Bug 767494

Summary: Automatically update corresponding PTR record when A/AAAA record is updated
Product: Red Hat Enterprise Linux 6 Reporter: Adam Tkac <atkac>
Component: bind-dyndb-ldapAssignee: Adam Tkac <atkac>
Status: CLOSED ERRATA QA Contact: IDM QE LIST <seceng-idm-qe-list>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.1CC: grajaiya, jgalipea, lucas.yamanishi, ovasik
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
URL: https://fedorahosted.org/bind-dyndb-ldap/ticket/33 https://fedorahosted.org/bind-dyndb-ldap/ticket/39
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-06-20 13:52:26 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 767486, 767725    

Description Adam Tkac 2011-12-14 08:21:09 UTC 
Description of problem:
The plugin should have option to automatically update corresponding PTR record when A/AAAA record is updated. This allows to keep DNS data consistent.

Version-Release number of selected component (if applicable):
bind-dyndb-ldap-0.2.0-7.el6
  
Actual results:
No such option.

Additional info:
New option called "sync_ptr" has been already added in upstream.
Comment 4 Jenny Severance 2012-04-25 16:50:28 UTC 
Can you please add steps to verify this?  It is not working as I think it should making an educated guess ...

1) Add a new record ::
# ipa dnsrecord-add testrelm.com foo --a-rec=10.1.1.10 --a-create-reverse
  Record name: foo
  A record: 10.1.1.10


2) Check for PTR record :: 
# ipa dnsrecord-find 1.1.10.in-addr.arpa.
  Record name: 10
  PTR record: foo.testrelm.com.

  Record name: @
  NS record: dhcp-185-247.testrelm.com.
----------------------------
Number of entries returned 2


3) modify ip address ::
# ipa dnsrecord-mod testrelm.com --a-rec=10.1.1.12 foo
  Record name: foo
  A record: 10.1.1.12

4) Check for updated PTR record :: 
# ipa dnsrecord-find 1.1.10.in-addr.arpa.
  Record name: 10  <===========================================  still the same
  PTR record: foo.testrelm.com.

  Record name: @
  NS record: dhcp-185-247.testrelm.com.
----------------------------
Number of entries returned 2
----------------------------
Comment 5 Adam Tkac 2012-04-27 13:31:03 UTC 
(In reply to comment #4)
> Can you please add steps to verify this?  It is not working as I think it
> should making an educated guess ...
> 
> 1) Add a new record ::
> # ipa dnsrecord-add testrelm.com foo --a-rec=10.1.1.10 --a-create-reverse
>   Record name: foo
>   A record: 10.1.1.10
> 
> 
> 2) Check for PTR record :: 
> # ipa dnsrecord-find 1.1.10.in-addr.arpa.
>   Record name: 10
>   PTR record: foo.testrelm.com.
> 
>   Record name: @
>   NS record: dhcp-185-247.testrelm.com.
> ----------------------------
> Number of entries returned 2
> 
> 
> 3) modify ip address ::
> # ipa dnsrecord-mod testrelm.com --a-rec=10.1.1.12 foo
>   Record name: foo
>   A record: 10.1.1.12
> 
> 4) Check for updated PTR record :: 
> # ipa dnsrecord-find 1.1.10.in-addr.arpa.
>   Record name: 10  <===========================================  still the same
>   PTR record: foo.testrelm.com.
> 
>   Record name: @
>   NS record: dhcp-185-247.testrelm.com.
> ----------------------------
> Number of entries returned 2
> ----------------------------

In my opinion the "sync PTR" feature is not enabled in the zone. Can you please check if "idnsAllowSyncPTR" attribute of the testrelm.com zone is set to TRUE? Or if there is "sync_ptr yes;" option set in named.conf? Without this settings the plugin doesn't update the reverse zone.
Comment 6 Jenny Severance 2012-04-27 17:21:46 UTC 
Nope it wasn't set ... thanks Adam!
Comment 7 Jenny Severance 2012-05-09 20:28:19 UTC 
verified :: 

