On 08.01.2016 16:57, Petr Spacek wrote:
Hello,
recent improvements in FreeIPA 4.3.0 (finally) prevent FreeIPA installer from
creating made-up DNS reverse zones, which already exist on some other DNS
server.
This change uncovered a well-hidden automatic empty zones in BIND 9.9+, which
is now causing problem to users.
It seems that this can be fixed by change to the code which handles forward
DNS zones. Short design document with necessary background is available on:
https://fedorahosted.org/bind-dyndb-ldap/wiki/BIND9/Design/AutomaticEmptyZones
Please be so kind and review it ASAP, so I can write the patch quickly and
make life of our QE guys easier.
Have a nice Friday.
Hello,
IIUC, the differences between default bind behaviour and bind-dyndb-ldap
behaviour are:
* disable automatic empty zone when policy is 'first' or 'only', instead
of just 'only'
I liked it more than default behaviour of named, but could be this
somehow unexpected by users, or they will be happy that it works better
(?) than in named?
* bind-dyndb-ldap will not recreate automate empty zone
IMO this should not harm at all
so design LGTM, I will thinking about it over this weekend
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
