The Samba-Bugzilla – Attachment 10245 Details for
Bug 9831
samba_dnsupdate does not remove IP's that no longer exist
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patches for v4-1-test
tmp41.diff (text/plain), 43.62 KB, created by
Stefan Metzmacher
on 2014-09-01 10:30:28 UTC
(
hide
)
Description:
Patches for v4-1-test
Filename:
MIME Type:
Creator:
Stefan Metzmacher
Created:
2014-09-01 10:30:28 UTC
Size:
43.62 KB
patch
obsolete
>From 04228e354104135439d2e8286a2f8d95a6a8abc9 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Thu, 10 Jul 2014 07:25:08 +0200 >Subject: [PATCH 01/12] libcli/dns: add AAAA support to dns_hosts_file.c > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >(cherry picked from commit 7f18a3b58e7146e421653b85f509bb8503bd7402) >--- > libcli/dns/dns_hosts_file.c | 23 ++++++++++++++++------- > 1 file changed, 16 insertions(+), 7 deletions(-) > >diff --git a/libcli/dns/dns_hosts_file.c b/libcli/dns/dns_hosts_file.c >index 94d1d97..5be5fca 100644 >--- a/libcli/dns/dns_hosts_file.c >+++ b/libcli/dns/dns_hosts_file.c >@@ -88,9 +88,14 @@ static bool getdns_hosts_fileent(TALLOC_CTX *ctx, XFILE *fp, char **pp_name, cha > > if (next_token_talloc(ctx, &ptr, &name_type, NULL)) > ++count; >+ if (count == 0) { >+ continue; >+ } > if (next_token_talloc(ctx, &ptr, &name, NULL)) > ++count; >- if (name_type && strcasecmp(name_type, "A") == 0) { >+ if ((strcasecmp(name_type, "A") == 0) || >+ (strcasecmp(name_type, "AAAA") == 0)) >+ { > if (next_token_talloc(ctx, &ptr, &ip, NULL)) > ++count; > } else if (name_type && strcasecmp(name_type, "SRV") == 0) { >@@ -105,9 +110,11 @@ static bool getdns_hosts_fileent(TALLOC_CTX *ctx, XFILE *fp, char **pp_name, cha > if (count <= 0) > continue; > >- if (strcasecmp(name_type, "A") == 0) { >+ if ((strcasecmp(name_type, "A") == 0) || >+ (strcasecmp(name_type, "AAAA") == 0)) >+ { > if (count != 3) { >- DEBUG(0,("getdns_hosts_fileent: Ill formed hosts A record [%s]\n", >+ DEBUG(0,("getdns_hosts_fileent: Ill formed hosts A[AAA] record [%s]\n", > line)); > continue; > } >@@ -215,7 +222,7 @@ static NTSTATUS resolve_dns_hosts_file_as_dns_rr_recurse(const char *dns_hosts_f > > DEBUG(3,("resolve_dns_hosts: (%d) " > "Attempting %s dns_hosts lookup for name %s\n", >- level, srv_lookup ? "SRV" : "A", name)); >+ level, srv_lookup ? "SRV" : "A[AAA]", name)); > > fp = startdns_hosts_file(dns_hosts_file); > >@@ -278,7 +285,9 @@ static NTSTATUS resolve_dns_hosts_file_as_dns_rr_recurse(const char *dns_hosts_f > mem_ctx, return_rr, return_count); > talloc_free(ip_list_ctx); > return status; >- } else if (strcasecmp(name_type, "A") == 0) { >+ } else if ((strcasecmp(name_type, "A") == 0) || >+ (strcasecmp(name_type, "AAAA") == 0)) >+ { > if (*return_count == 0) { > /* We are happy to keep looking for other possible A record matches */ > rr = talloc_zero(ip_list_ctx, >@@ -405,11 +414,11 @@ NTSTATUS resolve_dns_hosts_file_as_dns_rr(const char *dns_hosts_file, > if (NT_STATUS_IS_OK(status)) { > DEBUG(3,("resolve_dns_hosts (dns_rr): " > "Found %d %s result records for for name %s\n", >- *return_count, srv_lookup ? "SRV" : "A", name)); >+ *return_count, srv_lookup ? "SRV" : "A[AAA]", name)); > } else { > DEBUG(3,("resolve_dns_hosts (dns_rr): " > "failed to obtain %s result records for for name %s: %s\n", >- srv_lookup ? "SRV" : "A", name, nt_errstr(status))); >+ srv_lookup ? "SRV" : "A[AAA]", name, nt_errstr(status))); > } > return status; > } >-- >1.9.1 > > >From bf45bfc8fd94213c05670f8219b9ceb6bf697c8e Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Thu, 10 Jul 2014 07:25:08 +0200 >Subject: [PATCH 02/12] libcli/dns: ignore NS entries in dns_hosts_file.c at a > higher log level for now > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >(cherry picked from commit 3fcc4a545e936c2c0cf3f9f9a19646e1512f74d2) >--- > libcli/dns/dns_hosts_file.c | 12 ++++++++++++ > 1 file changed, 12 insertions(+) > >diff --git a/libcli/dns/dns_hosts_file.c b/libcli/dns/dns_hosts_file.c >index 5be5fca..4b1bc53 100644 >--- a/libcli/dns/dns_hosts_file.c >+++ b/libcli/dns/dns_hosts_file.c >@@ -106,6 +106,9 @@ static bool getdns_hosts_fileent(TALLOC_CTX *ctx, XFILE *fp, char **pp_name, cha > } else if (name_type && strcasecmp(name_type, "CNAME") == 0) { > if (next_token_talloc(ctx, &ptr, &next_name, NULL)) > ++count; >+ } else if (name_type && strcasecmp(name_type, "NS") == 0) { >+ if (next_token_talloc(ctx, &ptr, &next_name, NULL)) >+ ++count; > } > if (count <= 0) > continue; >@@ -155,6 +158,15 @@ static bool getdns_hosts_fileent(TALLOC_CTX *ctx, XFILE *fp, char **pp_name, cha > if (!