diff options
| author | Martin Kosek <mkosek@redhat.com> | 2012-06-28 16:46:48 +0200 |
|---|---|---|
| committer | Martin Kosek <mkosek@redhat.com> | 2012-07-13 16:03:58 +0200 |
| commit | 9d69db80a3d1fc46236a4546988176cdd7939b82 (patch) | |
| tree | 345e5ba63fe447b151377df1bda42475e3cb8160 /install/tools/ipa-dns-install | |
| parent | 4879c68d68634715b9d08a08a4c7be882634409f (diff) | |
| download | freeipa-9d69db80a3d1fc46236a4546988176cdd7939b82.tar.gz freeipa-9d69db80a3d1fc46236a4546988176cdd7939b82.tar.xz freeipa-9d69db80a3d1fc46236a4546988176cdd7939b82.zip | |
Enable SOA serial autoincrement
SOA serial autoincrement is a requirement for major DNS features,
e.g. zone transfers or DNSSEC. Enable it by default in named.conf
both for new and upgraded installations. Name of the bind-dyndb-ldap
option is "serial_autoincrement".
From now on, idnsSOAserial attribute also has to be put to
replication agreement exclude list as serial will be incremented
on each DNS server separately and won't be shared. Exclude list
has to be updated both for new replication agreements and the
current ones.
Minimum number of connections for bind-dyndb-ldap has been rised
to 4 connections, the setting will be updated during package upgrade.
https://fedorahosted.org/freeipa/ticket/2554
Diffstat (limited to 'install/tools/ipa-dns-install')
| -rwxr-xr-x | install/tools/ipa-dns-install | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/install/tools/ipa-dns-install b/install/tools/ipa-dns-install index 6e9b99897..47bffdf83 100755 --- a/install/tools/ipa-dns-install +++ b/install/tools/ipa-dns-install @@ -62,6 +62,9 @@ def parse_options(): default=0, type="int", help="When set to non-zero the name server will use DNS zone " "detection based on polling instead of a persistent search") + parser.add_option("--no-serial-autoincrement", dest="serial_autoincrement", + default=True, action="store_false", + help="Do not enable SOA serial autoincrement") parser.add_option("-U", "--unattended", dest="unattended", action="store_true", default=False, help="unattended installation never prompts the user") @@ -85,6 +88,10 @@ def parse_options(): if options.zone_notif: print >>sys.stderr, "WARNING: --zone-notif option is deprecated and has no effect" + if options.serial_autoincrement and not options.persistent_search: + parser.error('persistent search feature is required for ' + 'DNS SOA serial autoincrement') + return safe_options, options def main(): @@ -224,7 +231,8 @@ def main(): bind.setup(api.env.host, ip_address, api.env.realm, api.env.domain, dns_forwarders, conf_ntp, reverse_zone, zonemgr=options.zonemgr, zone_refresh=options.zone_refresh, - persistent_search=options.persistent_search) + persistent_search=options.persistent_search, + serial_autoincrement=options.serial_autoincrement) bind.create_instance() # Restart http instance to make sure that python-dns has the right resolver |