[Freeipa-devel] [PATCHES] 126-127 Use A/AAAA records instead of CNAME records in ipa-ca

Jan Cholasta jcholast at redhat.com
Fri Apr 12 12:30:51 UTC 2013


On 12.4.2013 14:19, Petr Viktorin wrote:
> On 04/12/2013 01:24 PM, Jan Cholasta wrote:
>> Hi,
>>
>> the attached patches fix <https://fedorahosted.org/freeipa/ticket/3547>.
>>
>> Honza
>
> We used short names in the CNAMEs:
>
> $ ipa dnsrecord-find  idm.lab.eng.brq.redhat.com ipa-ca
>    Record name: ipa-ca
>    CNAME record: vm-109
> ----------------------------
> Number of entries returned 1
> ----------------------------
>
>
> But it seems the patch assumes a FQDN with a dot at the end. When
> upgrading a 3.1 server I get:
>
> 2013-04-12T12:16:43Z INFO   File
> "/usr/lib/python2.7/site-packages/ipaserver/install/installutils.py",
> line 613, in run_script
>      return_value = main_function()
>
>    File "/usr/sbin/ipa-upgradeconfig", line 853, in main
>      add_ca_dns_records()
>
>    File "/usr/sbin/ipa-upgradeconfig", line 752, in add_ca_dns_records
>      bind.convert_ipa_ca_cnames(api.env.domain)
>
>    File
> "/usr/lib/python2.7/site-packages/ipaserver/install/bindinstance.py",
> line 785, in convert_ipa_ca_cnames
>      self.add_ipa_ca_dns_records(cname[:-1], domain_name, None)
>
>    File
> "/usr/lib/python2.7/site-packages/ipaserver/install/bindinstance.py",
> line 772, in add_ipa_ca_dns_records
>      host, zone = fqdn.split(".", 1)
>
> Unexpected error
> ValueError: need more than 1 value to unpack
>

Hmm, in my test setup the CNAMEs contained FQDNs. Fixed.

Updated patch attached.

-- 
Jan Cholasta
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-126.1-Use-A-AAAA-records-instead-of-CNAME-records-in-ipa-c.patch
Type: text/x-patch
Size: 14463 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20130412/825f0f14/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-127.1-Delete-DNS-records-in-ipa-ca-on-ipa-csreplica-manage.patch
Type: text/x-patch
Size: 1912 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20130412/825f0f14/attachment-0001.bin>


More information about the Freeipa-devel mailing list