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: bz767494 Automatically update corresponding PTR record when A/AAAA record is updated
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   PASS   ] :: Running 'ipa dnszone-add 1.1.10.in-addr.arpa. --name-server=hp-bl495cg5-02.testrelm.com --admin-email=ipaqar.redhat.com'
:: [   PASS   ] :: Running 'ipa dnsrecord-add testrelm.com foo --a-rec=10.1.1.10 --a-create-reverse'
:: [   PASS   ] :: Running 'ipa dnsrecord-show 1.1.10.in-addr.arpa. 10 | grep "PTR record: foo.testrelm.com"'
:: [   PASS   ] :: Running 'service named restart'
:: [   PASS   ] :: Running 'dig -x 10.1.1.10 | grep foo.testrelm.com'
:: [   LOG    ] :: Executing: ipa dnsrecord-add testrelm.com foo --a-rec=10.1.1.10 --a-create-reverse
:: [   LOG    ] :: "ipa dnsrecord-add testrelm.com foo --a-rec=10.1.1.10 --a-create-reverse" failed as expected.
:: [   PASS   ] :: Error message as expected: ipa: ERROR: Reverse record for IP address 10.1.1.10 already exists in reverse zone 1.1.10.in-addr.arpa..
:: [   PASS   ] :: Running 'ipa dnsrecord-add testrelm.com foo2 --a-rec=10.1.2.10 --a-create-reverse | grep "ipa: ERROR: Cannot create reverse record for "10.1.2.10": DNS reverse zone for IP address 10.1.2.10 not found"'
:: [   PASS   ] :: Running 'ipa dnsrecord-del 1.1.10.in-addr.arpa. 10 --del-all'
:: [   PASS   ] :: Running 'ipa dnszone-add 7.4.2.2.0.0.0.0.2.5.0.0.0.2.6.2.ip6.arpa. --name-server=hp-bl495cg5-02.testrelm.com --admin-email=ipaqar.redhat.com'
:: [   PASS   ] :: Running 'ipa dnsrecord-add testrelm.com bar --aaaa-rec=2620:52:0:2247:221:5eff:fe86:16b4 --aaaa-create-reverse'
:: [   PASS   ] :: Running 'ipa dnsrecord-show 7.4.2.2.0.0.0.0.2.5.0.0.0.2.6.2.ip6.arpa. 4.b.6.1.6.8.e.f.f.f.e.5.1.2.2.0 | grep "PTR record: bar.testrelm.com"'
:: [   PASS   ] :: Running 'service named restart'
:: [   PASS   ] :: Running 'dig -x 2620:52:0:2247:221:5eff:fe86:16b4 | grep bar.testrelm.com'
:: [   LOG    ] :: Executing: ipa dnsrecord-add testrelm.com bar --aaaa-rec=2620:52:0:2247:221:5eff:fe86:16b4 --aaaa-create-reverse
:: [   LOG    ] :: "ipa dnsrecord-add testrelm.com bar --aaaa-rec=2620:52:0:2247:221:5eff:fe86:16b4 --aaaa-create-reverse" failed as expected.
:: [   PASS   ] :: Error message as expected: ipa: ERROR: Reverse record for IP address 2620:52:0:2247:221:5eff:fe86:16b4 already exists in reverse zone 7.4.2.2.0.0.0.0.2.5.0.0.0.2.6.2.ip6.arpa..
:: [   PASS   ] :: Running 'ipa dnsrecord-add testrelm.com bar --aaaa-rec=2621:52:0:2247:221:5eff:fe86:26b4 --aaaa-create-reverse | grep "ipa: ERROR: Cannot create reverse record for "2621:52:0:2247:221:5eff:fe86:26b4": DNS reverse zone for IP address 2621:52:0:2247:221:5eff:fe86:26b4 not found"'
:: [   PASS   ] :: Running 'ipa dnsrecord-del 7.4.2.2.0.0.0.0.2.5.0.0.0.2.6.2.ip6.arpa. 4.b.6.1.6.8.e.f.f.f.e.5.1.2.2.0 --del-all'
:: [   PASS   ] :: Deleting test zone 1.1.10.in-addr.arpa.
:: [   PASS   ] :: Deleting test zone 7.4.2.2.0.0.0.0.2.5.0.0.0.2.6.2.ip6.arpa.
:: [   PASS   ] :: Deleting record foo
:: [   PASS   ] :: Deleting record foo2
:: [   PASS   ] :: Deleting record bar
:: [   LOG    ] :: Duration: 1m 15s
:: [   LOG    ] :: Assertions: 21 good, 0 bad
:: [   PASS   ] :: RESULT: bz767494 Automatically update corresponding PTR record when A/AAAA record is updated

version ::

ipa-server-2.2.0-12.el6.i686
Comment 9 errata-xmlrpc 2012-06-20 13:52:26 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2012-0837.html