Remove --no-serial-autoincrement

Deprecate this option and do not offer it in installation tools.
Without this option enabled, advanced DNS features like DNSSEC
would not work.

https://fedorahosted.org/freeipa/ticket/3962

6 files changed, 3 insertions, 22 deletions

diff --git a/install/share/bind.named.conf.template b/install/share/bind.named.conf.template
index 5727a1536..0984febb1 100644
--- a/install/share/bind.named.conf.template
+++ b/install/share/bind.named.conf.template
@@ -45,5 +45,5 @@ dynamic-db "ipa" {
 	arg "auth_method sasl";
 	arg "sasl_mech GSSAPI";
 	arg "sasl_user DNS/$FQDN";
-	arg "serial_autoincrement $SERIAL_AUTOINCREMENT";
+	arg "serial_autoincrement yes";
 };
diff --git a/install/tools/ipa-dns-install b/install/tools/ipa-dns-install
index 47acd8de6..37a07f8e3 100755
--- a/install/tools/ipa-dns-install
+++ b/install/tools/ipa-dns-install
@@ -52,9 +52,6 @@ def parse_options():
     parser.add_option("--zonemgr", action="callback", callback=bindinstance.zonemgr_callback,
                       type="string",
                       help="DNS zone manager e-mail address. Defaults to hostmaster@DOMAIN")
-    parser.add_option("--no-serial-autoincrement", dest="serial_autoincrement",
-                      default=True, action="store_false",
-                      help="Do not enable SOA serial autoincrement")
     parser.add_option("-U", "--unattended", dest="unattended", action="store_true",
                       default=False, help="unattended installation never prompts the user")
 
@@ -209,8 +206,7 @@ def main():
         print ""
 
     bind.setup(api.env.host, ip_address, api.env.realm, api.env.domain,
-               dns_forwarders, conf_ntp, reverse_zone, zonemgr=options.zonemgr,
-               serial_autoincrement=options.serial_autoincrement)
+               dns_forwarders, conf_ntp, reverse_zone, zonemgr=options.zonemgr)
     bind.create_instance()
 
     # Restart http instance to make sure that python-dns has the right resolver
diff --git a/install/tools/ipa-server-install b/install/tools/ipa-server-install
index 8077bc207..b871ef3f2 100644
--- a/install/tools/ipa-server-install
+++ b/install/tools/ipa-server-install
@@ -212,9 +212,6 @@ def parse_options():
                       help="Do not use DNS for hostname lookup during installation")
     dns_group.add_option("--no-dns-sshfp", dest="create_sshfp", default=True, action="store_false",
                       help="Do not automatically create DNS SSHFP records")
-    dns_group.add_option("--no-serial-autoincrement", dest="serial_autoincrement",
-                      default=True, action="store_false",
-                      help="Do not enable SOA serial autoincrement")
     parser.add_option_group(dns_group)
 
     uninstall_group = OptionGroup(parser, "uninstall options")
@@ -1181,7 +1178,6 @@ def main():
     bind = bindinstance.BindInstance(fstore, dm_password)
     bind.setup(host_name, ip_address, realm_name, domain_name, dns_forwarders,
                options.conf_ntp, reverse_zone, zonemgr=options.zonemgr,
-               serial_autoincrement=options.serial_autoincrement,
                ca_configured=setup_ca)
     if options.setup_dns:
         api.Backend.ldap2.connect(bind_dn=DN(('cn', 'Directory Manager')), bind_pw=dm_password)
diff --git a/install/tools/man/ipa-dns-install.1 b/install/tools/man/ipa-dns-install.1
index 646601eec..bde30cadb 100644
--- a/install/tools/man/ipa-dns-install.1
+++ b/install/tools/man/ipa-dns-install.1
@@ -49,9 +49,6 @@ Do not create new reverse DNS zone. If used on a replica and a reverse DNS zone
 \fB\-\-zonemgr\fR
 The e\-mail address of the DNS zone manager. Defaults to hostmaster@DOMAIN
 .TP
-\fB\-\-no\-serial\-autoincrement\fR
-Do not enable SOA serial autoincrement feature. SOA serial will have to be updated automatically or other DNS features like zone transfer od DNSSEC will not function properly. This feature requires persistent search zone update mechanism.
-.TP
 \fB\-U\fR, \fB\-\-unattended\fR
 An unattended installation that will never prompt for user input
 .SH "EXIT STATUS"
diff --git a/install/tools/man/ipa-server-install.1 b/install/tools/man/ipa-server-install.1
index a093078cb..4adf1d037 100644
--- a/install/tools/man/ipa-server-install.1
+++ b/install/tools/man/ipa-server-install.1
@@ -151,9 +151,6 @@ Do not use DNS for hostname lookup during installation
 .TP
 \fB\-\-no\-dns\-sshfp\fR
 Do not automatically create DNS SSHFP records.
-.TP
-\fB\-\-no\-serial\-autoincrement\fR
-Do not enable SOA serial autoincrement feature. SOA serial will have to be updated automatically or other DNS features like zone transfer od DNSSEC will not function properly. This feature requires persistent search zone update mechanism.
 
 .SS "UNINSTALL OPTIONS"
 .TP
diff --git a/ipaserver/install/bindinstance.py b/ipaserver/install/bindinstance.py
index 2d4da0871..6d5a1d44d 100644
--- a/ipaserver/install/bindinstance.py
+++ b/ipaserver/install/bindinstance.py
@@ -463,7 +463,7 @@ class BindInstance(service.Service):
 
     def setup(self, fqdn, ip_address, realm_name, domain_name, forwarders, ntp,
               reverse_zone, named_user="named", zonemgr=None,
-              serial_autoincrement=True, ca_configured=None):
+              ca_configured=None):
         self.named_user = named_user
         self.fqdn = fqdn
         self.ip_address = ip_address
@@ -474,7 +474,6 @@ class BindInstance(service.Service):
         self.suffix = ipautil.realm_to_suffix(self.realm)
         self.ntp = ntp
         self.reverse_zone = reverse_zone
-        self.serial_autoincrement = serial_autoincrement
         self.ca_configured = ca_configured
 
         if not zonemgr:
@@ -590,9 +589,6 @@ class BindInstance(service.Service):
         else:
             ipa_ca = ""
 
-        def bool_to_yesno(var):
-            return "yes" if var else "no"
-
         self.sub_dict = dict(
             FQDN=self.fqdn,
             IP=self.ip_address,
@@ -605,7 +601,6 @@ class BindInstance(service.Service):
             OPTIONAL_NTP=optional_ntp,
             ZONEMGR=self.zonemgr,
             IPA_CA_RECORD=ipa_ca,
-            SERIAL_AUTOINCREMENT=bool_to_yesno(self.serial_autoincrement),
             )
 
     def __setup_dns_container(self):