+++ This bug was initially created as a clone of Bug #773326 +++ This bug is created as a clone of upstream ticket: https://fedorahosted.org/sssd/ticket/893 Right now, the dynamic DNS update message is not logged anywhere. I suspect that the reason for not including it were security concerns. I think the message should be logged, because the logs are readable by root only anyway and moreover the update message only contains the following data: * hostname of the client * IP addresses of clients's network interface (either the one the client uses to connect to LDAP or one selected in the sssd config file) * client DNS zone * Kerberos realm of the client * IPA server hostname Adding the full nsupdate message would help in debugging dyndns issues as it would be possible to use the same message directly with nsupdate from the command line.
Verified. [root@ratchet ~]# rpm -qi sssd | head Name : sssd Relocations: (not relocatable) Version : 1.5.1 Vendor: Red Hat, Inc. Release : 49.el5 Build Date: Tue 17 Jan 2012 01:30:04 PM EST Install Date: Wed 18 Jan 2012 07:20:52 AM EST Build Host: x86-003.build.bos.redhat.com Group : Applications/System Source RPM: sssd-1.5.1-49.el5.src.rpm Size : 3651337 License: GPLv3+ Signature : (none) Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla> URL : http://fedorahosted.org/sssd/ Summary : System Security Services Daemon [root@ratchet ~]#
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2012-0164.html