Issue #3117: Traceback in ipa-replica-prepare --reverse-zone=in-addr.arpa - freeipa

freeipa

#3117 Traceback in ipa-replica-prepare --reverse-zone=in-addr.arpa

Closed: wontfix 5 years ago Opened 11 years ago by pviktori.

The invalid option --reverse-zone=in-addr.arpa is not rejected before a replica is prepared, leading to a traceback later.

ipa-replica-prepare machine.example.com -p 12345678 --ip-address 1.2.3.4 --reverse-zone=in-addr.arpa.
Preparing replica for machine.example.com from vm-095.idm.lab.bos.redhat.com
Creating SSL certificate for the Directory Server
Creating SSL certificate for the dogtag Directory Server
Creating SSL certificate for the Web Server
Exporting RA certificate
Copying additional files
Finalizing configuration
Packaging replica information into /var/lib/ipa/replica-info-machine.example.com.gpg
Adding DNS records for machine.example.com
Using reverse zone in-addr.arpa.
preparation of replica failed: invalid 'ptrrecord': Reverse zone for PTR record should be a sub-zone of one the following fully qualified domains: .ip6.arpa., .in-addr.arpa.
invalid 'ptrrecord': Reverse zone for PTR record should be a sub-zone of one the following fully qualified domains: .ip6.arpa., .in-addr.arpa.
  File "/sbin/ipa-replica-prepare", line 476, in <module>
    main()

  File "/sbin/ipa-replica-prepare", line 470, in main
    add_ptr_rr(reverse_zone, ip_address, replica_fqdn)

  File "/usr/lib/python2.7/site-packages/ipaserver/install/bindinstance.py", line 363, in add_ptr_rr
    add_rr(zone, name, "PTR", fqdn+".", dns_backup)

  File "/usr/lib/python2.7/site-packages/ipalib/plugins/dns.py", line 2055, in run_precallback_validators
    rtype_cb(ldap, dn, entry_attrs, *keys, **options)

  File "/usr/lib/python2.7/site-packages/ipalib/plugins/dns.py", line 2039, in _ptrrecord_pre_callback
    error=unicode(_('Reverse zone for PTR record should be a sub-zone of one the following fully qualified domains: %s') % allowed_zones))

pspacek commented 10 years ago

According to [http://tools.ietf.org/html/rfc2317|RFC2317] there are valid use cases for reverse zones outside usual sub-trees. This check should not produce a hard error but only a warning like this:

Warning: Non-standard names for reverse zones will not work if you will not follow RFC 2317.

tbabej commented 9 years ago

Releasing tickets from distant milestones.

Metadata Update from @pviktori:
- Issue assigned to someone
- Issue set to the milestone: Ticket Backlog

7 years ago

rcritten commented 5 years ago

Thank you taking time to submit this request for FreeIPA. Unfortunately this bug was not given priority and the team lacks the capacity to work on it at this time.

Given that we are unable to fulfil this request I am closing the issue as wontfix. To request re-consideration of this decision please reopen this issue and provide additional technical details about its importance to you.

Metadata Update from @rcritten:
- Issue close_status updated to: wontfix
- Issue status updated to: Closed (was: Open)

5 years ago

Metadata

Assignee

someone

Tags

None

Blocking

None

Depending on

None

Priority

low

Milestone

Ticket Backlog

None

affects_doc

None

source

None

knownissue

None

type

defect

blockedby

None

test_case

None

component

IPA

blocking

None

on_review

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

rhbz

todo

tester

None

changelog

None

design

None

freeipa

Source Code

#3117 Traceback in ipa-replica-prepare --reverse-zone=in-addr.arpa Closed: wontfix 5 years ago Opened 11 years ago by pviktori.

Metadata

#3117 Traceback in ipa-replica-prepare --reverse-zone=in-addr.arpa

Closed: wontfix 5 years ago Opened 11 years ago by pviktori.