On 10/10/2013 01:47 PM, Jan Cholasta wrote:
> Hi,
> 
> On 9.10.2013 16:21, Martin Kosek wrote:
>> Deprecate this option and do not offer it in installation tools.
>> Without this option enabled, advanced DNS features like DNSSEC
>> would not work.
>>
>> https://fedorahosted.org/freeipa/ticket/3962
>>
> 
> Is there a reason not to remove serial_autoincrement from bindinstance? It is
> used only to set serial_autoincrement value in named.conf template, which can
> be hard-coded to "yes" in the template file.
> 
> Honza
> 

Probably not, attaching updated patch.

Martin
From 6be380777466b83cedf3f7dfa01aa109d0b0ed08 Mon Sep 17 00:00:00 2001
From: Martin Kosek <mko...@redhat.com>
Date: Wed, 9 Oct 2013 16:13:19 +0200
Subject: [PATCH] Remove --no-serial-autoincrement

Deprecate this option and do not offer it in installation tools.
Without this option enabled, advanced DNS features like DNSSEC
would not work.

https://fedorahosted.org/freeipa/ticket/3962
---
 install/share/bind.named.conf.template | 2 +-
 install/tools/ipa-dns-install          | 6 +-----
 install/tools/ipa-server-install       | 4 ----
 install/tools/man/ipa-dns-install.1    | 3 ---
 install/tools/man/ipa-server-install.1 | 3 ---
 ipaserver/install/bindinstance.py      | 7 +------
 6 files changed, 3 insertions(+), 22 deletions(-)

diff --git a/install/share/bind.named.conf.template b/install/share/bind.named.conf.template
index 5727a1536accd135cb556d76dfccf965bc098e29..0984febb11633c171710a4d7f181f738e02fa637 100644
--- a/install/share/bind.named.conf.template
+++ b/install/share/bind.named.conf.template
@@ -45,5 +45,5 @@ dynamic-db "ipa" {
 	arg "auth_method sasl";
 	arg "sasl_mech GSSAPI";
 	arg "sasl_user DNS/$FQDN";
-	arg "serial_autoincrement $SERIAL_AUTOINCREMENT";
+	arg "serial_autoincrement yes";
 };
diff --git a/install/tools/ipa-dns-install b/install/tools/ipa-dns-install
index 47acd8de6cb61e53db1d296ec38a0f7279f5f062..37a07f8e38d13260b659ad8b0e72014c6e36324e 100755
--- a/install/tools/ipa-dns-install
+++ b/install/tools/ipa-dns-install
@@ -52,9 +52,6 @@ def parse_options():
     parser.add_option("--zonemgr", action="callback", callback=bindinstance.zonemgr_callback,
                       type="string",
                       help="DNS zone manager e-mail address. Defaults to hostmaster@DOMAIN")
-    parser.add_option("--no-serial-autoincrement", dest="serial_autoincrement",
-                      default=True, action="store_false",
-                      help="Do not enable SOA serial autoincrement")
     parser.add_option("-U", "--unattended", dest="unattended", action="store_true",
                       default=False, help="unattended installation never prompts the user")
 
@@ -209,8 +206,7 @@ def main():
         print ""
 
     bind.setup(api.env.host, ip_address, api.env.realm, api.env.domain,
-               dns_forwarders, conf_ntp, reverse_zone, zonemgr=options.zonemgr,
-               serial_autoincrement=options.serial_autoincrement)
+               dns_forwarders, conf_ntp, reverse_zone, zonemgr=options.zonemgr)
     bind.create_instance()
 
     # Restart http instance to make sure that python-dns has the right resolver
diff --git a/install/tools/ipa-server-install b/install/tools/ipa-server-install
index 8077bc207fd2cd48846f7c6fdb2bff14505dc10c..b871ef3f219d688fdad6b74f9b6502e1391c6bf6 100644
--- a/install/tools/ipa-server-install
+++ b/install/tools/ipa-server-install
@@ -212,9 +212,6 @@ def parse_options():
                       help="Do not use DNS for hostname lookup during installation")
     dns_group.add_option("--no-dns-sshfp", dest="create_sshfp", default=True, action="store_false",
                       help="Do not automatically create DNS SSHFP records")
-    dns_group.add_option("--no-serial-autoincrement", dest="serial_autoincrement",
-                      default=True, action="store_false",
-                      help="Do not enable SOA serial autoincrement")
     parser.add_option_group(dns_group)
 
