[Dnssec-trigger] [PATCH] dnssec-trigger-script: Don't configure RFC1918 zones if there are no global forwarders
Tomas Hozza
thozza at redhat.com
Tue Apr 7 15:16:40 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Thanks Wouter.
It sure was. I experienced the same issue and in my case it delayed
the boot for 2,5 minutes.
I also found out that the configuration of reverse address zones does
not work, since Unbound configures them as static local zones. I'm working on
the fix and will send it soon.
Regards,
Tomas
On 04/07/2015 02:57 PM, W.C.A. Wijngaards wrote:
> Hi Tomas,
>
> Applied, that must have been a painful issue for the user.
>
> Best regards, Wouter
>
> On 02/04/15 20:19, Tomas Hozza wrote:
>> Hi.
>
>> I'm attaching patch for issue caught by ABRT - Automatic Bug
>> Reporting Tool.
>
>> Previously the script tried to install RFC1918 zones even if there
>> were no global forwarders from NetworkManager. This lead to
>> removing the zones from Unbound which is good, but not from zones
>> Store. Also on subsequent calls the script tried to remove the
>> zones from Unbound again and crashed with traceback.
>
>> When a machine had configuration of RFC1918 zones enabled by
>> default, the script crashed also during boot, if the machine was
>> not connected to any network.
>
>> Please also see
>> https://bugzilla.redhat.com/show_bug.cgi?id=1205864
>
>> This change makes the script to add RFC1918 zones only if there are
>> global forwarders, otherwise it will remove them from Unbound and
>> zones Store. If zones are not configured in Unbound or are not
>> present in the zones Store, it will do nothing.
>
>> Regards,
>
>
>
>> _______________________________________________ dnssec-trigger
>> mailing list dnssec-trigger at NLnetLabs.nl
>> http://open.nlnetlabs.nl/mailman/listinfo/dnssec-trigger
>
>
> _______________________________________________
> dnssec-trigger mailing list
> dnssec-trigger at NLnetLabs.nl
> http://open.nlnetlabs.nl/mailman/listinfo/dnssec-trigger
>
- --
Tomas Hozza
Software Engineer - EMEA ENG Developer Experience
PGP: 1D9F3C2D
Red Hat Inc. http://cz.redhat.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBAgAGBQJVI/TXAAoJEMWIetUdnzwtAF4IAMbvyF6h/EV/Av4zMb1O2xUX
pOMwSQbGd0emzT3+Vod4WUE2OuQvbCpxraoPhXKeOi9KPw9Crdzh+KPKiNsF8T2f
hhYIyOlJ1DBZwuNGtjDygMzyG/XQi8VojrOlZwLhhyl8OEJ18jWiAGZPxYKbyGpB
GccoTWwwyNWrT8u0mPqUAH4NCHC60JE01JWOvXJYOGQJKlOgEQyFcZWv7N4Q9l2b
Hu13YiBFKw7AA4HWk8mcR438WYinLwd3gz3BuJ9pm8VH05bmwiLujbufWF2Za7uX
U5WqZ0+UnYSPDH6aQigsvzSTTElwgU+JANgZDn4TX0H5wpF8JOftCx/yGbr81lA=
=ONCi
-----END PGP SIGNATURE-----
More information about the dnssec-trigger
mailing list