#3227 sssd doesn't update PTR records if A/PTR zones are configured as non-secure and secure
Closed: Fixed None Opened 3 years ago by jhrozek.

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1386748

Please note that this Bug is private and may not be accessible as it contains confidential Red Hat customer information.

Description of problem:
When sssd updates DNS records. If the zone is configured as 'nonsecure and
secure' it will stop trying to update any further records even though the
update succeeded.

Version-Release number of selected component (if applicable):
sssd-1.13.0-40.el7_2.12

How reproducible:
Always

Steps to Reproduce:
1. Setup 'nonsecure and secure' zones
2. Start sssd

Actual results:
A records will get updated but PTR records will fail as sssd does not try to
update them.

Expected results:
Both A and PTR records get updated.

Quoting from Petr's mail he sent on an internal list:

Failure to update any of A/AAAA/PTR records should not affect other record
types. E.g. if A record update failed the PTR record update should be
attempted anyway. In general the records can be served by different servers of
can have different ACLs on the same server so SSSD should not assume anything
and just try.

blockedby: =>
blocking: =>
changelog: =>
coverity: =>
design: =>
design_review: => 0
feature_milestone: =>
fedora_test_page: =>
mark: no => 0
review: True => 0
selected: =>
testsupdated: => 0

Petr, but wouldn't your proposal create inconsistencies in the DNS database? Is it preferable to have one record updated and the other potentially not?

cc: => pspacek

If the update failed, the records will be incorrect in any case. Personally I think we should try to update all record types and let admins to deal with potential inconsistencies.

PR submitted to the list for attempting PTR record update even if A/AAAA record update fails

https://github.com/SSSD/sssd/pull/66

Self-assigning

owner: somebody => jstephen
status: new => assigned

Thank you for the PR. I will move the ticket to the 1.15 milestone, then.

milestone: NEEDS_TRIAGE => SSSD 1.15 Alpha

Fields changed

patch: 0 => 1

Fields changed

milestone: SSSD 1.15.0 => SSSD 1.15 Beta

Fields changed

milestone: SSSD 1.16 Beta => SSSD 1.15.1

resolution: => fixed
status: assigned => closed

Metadata Update from @jhrozek:
- Issue assigned to jstephen
- Issue set to the milestone: SSSD 1.15.1

2 years ago

Login to comment on this ticket.

Metadata