Description of problem: If bind-dyndb-ldap plugin modifies root zone forwarders table (by calling dns_fwdtable_add()) and forwarders are defined at same time in named.conf, BIND fails to start. Version-Release number of selected component (if applicable): Any/lastest BIND + bind-dyndb-ldap with support for global configuration via LDAP (unreleased). How reproducible: Steps to Reproduce: 1. Define any forwarders in /etc/named.conf (even empty forwarders statement is enough to reproduce this bug) 2. Define any forwarders in LDAP DB for bind-dyndb-ldap (in idnsConfigObject define attributes idnsForwarders and idnsForwardPolicy). 3. Start BIND. Actual results: /etc/named.conf:12: could not set up forwarding for domain '.': already exists load_configuration: already exists loading configuration: already exists exiting (due to fatal error) Expected results: BIND loads properly and configuration from plugin/LDAP is used. Additional info: Configuration from named.conf has to be parsed before plugin initialization.
[root@primenova ~]# ipa dnszone-show lab.eng.pnq.redhat.com --all --raw dn: idnsname=lab.eng.pnq.redhat.com,cn=dns,dc=lab,dc=eng,dc=pnq,dc=redhat,dc=com idnsname: lab.eng.pnq.redhat.com idnssoamname: primenova.lab.eng.pnq.redhat.com. idnssoarname: hostmaster.lab.eng.pnq.redhat.com. idnssoaserial: 2012 idnssoarefresh: 3600 idnssoaretry: 900 idnssoaexpire: 1209 idnssoaminimum: 3600 idnsupdatepolicy: grant LAB.ENG.PNQ.REDHAT.COM krb5-self * A; grant LAB.ENG.PNQ.REDHAT.COM krb5-self * AAAA; grant LAB.ENG.PNQ.REDHAT.COM krb5-self * SSHFP; idnszoneactive: TRUE idnsallowdynupdate: TRUE idnsallowquery: any; idnsallowtransfer: none; idnsforwarders: 10.65.202.129 idnsforwarders: 10.65.202.128 idnsforwardpolicy: first nsrecord: primenova.lab.eng.pnq.redhat.com. objectclass: top objectclass: idnsrecord objectclass: idnszone [root@primenova ~]# named.conf: options { // turns on IPv6 for port 53, IPv4 is on by default for all ifaces listen-on-v6 {any;}; // Put files that named is allowed to write in the data/ directory: directory "/var/named"; // the default dump-file "data/cache_dump.db"; statistics-file "data/named_stats.txt"; memstatistics-file "data/named_mem_stats.txt"; forward first; forwarders { }; // Any host is permitted to issue recursive queries allow-recursion { any; }; tkey-gssapi-credential "DNS/primenova.lab.eng.pnq.redhat.com"; tkey-domain "LAB.ENG.PNQ.REDHAT.COM"; }; [root@primenova ~]# service named restart Stopping named: . [ OK ] Starting named: [ OK ] [root@primenova ~]# [root@primenova ~]# service named status version: 9.8.2rc1-RedHat-9.8.2-0.6.rc1.el6 CPUs found: 2 worker threads: 2 number of zones: 20 debug level: 0 xfers running: 0 xfers deferred: 0 soa queries in progress: 0 query logging is OFF recursive clients: 0/0/1000 tcp clients: 0/100 server is up and running named (pid 27705) is running... [root@primenova ~]#
Verified in: ipa-server-2.2.0-5.el6.x86_64 bind-9.8.2-0.6.rc1.el6.x86_64
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2012-0830.html