|
Bugzilla – Full Text Bug Listing |
| Summary: | DNS-Server-Module missing "SPF" Record type | ||
|---|---|---|---|
| Product: | [openSUSE] openSUSE 12.2 | Reporter: | Forgotten User QtBI7gWTIh <forgotten_QtBI7gWTIh> |
| Component: | YaST2 | Assignee: | Reinhard Max <max> |
| Status: | RESOLVED FIXED | QA Contact: | Jiri Srain <jsrain> |
| Severity: | Enhancement | ||
| Priority: | P4 - Low | CC: | forgotten_QtBI7gWTIh, lchiquitto, locilka |
| Version: | Factory | ||
| Target Milestone: | --- | ||
| Hardware: | x86-64 | ||
| OS: | SLES 11 | ||
| Whiteboard: | maint:released:sle11-sp3:59262 | ||
| Found By: | --- | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
| Attachments: |
The YaST2 log
Patch for DNS Server |
||
|
Description
Forgotten User QtBI7gWTIh
2012-04-24 09:42:06 UTC
Thank you for your report.Could you please help to provide y2logs according to the following URL?Thank you. http://en.opensuse.org/openSUSE:Bugreport_YaST.;) Created attachment 488513 [details]
The YaST2 log
That's true, SPF record is not supported. There are several other unsupported resource records: http://en.wikipedia.org/wiki/List_of_DNS_record_types Please, use TXT record instead. See more details here: http://www.zytrax.com/books/dns/ch9/spf.html Example: example.com. IN TXT "v=spf1 include:example.net -all" Switching this bug to enhancement. Created attachment 493672 [details]
Patch for DNS Server
- Adds support for SPF record
I've tried to add SPF record support but it seems that SPF record is not supported by the LDAP schema included in bind-utils package. Uwe, can you add it, please? SPF record should have the same syntax as TXT record. IMO useful for both openSUSE 12.2 and SLE 11 SP3 I will update the schema but we should think about dropping ldapdump and switch to a bind reading directly from ldap. For the yast module that requires almost no change I guess Definitely, I'm all for that. Dropping ldapdump should be easy. reassign to new bind maintainer I don't get the relation between the YaST module for bind and ldap schemas. Please explain what I am supposed to change in the bind package. I've seen the solution is some other bug, it was rather easy... ldapdump script creates a zone file from LDAP entries, this ldapdump script ignores SPF records. Somewhere in the code, there is a list (or several lists) of records that are dumped, it's just enough to add this 'SPF' string next to 'TXT' string and that's it. YaST DNS Server already contains the fix, but it's waiting for bind to do the rest. OK, but we're talking about the YaST DNS module here, so why is LDAP involved at all? Does the YaST module create an LDAP configuration, which is then translated into a bind configuration? Only a hint the TXT record is again broken in SP3 my Test yast2-server Module from SUSE is not working with SP3 (In reply to comment #11) > OK, but we're talking about the YaST DNS module here, so why is LDAP involved > at all? Does the YaST module create an LDAP configuration, which is then > translated into a bind configuration? YaST DNS Module was only part of the problem. YaST either writes the configuration to zone files directly or to LDAP. This LDAP belongs to bind, it's neither defined nor owned by YaST. Bind itself supports SPF records in zone files but ignores them if they are placed in LDAP. Easy fix (adding 'SPF' string into list of supported records) would make ldapdump script (owned by bind) to write also SPF records to zone files while dumping LDAP to these zone files. So, there are two ways of storing records: 1.) YaST / anything else --directly to--> zone file 2.) YaST / anything else --to LDAP--> bind --using ldapdump--> to zone file (In reply to comment #12) > Only a hint the TXT record is again broken in SP3 my Test yast2-server Module > from SUSE is not working with SP3 Günther, would you be please more concrete what (and how) does't work in SP3? If you are using LDAP, you again need to add SPF to ldapdump script as we (probably?) failed to put it to SP3. I'm just a little bit confused by the fact that you are referring to TXT record instead. I've just found out that even the YaST part never made it to SP3 or Factory probably due to the fact that the bug was reassigned to Uwe to do his changes first and he could not finish them. That's why it also went off of my radar. After Update to SP3 I wonder me, I have problems to send Mail to "Gmail" I search in my Zone File the TXT Record are missing (ldapdump). OK I remember me the quick way and change ldapdump (TXT). (but i mean google like more a SPF Record) But the problem I "remember" was in YaST2-dns-server Module to create a correct (working) TXT entry for LDAP. It is not possible to create a entry like "exemple.com. IN TXT" it is changed to "@" or "exemple.com" then dot is missing. I mean this module is "experimental" only for a home work like me ;). SUSE-RU-2014:1269-1: An update that has two recommended fixes can now be installed. Category: recommended (low) Bug References: 758769,867596 CVE References: Sources used: SUSE Linux Enterprise Software Development Kit 11 SP3 (src): yast2-dns-server-2.17.23-0.5.1 SUSE Linux Enterprise Server 11 SP3 for VMware (src): yast2-dns-server-2.17.23-0.5.1 SUSE Linux Enterprise Server 11 SP3 (src): yast2-dns-server-2.17.23-0.5.1 Update has been released for 11-SP3. Hollo, I long time ago I write this ;) But now we have a SPF Record in YaST2. :-) But with SLES11-SP3 we have now a other Problem. The ldap schema Files have to update and the Bind "ldapdump" don't work |