: > > # python3 /usr/libexec/dnssec-trigger-script --update > Global forwarders: 192.168.1.1 2001:4de8:fa4d::1 > Traceback (most recent call last): > File "/usr/libexec/dnssec-trigger-script", line 435, in <module> > Application(sys.argv).run() > File "/usr/libexec/dnssec-trigger-script", line 349, in run > self.method() > File "/usr/libexec/dnssec-trigger-script", line 383, in run_update > self.run_update_connection_zones() > File "/usr/libexec/dnssec-trigger-script", line 403, in > run_update_connection_zones > unbound_zones = UnboundZoneConfig() > File "/usr/libexec/dnssec-trigger-script", line 193, in __init__ > if fields[0] == '+i': > IndexError: list index out of range > > As a result the script does not adds forward zones for connection provided > zones! I would guess the bug itself refers to forward zone removal rather than addition. I will look at it but if you could provide output of '... --debug ---update', that might help a bit. (In reply to Pavel Šimerda (pavlix) from comment #1) > (In reply to Tomas Hozza from comment #0) > > Description of problem: > > The new dispatcher script adds functionality that checks if forward zones > > configured in unbound are validated or not. This requires a patch for unbound > > that is accepted upstream, but not yet in Fedora and in the latest stable > > version of unbound. > > > > The new script should be backwards compatible and don't rely on the > > functionality. The new script ends with traceback: > > > > # python3 /usr/libexec/dnssec-trigger-script --update > > Global forwarders: 192.168.1.1 2001:4de8:fa4d::1 > > Traceback (most recent call last): > > File "/usr/libexec/dnssec-trigger-script", line 435, in <module> > > Application(sys.argv).run() > > File "/usr/libexec/dnssec-trigger-script", line 349, in run > > self.method() > > File "/usr/libexec/dnssec-trigger-script", line 383, in run_update > > self.run_update_connection_zones() > > File "/usr/libexec/dnssec-trigger-script", line 403, in > > run_update_connection_zones > > unbound_zones = UnboundZoneConfig() > > File "/usr/libexec/dnssec-trigger-script", line 193, in __init__ > > if fields[0] == '+i': > > IndexError: list index out of range > > > > As a result the script does not adds forward zones for connection provided > > zones! > > I would guess the bug itself refers to forward zone removal rather than > addition. I will look at it but if you could provide output of '... --debug > ---update', that might help a bit. Sorry, I'm not able to do so. After dnssec-trigger not working I downgraded to the latest stable version. Now I'm not able to reproduce the issue. Created attachment 901864 [details]
a fix
It has been sent upstream as well.
Fixed in rawhide, we'll issue an update for F20 when ready. dnssec-trigger-0.12-12.fc20 has been submitted as an update for Fedora 20. https://admin.fedoraproject.org/updates/dnssec-trigger-0.12-12.fc20 Package dnssec-trigger-0.12-12.fc20: * should fix your issue, * was pushed to the Fedora 20 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing dnssec-trigger-0.12-12.fc20' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2014-7942/dnssec-trigger-0.12-12.fc20 then log in and leave karma (feedback). dnssec-trigger-0.12-13.fc20 has been submitted as an update for Fedora 20. https://admin.fedoraproject.org/updates/dnssec-trigger-0.12-13.fc20 dnssec-trigger-0.12-13.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report. |