Bug 795414 - Dynamic database plug-in cannot change BIND root zone forwarders while plug-in start
Summary: Dynamic database plug-in cannot change BIND root zone forwarders while plug-i...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: bind
Version: 6.3
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: rc
: ---
Assignee: Adam Tkac
QA Contact: qe-baseos-daemons
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2012-02-20 12:49 UTC by Petr Spacek
Modified: 2015-05-20 15:15 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2012-06-20 13:41:09 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Bugzilla 795406 None None None Never
Red Hat Product Errata RHBA-2012:0830 normal SHIPPED_LIVE bind bug fix and enhancement update 2012-06-19 20:49:20 UTC

Internal Links: 795406

Description Petr Spacek 2012-02-20 12:49:15 UTC
Description of problem:
If bind-dyndb-ldap plugin modifies root zone forwarders table (by calling dns_fwdtable_add()) and forwarders are defined at same time in named.conf, BIND fails to start.


Version-Release number of selected component (if applicable):
Any/lastest BIND + bind-dyndb-ldap with support for global configuration via LDAP (unreleased).


How reproducible:

Steps to Reproduce:
1. Define any forwarders in /etc/named.conf (even empty forwarders statement is enough to reproduce this bug)
2. Define any forwarders in LDAP DB for bind-dyndb-ldap (in idnsConfigObject define attributes idnsForwarders and idnsForwardPolicy).
3. Start BIND.
  

Actual results:
/etc/named.conf:12: could not set up forwarding for domain '.': already exists
load_configuration: already exists
loading configuration: already exists
exiting (due to fatal error)


Expected results:
BIND loads properly and configuration from plugin/LDAP is used.


Additional info:
Configuration from named.conf has to be parsed before plugin initialization.

Comment 7 Gowrishankar Rajaiyan 2012-03-23 15:36:37 UTC
[root@primenova ~]# ipa dnszone-show lab.eng.pnq.redhat.com --all --raw
  dn: idnsname=lab.eng.pnq.redhat.com,cn=dns,dc=lab,dc=eng,dc=pnq,dc=redhat,dc=com
  idnsname: lab.eng.pnq.redhat.com
  idnssoamname: primenova.lab.eng.pnq.redhat.com.
  idnssoarname: hostmaster.lab.eng.pnq.redhat.com.
  idnssoaserial: 2012
  idnssoarefresh: 3600
  idnssoaretry: 900
  idnssoaexpire: 1209
  idnssoaminimum: 3600
  idnsupdatepolicy: grant LAB.ENG.PNQ.REDHAT.COM krb5-self * A; grant LAB.ENG.PNQ.REDHAT.COM krb5-self * AAAA; grant LAB.ENG.PNQ.REDHAT.COM krb5-self * SSHFP;
  idnszoneactive: TRUE
  idnsallowdynupdate: TRUE
  idnsallowquery: any;
  idnsallowtransfer: none;
  idnsforwarders: 10.65.202.129
  idnsforwarders: 10.65.202.128
  idnsforwardpolicy: first
  nsrecord: primenova.lab.eng.pnq.redhat.com.
  objectclass: top
  objectclass: idnsrecord
  objectclass: idnszone
[root@primenova ~]# 



named.conf:
options {
        // turns on IPv6 for port 53, IPv4 is on by default for all ifaces
        listen-on-v6 {any;};

        // Put files that named is allowed to write in the data/ directory:
        directory "/var/named"; // the default
        dump-file               "data/cache_dump.db";
        statistics-file         "data/named_stats.txt";
        memstatistics-file      "data/named_mem_stats.txt";

        forward first;
        forwarders { };

        // Any host is permitted to issue recursive queries
        allow-recursion { any; };

        tkey-gssapi-credential "DNS/primenova.lab.eng.pnq.redhat.com";
        tkey-domain "LAB.ENG.PNQ.REDHAT.COM";
};


[root@primenova ~]# service named restart
Stopping named: .                                          [  OK  ]
Starting named:                                            [  OK  ]
[root@primenova ~]#

[root@primenova ~]# service named status
version: 9.8.2rc1-RedHat-9.8.2-0.6.rc1.el6
CPUs found: 2
worker threads: 2
number of zones: 20
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/0/1000
tcp clients: 0/100
server is up and running
named (pid  27705) is running...
[root@primenova ~]#

Comment 8 Gowrishankar Rajaiyan 2012-03-23 16:41:55 UTC
Verified in: 
ipa-server-2.2.0-5.el6.x86_64
bind-9.8.2-0.6.rc1.el6.x86_64

Comment 10 errata-xmlrpc 2012-06-20 13:41:09 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2012-0830.html


Note You need to log in before you can comment on or make changes to this bug.