*pp_next_name) { > return false; > } >+ } else if (strcasecmp(name_type, "NS") == 0) { >+ if (count != 3) { >+ DEBUG(0,("getdns_hosts_fileent: Ill formed hosts NS record [%s]\n", >+ line)); >+ continue; >+ } >+ DEBUG(4, ("getdns_hosts_fileent: NS entry: %s %s %s\n", >+ name_type, name, next_name)); >+ continue; > } else { > DEBUG(0,("getdns_hosts_fileent: unknown type %s\n", name_type)); > continue; >-- >1.9.1 > > >From 432f819a64fb1a86f82203f2d3719f62808ae794 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Thu, 19 Jun 2014 17:21:16 +0200 >Subject: [PATCH 03/12] selftest: export _IPV6 environment variables > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >(cherry picked from commit 0e7abb398dd826c082bbddb333b9faac361be064) >--- > selftest/README | 1 + > selftest/selftest.pl | 6 ++++++ > 2 files changed, 7 insertions(+) > >diff --git a/selftest/README b/selftest/README >index c23d730..d9ad020 100644 >--- a/selftest/README >+++ b/selftest/README >@@ -89,6 +89,7 @@ The environments are currently available include > * REALM: Realm name > * SERVER: DC host name > * SERVER_IP: DC IPv4 address >+ * SERVER_IPV6: DC IPv6 address > * NETBIOSNAME: DC NetBIOS name > * NETIOSALIAS: DC NetBIOS alias > >diff --git a/selftest/selftest.pl b/selftest/selftest.pl >index 2b1e3ce..25e0f93 100755 >--- a/selftest/selftest.pl >+++ b/selftest/selftest.pl >@@ -663,35 +663,41 @@ my @exported_envvars = ( > # domain controller stuff > "DC_SERVER", > "DC_SERVER_IP", >+ "DC_SERVER_IPV6", > "DC_NETBIOSNAME", > "DC_NETBIOSALIAS", > > # domain member > "MEMBER_SERVER", > "MEMBER_SERVER_IP", >+ "MEMBER_SERVER_IPV6", > "MEMBER_NETBIOSNAME", > "MEMBER_NETBIOSALIAS", > > # rpc proxy controller stuff > "RPC_PROXY_SERVER", > "RPC_PROXY_SERVER_IP", >+ "RPC_PROXY_SERVER_IPV6", > "RPC_PROXY_NETBIOSNAME", > "RPC_PROXY_NETBIOSALIAS", > > # domain controller stuff for Vampired DC > "VAMPIRE_DC_SERVER", > "VAMPIRE_DC_SERVER_IP", >+ "VAMPIRE_DC_SERVER_IPV6", > "VAMPIRE_DC_NETBIOSNAME", > "VAMPIRE_DC_NETBIOSALIAS", > > "PROMOTED_DC_SERVER", > "PROMOTED_DC_SERVER_IP", >+ "PROMOTED_DC_SERVER_IPV6", > "PROMOTED_DC_NETBIOSNAME", > "PROMOTED_DC_NETBIOSALIAS", > > # server stuff > "SERVER", > "SERVER_IP", >+ "SERVER_IPV6", > "NETBIOSNAME", > "NETBIOSALIAS", > >-- >1.9.1 > > >From 6750133060c5aefb95061634d4a1348b6487faf9 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Thu, 19 Jun 2014 17:21:16 +0200 >Subject: [PATCH 04/12] selftest/Samba4: also bind to ipv6 > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >(similar to commit 5d4b36d1fec981e850d869edd2c98a6541b37114) >--- > selftest/target/Samba4.pm | 19 ++++++++++++++++++- > 1 file changed, 18 insertions(+), 1 deletion(-) > >diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm >index 8a3f51d..ac2fdd9 100644 >--- a/selftest/target/Samba4.pm >+++ b/selftest/target/Samba4.pm >@@ -516,7 +516,8 @@ sub provision_raw_prepare($$$$$$$$$$) > $ctx->{tlsdir} = "$ctx->{privatedir}/tls"; > > $ctx->{ipv4} = "127.0.0.$swiface"; >- $ctx->{interfaces} = "$ctx->{ipv4}/8"; >+ $ctx->{ipv6} = sprintf("fd00:0000:0000:0000:0000:0000:5357:5f%02x", $swiface); >+ $ctx->{interfaces} = "$ctx->{ipv4}/8 $ctx->{ipv6}/64"; > > push(@{$ctx->{directories}}, $ctx->{privatedir}); > push(@{$ctx->{directories}}, $ctx->{etcdir}); >@@ -691,6 +692,7 @@ nogroup:x:65534:nobody > PIDDIR => $ctx->{piddir}, > SERVER => $ctx->{hostname}, > SERVER_IP => $ctx->{ipv4}, >+ SERVER_IPV6 => $ctx->{ipv6}, > NETBIOSNAME => $ctx->{netbiosname}, > DOMAIN => $ctx->{domain}, > USERNAME => $ctx->{username}, >@@ -914,12 +916,14 @@ sub provision_member($$$) > > $ret->{MEMBER_SERVER} = $ret->{SERVER}; > $ret->{MEMBER_SERVER_IP} = $ret->{SERVER_IP}; >+ $ret->{MEMBER_SERVER_IPV6} = $ret->{SERVER_IPV6}; > $ret->{MEMBER_NETBIOSNAME} = $ret->{NETBIOSNAME}; > $ret->{MEMBER_USERNAME} = $ret->{USERNAME}; > $ret->{MEMBER_PASSWORD} = $ret->{PASSWORD}; > > $ret->{DC_SERVER} = $dcvars->{DC_SERVER}; > $ret->{DC_SERVER_IP} = $dcvars->{DC_SERVER_IP}; >+ $ret->{DC_SERVER_IPV6} = $dcvars->{DC_SERVER_IPV6}; > $ret->{DC_NETBIOSNAME} = $dcvars->{DC_NETBIOSNAME}; > $ret->{DC_USERNAME} = $dcvars->{DC_USERNAME}; > $ret->{DC_PASSWORD} = $dcvars->{DC_PASSWORD}; >@@ -1006,12 +1010,14 @@ sub provision_rpc_proxy($$$) > > $ret->{RPC_PROXY_SERVER} = $ret->{SERVER}; > $ret->{RPC_PROXY_SERVER_IP} = $ret->{SERVER_IP}; >+ $ret->{RPC_PROXY_SERVER_IPV6} = $ret->{SERVER_IPV6}; > $ret->{RPC_PROXY_NETBIOSNAME} = $ret->{NETBIOSNAME}; > $ret->{RPC_PROXY_USERNAME} = $ret->{USERNAME}; > $ret->{RPC_PROXY_PASSWORD} = $ret->{PASSWORD}; > > $ret->{DC_SERVER} = $dcvars->{DC_SERVER}; > $ret->{DC_SERVER_IP} = $dcvars->{DC_SERVER_IP}; >+ $ret->{DC_SERVER_IPV6} = $dcvars->{DC_SERVER_IPV6}; > $ret->{DC_NETBIOSNAME} = $dcvars->{DC_NETBIOSNAME}; > $ret->{DC_USERNAME} = $dcvars->{DC_USERNAME}; > $ret->{DC_PASSWORD} = $dcvars->{DC_PASSWORD}; >@@ -1082,10 +1088,12 @@ sub provision_promoted_dc($$$) > > $ret->{PROMOTED_DC_SERVER} = $ret->{SERVER}; > $ret->{PROMOTED_DC_SERVER_IP} = $ret->{SERVER_IP}; >+ $ret->{PROMOTED_DC_SERVER_IPV6} = $ret->{SERVER_IPV6}; > $ret->{PROMOTED_DC_NETBIOSNAME} = $ret->{NETBIOSNAME}; > > $ret->{DC_SERVER} = $dcvars->{DC_SERVER}; > $ret->{DC_SERVER_IP} = $dcvars->{DC_SERVER_IP}; >+ $ret->{DC_SERVER_IPV6} = $dcvars->{DC_SERVER_IPV6}; > $ret->{DC_NETBIOSNAME} = $dcvars->{DC_NETBIOSNAME}; > $ret->{DC_USERNAME} = $dcvars->{DC_USERNAME}; > $ret->{DC_PASSWORD} = $dcvars->{DC_PASSWORD}; >@@ -1143,10 +1151,12 @@ sub provision_vampire_dc($$$) > > $ret->{VAMPIRE_DC_SERVER} = $ret->{SERVER}; > $ret->{VAMPIRE_DC_SERVER_IP} = $ret->{SERVER_IP}; >+ $ret->{VAMPIRE_DC_SERVER_IPV6} = $ret->{SERVER_IPV6}; > $ret->{VAMPIRE_DC_NETBIOSNAME} = $ret->{NETBIOSNAME}; > > $ret->{DC_SERVER} = $dcvars->{DC_SERVER}; > $ret->{DC_SERVER_IP} = $dcvars->{DC_SERVER_IP}; >+ $ret->{DC_SERVER_IPV6} = $dcvars->{DC_SERVER_IPV6}; > $ret->{DC_NETBIOSNAME} = $dcvars->{DC_NETBIOSNAME}; > $ret->{DC_USERNAME} = $dcvars->{DC_USERNAME}; > $ret->{DC_PASSWORD} = $dcvars->{DC_PASSWORD}; >@@ -1208,10 +1218,12 @@ sub provision_subdom_dc($$$) > > $ret->{SUBDOM_DC_SERVER} = $ret->{SERVER}; > $ret->{SUBDOM_DC_SERVER_IP} = $ret->{SERVER_IP}; >+ $ret->{SUBDOM_DC_SERVER_IPV6} = $ret->{SERVER_IPV6}; > $ret->{SUBDOM_DC_NETBIOSNAME} = $ret->{NETBIOSNAME}; > > $ret->{DC_SERVER} = $dcvars->{DC_SERVER}; > $ret->{DC_SERVER_IP} = $dcvars->{DC_SERVER_IP}; >+ $ret->{DC_SERVER_IPV6} = $dcvars->{DC_SERVER_IPV6}; > $ret->{DC_NETBIOSNAME} = $dcvars->{DC_NETBIOSNAME}; > $ret->{DC_USERNAME} = $dcvars->{DC_USERNAME}; > $ret->{DC_PASSWORD} = $dcvars->{DC_PASSWORD}; >@@ -1242,6 +1254,7 @@ sub provision_dc($$) > $ret->{NETBIOSALIAS} = "localdc1-a"; > $ret->{DC_SERVER} = $ret->{SERVER}; > $ret->{DC_SERVER_IP} = $ret->{SERVER_IP}; >+ $ret->{DC_SERVER_IPV6} = $ret->{SERVER_IPV6}; > $ret->{DC_NETBIOSNAME} = $ret->{NETBIOSNAME}; > $ret->{DC_USERNAME} = $ret->{USERNAME}; > $ret->{DC_PASSWORD} = $ret->{PASSWORD}; >@@ -1385,10 +1398,12 @@ sub provision_rodc($$$) > > $ret->{RODC_DC_SERVER} = $ret->{SERVER}; > $ret->{RODC_DC_SERVER_IP} = $ret->{SERVER_IP}; >+ $ret->{RODC_DC_SERVER_IPV6} = $ret->{SERVER_IPV6}; > $ret->{RODC_DC_NETBIOSNAME} = $ret->{NETBIOSNAME}; > > $ret->{DC_SERVER} = $dcvars->{DC_SERVER}; > $ret->{DC_SERVER_IP} = $dcvars->{DC_SERVER_IP}; >+ $ret->{DC_SERVER_IPV6} = $dcvars->{DC_SERVER_IPV6}; > $ret->{DC_NETBIOSNAME} = $dcvars->{DC_NETBIOSNAME}; > $ret->{DC_USERNAME} = $dcvars->{DC_USERNAME}; > $ret->{DC_PASSWORD} = $dcvars->{DC_PASSWORD}; >@@ -1503,6 +1518,7 @@ sub provision_plugin_s4_dc($$) > > $ret->{DC_SERVER} = $ret->{SERVER}; > $ret->{DC_SERVER_IP} = $ret->{SERVER_IP}; >+ $ret->{DC_SERVER_IPV6} = $ret->{SERVER_IPV6}; > $ret->{DC_NETBIOSNAME} = $ret->{NETBIOSNAME}; > $ret->{DC_USERNAME} = $ret->{USERNAME}; > $ret->{DC_PASSWORD} = $ret->{PASSWORD}; >@@ -1542,6 +1558,7 @@ sub provision_chgdcpass($$) > > $ret->{DC_SERVER} = $ret->{SERVER}; > $ret->{DC_SERVER_IP} = $ret->{SERVER_IP}; >+ $ret->{DC_SERVER_IPV6} = $ret->{SERVER_IPV6}; > $ret->{DC_NETBIOSNAME} = $ret->{NETBIOSNAME}; > $ret->{DC_USERNAME} = $ret->{USERNAME}; > $ret->{DC_PASSWORD} = $ret->{PASSWORD}; >-- >1.9.1 > > >From 502e2baef4a07deede420141a3c343e91058a472 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Thu, 19 Jun 2014 17:21:16 +0200 >Subject: [PATCH 05/12] selftest/Samba3: also bind to ipv6 > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >(similar to commit a9545f3de7aaa0346735191953f78242017bd346) >--- > selftest/target/Samba3.pm | 13 ++++++++++--- > 1 file changed, 10 insertions(+), 3 deletions(-) > >diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm >index bc07403..91a4a2a 100755 >--- a/selftest/target/Samba3.pm >+++ b/selftest/target/Samba3.pm >@@ -207,6 +207,7 @@ sub setup_s3dc($$) > > $vars->{DC_SERVER} = $vars->{SERVER}; > $vars->{DC_SERVER_IP} = $vars->{SERVER_IP}; >+ $vars->{DC_SERVER_IPV6} = $vars->{SERVER_IPV6}; > $vars->{DC_NETBIOSNAME} = $vars->{NETBIOSNAME}; > $vars->{DC_USERNAME} = $vars->{USERNAME}; > $vars->{DC_PASSWORD} = $vars->{PASSWORD}; >@@ -250,6 +251,7 @@ sub setup_member($$$) > > $ret->{DC_SERVER} = $s3dcvars->{SERVER}; > $ret->{DC_SERVER_IP} = $s3dcvars->{SERVER_IP}; >+ $ret->{DC_SERVER_IPV6} = $s3dcvars->{SERVER_IPV6}; > $ret->{DC_NETBIOSNAME} = $s3dcvars->{NETBIOSNAME}; > $ret->{DC_USERNAME} = $s3dcvars->{USERNAME}; > $ret->{DC_PASSWORD} = $s3dcvars->{PASSWORD}; >@@ -321,6 +323,7 @@ sub setup_admember($$$$) > > $ret->{DC_SERVER} = $dcvars->{SERVER}; > $ret->{DC_SERVER_IP} = $dcvars->{SERVER_IP}; >+ $ret->{DC_SERVER_IPV6} = $dcvars->{SERVER_IPV6}; > $ret->{DC_NETBIOSNAME} = $dcvars->{NETBIOSNAME}; > $ret->{DC_USERNAME} = $dcvars->{USERNAME}; > $ret->{DC_PASSWORD} = $dcvars->{PASSWORD}; >@@ -400,6 +403,7 @@ sub setup_admember_rfc2307($$$$) > > $ret->{DC_SERVER} = $dcvars->{SERVER}; > $ret->{DC_SERVER_IP} = $dcvars->{SERVER_IP}; >+ $ret->{DC_SERVER_IPV6} = $dcvars->{SERVER_IPV6}; > $ret->{DC_NETBIOSNAME} = $dcvars->{NETBIOSNAME}; > $ret->{DC_USERNAME} = $dcvars->{USERNAME}; > $ret->{DC_PASSWORD} = $dcvars->{PASSWORD}; >@@ -770,6 +774,7 @@ sub provision($$$$$$) > my $swiface = Samba::get_interface($server); > my %ret = (); > my $server_ip = "127.0.0.$swiface"; >+ my $server_ipv6 = sprintf("fd00:0000:0000:0000:0000:0000:5357:5f%02x", $swiface); > my $domain = "SAMBA-TEST"; > > my $unix_name = ($ENV{USER} or $ENV{LOGNAME} or `PATH=/usr/ucb:$ENV{PATH} whoami`); >@@ -872,7 +877,7 @@ sub provision($$$$$$) > close(MSDFS_TARGET); > chmod 0666, $msdfs_target; > symlink "msdfs:$server_ip\\ro-tmp", "$msdfs_shrdir/msdfs-src1"; >- symlink "msdfs:$server_ip\\ro-tmp", "$msdfs_shrdir/deeppath/msdfs-src2"; >+ symlink "msdfs:$server_ipv6\\ro-tmp", "$msdfs_shrdir/deeppath/msdfs-src2"; > > my $conffile="$libdir/server.conf"; > >@@ -925,7 +930,7 @@ sub provision($$$$$$) > print CONF " > [global] > netbios name = $server >- interfaces = $server_ip/8 >+ interfaces = $server_ip/8 $server_ipv6/64 > bind interfaces only = yes > panic action = $self->{srcdir}/selftest/gdb_backtrace %d %\$(MAKE_TEST_BINARY) > smbd:suicide mode = yes >@@ -1176,7 +1181,8 @@ domadmins:X:$gid_domadmins: > print "DONE\n"; > > open(DNS_UPDATE_LIST, ">$prefix/dns_update_list") or die("Unable to open $$prefix/dns_update_list"); >- print DNS_UPDATE_LIST "A $server. $server_ip"; >+ print DNS_UPDATE_LIST "A $server. $server_ip\n"; >+ print DNS_UPDATE_LIST "AAAA $server. $server_ipv6\n"; > close(DNS_UPDATE_LIST); > > if (system("$ENV{SRCDIR_ABS}/source4/scripting/bin/samba_dnsupdate --all-interfaces --use-file=$dns_host_file -s $conffile --update-list=$prefix/dns_update_list --no-substiutions --no-credentials") != 0) { >@@ -1184,6 +1190,7 @@ domadmins:X:$gid_domadmins: > } > > $ret{SERVER_IP} = $server_ip; >+ $ret{SERVER_IPV6} = $server_ipv6; > $ret{NMBD_TEST_LOG} = "$prefix/nmbd_test.log"; > $ret{NMBD_TEST_LOG_POS} = 0; > $ret{WINBINDD_TEST_LOG} = "$prefix/winbindd_test.log"; >-- >1.9.1 > > >From 68679b9f51556ec63a6418d49b1935b99e82ffaa Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Tue, 19 Aug 2014 10:33:11 +0200 >Subject: [PATCH 06/12] python/join: use lowercase for the dnshostname. > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >(cherry picked from commit 5533d9c3db31ac86769288527ec20ad4e57f703c) >--- > python/samba/join.py | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > >diff --git a/python/samba/join.py b/python/samba/join.py >index 7d2f913..ee973a1 100644 >--- a/python/samba/join.py >+++ b/python/samba/join.py >@@ -133,7 +133,7 @@ class dc_join(object): > else: > ctx.dns_backend = dns_backend > >- ctx.dnshostname = "%s.%s" % (ctx.myname, ctx.dnsdomain) >+ ctx.dnshostname = "%s.%s" % (ctx.myname.lower(), ctx.dnsdomain) > > ctx.realm = ctx.dnsdomain > >@@ -1198,7 +1198,7 @@ def join_subdomain(server=None, creds=None, lp=None, site=None, > ctx.base_dn = samba.dn_from_dns_name(dnsdomain) > ctx.domsid = str(security.random_sid()) > ctx.acct_dn = None >- ctx.dnshostname = "%s.%s" % (ctx.myname, ctx.dnsdomain) >+ ctx.dnshostname = "%s.%s" % (ctx.myname.lower(), ctx.dnsdomain) > ctx.trustdom_pass = samba.generate_random_password(128, 128) > > ctx.userAccountControl = samba.dsdb.UF_SERVER_TRUST_ACCOUNT | samba.dsdb.UF_TRUSTED_FOR_DELEGATION >-- >1.9.1 > > >From 2b6ebfe809720e2a124097019c35380d6b8ca95f Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Mon, 28 Apr 2014 17:26:51 +0200 >Subject: [PATCH 07/12] s4:samba_dnsupdate: don't lower case the registered > names > >This matches Windows... > >Bug: https://bugzilla.samba.org/show_bug.cgi?id=9831 > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >(cherry picked from commit c5088f338a38850674399ec8fec9f8f146b5880f) >--- > source4/scripting/bin/samba_dnsupdate | 10 +++++----- > 1 file changed, 5 insertions(+), 5 deletions(-) > >diff --git a/source4/scripting/bin/samba_dnsupdate b/source4/scripting/bin/samba_dnsupdate >index 68b0f72..0384dd9 100755 >--- a/source4/scripting/bin/samba_dnsupdate >+++ b/source4/scripting/bin/samba_dnsupdate >@@ -136,20 +136,20 @@ class dnsobj(object): > self.existing_port = None > self.existing_weight = None > self.type = list[0] >- self.name = list[1].lower() >+ self.name = list[1] > if self.type == 'SRV': > if len(list) < 4: > raise Exception("Invalid DNS entry %r" % string_form) >- self.dest = list[2].lower() >+ self.dest = list[2] > self.port = list[3] > elif self.type in ['A', 'AAAA']: > self.ip = list[2] # usually $IP, which gets replaced > elif self.type == 'CNAME': >- self.dest = list[2].lower() >+ self.dest = list[2] > elif self.type == 'NS': >- self.dest = list[2].lower() >+ self.dest = list[2] > else: >- raise Exception("Received unexpected DNS reply of type %s" % self.type) >+ raise Exception("Received unexpected DNS reply of type %s: %s" % (self.type, string_form)) > > def __str__(self): > if d.type == "A": >-- >1.9.1 > > >From e1c83027632c5c323188eac340b0b3447e42488e Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Mon, 28 Apr 2014 08:27:26 +0200 >Subject: [PATCH 08/12] s4:samba_dnsupdate: fix dnsobj.__str__() > >We should not implicitly use the global variable 'd'. > >Bug: https://bugzilla.samba.org/show_bug.cgi?id=9831 > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >(cherry picked from commit 6e853708def98545eeb6913b8a2dd59d439323e6) >--- > source4/scripting/bin/samba_dnsupdate | 10 +++++----- > 1 file changed, 5 insertions(+), 5 deletions(-) > >diff --git a/source4/scripting/bin/samba_dnsupdate b/source4/scripting/bin/samba_dnsupdate >index 0384dd9..1b21216 100755 >--- a/source4/scripting/bin/samba_dnsupdate >+++ b/source4/scripting/bin/samba_dnsupdate >@@ -152,15 +152,15 @@ class dnsobj(object): > raise Exception("Received unexpected DNS reply of type %s: %s" % (self.type, string_form)) > > def __str__(self): >- if d.type == "A": >+ if self.type == "A": > return "%s %s %s" % (self.type, self.name, self.ip) >- if d.type == "AAAA": >+ if self.type == "AAAA": > return "%s %s %s" % (self.type, self.name, self.ip) >- if d.type == "SRV": >+ if self.type == "SRV": > return "%s %s %s %s" % (self.type, self.name, self.dest, self.port) >- if d.type == "CNAME": >+ if self.type == "CNAME": > return "%s %s %s" % (self.type, self.name, self.dest) >- if d.type == "NS": >+ if self.type == "NS": > return "%s %s %s" % (self.type, self.name, self.dest) > > >-- >1.9.1 > > >From 675800fe6fefd5ea05072cf2b7ee5f4e698cf9fc Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Mon, 28 Apr 2014 08:29:40 +0200 >Subject: [PATCH 09/12] s4:samba_dnsupdate: cache the already registered > records > >This way we can delete records which are not used anymore. > >E.g. if the ip address changed. > >Bug: https://bugzilla.samba.org/show_bug.cgi?id=9831 > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >(cherry picked from commit 25ec8e8656f66fe51a0d48718cdcfd8b209f6ca0) >--- > selftest/target/Samba3.pm | 2 +- > source4/dsdb/dns/dns_update.c | 13 ++++ > source4/scripting/bin/samba_dnsupdate | 117 +++++++++++++++++++++++++++++----- > 3 files changed, 115 insertions(+), 17 deletions(-) > >diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm >index 91a4a2a..ba01154 100755 >--- a/selftest/target/Samba3.pm >+++ b/selftest/target/Samba3.pm >@@ -1185,7 +1185,7 @@ domadmins:X:$gid_domadmins: > print DNS_UPDATE_LIST "AAAA $server. $server_ipv6\n"; > close(DNS_UPDATE_LIST); > >- if (system("$ENV{SRCDIR_ABS}/source4/scripting/bin/samba_dnsupdate --all-interfaces --use-file=$dns_host_file -s $conffile --update-list=$prefix/dns_update_list --no-substiutions --no-credentials") != 0) { >+ if (system("$ENV{SRCDIR_ABS}/source4/scripting/bin/samba_dnsupdate --all-interfaces --use-file=$dns_host_file -s $conffile --update-list=$prefix/dns_update_list --update-cache=$prefix/dns_update_cache --no-substiutions --no-credentials") != 0) { > die "Unable to update hostname into $dns_host_file"; > } > >diff --git a/source4/dsdb/dns/dns_update.c b/source4/dsdb/dns/dns_update.c >index 3e10447..aa617c6 100644 >--- a/source4/dsdb/dns/dns_update.c >+++ b/source4/dsdb/dns/dns_update.c >@@ -397,6 +397,7 @@ struct dnsupdate_RODC_state { > struct irpc_message *msg; > struct dnsupdate_RODC *r; > char *tmp_path; >+ char *tmp_path2; > int fd; > }; > >@@ -406,6 +407,9 @@ static int dnsupdate_RODC_destructor(struct dnsupdate_RODC_state *st) > close(st->fd); > } > unlink(st->tmp_path); >+ if (st->tmp_path2 != NULL) { >+ unlink(st->tmp_path2); >+ } > return 0; > } > >@@ -483,6 +487,13 @@ static NTSTATUS dnsupdate_dnsupdate_RODC(struct irpc_message *msg, > > talloc_set_destructor(st, dnsupdate_RODC_destructor); > >+ st->tmp_path2 = talloc_asprintf(st, "%s.cache", st->tmp_path); >+ if (!st->tmp_path2) { >+ talloc_free(st); >+ r->out.result = NT_STATUS_NO_MEMORY; >+ return NT_STATUS_OK; >+ } >+ > sid_dn = ldb_dn_new_fmt(st, s->samdb, "<SID=%s>", dom_sid_string(st, r->in.dom_sid)); > if (!sid_dn) { > talloc_free(st); >@@ -575,6 +586,8 @@ static NTSTATUS dnsupdate_dnsupdate_RODC(struct irpc_message *msg, > dns_update_command, > "--update-list", > st->tmp_path, >+ "--update-cache", >+ st->tmp_path2, > NULL); > NT_STATUS_HAVE_NO_MEMORY(req); > >diff --git a/source4/scripting/bin/samba_dnsupdate b/source4/scripting/bin/samba_dnsupdate >index 1b21216..9c7c5e2 100755 >--- a/source4/scripting/bin/samba_dnsupdate >+++ b/source4/scripting/bin/samba_dnsupdate >@@ -63,6 +63,7 @@ parser.add_option("--all-names", action="store_true") > parser.add_option("--all-interfaces", action="store_true") > parser.add_option("--use-file", type="string", help="Use a file, rather than real DNS calls") > parser.add_option("--update-list", type="string", help="Add DNS names from the given file") >+parser.add_option("--update-cache", type="string", help="Cache database of already registered records") > parser.add_option("--fail-immediately", action='store_true', help="Exit on first failure") > parser.add_option("--no-credentials", dest='nocreds', action='store_true', help="don't try and get credentials") > parser.add_option("--no-substiutions", dest='nosubs', action='store_true', help="don't try and expands variables in file specified by --update-list") >@@ -278,12 +279,14 @@ def get_subst_vars(samdb): > return vars > > >-def call_nsupdate(d): >+def call_nsupdate(d, op="add"): > """call nsupdate for an entry.""" > global ccachename, nsupdate_cmd, krb5conf > >+ assert(op in ["add", "delete"]) >+ > if opts.verbose: >- print "Calling nsupdate for %s" % d >+ print "Calling nsupdate for %s (%s)" % (d, op) > > if opts.use_file is not None: > try: >@@ -299,8 +302,13 @@ def call_nsupdate(d): > wfile = os.fdopen(tmp_fd, 'a') > rfile.seek(0) > for line in rfile: >+ if op == "delete": >+ l = parse_dns_line(line, {}) >+ if str(l).lower() == str(d).lower(): >+ continue > wfile.write(line) >- wfile.write(str(d)+"\n") >+ if op == "add": >+ wfile.write(str(d)+"\n") > os.rename(tmpfile, opts.use_file) > fcntl.lockf(rfile, fcntl.LOCK_UN) > return >@@ -312,18 +320,18 @@ def call_nsupdate(d): > if getattr(d, 'nameservers', None): > f.write('server %s\n' % d.nameservers[0]) > if d.type == "A": >- f.write("update add %s %u A %s\n" % (normalised_name, default_ttl, d.ip)) >+ f.write("update %s %s %u A %s\n" % (op, normalised_name, default_ttl, d.ip)) > if d.type == "AAAA": >- f.write("update add %s %u AAAA %s\n" % (normalised_name, default_ttl, d.ip)) >+ f.write("update %s %s %u AAAA %s\n" % (op, normalised_name, default_ttl, d.ip)) > if d.type == "SRV": >- if d.existing_port is not None: >+ if op == "add" and d.existing_port is not None: > f.write("update delete %s SRV 0 %s %s %s\n" % (normalised_name, d.existing_weight, > d.existing_port, d.dest)) >- f.write("update add %s %u SRV 0 100 %s %s\n" % (normalised_name, default_ttl, d.port, d.dest)) >+ f.write("update %s %s %u SRV 0 100 %s %s\n" % (op, normalised_name, default_ttl, d.port, d.dest)) > if d.type == "CNAME": >- f.write("update add %s %u CNAME %s\n" % (normalised_name, default_ttl, d.dest)) >+ f.write("update %s %s %u CNAME %s\n" % (op, normalised_name, default_ttl, d.dest)) > if d.type == "NS": >- f.write("update add %s %u NS %s\n" % (normalised_name, default_ttl, d.dest)) >+ f.write("update %s %s %u NS %s\n" % (op, normalised_name, default_ttl, d.dest)) > if opts.verbose: > f.write("show\n") > f.write("send\n") >@@ -359,10 +367,12 @@ def call_nsupdate(d): > > > >-def rodc_dns_update(d, t): >+def rodc_dns_update(d, t, op): > '''a single DNS update via the RODC netlogon call''' > global sub_vars > >+ assert(op in ["add", "delete"]) >+ > if opts.verbose: > print "Calling netlogon RODC update for %s" % d > >@@ -386,7 +396,10 @@ def rodc_dns_update(d, t): > name.weight = 0 > if d.port is not None: > name.port = int(d.port) >- name.dns_register = True >+ if op == "add": >+ name.dns_register = True >+ else: >+ name.dns_register = False > dns_names.names = [ name ] > site_name = sub_vars['SITE'].decode('utf-8') > >@@ -405,10 +418,12 @@ def rodc_dns_update(d, t): > sys.exit(1) > > >-def call_rodc_update(d): >+def call_rodc_update(d, op="add"): > '''RODCs need to use the netlogon API for nsupdate''' > global lp, sub_vars > >+ assert(op in ["add", "delete"]) >+ > # we expect failure for 3268 if we aren't a GC > if d.port is not None and int(d.port) == 3268: > return >@@ -428,7 +443,7 @@ def call_rodc_update(d): > subname = samba.substitute_var(map[t], sub_vars) > if subname.lower() == d.name.lower(): > # found a match - do the update >- rodc_dns_update(d, t) >+ rodc_dns_update(d, t, op) > return > if opts.verbose: > print("Unable to map to netlogon DNS update: %s" % d) >@@ -440,6 +455,11 @@ if opts.update_list: > else: > dns_update_list = lp.private_path('dns_update_list') > >+if opts.update_cache: >+ dns_update_cache = opts.update_cache >+else: >+ dns_update_cache = lp.private_path('dns_update_cache') >+ > # use our private krb5.conf to avoid problems with the wrong domain > # bind9 nsupdate wants the default domain set > krb5conf = lp.private_path('krb5.conf') >@@ -458,8 +478,31 @@ else: > # build up a list of update commands to pass to nsupdate > update_list = [] > dns_list = [] >+cache_list = [] >+delete_list = [] > > dup_set = set() >+cache_set = set() >+ >+rebuild_cache = False >+try: >+ cfile = open(dns_update_cache, 'r+') >+except IOError: >+ # Perhaps create it >+ cfile = open(dns_update_cache, 'w+') >+ # Open it for reading again, in case someone else got to it first >+ cfile = open(dns_update_cache, 'r+') >+fcntl.lockf(cfile, fcntl.LOCK_EX) >+for line in cfile: >+ line = line.strip() >+ if line == '' or line[0] == "#": >+ continue >+ c = parse_dns_line(line, {}) >+ if c is None: >+ continue >+ if str(c) not in cache_set: >+ cache_list.append(c) >+ cache_set.add(str(c)) > > # read each line, and check that the DNS name exists > for line in file: >@@ -497,17 +540,50 @@ for d in dns_list: > > # now check if the entries already exist on the DNS server > for d in dns_list: >+ found = False >+ for c in cache_list: >+ if str(c).lower() == str(d).lower(): >+ found = True >+ break >+ if not found: >+ rebuild_cache = True > if opts.all_names or not check_dns_name(d): > update_list.append(d) > >-if len(update_list) == 0: >+for c in cache_list: >+ found = False >+ for d in dns_list: >+ if str(c).lower() == str(d).lower(): >+ found = True >+ break >+ if found: >+ continue >+ rebuild_cache = True >+ if not opts.all_names and not check_dns_name(c): >+ continue >+ delete_list.append(c) >+ >+if len(delete_list) == 0 and len(update_list) == 0 and not rebuild_cache: > if opts.verbose: > print "No DNS updates needed" > sys.exit(0) > > # get our krb5 creds >-if not opts.nocreds: >- get_credentials(lp) >+if len(delete_list) != 0 or len(update_list) != 0: >+ if not opts.nocreds: >+ get_credentials(lp) >+ >+# ask nsupdate to delete entries as needed >+for d in delete_list: >+ if am_rodc: >+ if d.name.lower() == domain.lower(): >+ continue >+ if not d.type in [ 'A', 'AAAA' ]: >+ call_rodc_update(d, op="delete") >+ else: >+ call_nsupdate(d, op="delete") >+ else: >+ call_nsupdate(d, op="delete") > > # ask nsupdate to add entries as needed > for d in update_list: >@@ -521,6 +597,15 @@ for d in update_list: > else: > call_nsupdate(d) > >+if rebuild_cache: >+ (file_dir, file_name) = os.path.split(dns_update_cache) >+ (tmp_fd, tmpfile) = tempfile.mkstemp(dir=file_dir, prefix=file_name, suffix="XXXXXX") >+ wfile = os.fdopen(tmp_fd, 'a') >+ for d in dns_list: >+ wfile.write(str(d)+"\n") >+ os.rename(tmpfile, dns_update_cache) >+fcntl.lockf(cfile, fcntl.LOCK_UN) >+ > # delete the ccache if we created it > if ccachename is