URL: https://github.com/freeipa/freeipa/pull/351
Author: tomaskrizek
 Title: #351: [fedora-26] named.conf template: update API for bind 9.11
Action: synchronized

To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/351/head:pr351
git checkout pr351
From bf1a7f648ca008668dfbc2ee48f89f70c5ab2d92 Mon Sep 17 00:00:00 2001
From: Tomas Krizek <tkri...@redhat.com>
Date: Mon, 19 Dec 2016 13:12:19 +0100
Subject: [PATCH 1/2] named.conf template: update API for bind 9.11

Use the new API for bind 9.11. Removed deprecated "serial_autoincrement"
and updated the rest of configuration to conform to the new format.

https://fedorahosted.org/freeipa/ticket/6565
---
 install/share/bind.named.conf.template | 16 +++++++---------
 1 file changed, 7 insertions(+), 9 deletions(-)

diff --git a/install/share/bind.named.conf.template b/install/share/bind.named.conf.template
index e8ea8fb..21b4098 100644
--- a/install/share/bind.named.conf.template
+++ b/install/share/bind.named.conf.template
@@ -43,13 +43,11 @@ zone "." IN {
 include "$RFC1912_ZONES";
 include "$ROOT_KEY";
 
-dynamic-db "ipa" {
-	library "ldap.so";
-	arg "uri ldapi://%2fvar%2frun%2fslapd-$SERVER_ID.socket";
-	arg "base cn=dns, $SUFFIX";
-	arg "server_id $FQDN";
-	arg "auth_method sasl";
-	arg "sasl_mech GSSAPI";
-	arg "sasl_user DNS/$FQDN";
-	arg "serial_autoincrement yes";
+dyndb "ipa-ldap" "/usr/lib64/bind/ldap.so" {
+	uri "ldapi://%2fvar%2frun%2fslapd-$SERVER_ID.socket";
+	base "cn=dns, $SUFFIX";
+	server_id "$FQDN";
+	auth_method "sasl";
+	sasl_mech "GSSAPI";
+	sasl_user "DNS/$FQDN";
 };

From c05e5d16e5b4da5c1a20757a378aa5e4e767ab62 Mon Sep 17 00:00:00 2001
From: Tomas Krizek <tkri...@redhat.com>
Date: Mon, 19 Dec 2016 16:52:08 +0100
Subject: [PATCH 2/2] bump required version of BIND, bind-dyndb-ldap

bynd-dyndb-ldap used a custom configuration file format. Since BIND 9.11,
an API was accepted upstream. This caused backward incompatible changes
to the named.conf configuration file used to configure the
bind-dyndb-ldap BIND plugin. Version 11.0 of bind-dyndb-ldap plugin and
BIND 9.11 are required to use with the new config file format.

https://fedorahosted.org/freeipa/ticket/6565
---
 freeipa.spec.in | 17 +++++------------
 1 file changed, 5 insertions(+), 12 deletions(-)

diff --git a/freeipa.spec.in b/freeipa.spec.in
index cba40c2..99b3a0f 100644
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -295,18 +295,11 @@ Summary: IPA integrated DNS server with support for automatic DNSSEC signing
 Group: System Environment/Base
 BuildArch: noarch
 Requires: %{name}-server = %{version}-%{release}
-Requires: bind-dyndb-ldap >= 10.0
-%if 0%{?fedora} >= 21
-Requires: bind >= 9.9.6-3
-Requires: bind-utils >= 9.9.6-3
-Requires: bind-pkcs11 >= 9.9.6-3
-Requires: bind-pkcs11-utils >= 9.9.6-3
-%else
-Requires: bind >= 9.9.4-21
-Requires: bind-utils >= 9.9.4-21
-Requires: bind-pkcs11 >= 9.9.4-21
-Requires: bind-pkcs11-utils >= 9.9.4-21
-%endif
+Requires: bind-dyndb-ldap >= 11.0
+Requires: bind >= 9.11.0-2
+Requires: bind-utils >= 9.11.0-2
+Requires: bind-pkcs11 >= 9.11.0-2
+Requires: bind-pkcs11-utils >= 9.11.0-2
 Requires: opendnssec >= 1.4.6-4
 
 Provides: %{alt_name}-server-dns = %{version}
-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to