URL: https://github.com/SSSD/sssd/pull/66 Author: justin-stephenson Title: #66: Minor Dynamic DNS fixes Action: opened
PR body: """ To provide a bit more information, one of the fixes is to correct NULL being printed here(https://fedorahosted.org/sssd/ticket/3220): [nsupdate_msg_create_common] (0x0200): Creating update message for realm [(null)]. For the other(https://bugzilla.redhat.com/show_bug.cgi?id=1386748), It is not uncommon for nsupdate to successfully update DNS records but report the error below which results in return(2) to be called inside nsupdate code TSIG error with server: tsig verify failure It is easy to reproduce with AD DNS changing Dynamic DNS to 'Nonsecure and secure' on the Zone Properties. This patch allows PTR records to continue when this happens, however in this case our debug log messages still report failure and I think some improvement should be made here(not sure how exactly though) [child_sig_handler] (0x1000): Waiting for child [3710]. [nsupdate_child_handler] (0x0040): Dynamic DNS child failed with status [512] [child_sig_handler] (0x0020): child [3710] failed with status [2]. [be_nsupdate_done] (0x0040): nsupdate child execution failed [1432158238]: Dynamic DNS update failed It would be nice to correct this at the nsupdate level if this is not the expected behavior also. """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/66/head:pr66 git checkout pr66
From bd43541be56b035c1bd0cd5887381ea545da5e73 Mon Sep 17 00:00:00 2001 From: Justin Stephenson <jstep...@redhat.com> Date: Mon, 24 Oct 2016 15:46:50 -0400 Subject: [PATCH 1/2] DYNDNS: Update PTR record after non-fatal error Continue to send PTR record update in situations where the nsupdate child forward zone updates are successful but nsupdate returns non-zero Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1386748 --- src/providers/ldap/sdap_dyndns.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/src/providers/ldap/sdap_dyndns.c b/src/providers/ldap/sdap_dyndns.c index 83ec051..9d28b57 100644 --- a/src/providers/ldap/sdap_dyndns.c +++ b/src/providers/ldap/sdap_dyndns.c @@ -381,9 +381,6 @@ sdap_dyndns_update_done(struct tevent_req *subreq) return; } } - - tevent_req_error(req, ret); - return; } if (state->update_ptr == false) { From 919f2261c7a54b95a91077c79a4753ecdf7843c8 Mon Sep 17 00:00:00 2001 From: Justin Stephenson <jstep...@redhat.com> Date: Mon, 24 Oct 2016 18:04:11 -0400 Subject: [PATCH 2/2] DYNDNS: Correct debug log message of realm If the realm is not added to the nsupdate message, the SSSD Debug log message should inform about utilizing autodiscovered realm. Resolves: https://fedorahosted.org/sssd/ticket/3220 --- src/providers/be_dyndns.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/providers/be_dyndns.c b/src/providers/be_dyndns.c index 07dc333..1120654 100644 --- a/src/providers/be_dyndns.c +++ b/src/providers/be_dyndns.c @@ -435,11 +435,15 @@ nsupdate_msg_create_common(TALLOC_CTX *mem_ctx, const char *realm, /* Add the server, realm and headers */ update_msg = talloc_asprintf(tmp_ctx, "server %s\n%s", servername, realm_directive); - } else { + } else if (realm) { DEBUG(SSSDBG_FUNC_DATA, "Creating update message for realm [%s].\n", realm); /* Add the realm headers */ update_msg = talloc_asprintf(tmp_ctx, "%s", realm_directive); + } else { + DEBUG(SSSDBG_FUNC_DATA, + "Creating update message for auto-discovered realm.\n"); + update_msg = talloc_asprintf(tmp_ctx, "%s", realm_directive); } talloc_free(realm_directive); if (update_msg == NULL) {
_______________________________________________ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org