IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Enable SOA serial autoincrement

Browse Source 
SOA serial autoincrement is a requirement for major DNS features,
e.g. zone transfers or DNSSEC. Enable it by default in named.conf
both for new and upgraded installations. Name of the bind-dyndb-ldap
option is "serial_autoincrement".

From now on, idnsSOAserial attribute also has to be put to
replication agreement exclude list as serial will be incremented
on each DNS server separately and won't be shared. Exclude list
has to be updated both for new replication agreements and the
current ones.

Minimum number of connections for bind-dyndb-ldap has been rised
to 4 connections, the setting will be updated during package upgrade.

https://fedorahosted.org/freeipa/ticket/2554
This commit is contained in:
Martin Kosek
2012-06-28 16:46:48 +02:00
parent 4879c68d68
commit 9d69db80a3
10 changed files with 145 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
install/tools/ipa-server-install
View File

@@ -210,7 +210,10 @@ def parse_options():
default=False,
help="Do not use DNS for hostname lookup during installation")
dns_group.add_option("--no-dns-sshfp", dest="create_sshfp", default=True, action="store_false",
help="do not automatically create DNS SSHFP records")
help="Do not automatically create DNS SSHFP records")
dns_group.add_option("--no-serial-autoincrement", dest="serial_autoincrement",
default=True, action="store_false",
help="Do not enable SOA serial autoincrement")
parser.add_option_group(dns_group)
uninstall_group = OptionGroup(parser, "uninstall options")
@@ -304,6 +307,10 @@ def parse_options():
elif options.zone_refresh > 0:
options.persistent_search = False # mutually exclusive features
if options.serial_autoincrement and not options.persistent_search:
parser.error('persistent search feature is required for '
'DNS SOA serial autoincrement')
if options.zone_notif:
print >>sys.stderr, "WARNING: --zone-notif option is deprecated and has no effect"
@@ -1036,7 +1043,8 @@ def main():
bind.setup(host_name, ip_address, realm_name, domain_name, dns_forwarders,
options.conf_ntp, reverse_zone, zonemgr=options.zonemgr,
zone_refresh=options.zone_refresh,
persistent_search=options.persistent_search)
persistent_search=options.persistent_search,
serial_autoincrement=options.serial_autoincrement)
if options.setup_dns:
api.Backend.ldap2.connect(bind_dn="cn=Directory Manager", bind_pw=dm_password)