On 15.6.2016 17:24, Petr Spacek wrote:
> On 15.6.2016 15:45, Martin Basti wrote:
>>
>>
>> On 15.06.2016 14:52, Martin Basti wrote:
>>> <snip>
>>> Hydra patching: Updated patches attached + new patches for dnsserver-*
>>> commands attached
>>>>
>>>>
>>> Updated+rebased patches after Honza's interactive review
>>>
>>>
>> Minor nitpick fixed
>>
>>
>>
> freeipa-mbasti-0503.3-DNS-Locations-add-index-for-ipalocation-attribute.patch
> ACK
> 
> freeipa-mbasti-0505.3-DNS-Locations-add-idnsTemplateObject-objectclass.patch
> ACK
> 
> 
> I will get to the rest later on.


Problems I found (could be solved in separate patches if you wish):

1. NACK
# ipa dns-update-system-records --dry-run
ipa: ERROR: an internal error has occurred
ValueError: dns_update_system_records.validate_output(): unexpected keys
['summary'] in { ...


2. NACK
Command ipa dns-update-system-records does not work with DNS Administrators
privilege when some record is missing:

ipa: WARNING: Update of system record
'_kpasswd._tcp.dom-046.abc.idm.lab.eng.brq.redhat.com. 86400 IN SRV 0 100 464
vm-046.abc.idm.lab.eng.brq.redhat.com.' failed with error: Insufficient
access: Insufficient 'write' privilege to the 'objectClass' attribute of entry
'idnsname=_kpasswd._tcp,idnsname=dom-046.abc.idm.lab.eng.brq.redhat.com.,cn=dns,dc=suffix'.

3. NACK
IPA server upgrade does not create idnsServerConfigObjects in cn=dns
In fact the upgrade does not even add the object class into schema.


These needs to be fixed before we can proceed.

-- 
Petr^2 Spacek

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to