Project

General

Profile

Bug #10436

dns update fails if dns_provider is nsupdate_gss and dns_key is uncommented

Added by Anonymous over 5 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
Foreman modules
Target version:
Difficulty:
trivial
Triaged:
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:

Description

If nsupdate_gss is configured in /etc/foreman-proxy/settings.d/dns.yml, an enabled dns_key results in a failure to update
the dns entry:

UI Error:
Create DNS record for dnstest.lnx.aaxc.org task failed with the following error: ERF12-2357 [ProxyAPI::ProxyException]:
Unable to set DNS entry ([RestClient::BadRequest]: 400 Bad Request) for proxy https://katello.somedomain:9090/dns

Error if dns_key is uncommented:
D, [2015-05-09T19:26:58.516489 #11223] DEBUG -- : Kerberos credential cache initialised with principal: foremanproxy/katello.somedomain@SOMEDOMAIN
D, [2015-05-09T19:26:58.517958 #11223] DEBUG -- : running /usr/bin/nsupdate k /etc/rndc.key -g
E, [2015-05-09T19:26:58.538523 #11223] ERROR -
: Broken pipe
D, [2015-05-09T19:26:58.538675 #11223] DEBUG -- : /usr/share/foreman-proxy/modules/dns/providers/nsupdate.rb:88:in `write'

Works if dns_key is removed:
D, [2015-05-09T19:30:59.772357 #11649] DEBUG -- : Kerberos credential cache initialised with principal: foremanproxy/katello.somedomain@SOMEDOMAIN
D, [2015-05-09T19:30:59.772633 #11649] DEBUG -- : running /usr/bin/nsupdate g
D, [2015-05-09T19:30:59.778613 #11649] DEBUG -
: nsupdate: executed - server 192.168.x.x

As i don't have a Microsoft DNS server i could not verify that this only happens if you use IPA.

History

#2 Updated by Dominic Cleal over 5 years ago

  • Status changed from New to Closed
  • % Done changed from 0 to 100

#3 Updated by Dominic Cleal over 5 years ago

  • Project changed from Smart Proxy to Installer
  • Category changed from DNS to Foreman modules

#4 Updated by Dominic Cleal over 5 years ago

  • Legacy Backlogs Release (now unused) set to 50

#5 Updated by Bryan Kearney almost 5 years ago

  • Bugzilla link set to 1215659

Also available in: Atom PDF