Issue #8489: SOA serial is not changed by dnszone-add if other parameters are also modified. - freeipa

freeipa

#8489 SOA serial is not changed by dnszone-add if other parameters are also modified.

Closed: fixed 2 years ago by rjeffman. Opened 3 years ago by rjeffman.

Issue

When modifying a dnszone with dnszone-mod, the serial parameter is not updated if any other parameter is also updated.

Steps to Reproduce

Create a dnszone with dnszone-add
> ipa dnszone-add testzone.test --retry 10
Modify the same dnszone with dnszone-mod and set serial and another parameter.
> ipa dnszone-add testzone.test --retry 12 --serial 12345

Actual behavior

All parameters, except serial, are modified.

Expected behavior

All parameters, including serial are modified, or a warning that serial cannot be changed along with other parameters is given.

Version/Release/Distribution

Tested with CentOS 8.1 (1911)

Packages:
package freeipa-server is not installed
package freeipa-client is not installed
ipa-server-4.8.4-7.module_el8.2.0+374+0d2d74a1.x86_64
ipa-client-4.8.4-7.module_el8.2.0+374+0d2d74a1.x86_64
389-ds-base-1.4.2.4-8.module_el8.2.0+366+71e3276f.x86_64
pki-ca-10.8.3-2.module_el8.2.0+371+f5726439.noarch
* krb5-server-1.17-18.el8.x86_64

Additional Information

The output of the commands, showing the problem.

[root@cos81 ~]# ipa dnszone-add teste.test --retry 10
  Zone name: teste.test.
  Active zone: TRUE
  Authoritative nameserver: cos81.ipa.test.
  Administrator e-mail address: hostmaster
  SOA serial: 1599606351
  SOA refresh: 3600
  SOA retry: 10
  SOA expire: 1209600
  SOA minimum: 3600
  BIND update policy: grant IPA.TEST krb5-self * A; grant IPA.TEST krb5-self * AAAA; grant IPA.TEST krb5-self * SSHFP;
  Dynamic update: FALSE
  Allow query: any;
  Allow transfer: none;
[root@cos81 ~]# ipa dnszone-mod teste.test --serial 1234 --retry 12
  Zone name: teste.test.
  Active zone: TRUE
  Authoritative nameserver: cos81.ipa.test.
  Administrator e-mail address: hostmaster
  SOA serial: 1599606360
  SOA refresh: 3600
  SOA retry: 12
  SOA expire: 1209600
  SOA minimum: 3600
  Allow query: any;
  Allow transfer: none;
[root@cos81 ~]# ipa dnszone-mod teste.test --serial 1234 --retry 12
  Zone name: teste.test.
  Active zone: TRUE
  Authoritative nameserver: cos81.ipa.test.
  Administrator e-mail address: hostmaster
  SOA serial: 1234
  SOA refresh: 3600
  SOA retry: 12
  SOA expire: 1209600
  SOA minimum: 3600
  Allow query: any;
  Allow transfer: none;

rcritten commented 3 years ago

I can't reproduce this in either the master or in ipa-4-8 branches. I also tried using a slightly older 8.3.0 module and couldn't reproduce it there either.

rjeffman commented 3 years ago

@rcritten, I was able to reproduce this on Centos 8.2.2004 (freeipa 4.8.4), and CentOS 7.8.2003 (freeipa 4.6.6). It worked as expected with Fedora 32 (freeipa 4.8.10).

Either it was fixed some time ago, or it might be something with CentOS.

Edited 3 years ago by rjeffman

rjeffman commented 2 years ago

I'm closing this issue, since, with the release of FreeIPA version 4.9.7, setting SOA serial is deprecated.

Metadata Update from @rjeffman:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)

2 years ago

Metadata

Assignee

None

Tags

None

Blocking

None

Depending on

None

Priority

None

Milestone

None

affects_doc

None

source

None

knownissue

None

type

None

blockedby

None

test_case

None

component

None

blocking

None

on_review

None

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

rhbz

None

tester

None

changelog

None

design

None

freeipa

Source Code

#8489 SOA serial is not changed by dnszone-add if other parameters are also modified. Closed: fixed 2 years ago by rjeffman. Opened 3 years ago by rjeffman.

Issue

Steps to Reproduce

Actual behavior

Expected behavior

Version/Release/Distribution

Additional Information

Metadata

#8489 SOA serial is not changed by dnszone-add if other parameters are also modified.

Closed: fixed 2 years ago by rjeffman. Opened 3 years ago by rjeffman.