On 8.1.2016 18:14, Martin Basti wrote: > > > On 08.01.2016 16:57, Petr Spacek wrote: >> Hello, >> >> recent improvements in FreeIPA 4.3.0 (finally) prevent FreeIPA installer from >> creating made-up DNS reverse zones, which already exist on some other DNS >> server. >> >> This change uncovered a well-hidden automatic empty zones in BIND 9.9+, which >> is now causing problem to users. >> >> It seems that this can be fixed by change to the code which handles forward >> DNS zones. Short design document with necessary background is available on: >> https://fedorahosted.org/bind-dyndb-ldap/wiki/BIND9/Design/AutomaticEmptyZones >> >> Please be so kind and review it ASAP, so I can write the patch quickly and >> make life of our QE guys easier. >> >> Have a nice Friday. >> > Hello, > > IIUC, the differences between default bind behaviour and bind-dyndb-ldap > behaviour are: > > * disable automatic empty zone when policy is 'first' or 'only', instead of > just 'only' > I liked it more than default behaviour of named, but could be this somehow > unexpected by users, or they will be happy that it works better (?) than in > named?
I hope users will appreciate it :-) > > * bind-dyndb-ldap will not recreate automate empty zone > IMO this should not harm at all > > so design LGTM, I will thinking about it over this weekend Did you find any problem? Petr^2 Spacek -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code