Learn more about these different git repos.
Other Git URLs
Right now, the dynamic DNS update message is not logged anywhere. I suspect that the reason for not including it were security concerns.
I think the message should be logged, because the logs are readable by root only anyway and moreover the update message only contains the following data:
- hostname of the client
- IP addresses of clients's network interface (either the one the client uses to connect to LDAP or one selected in the sssd config file)
- client DNS zone
- Kerberos realm of the client
- IPA server hostname
Adding the full nsupdate message would help in debugging dyndns issues as it would be possible to use the same message directly with nsupdate from the command line.
Raising priority to "major".
Without this logging, it is nearly impossible to debug issues related to the dynamic update feature.
I would recommend, however, that we should only log this information at debug_level = 5 or higher.
component: SSSD => IPA Provider
priority: minor => major
milestone: NEEDS_TRIAGE => SSSD 1.6.0
owner: somebody => jhrozek
Fixed by fe8426e
resolution: => fixed
status: new => closed
Backported to sssd-1-5
milestone: SSSD 1.6.0 => SSSD 1.5.9
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=773326
rhbz: => [https://bugzilla.redhat.com/show_bug.cgi?id=773326 773326]
Metadata Update from @jhrozek:
- Issue assigned to jhrozek
- Issue set to the milestone: SSSD 1.5.9
SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here:
If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.
Thank you for understanding. We apologize for all inconvenience.
to comment on this ticket.