Bug 707255 - Add support for loading new zones from LDAP
Summary: Add support for loading new zones from LDAP
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: bind-dyndb-ldap
Version: 6.0
Hardware: Unspecified
OS: Unspecified
high
medium
Target Milestone: rc
: ---
Assignee: Adam Tkac
QA Contact: Chandrasekar Kannan
URL:
Whiteboard:
Depends On:
Blocks: 707312
TreeView+ depends on / blocked
 
Reported: 2011-05-24 14:04 UTC by Martin Kosek
Modified: 2015-01-04 23:48 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-12-06 17:57:06 UTC
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2011:1715 0 normal SHIPPED_LIVE bind-dyndb-ldap bug fix update 2011-12-06 01:02:17 UTC

Description Martin Kosek 2011-05-24 14:04:19 UTC 
Description of problem:
When a new zone appears or disappears, a reload of named should be forced from the plugin, so that new zone becomes usable without requiring an explicitly reload action from the admin.

Version-Release number of selected component (if applicable):
bind-dyndb-ldap-0.2.0-3.20110426T0344z.el6.x86_64

How reproducible:
You can test it for example in IPA with DNS-support.

Steps to Reproduce:
1. ipa dnszone-add NEWZONE
2. dig NEWZONE
3.
  
Actual results:
NEWZONE data are not resolvable until Bind is restarted on the master.

Expected results:
Plugin should reload Bind so that the new zone can be resolved

Additional info:
There is an upstream bind-dyndb-ldap ticket:
https://fedorahosted.org/bind-dyndb-ldap/ticket/31
Comment 1 Adam Tkac 2011-05-24 14:15:01 UTC 
Patches for this are ready - https://www.redhat.com/archives/freeipa-devel/2011-May/msg00159.html

https://www.redhat.com/archives/freeipa-devel/2011-May/msg00158.html patchset will be included as well.
Comment 5 Michael Gregg 2011-11-04 23:56:36 UTC 
Verified against ipa-server.x86_64 0:2.1.4-101.20111102T0110zgitc10db54.el6
11-4-2011

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: ipa-dns-07: create a new zone
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

  Zone name: newzone
  Authoritative nameserver: ipaqa64vmh.testrelm.
  Administrator e-mail address: ipaqar.redhat.com.
  SOA serial: 2010010701
  SOA refresh: 303
  SOA retry: 101
  SOA expire: 1202
  SOA minimum: 33
  SOA time to live: 55
  Active zone: TRUE
  Dynamic update: FALSE
:: [   PASS   ] :: Checking to ensure that ipa thinks that it can create a zone
Shutting down dirsrv: 
    PKI-IPA...[  OK  ]
    TESTRELM...[  OK  ]
Starting dirsrv: 
    PKI-IPA...[  OK  ]
    TESTRELM...[  OK  ]
Stopping Kerberos 5 KDC: [  OK  ]
Starting Kerberos 5 KDC: [  OK  ]
Shutting down ipa_kpasswd: [  OK  ]
Starting ipa_kpasswd: [  OK  ]
Stopping named: .[  OK  ]
Starting named: [  OK  ]
Stopping httpd: [  OK  ]
Starting httpd: [Wed Nov 02 17:57:16 2011] [warn] worker ajp://localhost:9447/ already used by another worker
[Wed Nov 02 17:57:16 2011] [warn] worker ajp://localhost:9447/ already used by another worker
[  OK  ]
Stopping pki-ca: [  OK  ]
Starting pki-ca: [  OK  ]
Restarting Directory Service
Restarting KDC Service
Restarting KPASSWD Service
Restarting DNS Service
Restarting HTTP Service
Restarting CA Service
:: [   PASS   ] :: Restarting IPA server
Comment 6 errata-xmlrpc 2011-12-06 17:57:06 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2011-1715.html
Note You need to log in before you can comment on or make changes to this bug.