freeipa

Clone
Source Code
GIT

#7369 The ipa-replica-install command failed, exception: ValidationError: invalid 'dnszoneidnsname': only master zones can contain records
Closed: fixed 5 years ago by cheimes. Opened 6 years ago by rcritten.

Closed: fixed
Reopen Issue

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1533228

Created attachment 1379689
Full log

Description of problem:

ipa-replica-install with CA/DNS fails if replica is in a forwarded zone

Version-Release number of selected component (if applicable):

ipa-server-4.5.0-22.el7.centos.x86_64

How reproducible:

Steps to Reproduce:
1.

I set up forwards on my first ipa-server:

$ ipa dnsforwardzone-add h2.int.pdp7.net --forwarder=10.42.42.1
$ ipa dnsforwardzone-add --name-from-ip=10.42.42.0/24 --forwarder=10.42.42.1
--forward-policy=only

2.

I install the replica on a server in the h2.int.pdp7.net domain:

$ ipa-replica-install -v -w $pw -n ipa.pdp7.net -P alex --mkhomedir --setup-ca
--setup-dns --auto-forwarders
[...]
ipa         : DEBUG      [2/8]: setting up our own record
  [2/8]: setting up our own record
ipa.ipaserver.plugins.dns.dnsrecord_add: DEBUG    raw:
dnsrecord_add(u'h2.int.pdp7.net', u'ipa2', arecord=u'10.42.42.83',
version=u'2.228')
ipa.ipaserver.plugins.dns.dnsrecord_add: DEBUG    dnsrecord_add(<DNS name
h2.int.pdp7.net.>, <DNS name ipa2>, arecord=(u'10.42.42.83',),
a_extra_create_reverse=False, aaaa_extra_create_reverse=False, force=False,
structured=False, all=False, raw=False, version=u'2.228')
ipa         : DEBUG    Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line
504, in start_creation
    run_step(full_msg, method)
  File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line
494, in run_step
    method()
  File "/usr/lib/python2.7/site-packages/ipaserver/install/bindinstance.py",
line 852, in __add_self
    self.__add_master_records(self.fqdn, self.ip_addresses)
  File "/usr/lib/python2.7/site-packages/ipaserver/install/bindinstance.py",
line 843, in __add_master_records
    add_fwd_rr(zone, host, addr, self.api)
  File "/usr/lib/python2.7/site-packages/ipaserver/install/bindinstance.py",
line 367, in add_fwd_rr
    add_rr(zone, host, "A", ip_address, None, api)
  File "/usr/lib/python2.7/site-packages/ipaserver/install/bindinstance.py",
line 358, in add_rr
    api.Command.dnsrecord_add(unicode(zone), unicode(name), **addkw)
  File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 447, in
__call__
    return self.__do_call(*args, **options)
  File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 475, in
__do_call
    ret = self.run(*args, **options)
  File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 797, in run
    return self.execute(*args, **options)
  File "/usr/lib/python2.7/site-packages/ipaserver/plugins/dns.py", line 3666,
in execute
    result = super(dnsrecord_add, self).execute(*keys, **options)
  File "/usr/lib/python2.7/site-packages/ipaserver/plugins/baseldap.py", line
1141, in execute
    dn = self.obj.get_dn(*keys, **options)
  File "/usr/lib/python2.7/site-packages/ipaserver/plugins/dns.py", line 3161,
in get_dn
    dn = self.check_zone(keys[-2], **options)
  File "/usr/lib/python2.7/site-packages/ipaserver/plugins/dns.py", line 3152,
in check_zone
    error=_(u'only master zones can contain records')
ValidationError: invalid 'dnszoneidnsname': only master zones can contain
records

ipa         : DEBUG      [error] ValidationError: invalid 'dnszoneidnsname':
only master zones can contain records
  [error] ValidationError: invalid 'dnszoneidnsname': only master zones can
contain records
Your system may be partly configured.
Run /usr/sbin/ipa-server-install --uninstall to clean up.

