Issue #3248: ipa-server installation fails to find A/AAAA record for IPA hostname - freeipa

freeipa

#3248 ipa-server installation fails to find A/AAAA record for IPA hostname

Closed: Fixed None Opened 11 years ago by mkosek.

https://bugzilla.redhat.com/show_bug.cgi?id=874935 (Red Hat Enterprise Linux 6)

Description of problem:
When using --no-forwarder option ipa-server installation fails not finding the
A/AAAA record for the hostname.

[root@rasalghul ~]# ipa-server-install --setup-dns --no-forwarder -p Secret123
-a Secret123 -r TESTRELM.COM -n testrelm.com --ip-address=10.65.201.217
--hostname=rasalghul.testrelm.com -U

[1/9]: adding DNS container
  [2/9]: setting up our zone
  [3/9]: setting up reverse zone
Unexpected error - see /var/log/ipaserver-install.log for details:
NotFound: Nameserver 'rasalghul.testrelm.com.' does not have a corresponding
A/AAAA record

[root@rasalghul ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
10.65.201.217 rasalghul.testrelm.com rasalghul

Version-Release number of selected component (if applicable):
[root@rasalghul ~]# rpm -qa | grep ipa-server
ipa-server-trust-ad-3.0.0-107.20121109T0309zgit349ab51.el6.x86_64
ipa-server-selinux-3.0.0-107.20121109T0309zgit349ab51.el6.x86_64
ipa-server-3.0.0-107.20121109T0309zgit349ab51.el6.x86_64

[root@rasalghul ~]# rpm -qa | grep bind-dyndb-ldap
bind-dyndb-ldap-2.3-1.el6.x86_64

How reproducible:
always

Steps to Reproduce:
1. Install IPA server with --setup-dns
2.
3.

Actual results:
Fails with error
Unexpected error - see /var/log/ipaserver-install.log for details:
NotFound: Nameserver 'rasalghul.testrelm.com.' does not have a corresponding
A/AAAA record

Expected results:
Installation is successful

Additional info:
[root@rasalghul ~]# tail -50 /var/log/ipaserver-install.log
2012-11-09T05:22:17Z DEBUG stderr=ldap_initialize(
ldap://rasalghul.testrelm.com:389/??base )

2012-11-09T05:22:17Z DEBUG   duration: 0 seconds
2012-11-09T05:22:17Z DEBUG   [2/9]: setting up our zone
2012-11-09T05:22:17Z DEBUG raw: dnszone_add(u'testrelm.com',
idnssoamname=u'rasalghul.testrelm.com.',
idnssoarname=u'hostmaster.testrelm.com', idnsupdatepolicy=u'grant TESTRELM.COM
krb5-self * A; grant TESTRELM.COM krb5-self * AAAA; grant TESTRELM.COM
krb5-self * SSHFP;', idnsallowdynupdate=True, idnsallowquery=u'any',
idnsallowtransfer=u'none', force=False, ip_address=u'10.65.201.217')
2012-11-09T05:22:17Z DEBUG dnszone_add(u'testrelm.com',
idnssoamname=u'rasalghul.testrelm.com.',
idnssoarname=u'hostmaster.testrelm.com.', idnssoaserial=1352438537,
idnssoarefresh=3600, idnssoaretry=900, idnssoaexpire=1209600,
idnssoaminimum=3600, idnsupdatepolicy=u'grant TESTRELM.COM krb5-self * A; grant
TESTRELM.COM krb5-self * AAAA; grant TESTRELM.COM krb5-self * SSHFP;',
idnsallowdynupdate=True, idnsallowquery=u'any;', idnsallowtransfer=u'none;',
force=False, ip_address=u'10.65.201.217', all=False, raw=False)
2012-11-09T05:22:17Z DEBUG raw: dnsrecord_add(u'testrelm.com', u'rasalghul',
arecord=u'10.65.201.217')
2012-11-09T05:22:17Z DEBUG dnsrecord_add(u'testrelm.com', u'rasalghul',
arecord=(u'10.65.201.217',), a_extra_create_reverse=False,
aaaa_extra_create_reverse=False, force=False, structured=False, all=False,
raw=False)
2012-11-09T05:22:17Z DEBUG raw: dnsrecord_add(u'testrelm.com', u'@',
nsrecord=u'rasalghul.testrelm.com.', force=True)
2012-11-09T05:22:17Z DEBUG dnsrecord_add(u'testrelm.com', u'@',
a_extra_create_reverse=False, aaaa_extra_create_reverse=False,
nsrecord=(u'rasalghul.testrelm.com.',), force=True, structured=False,
all=False, raw=False)
2012-11-09T05:22:17Z DEBUG   duration: 0 seconds
2012-11-09T05:22:17Z DEBUG   [3/9]: setting up reverse zone
2012-11-09T05:22:17Z DEBUG raw: dnszone_add(u'201.65.10.in-addr.arpa.',
idnssoamname=u'rasalghul.testrelm.com.',
idnssoarname=u'hostmaster.testrelm.com', idnsupdatepolicy=u'grant TESTRELM.COM
krb5-subdomain 201.65.10.in-addr.arpa. PTR;', idnsallowdynupdate=True,
idnsallowquery=u'any', idnsallowtransfer=u'none', force=False, ip_address=None)
2012-11-09T05:22:17Z DEBUG dnszone_add(u'201.65.10.in-addr.arpa.',
idnssoamname=u'rasalghul.testrelm.com.',
idnssoarname=u'hostmaster.testrelm.com.', idnssoaserial=1352438537,
idnssoarefresh=3600, idnssoaretry=900, idnssoaexpire=1209600,
idnssoaminimum=3600, idnsupdatepolicy=u'grant TESTRELM.COM krb5-subdomain
201.65.10.in-addr.arpa. PTR;', idnsallowdynupdate=True, idnsallowquery=u'any;',
idnsallowtransfer=u'none;', force=False, ip_address=None, all=False, raw=False)
2012-11-09T05:22:17Z DEBUG raw: dns_resolve(u'rasalghul.testrelm.com.')
2012-11-09T05:22:17Z DEBUG dns_resolve(u'rasalghul.testrelm.com.')
2012-11-09T05:22:17Z INFO   File
"/usr/lib/python2.6/site-packages/ipaserver/install/installutils.py", line 614,
in run_script
    return_value = main_function()

