Bug 1469984

Summary: required bind version doesn't have the dyndb interface
Product: Red Hat Enterprise Linux 7 Reporter: Jaroslav Reznik <jreznik>
Component: bind-dyndb-ldapAssignee: Tomas Krizek <tkrizek>
Status: CLOSED ERRATA QA Contact: ipa-qe <ipa-qe>
Severity: urgent Docs Contact:
Priority: high    
Version: 7.4CC: enewland, jreznik, ksiddiqu, mkosek, msuchane, ndehadra, pspacek, salmy, tkrizek
Target Milestone: rcKeywords: Regression, ZStream
Target Release: ---   
Hardware: All   
OS: Unspecified   
Whiteboard:
Fixed In Version: bind-dyndb-ldap-11.1-4.el7 Doc Type: If docs needed, set a value
Doc Text:
Prior to this update, the bind packages were missing some patches required by the bind-dyndb-ldap plug-in. Consequently, the "named" service was unable to start. To fix this bug, correct version of bind has been used when installing bind-dyndb-ldap. As a result, the "named" service now starts successfully.
 Story Points: ---
Clone Of: 1469563 Environment:
Last Closed: 2017-08-01 11:29:51 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1469563    
Bug Blocks:    

Description Jaroslav Reznik 2017-07-12 08:15:51 UTC 
This bug has been copied from bug #1469563 and has been proposed to be backported to 7.4 z-stream (EUS).
Comment 5 Nikhil Dehadrai 2017-07-14 09:38:39 UTC 
IPA-SERVER-VERSION:
ipa-server-4.5.0-21.el7.x86_64

BIND:
bind-9.9.4-51.el7.x86_64
bind-dyndb-ldap-11.1-4.el7.x86_64


WITH IDM:
--------------------
Verified the bug on the basis of following observations:
1) Verified that IPA-server/replica is upgrade successfully.
2) Verified that updating bind-dyndb-ldap package during ipa-upgrade process, also pulls in the latest version of bind package.
3) Verified that ipactl services are restarted correctly after the upgrade.
4) Verified the same for following upgrade paths:
- 7.3.z > 7.4
- 7.3 > 7.4
- 7.2.z > 7.4
- 7.1.z > 7.4

Details as below:
:: [   PASS   ] :: Command 'yum -y update 'ipa*' sssd 'python*'' (Expected 0, got 0)
:: [  BEGIN   ] :: Running 'tail -1 /var/log/ipaupgrade.log | grep 'The ipa-server-upgrade command was successful''
2017-07-13T11:18:34Z INFO The ipa-server-upgrade command was successful
:: [   PASS   ] :: Command 'tail -1 /var/log/ipaupgrade.log | grep 'The ipa-server-upgrade command was successful'' (Expected 0, got 0)

:: [  BEGIN   ] :: Running 'ipactl restart'

MARK-LWD-LOOP -- 2017-07-13 16:51:09 --
ipa: INFO: The ipactl command was successful
Restarting Directory Service
    debugging enabled, suppressing output.
Restarting krb5kdc Service
Restarting kadmin Service
Restarting named Service
Restarting httpd Service
Restarting ipa-custodia Service
Restarting ntpd Service
Restarting pki-tomcatd Service
Restarting ipa-otpd Service
Restarting ipa-dnskeysyncd Service
:: [   PASS   ] :: Command 'ipactl restart' (Expected 0, got 0)
:: [  BEGIN   ] :: Running 'ipactl status'
ipa: INFO: The ipactl command was successful
Directory Service: RUNNING
krb5kdc Service: RUNNING
kadmin Service: RUNNING
named Service: RUNNING
httpd Service: RUNNING
ipa-custodia Service: RUNNING
ntpd Service: RUNNING
pki-tomcatd Service: RUNNING
ipa-otpd Service: RUNNING
ipa-dnskeysyncd Service: RUNNING
:: [   PASS   ] :: Command 'ipactl status' (Expected 0, got 0)
:: [  BEGIN   ] :: Running 'service sssd restart'
Redirecting to /bin/systemctl restart  sssd.service
:: [   PASS   ] :: Command 'service sssd restart' (Expected 0, got 0)
:: [  BEGIN   ] :: Running 'rpm -q ipa-server 389-ds-base bind bind-dyndb-ldap pki-ca sssd'
ipa-server-4.5.0-21.el7.x86_64
389-ds-base-1.3.6.1-16.el7.x86_64
bind-9.9.4-51.el7.x86_64
bind-dyndb-ldap-11.1-4.el7.x86_64
pki-ca-10.4.1-10.el7.noarch
sssd-1.15.2-50.el7.x86_64
:: [   PASS   ] :: Command 'rpm -q ipa-server 389-ds-base bind bind-dyndb-ldap pki-ca sssd' (Expected 0, got 0) 

WITHOUT IDM:
================================
Beforeupgrade:(rhel 73z)
--------------------------
[root@auto-hv-01-guest10 ~]# rpm -q bind*
package bind* is not installed
[root@auto-hv-01-guest10 ~]# rpm -qa bind*
[root@auto-hv-01-guest10 ~]# rpm -q bind-*
package bind-* is not installed
[root@auto-hv-01-guest10 ~]# rpm -q bind-dyndb-ldap
package bind-dyndb-ldap is not installed
[root@auto-hv-01-guest10 ~]# yum install bind-dyndb-ldap
Installed:
  bind-dyndb-ldap.x86_64 0:10.0-5.el7                                                                                  

Dependency Installed:
  bind.x86_64 32:9.9.4-50.el7_3.1    bind-libs.x86_64 32:9.9.4-50.el7_3.1    bind-license.noarch 32:9.9.4-50.el7_3.1   

Complete!
[root@auto-hv-01-guest10 ~]# rpm -qa bind*
bind-libs-9.9.4-50.el7_3.1.x86_64
bind-license-9.9.4-50.el7_3.1.noarch
bind-9.9.4-50.el7_3.1.x86_64
bind-dyndb-ldap-10.0-5.el7.x86_64
[root@auto-hv-01-guest10 ~]# 

After Upgrade to RHEL 7.4.z:
------------------------------
[root@auto-hv-01-guest10 ~]# yum -y update bind-dyndb-ldap
Updated:
  bind-dyndb-ldap.x86_64 0:11.1-4.el7                                                                                  

Dependency Updated:
  bind.x86_64 32:9.9.4-51.el7        bind-libs.x86_64 32:9.9.4-51.el7        bind-license.noarch 32:9.9.4-51.el7       

Complete!
[root@auto-hv-01-guest10 ~]# rpm -qa bind*
bind-libs-9.9.4-51.el7.x86_64
bind-license-9.9.4-51.el7.noarch
bind-9.9.4-51.el7.x86_64
bind-dyndb-ldap-11.1-4.el7.x86_64
[root@auto-hv-01-guest10 ~]# 


Thus on the basis of above observations, marking status of bug to "VERIFIED".
Comment 6 errata-xmlrpc 2017-08-01 11:29:51 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:2330