URL: https://github.com/freeipa/freeipa/pull/351 Author: tomaskrizek Title: #351: [fedora-26] named.conf template: update API for bind 9.11 Action: synchronized
To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/351/head:pr351 git checkout pr351
From bf1a7f648ca008668dfbc2ee48f89f70c5ab2d92 Mon Sep 17 00:00:00 2001 From: Tomas Krizek <tkri...@redhat.com> Date: Mon, 19 Dec 2016 13:12:19 +0100 Subject: [PATCH 1/2] named.conf template: update API for bind 9.11 Use the new API for bind 9.11. Removed deprecated "serial_autoincrement" and updated the rest of configuration to conform to the new format. https://fedorahosted.org/freeipa/ticket/6565 --- install/share/bind.named.conf.template | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/install/share/bind.named.conf.template b/install/share/bind.named.conf.template index e8ea8fb..21b4098 100644 --- a/install/share/bind.named.conf.template +++ b/install/share/bind.named.conf.template @@ -43,13 +43,11 @@ zone "." IN { include "$RFC1912_ZONES"; include "$ROOT_KEY"; -dynamic-db "ipa" { - library "ldap.so"; - arg "uri ldapi://%2fvar%2frun%2fslapd-$SERVER_ID.socket"; - arg "base cn=dns, $SUFFIX"; - arg "server_id $FQDN"; - arg "auth_method sasl"; - arg "sasl_mech GSSAPI"; - arg "sasl_user DNS/$FQDN"; - arg "serial_autoincrement yes"; +dyndb "ipa-ldap" "/usr/lib64/bind/ldap.so" { + uri "ldapi://%2fvar%2frun%2fslapd-$SERVER_ID.socket"; + base "cn=dns, $SUFFIX"; + server_id "$FQDN"; + auth_method "sasl"; + sasl_mech "GSSAPI"; + sasl_user "DNS/$FQDN"; }; From c05e5d16e5b4da5c1a20757a378aa5e4e767ab62 Mon Sep 17 00:00:00 2001 From: Tomas Krizek <tkri...@redhat.com> Date: Mon, 19 Dec 2016 16:52:08 +0100 Subject: [PATCH 2/2] bump required version of BIND, bind-dyndb-ldap bynd-dyndb-ldap used a custom configuration file format. Since BIND 9.11, an API was accepted upstream. This caused backward incompatible changes to the named.conf configuration file used to configure the bind-dyndb-ldap BIND plugin. Version 11.0 of bind-dyndb-ldap plugin and BIND 9.11 are required to use with the new config file format. https://fedorahosted.org/freeipa/ticket/6565 --- freeipa.spec.in | 17 +++++------------ 1 file changed, 5 insertions(+), 12 deletions(-) diff --git a/freeipa.spec.in b/freeipa.spec.in index cba40c2..99b3a0f 100644 --- a/freeipa.spec.in +++ b/freeipa.spec.in @@ -295,18 +295,11 @@ Summary: IPA integrated DNS server with support for automatic DNSSEC signing Group: System Environment/Base BuildArch: noarch Requires: %{name}-server = %{version}-%{release} -Requires: bind-dyndb-ldap >= 10.0 -%if 0%{?fedora} >= 21 -Requires: bind >= 9.9.6-3 -Requires: bind-utils >= 9.9.6-3 -Requires: bind-pkcs11 >= 9.9.6-3 -Requires: bind-pkcs11-utils >= 9.9.6-3 -%else -Requires: bind >= 9.9.4-21 -Requires: bind-utils >= 9.9.4-21 -Requires: bind-pkcs11 >= 9.9.4-21 -Requires: bind-pkcs11-utils >= 9.9.4-21 -%endif +Requires: bind-dyndb-ldap >= 11.0 +Requires: bind >= 9.11.0-2 +Requires: bind-utils >= 9.11.0-2 +Requires: bind-pkcs11 >= 9.11.0-2 +Requires: bind-pkcs11-utils >= 9.11.0-2 Requires: opendnssec >= 1.4.6-4 Provides: %{alt_name}-server-dns = %{version}
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