     uninstall_group = OptionGroup(parser, "uninstall options")
@@ -1181,7 +1178,6 @@ def main():
     bind = bindinstance.BindInstance(fstore, dm_password)
     bind.setup(host_name, ip_address, realm_name, domain_name, dns_forwarders,
                options.conf_ntp, reverse_zone, zonemgr=options.zonemgr,
-               serial_autoincrement=options.serial_autoincrement,
                ca_configured=setup_ca)
     if options.setup_dns:
         api.Backend.ldap2.connect(bind_dn=DN(('cn', 'Directory Manager')), bind_pw=dm_password)
diff --git a/install/tools/man/ipa-dns-install.1 b/install/tools/man/ipa-dns-install.1
index 646601eecaded0d8490bb41945f4bd83ee81c087..bde30cadba9b8b461f5373b734c3edf2faf9d0af 100644
--- a/install/tools/man/ipa-dns-install.1
+++ b/install/tools/man/ipa-dns-install.1
@@ -49,9 +49,6 @@ Do not create new reverse DNS zone. If used on a replica and a reverse DNS zone
 \fB\-\-zonemgr\fR
 The e\-mail address of the DNS zone manager. Defaults to hostmaster@DOMAIN
 .TP
-\fB\-\-no\-serial\-autoincrement\fR
-Do not enable SOA serial autoincrement feature. SOA serial will have to be updated automatically or other DNS features like zone transfer od DNSSEC will not function properly. This feature requires persistent search zone update mechanism.
-.TP
 \fB\-U\fR, \fB\-\-unattended\fR
 An unattended installation that will never prompt for user input
 .SH "EXIT STATUS"
diff --git a/install/tools/man/ipa-server-install.1 b/install/tools/man/ipa-server-install.1
index a093078cbe8c11d93a6c254f39066b0e9a6329e5..4adf1d037517bb211bd4c5e5e915380777e8f337 100644
--- a/install/tools/man/ipa-server-install.1
+++ b/install/tools/man/ipa-server-install.1
@@ -151,9 +151,6 @@ Do not use DNS for hostname lookup during installation
 .TP
 \fB\-\-no\-dns\-sshfp\fR
 Do not automatically create DNS SSHFP records.
-.TP
-\fB\-\-no\-serial\-autoincrement\fR
-Do not enable SOA serial autoincrement feature. SOA serial will have to be updated automatically or other DNS features like zone transfer od DNSSEC will not function properly. This feature requires persistent search zone update mechanism.
 
 .SS "UNINSTALL OPTIONS"
 .TP
diff --git a/ipaserver/install/bindinstance.py b/ipaserver/install/bindinstance.py
index 2d4da087175d8b2c4f283c59418002b0104f31ee..6d5a1d44d30c89278c24fe7ab5278355cb65b0b4 100644
--- a/ipaserver/install/bindinstance.py
+++ b/ipaserver/install/bindinstance.py
@@ -463,7 +463,7 @@ def __init__(self, fstore=None, dm_password=None):
 
     def setup(self, fqdn, ip_address, realm_name, domain_name, forwarders, ntp,
               reverse_zone, named_user="named", zonemgr=None,
-              serial_autoincrement=True, ca_configured=None):
+              ca_configured=None):
         self.named_user = named_user
         self.fqdn = fqdn
         self.ip_address = ip_address
@@ -474,7 +474,6 @@ def setup(self, fqdn, ip_address, realm_name, domain_name, forwarders, ntp,
         self.suffix = ipautil.realm_to_suffix(self.realm)
         self.ntp = ntp
         self.reverse_zone = reverse_zone
-        self.serial_autoincrement = serial_autoincrement
         self.ca_configured = ca_configured
 
         if not zonemgr:
@@ -590,9 +589,6 @@ def __setup_sub_dict(self):
         else:
             ipa_ca = ""
 
-        def bool_to_yesno(var):
-            return "yes" if var else "no"
-
         self.sub_dict = dict(
             FQDN=self.fqdn,
             IP=self.ip_address,
@@ -605,7 +601,6 @@ def bool_to_yesno(var):
             OPTIONAL_NTP=optional_ntp,
             ZONEMGR=self.zonemgr,
             IPA_CA_RECORD=ipa_ca,
-            SERIAL_AUTOINCREMENT=bool_to_yesno(self.serial_autoincrement),
             )
 
     def __setup_dns_container(self):
-- 
1.8.3.1

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to