ipa.ipapython.install.cli.install_tool(CompatServerReplicaInstall): DEBUG
File "/usr/lib/python2.7/site-packages/ipapython/admintool.py", line 172, in
execute
    return_value = self.run()
  File "/usr/lib/python2.7/site-packages/ipapython/install/cli.py", line 333,
in run
    cfgr.run()
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 368,
in run
    self.execute()
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 392,
in execute
    for _nothing in self._executor():
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 434,
in __runner
    exc_handler(exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 463,
in _handle_execute_exception
    self._handle_exception(exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 453,
in _handle_exception
    six.reraise(*exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 424,
in __runner
    step()
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 421,
in <lambda>
    step = lambda: next(self.__gen)
  File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81,
in run_generator_with_yield_from
    six.reraise(*exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59,
in run_generator_with_yield_from
    value = gen.send(prev_value)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 658,
in _configure
    next(executor)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 434,
in __runner
    exc_handler(exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 463,
in _handle_execute_exception
    self._handle_exception(exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 521,
in _handle_exception
    self.__parent._handle_exception(exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 453,
in _handle_exception
    six.reraise(*exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 518,
in _handle_exception
    super(ComponentBase, self)._handle_exception(exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 453,
in _handle_exception
    six.reraise(*exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 424,
in __runner
    step()
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 421,
in <lambda>
    step = lambda: next(self.__gen)
  File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81,
in run_generator_with_yield_from
    six.reraise(*exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59,
in run_generator_with_yield_from
    value = gen.send(prev_value)
  File "/usr/lib/python2.7/site-packages/ipapython/install/common.py", line 63,
in _install
    for _nothing in self._installer(self.parent):
  File "/usr/lib/python2.7/site-packages/ipaserver/install/server/__init__.py",
line 617, in main
    replica_install(self)
  File
"/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py",
line 386, in decorated
    func(installer)
  File
"/usr/lib/python2.7/site-packages/ipaserver/install/server/replicainstall.py",
line 1479, in install
    dns.install(False, True, options, api)
  File "/usr/lib/python2.7/site-packages/ipaserver/install/dns.py", line 338,
in install
    bind.create_instance()
  File "/usr/lib/python2.7/site-packages/ipaserver/install/bindinstance.py",
line 719, in create_instance
    self.start_creation()
  File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line
504, in start_creation
    run_step(full_msg, method)
  File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line
494, in run_step
    method()
  File "/usr/lib/python2.7/site-packages/ipaserver/install/bindinstance.py",
line 852, in __add_self
    self.__add_master_records(self.fqdn, self.ip_addresses)
  File "/usr/lib/python2.7/site-packages/ipaserver/install/bindinstance.py",
line 843, in __add_master_records
    add_fwd_rr(zone, host, addr, self.api)
  File "/usr/lib/python2.7/site-packages/ipaserver/install/bindinstance.py",
line 367, in add_fwd_rr
    add_rr(zone, host, "A", ip_address, None, api)
  File "/usr/lib/python2.7/site-packages/ipaserver/install/bindinstance.py",
line 358, in add_rr
    api.Command.dnsrecord_add(unicode(zone), unicode(name), **addkw)
  File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 447, in
__call__
    return self.__do_call(*args, **options)
  File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 475, in
__do_call
    ret = self.run(*args, **options)
  File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 797, in run
    return self.execute(*args, **options)
  File "/usr/lib/python2.7/site-packages/ipaserver/plugins/dns.py", line 3666,
in execute
    result = super(dnsrecord_add, self).execute(*keys, **options)
  File "/usr/lib/python2.7/site-packages/ipaserver/plugins/baseldap.py", line
1141, in execute
    dn = self.obj.get_dn(*keys, **options)
  File "/usr/lib/python2.7/site-packages/ipaserver/plugins/dns.py", line 3161,
in get_dn
    dn = self.check_zone(keys[-2], **options)
  File "/usr/lib/python2.7/site-packages/ipaserver/plugins/dns.py", line 3152,
in check_zone
    error=_(u'only master zones can contain records')

ipa.ipapython.install.cli.install_tool(CompatServerReplicaInstall): DEBUG
The ipa-replica-install command failed, exception: ValidationError: invalid
'dnszoneidnsname': only master zones can contain records
ipa.ipapython.install.cli.install_tool(CompatServerReplicaInstall): ERROR
invalid 'dnszoneidnsname': only master zones can contain records
ipa.ipapython.install.cli.install_tool(CompatServerReplicaInstall): ERROR
The ipa-replica-install command failed. See /var/log/ipareplica-install.log for
more information

3.

Actual results:

Replica installation fails.

Expected results:

Replica installation works.

Additional info:

None

Metadata Update from @rcritten:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1533228
6 years ago

Metadata Update from @rcritten:
- Issue priority set to: important
6 years ago

Metadata Update from @frenaud:
- Issue assigned to frenaud
5 years ago

Metadata Update from @frenaud:
- Issue set to the milestone: FreeIPA 4.6.5 (was: FreeIPA 4.7 backlog)
5 years ago

A backport to ipa-4-6 is also needed, hence setting milestone to 4.6.5

Metadata Update from @frenaud:
- Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/2767
- Custom field test_case adjusted to test_integration/test_replica_promotion.py::TestReplicaInForwardZone
5 years ago

master:

  • 63fa87a replica installation: add master record only if in managed zone
  • a91e645 ipatests: add test for replica in forward zone

Metadata Update from @fcami:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)
5 years ago

Reopening as backports were not done.

Metadata Update from @fcami:
- Issue status updated to: Open (was: Closed)
5 years ago

ipa-4-7:

  • 6b18e8a replica installation: add master record only if in managed zone
  • 493cdc4 ipatests: add test for replica in forward zone

ipa-4-6:

  • 28f416c replica installation: add master record only if in managed zone
  • 2835dcb ipatests: add test for replica in forward zone

Metadata Update from @cheimes:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)
5 years ago

Login to comment on this ticket.

Metadata
None
None
None
important
None
None
None
None
None
None
test_integration/test_replica_promotion.py::TestReplicaInForwardZone
None
None
https://github.com/freeipa/freeipa/pull/2767
None
None
None
None
https://bugzilla.redhat.com/show_bug.cgi?id=1533228
None
None
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.