Learn more about these different git repos.
Other Git URLs
Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1386748
Please note that this Bug is private and may not be accessible as it contains confidential Red Hat customer information.
Description of problem:
When sssd updates DNS records. If the zone is configured as 'nonsecure and
secure' it will stop trying to update any further records even though the
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Setup 'nonsecure and secure' zones
2. Start sssd
A records will get updated but PTR records will fail as sssd does not try to
Both A and PTR records get updated.
Quoting from Petr's mail he sent on an internal list:
Failure to update any of A/AAAA/PTR records should not affect other record
types. E.g. if A record update failed the PTR record update should be
attempted anyway. In general the records can be served by different servers of
can have different ACLs on the same server so SSSD should not assume anything
and just try.
design_review: => 0
mark: no => 0
review: True => 0
testsupdated: => 0
Petr, but wouldn't your proposal create inconsistencies in the DNS database? Is it preferable to have one record updated and the other potentially not?
cc: => pspacek
If the update failed, the records will be incorrect in any case. Personally I think we should try to update all record types and let admins to deal with potential inconsistencies.
PR submitted to the list for attempting PTR record update even if A/AAAA record update fails
owner: somebody => jstephen
status: new => assigned
Thank you for the PR. I will move the ticket to the 1.15 milestone, then.
milestone: NEEDS_TRIAGE => SSSD 1.15 Alpha
patch: 0 => 1
milestone: SSSD 1.15.0 => SSSD 1.15 Beta
milestone: SSSD 1.16 Beta => SSSD 1.15.1
resolution: => fixed
status: assigned => closed
Metadata Update from @jhrozek:
- Issue assigned to jstephen
- Issue set to the milestone: SSSD 1.15.1
to comment on this ticket.