freeipa team mailing list archive

[Launchpad Bug Tracker <1772405@xxxxxxxxxxxxxxxxxx>]

Status changed to 'Confirmed' because the bug affects multiple users.

** Changed in: systemd (Ubuntu)
       Status: New => Confirmed

-- 
You received this bug notification because you are a member of FreeIPA,
which is subscribed to freeipa in Ubuntu.
https://bugs.launchpad.net/bugs/1772405

Title:
  freeipa dns install does not correctly configure reverse zones due to
  systemd-resolved

Status in freeipa package in Ubuntu:
  Triaged
Status in systemd package in Ubuntu:
  Confirmed

Bug description:
  In Ubuntu 18.04, ipa-dns-intall (or ipa-server-install when asking to
  configure BIND) does not create reverse DNS zones for my domain. Note
  that I already fixed (or more correctly, circumvented) other bugs
  involving BIND, such as
  https://bugs.launchpad.net/ubuntu/+source/freeipa/+bug/1769440.

  The problem seems due to the presence of systemd-resolved. When ipa-
  dns-install valuates whether to create a reverse DNS zone, it tries to
  use the local DNS for resolving the IP address of the server. When you
  want to install BIND alongside IPA, this normally fails, and the
  installer knows he needs to configure an appropriate reverse zone. But
  when systemd-resolved is active, it takes the role of local DNS and
  answers this query: therefore, the installer thinks a reverse DNS zone
  is already present.

  To fix this problem I had to perform the following steps before calling ipa-dns-install (or ipa-server-install):
  1) stop systemd-resolved with "systemctl stop systemd-resolved".
  2) disable systemd-resolved with "systemctl disable systemd-resolved".
  3) delete the file "/etc/resolv.conf", which is a symlink to a file created by systemd.
  4) optionally, recreate "/etc/resolv.conf" pointing to the (real) local DNS.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/freeipa/+bug/1772405/+subscriptions