On 08.01.2016 16:57, Petr Spacek wrote:

recent improvements in FreeIPA 4.3.0 (finally) prevent FreeIPA installer from
creating made-up DNS reverse zones, which already exist on some other DNS 

This change uncovered a well-hidden automatic empty zones in BIND 9.9+, which
is now causing problem to users.

It seems that this can be fixed by change to the code which handles forward
DNS zones. Short design document with necessary background is available on:

Please be so kind and review it ASAP, so I can write the patch quickly and
make life of our QE guys easier.

Have a nice Friday.


IIUC, the differences between default bind behaviour and bind-dyndb-ldap behaviour are:

* disable automatic empty zone when policy is 'first' or 'only', instead of just 'only' I liked it more than default behaviour of named, but could be this somehow unexpected by users, or they will be happy that it works better (?) than in named?

* bind-dyndb-ldap will not recreate automate empty zone
IMO this should not harm at all

so design LGTM, I will thinking about it over this weekend

Manage your subscription for the Freeipa-devel mailing list:
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to