Bug 868956
Summary: | Adding dnszone using name-server and ipaddress, adds zone with incorrect data | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Namita Soman <nsoman> |
Component: | ipa | Assignee: | Rob Crittenden <rcritten> |
Status: | CLOSED ERRATA | QA Contact: | Namita Soman <nsoman> |
Severity: | unspecified | Docs Contact: | |
Priority: | medium | ||
Version: | 6.3 | CC: | mkosek, pspacek |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | ipa-3.0.0-8.el6 | Doc Type: | Bug Fix |
Doc Text: |
Cause: Identity Management dnszone-add command accepts --name-server option specifying a hostname of primary name server resolving the zone. However, the option considered all hostnames as fully qualified domain names (FQDN) even though they were not FQDN (e.g. nameserver "ns.example.com." for zone example.com) and were relative to the zone name (e.g. nameserver "ns" for zone "example.com").
Consequence: When using Identity Management dnszone-add command, the Administrator was not able to specify nameserver in the relative name format.
Fix: Detect the nameserver format correctly with respect to DNS naming rules, i.e. name with trailing "." is FQDN, name without trailing "." is a relative name.
Result: dnszone-add command can process both relative and fully qualified domain names.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2013-02-21 09:28:38 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Namita Soman
2012-10-22 14:45:06 UTC
Upstream ticket: https://fedorahosted.org/freeipa/ticket/3204 Fixed upstream: master: https://fedorahosted.org/freeipa/changeset/a00109585684fac520c48188298b75df816fbd23 ipa-3-0: https://fedorahosted.org/freeipa/changeset/dc406253821ba7a616dd12e2bcc5dd602247a279 --name-server option now behaves correctly with respect to absolute/relative DNS names. You may need to update your test cases if you do not use it right! Examples: 1) Add new zone using absolute address to nameserver: # ipa dnszone-add new.zone --name-server ns.ipa.testrelm. Effective nameserver will be ns.ipa.testrelm. 2) Add new zone using relative address to nameserver: # ipa dnszone-add new.zone --name-server ns --ip-address 10.0.0.1 Effective nameserver will be ns.new.zone. New A record with IP 10.0.0.1 will be created in new.zone Verified using ipa-server-3.0.0-20.el6.x86_64 # ipa dnszone-add --name-server=nightcrawler --ip-address=10.16.96.83 qwe Administrator e-mail address [hostmaster.qwe.]: Zone name: qwe Authoritative nameserver: nightcrawler Administrator e-mail address: hostmaster.qwe. SOA serial: 1358182380 SOA refresh: 3600 SOA retry: 900 SOA expire: 1209600 SOA minimum: 3600 BIND update policy: grant TESTRELM.COM krb5-self * A; grant TESTRELM.COM krb5-self * AAAA; grant TESTRELM.COM krb5-self * SSHFP; Active zone: TRUE Dynamic update: FALSE Allow query: any; Allow transfer: none; # ipa dnsrecord-find qwe Record name: @ NS record: nightcrawler Record name: nightcrawler A record: 10.16.96.83 ---------------------------- Number of entries returned 2 ---------------------------- Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHSA-2013-0528.html |