not None: > os.unlink(ccachename) >-- >1.9.1 > > >From 0de06e5359b57f10261c98b34ad8b4b9f46534d5 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Tue, 8 Jul 2014 00:05:03 +0200 >Subject: [PATCH 10/12] s4:samba_dnsupdate: don't try to be smart when > verifying NS records > >We can't rely on the DNS delegation to be correct in the parent domain. >What we really want is to check if we already have registered ourself >as a NS record in our own domain. > >Bug: https://bugzilla.samba.org/show_bug.cgi?id=9831 > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >(cherry picked from commit b13974048b74c60028d8387eb7fe4fc7734f0a91) >--- > source4/scripting/bin/samba_dnsupdate | 19 ------------------- > 1 file changed, 19 deletions(-) > >diff --git a/source4/scripting/bin/samba_dnsupdate b/source4/scripting/bin/samba_dnsupdate >index 9c7c5e2..0d001ac 100755 >--- a/source4/scripting/bin/samba_dnsupdate >+++ b/source4/scripting/bin/samba_dnsupdate >@@ -203,25 +203,6 @@ def check_dns_name(d): > return False > > resolver = dns.resolver.Resolver() >- if d.type == "NS": >- # we need to lookup the nameserver for the parent domain, >- # and use that to check the NS record >- parent_domain = '.'.join(normalised_name.split('.')[1:]) >- try: >- ans = resolver.query(parent_domain, 'NS') >- except dns.exception.DNSException: >- if opts.verbose: >- print "Failed to find parent NS for %s" % d >- return False >- nameservers = set() >- for i in range(len(ans)): >- try: >- ns = resolver.query(str(ans[i]), 'A') >- except dns.exception.DNSException: >- continue >- for j in range(len(ns)): >- nameservers.add(str(ns[j])) >- d.nameservers = list(nameservers) > > try: > if getattr(d, 'nameservers', None): >-- >1.9.1 > > >From 28c9c9cd722fdf8cdbd58b84a9f65c51993c0787 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Mon, 28 Apr 2014 17:33:50 +0200 >Subject: [PATCH 11/12] s4:samba_dnsupdate: provide more substitution variables > e.g. IF_RODC > >This will make the dns_update_list more flexible. > >Bug: https://bugzilla.samba.org/show_bug.cgi?id=9831 > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >(cherry picked from commit f1544e8d1de995aa304d63352d313ace8fea6ca5) >--- > source4/scripting/bin/samba_dnsupdate | 57 +++++++++++++++++++++++++++++++++++ > 1 file changed, 57 insertions(+) > >diff --git a/source4/scripting/bin/samba_dnsupdate b/source4/scripting/bin/samba_dnsupdate >index 0d001ac..30d5608 100755 >--- a/source4/scripting/bin/samba_dnsupdate >+++ b/source4/scripting/bin/samba_dnsupdate >@@ -42,6 +42,7 @@ import samba > import optparse > from samba import getopt as options > from ldb import SCOPE_BASE >+from samba import dsdb > from samba.auth import system_session > from samba.samdb import SamDB > from samba.dcerpc import netlogon, winbind >@@ -168,10 +169,13 @@ class dnsobj(object): > def parse_dns_line(line, sub_vars): > """parse a DNS line from.""" > if line.startswith("SRV _ldap._tcp.pdc._msdcs.") and not samdb.am_pdc(): >+ # We keep this as compat to the dns_update_list of 4.0/4.1 > if opts.verbose: > print "Skipping PDC entry (%s) as we are not a PDC" % line > return None > subline = samba.substitute_var(line, sub_vars) >+ if subline == '' or subline[0] == "#": >+ return None > return dnsobj(subline) > > >@@ -255,7 +259,60 @@ def get_subst_vars(samdb): > res = samdb.search(base=samdb.get_default_basedn(), scope=SCOPE_BASE, attrs=["objectGUID"]) > guid = samdb.schema_format_value("objectGUID", res[0]['objectGUID'][0]) > vars['DOMAINGUID'] = guid >+ >+ vars['IF_DC'] = "" >+ vars['IF_RWDC'] = "# " >+ vars['IF_RODC'] = "# " >+ vars['IF_PDC'] = "# " >+ vars['IF_GC'] = "# " >+ vars['IF_RWGC'] = "# " >+ vars['IF_ROGC'] = "# " >+ vars['IF_DNS_DOMAIN'] = "# " >+ vars['IF_RWDNS_DOMAIN'] = "# " >+ vars['IF_RODNS_DOMAIN'] = "# " >+ vars['IF_DNS_FOREST'] = "# " >+ vars['IF_RWDNS_FOREST'] = "# " >+ vars['IF_R0DNS_FOREST'] = "# " >+ > am_rodc = samdb.am_rodc() >+ if am_rodc: >+ vars['IF_RODC'] = "" >+ else: >+ vars['IF_RWDC'] = "" >+ >+ if samdb.am_pdc(): >+ vars['IF_PDC'] = "" >+ >+ # check if we "are DNS server" >+ res = samdb.search(base=samdb.get_config_basedn(), >+ expression='(objectguid=%s)' % vars['NTDSGUID'], >+ attrs=["options", "msDS-hasMasterNCs"]) >+ >+ if len(res) == 1: >+ if "options" in res[0]: >+ options = int(res[0]["options"][0]) >+ if (options & dsdb.DS_NTDSDSA_OPT_IS_GC) != 0: >+ vars['IF_GC'] = "" >+ if am_rodc: >+ vars['IF_ROGC'] = "" >+ else: >+ vars['IF_RWGC'] = "" >+ >+ basedn = str(samdb.get_default_basedn()) >+ if "msDS-hasMasterNCs" in res[0]: >+ for e in res[0]["msDS-hasMasterNCs"]: >+ if str(e) == "DC=DomainDnsZones,%s" % basedn: >+ vars['IF_DNS_DOMAIN'] = "" >+ if am_rodc: >+ vars['IF_RODNS_DOMAIN'] = "" >+ else: >+ vars['IF_RWDNS_DOMAIN'] = "" >+ if str(e) == "DC=ForestDnsZones,%s" % basedn: >+ vars['IF_DNS_FOREST'] = "" >+ if am_rodc: >+ vars['IF_RODNS_FOREST'] = "" >+ else: >+ vars['IF_RWDNS_FOREST'] = "" > > return vars > >-- >1.9.1 > > >From 466d9d3c50aec644de7ca451310215581b754abd Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Mon, 28 Apr 2014 18:54:13 +0200 >Subject: [PATCH 12/12] s4:setup/dns_update_list: make use of the new > substitution variables > >This let us register the same names as Windows Servers. > >We only exception are the NS records. In future we could add them >by using something like this: > > samba-tool dns add ${HOSTNAME} ${DNSDOMAIN} @ NS ${HOSTNAME} > samba-tool dns add ${HOSTNAME} _msdcs.${DNSFOREST} @ NS ${HOSTNAME} > samba-tool dns add ${HOSTNAME} ${DNSFOREST} _msdcs NS ${HOSTNAME} > >Bug: https://bugzilla.samba.org/show_bug.cgi?id=9831 > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> > >Autobuild-User(master): Stefan Metzmacher <metze@samba.org> >Autobuild-Date(master): Tue Aug 26 11:38:54 CEST 2014 on sn-devel-104 > >(cherry picked from commit 4383ec5b83d12bd19749582217f082cbaa31a128) >--- > source4/setup/dns_update_list | 82 ++++++++++++++++++++++++------------------- > 1 file changed, 46 insertions(+), 36 deletions(-) > >diff --git a/source4/setup/dns_update_list b/source4/setup/dns_update_list >index 4da0398..deac459 100644 >--- a/source4/setup/dns_update_list >+++ b/source4/setup/dns_update_list >@@ -1,39 +1,49 @@ > # this is a list of DNS entries which will be put into DNS using > # dynamic DNS update. It is processed by the samba_dnsupdate script >-A ${DNSDOMAIN} $IP >-A ${HOSTNAME} $IP >-AAAA ${DNSDOMAIN} $IP >-AAAA ${HOSTNAME} $IP >+A ${HOSTNAME} $IP >+AAAA ${HOSTNAME} $IP >+ >+# RW domain controller >+${IF_RWDC}A ${DNSDOMAIN} $IP >+${IF_RWDC}AAAA ${DNSDOMAIN} $IP >+${IF_RWDC}SRV _ldap._tcp.${DNSDOMAIN} ${HOSTNAME} 389 >+${IF_RWDC}SRV _ldap._tcp.dc._msdcs.${DNSDOMAIN} ${HOSTNAME} 389 >+${IF_RWDC}SRV _ldap._tcp.${DOMAINGUID}.domains._msdcs.${DNSFOREST} ${HOSTNAME} 389 >+${IF_RWDC}SRV _kerberos._tcp.${DNSDOMAIN} ${HOSTNAME} 88 >+${IF_RWDC}SRV _kerberos._udp.${DNSDOMAIN} ${HOSTNAME} 88 >+${IF_RWDC}SRV _kerberos._tcp.dc._msdcs.${DNSDOMAIN} ${HOSTNAME} 88 >+${IF_RWDC}SRV _kpasswd._tcp.${DNSDOMAIN} ${HOSTNAME} 464 >+${IF_RWDC}SRV _kpasswd._udp.${DNSDOMAIN} ${HOSTNAME} 464 >+# RW and RO domain controller >+${IF_DC}CNAME ${NTDSGUID}._msdcs.${DNSFOREST} ${HOSTNAME} >+${IF_DC}SRV _ldap._tcp.${SITE}._sites.${DNSDOMAIN} ${HOSTNAME} 389 >+${IF_DC}SRV _ldap._tcp.${SITE}._sites.dc._msdcs.${DNSDOMAIN} ${HOSTNAME} 389 >+${IF_DC}SRV _kerberos._tcp.${SITE}._sites.${DNSDOMAIN} ${HOSTNAME} 88 >+${IF_DC}SRV _kerberos._tcp.${SITE}._sites.dc._msdcs.${DNSDOMAIN} ${HOSTNAME} 88 >+ >+# The PDC emulator >+${IF_PDC}SRV _ldap._tcp.pdc._msdcs.${DNSDOMAIN} ${HOSTNAME} 389 >+ >+# RW GC servers >+${IF_RWGC}A gc._msdcs.${DNSFOREST} $IP >+${IF_RWGC}AAAA gc._msdcs.${DNSFOREST} $IP >+${IF_RWGC}SRV _gc._tcp.${DNSFOREST} ${HOSTNAME} 3268 >+${IF_RWGC}SRV _ldap._tcp.gc._msdcs.${DNSFOREST} ${HOSTNAME} 3268 >+# RW and RO GC servers >+${IF_GC}SRV _gc._tcp.${SITE}._sites.${DNSFOREST} ${HOSTNAME} 3268 >+${IF_GC}SRV _ldap._tcp.${SITE}._sites.gc._msdcs.${DNSFOREST} ${HOSTNAME} 3268 >+ >+# RW DNS servers >+${IF_RWDNS_DOMAIN}A DomainDnsZones.${DNSDOMAIN} $IP >+${IF_RWDNS_DOMAIN}AAAA DomainDnsZones.${DNSDOMAIN} $IP >+${IF_RWDNS_DOMAIN}SRV _ldap._tcp.DomainDnsZones.${DNSDOMAIN} ${HOSTNAME} 389 >+# RW and RO DNS servers >+${IF_DNS_DOMAIN}SRV _ldap._tcp.${SITE}._sites.DomainDnsZones.${DNSDOMAIN} ${HOSTNAME} 389 >+ >+# RW DNS servers >+${IF_RWDNS_FOREST}A ForestDnsZones.${DNSFOREST} $IP >+${IF_RWDNS_FOREST}AAAA ForestDnsZones.${DNSFOREST} $IP >+${IF_RWDNS_FOREST}SRV _ldap._tcp.ForestDnsZones.${DNSFOREST} ${HOSTNAME} 389 >+# RW and RO DNS servers >+${IF_DNS_FOREST}SRV _ldap._tcp.${SITE}._sites.ForestDnsZones.${DNSFOREST} ${HOSTNAME} 389 > >-A gc._msdcs.${DNSFOREST} $IP >-AAAA gc._msdcs.${DNSFOREST} $IP >- >-CNAME ${NTDSGUID}._msdcs.${DNSFOREST} ${HOSTNAME} >- >-SRV _kpasswd._tcp.${DNSDOMAIN} ${HOSTNAME} 464 >-SRV _kpasswd._udp.${DNSDOMAIN} ${HOSTNAME} 464 >- >-SRV _kerberos._tcp.${DNSDOMAIN} ${HOSTNAME} 88 >-SRV _kerberos._tcp.dc._msdcs.${DNSDOMAIN} ${HOSTNAME} 88 >-SRV _kerberos._tcp.dc._msdcs.${DNSFOREST} ${HOSTNAME} 88 >-SRV _kerberos._tcp.${SITE}._sites.${DNSDOMAIN} ${HOSTNAME} 88 >-SRV _kerberos._tcp.${SITE}._sites.dc._msdcs.${DNSDOMAIN} ${HOSTNAME} 88 >-SRV _kerberos._tcp.${SITE}._sites.dc._msdcs.${DNSFOREST} ${HOSTNAME} 88 >- >-SRV _kerberos._udp.${DNSDOMAIN} ${HOSTNAME} 88 >- >-SRV _ldap._tcp.${DNSDOMAIN} ${HOSTNAME} 389 >-SRV _ldap._tcp.dc._msdcs.${DNSDOMAIN} ${HOSTNAME} 389 >-SRV _ldap._tcp.dc._msdcs.${DNSFOREST} ${HOSTNAME} 389 >-SRV _ldap._tcp.gc._msdcs.${DNSFOREST} ${HOSTNAME} 3268 >-SRV _ldap._tcp.pdc._msdcs.${DNSDOMAIN} ${HOSTNAME} 389 >-SRV _ldap._tcp.pdc._msdcs.${DNSFOREST} ${HOSTNAME} 389 >-SRV _ldap._tcp.${SITE}._sites.${DNSDOMAIN} ${HOSTNAME} 389 >-SRV _ldap._tcp.${SITE}._sites.dc._msdcs.${DNSDOMAIN} ${HOSTNAME} 389 >-SRV _ldap._tcp.${SITE}._sites.dc._msdcs.${DNSFOREST} ${HOSTNAME} 389 >-SRV _ldap._tcp.${SITE}._sites.gc._msdcs.${DNSFOREST} ${HOSTNAME} 3268 >-SRV _ldap._tcp.${DOMAINGUID}.domains._msdcs.${DNSFOREST} ${HOSTNAME} 389 >- >- >-SRV _gc._tcp.${DNSFOREST} ${HOSTNAME} 3268 >-SRV _gc._tcp.${SITE}._sites.${DNSFOREST} ${HOSTNAME} 3268 >-- >1.9.1 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=10245">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Flags:
metze
:
review?
abartlet
:
review+
metze
:
review?
(
kai
)
Actions:
View
Attachments on
bug 9831
:
10078
|
10092
|
10136
| 10245