rpms/ipa
6
0
Fork 0
Code Issues Pull Requests Releases Activity
fc525ba5be
ipa/0084-dns-don-t-populate-forwarders-with-DoT-forwarders.patch
Florence Blanc-Renaud 5bae5ab37a ipa-4.12.2-17 
- Resolves: RHEL-88043 Server installation: dot-forwarder not added as a forwarder
- Resolves: RHEL-86481 Include latest fixes in python3-ipatests package
- Resolves: RHEL-85788 ipa-sidgen: fix memory leak in ipa_sidgen_add_post_op()
- Resolves: RHEL-88899 [RFE] Add check on CA cert expiry for ipa-cert-fix
2025-04-29 17:49:26 +02:00

50 lines
2.0 KiB
Diff
Raw Blame History

From e1d517032afa2a8258c1ff8bd6bfdd4175b42327 Mon Sep 17 00:00:00 2001
From: Antonio Torres <antorres@redhat.com>
Date: Mon, 17 Feb 2025 10:21:53 +0100
Subject: [PATCH] dns: don't populate forwarders with DoT forwarders
DNS over TLS setup overrides global forwarder to point to Unbound, so no
need to setup regular forwarders.
Resolves: https://pagure.io/freeipa/issue/9748
Signed-off-by: Antonio Torres <antorres@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
---
ipaserver/install/dns.py | 12 ++----------
1 file changed, 2 insertions(+), 10 deletions(-)
diff --git a/ipaserver/install/dns.py b/ipaserver/install/dns.py
index 88aff19bcec11f778af5644167c32c45cbcab594..470e1915971f66d84e4e4f279caaf81bd3a85cd3 100644
--- a/ipaserver/install/dns.py
+++ b/ipaserver/install/dns.py
@@ -360,14 +360,9 @@ def install_check(standalone, api, replica, options, hostname):
if options.no_forwarders:
options.forwarders = []
- elif (options.forwarders
- or options.dot_forwarders or options.auto_forwarders):
+ elif options.forwarders or options.auto_forwarders:
if not options.forwarders:
- if options.dot_forwarders:
- options.forwarders = [fw.split("#")[0]
- for fw in options.dot_forwarders]
- else:
- options.forwarders = []
+ options.forwarders = []
if options.auto_forwarders:
options.forwarders.extend(dnsforwarders.get_nameservers())
elif standalone or not replica:
@@ -436,9 +431,6 @@ def install(standalone, replica, options, api=api):
"and IPA CA is not present."
)
- if not options.forwarders and options.dot_forwarders:
- options.forwaders = [fw.split("#")[0] for fw in options.dot_forwarders]
-
bind = bindinstance.BindInstance(fstore, api=api)
bind.setup(api.env.host, ip_addresses, api.env.realm, api.env.domain,
options.forwarders, options.forward_policy,
--
2.49.0
Reference in New Issue View Git Blame Copy Permalink