On 04/12/2013 02:30 PM, Jan Cholasta wrote:
> On 12.4.2013 14:19, Petr Viktorin wrote:
>> On 04/12/2013 01:24 PM, Jan Cholasta wrote:
>>> Hi,
>>>
>>> the attached patches fix <https://fedorahosted.org/freeipa/ticket/3547>.
>>>
>>> Honza
>>
>> We used short names in the CNAMEs:
>>
>> $ ipa dnsrecord-find  idm.lab.eng.brq.redhat.com ipa-ca
>>    Record name: ipa-ca
>>    CNAME record: vm-109
>> ----------------------------
>> Number of entries returned 1
>> ----------------------------
>>
>>
>> But it seems the patch assumes a FQDN with a dot at the end. When
>> upgrading a 3.1 server I get:
>>
>> 2013-04-12T12:16:43Z INFO   File
>> "/usr/lib/python2.7/site-packages/ipaserver/install/installutils.py",
>> line 613, in run_script
>>      return_value = main_function()
>>
>>    File "/usr/sbin/ipa-upgradeconfig", line 853, in main
>>      add_ca_dns_records()
>>
>>    File "/usr/sbin/ipa-upgradeconfig", line 752, in add_ca_dns_records
>>      bind.convert_ipa_ca_cnames(api.env.domain)
>>
>>    File
>> "/usr/lib/python2.7/site-packages/ipaserver/install/bindinstance.py",
>> line 785, in convert_ipa_ca_cnames
>>      self.add_ipa_ca_dns_records(cname[:-1], domain_name, None)
>>
>>    File
>> "/usr/lib/python2.7/site-packages/ipaserver/install/bindinstance.py",
>> line 772, in add_ipa_ca_dns_records
>>      host, zone = fqdn.split(".", 1)
>>
>> Unexpected error
>> ValueError: need more than 1 value to unpack
>>
> 
> Hmm, in my test setup the CNAMEs contained FQDNs. Fixed.

IIRC, ipa-ca will contain FQDNs if the server is from different domain in DNS.
I.e. for example if managed domain is example.com, but one replica runs in
domain testrelm.com.

This is something that needs to be supported&tested too.

Martin

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to