Re: ldap2zone: will some time generate invalid DNS host name entries
Hi,
On Wed, Oct 01, 2014 at 11:28:24PM +0200, Wolfgang Schweer wrote:
> On Sun, Sep 28, 2014 at 07:56:24AM +0200, Petter Reinholdtsen wrote:
> > [Wolfgang Schweer]
> > > I can't reproduce the dns issue in jessie. A hostname with
> > > underscore is not accepted in GOsa², cause the test function (in
> > > /usr/share/gosa/include/utils/class_tests.inc, dated 5th of march
> > > 2012) catches invalid dns names (as far as I understand the code).
> >
> > Good. Then GOsa² is fixed, but the LDAP to DNS export should be fixed
> > too. This bug is about the latter. You can test that by adding LDAP
> > records manually.
> >
> > Can you test SRV and MX entries? Can they have invalid characters or
> > formats entered in GOsa² interface? Is it possible to add a A entry
> > without a hostname?
>
In my crash I got an A statement with empty hostname, but actually the
hostname was a normal lowercase (for instance the string "piattaforma").
The only possible wrong char could be an invisible white space.
I'm triing to understand what happened, but it is not easy, since this
A statement was added a week before the crash, so ldap2zone had already
run with this setup without errors (IIRC ldap2zone runs every hour).
Just berfore the crash I dist-upgraded the server because of the bash
vulnerability claim. In this upgrade I got also kerberos, ldap
and possibly other server patches. I should browse the etckeeper git repo
to see exact file modifications and its timing (is there a short howto since I'm pretty
newbe on git).
I'm beginning to think that it has been a kind
of "race condition" between the ldap2zone script and the dist-upgrade
of the slapd/ldap. It is only a suspect, still with no evidences.
Regards
Giorgio
--
Giorgio Pioda - Sysadmin SPSE-Tenero
Cell +41 79 629 20 63
Tel +41 58 468 62 48
Fax +41 58 468 61 98
Reply to: