Bug 8372 - upgradeprovision needs to remove dns/ from spn_update_list
Summary: upgradeprovision needs to remove dns/ from spn_update_list
Status: RESOLVED WONTFIX
Alias: None
Product: Samba 4.0
Classification: Unclassified
Component: Other (show other bugs)
Version: unspecified
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Matthieu Patou
QA Contact: samba4-qa@samba.org
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-08-12 05:29 UTC by Trever Adams
Modified: 2011-10-12 05:53 UTC (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Trever Adams 2011-08-12 05:29:41 UTC 
At one point it appears I was either directed to add, or that upgradeprovision added, dns/{MACHINE} (or something similar, not where I can validate names) to spn_update_list in /usr/local/samba/private.

Many upgradeprovision --full later, this line still exists in CONTROLLERMACHINE$, where it should be removed (since it was added autoatmically) as well as where it belongs: dns-CONTROLLERMACHINE.

upgradeprovision should remove the dns/{MACHINE} from spn_update_list and the appropriate spn from CONTROLLERMACHINE$.

Thank you Andrew Bartlett for your help in tracking this down.
Comment 1 Matthias Dieter Wallnöfer 2011-09-12 17:51:49 UTC 
Matthieu, please have a look at this!
Comment 2 Matthieu Patou 2011-09-12 22:58:16 UTC 
(In reply to comment #0)
> At one point it appears I was either directed to add, or that upgradeprovision
> added, dns/{MACHINE} (or something similar, not where I can validate names) to
> spn_update_list in /usr/local/samba/private.
> 
Pretty unlikely, upgradeprovision copy the spn_update_list from the reference provision if it's not existing, if it's existing then it copy nothing so you must have run upgradeprovision when there was still the DNS/${HOSTNAME} in it that is to say up to 25th september last year.

> Many upgradeprovision --full later, this line still exists in
> CONTROLLERMACHINE$, where it should be removed (since it was added
> autoatmically) as well as where it belongs: dns-CONTROLLERMACHINE.
The rule for upgradeprovision is not to remove spn as it can be quite dangerous, there might be users still relying on the old form of DNS where it was still dns/{MACHINE}.

> 
> upgradeprovision should remove the dns/{MACHINE} from spn_update_list and the
> appropriate spn from CONTROLLERMACHINE$.
So it's _very_ hard to do so, because now upgradeprovision updates record only modified or created by provision and previous upgradeprovision. In your case the DNS/${HOSTNAME} come from the copy of a not so great spn_update_list that is to say that the change has occurred out of the control of upgradeprovision and it will by default avoid this update. We can add exceptions but the number of persons concerned by this is very limited (that's people who have done upgradeprovision from July 2010 to 25/09/2010). 

It might be more efficient and safe to produce a warning message for users in the same case as you.
Comment 3 Matthias Dieter Wallnöfer 2011-10-11 07:15:04 UTC 
How to proceed here, ekacnet?
Comment 4 Matthieu Patou 2011-10-11 21:39:28 UTC 
I would not do anything, because the problem is just for trever I think so there is no sense doing a patch for 1 person.

Trever are you ok for a WONTFIX resolution ?
Comment 5 Trever Adams 2011-10-12 00:52:38 UTC 
I suppose this bug and the original mailing list posts are enough documentation. I have fixed all of my machines. If closing this as WONTFIX is the right solution, feel free to do so.
Comment 6 Matthias Dieter Wallnöfer 2011-10-12 05:53:49 UTC 
I'm closing this with "WONTFIX". Thanks for the collaboration!