Bug 707255

Summary: Add support for loading new zones from LDAP
Product: Red Hat Enterprise Linux 6 Reporter: Martin Kosek <mkosek>
Component: bind-dyndb-ldapAssignee: Adam Tkac <atkac>
Status: CLOSED ERRATA QA Contact: Chandrasekar Kannan <ckannan>
Severity: medium Docs Contact:
Priority: high    
Version: 6.0CC: benl, jgalipea, mgregg, ovasik
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-12-06 17:57:06 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On:    
Bug Blocks: 707312    

Description Martin Kosek 2011-05-24 14:04:19 UTC 
Description of problem:
When a new zone appears or disappears, a reload of named should be forced from the plugin, so that new zone becomes usable without requiring an explicitly reload action from the admin.

Version-Release number of selected component (if applicable):
bind-dyndb-ldap-0.2.0-3.20110426T0344z.el6.x86_64

How reproducible:
You can test it for example in IPA with DNS-support.

Steps to Reproduce:
1. ipa dnszone-add NEWZONE
2. dig NEWZONE
3.
  
Actual results:
NEWZONE data are not resolvable until Bind is restarted on the master.

Expected results:
Plugin should reload Bind so that the new zone can be resolved

Additional info:
There is an upstream bind-dyndb-ldap ticket:
https://fedorahosted.org/bind-dyndb-ldap/ticket/31
Comment 1 Adam Tkac 2011-05-24 14:15:01 UTC 
Patches for this are ready - https://www.redhat.com/archives/freeipa-devel/2011-May/msg00159.html

https://www.redhat.com/archives/freeipa-devel/2011-May/msg00158.html patchset will be included as well.
Comment 5 Michael Gregg 2011-11-04 23:56:36 UTC 
Verified against ipa-server.x86_64 0:2.1.4-101.20111102T0110zgitc10db54.el6
11-4-2011

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: ipa-dns-07: create a new zone
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

  Zone name: newzone
  Authoritative nameserver: ipaqa64vmh.testrelm.
  Administrator e-mail address: ipaqar.redhat.com.
  SOA serial: 2010010701
  SOA refresh: 303
  SOA retry: 101
  SOA expire: 1202
  SOA minimum: 33
  SOA time to live: 55
  Active zone: TRUE
  Dynamic update: FALSE
:: [   PASS   ] :: Checking to ensure that ipa thinks that it can create a zone
Shutting down dirsrv: 
    PKI-IPA...[  OK  ]
    TESTRELM...[  OK  ]
Starting dirsrv: 
    PKI-IPA...[  OK  ]
    TESTRELM...[  OK  ]
Stopping Kerberos 5 KDC: [  OK  ]
Starting Kerberos 5 KDC: [  OK  ]
Shutting down ipa_kpasswd: [  OK  ]
Starting ipa_kpasswd: [  OK  ]
Stopping named: .[  OK  ]
Starting named: [  OK  ]
Stopping httpd: [  OK  ]
Starting httpd: [Wed Nov 02 17:57:16 2011] [warn] worker ajp://localhost:9447/ already used by another worker
[Wed Nov 02 17:57:16 2011] [warn] worker ajp://localhost:9447/ already used by another worker
[  OK  ]
Stopping pki-ca: [  OK  ]
Starting pki-ca: [  OK  ]
Restarting Directory Service
Restarting KDC Service
Restarting KPASSWD Service
Restarting DNS Service
Restarting HTTP Service
Restarting CA Service
:: [   PASS   ] :: Restarting IPA server
Comment 6 errata-xmlrpc 2011-12-06 17:57:06 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2011-1715.html