  File "/usr/sbin/ipa-server-install", line 1072, in main
    bind.create_instance()

  File "/usr/lib/python2.6/site-packages/ipaserver/install/bindinstance.py",
line 508, in create_instance
    self.start_creation()

  File "/usr/lib/python2.6/site-packages/ipaserver/install/service.py", line
358, in start_creation
    method()

  File "/usr/lib/python2.6/site-packages/ipaserver/install/bindinstance.py",
line 616, in __setup_reverse_zone
    dns_backup=self.dns_backup)

  File "/usr/lib/python2.6/site-packages/ipaserver/install/bindinstance.py",
line 293, in add_zone
    force=force)

  File "/usr/lib/python2.6/site-packages/ipalib/frontend.py", line 435, in
__call__
    ret = self.run(*args, **options)

  File "/usr/lib/python2.6/site-packages/ipalib/frontend.py", line 747, in run
    return self.execute(*args, **options)

  File "/usr/lib/python2.6/site-packages/ipalib/plugins/baseldap.py", line
1063, in execute
    self, ldap, dn, entry_attrs, attrs_list, *keys, **options)

  File "/usr/lib/python2.6/site-packages/ipalib/plugins/dns.py", line 1812, in
pre_callback
    check_ns_rec_resolvable(keys[0], nameserver)

  File "/usr/lib/python2.6/site-packages/ipalib/plugins/dns.py", line 1516, in
check_ns_rec_resolvable
    reason=_('Nameserver \'%(host)s\' does not have a corresponding A/AAAA
record') % {'host': name}

2012-11-09T05:22:17Z INFO The ipa-server-install command failed, exception:
NotFound: Nameserver 'rasalghul.testrelm.com.' does not have a corresponding
A/AAAA record

mkosek commented 11 years ago

attachment
freeipa-mkosek-332-do-not-require-resolvable-nameserver-in-dns-install.patch

mkosek commented 11 years ago

Patch freeipa-mkosek-332-do-not-require-resolvable-nameserver-in-dns-install.patch sent for review

mkosek commented 11 years ago

master: 215fcdf[[BR]]
ipa-3-0: 92860f9

mkosek commented 11 years ago

Note: I did an auto-triage since this was a serious IPA 3.0 regression.

Metadata Update from @mkosek:
- Issue assigned to mkosek
- Issue set to the milestone: FreeIPA 3.0.1 (bug fixing)

7 years ago

Metadata

Assignee

mkosek

Tags

None

Blocking

None

Depending on

None

Priority

important

Milestone

FreeIPA 3.0.1 (bug fixing)

None

affects_doc

None

source

None

knownissue

None

type

defect

blockedby

None

test_case

None

component

DNS

blocking

None

on_review

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

rhbz

https://bugzilla.redhat.com/show_bug.cgi?id=874935

tester

None

changelog

None

design

None

freeipa

Source Code

#3248 ipa-server installation fails to find A/AAAA record for IPA hostname Closed: Fixed None Opened 11 years ago by mkosek.

Metadata

#3248 ipa-server installation fails to find A/AAAA record for IPA hostname

Closed: Fixed None Opened 11 years ago by mkosek.