Univention Bugzilla – Bug 29821
dns/allow/query und Semikolon
Last modified: 2021-05-25 16:02:07 CEST
Rückmeldung aus dem Forum: Wenn ich folgendes setze: Code: Alles auswählen dns/allow/query: 192.168.0.0/16; 10.0.0.0/8; startet bind nicht mehr, da im Template selber auch ein ";" am Ende gesetzt wird. Könnte man im Template überprüfen, ob ein ";" am Ende gesetzt ist, wenn nicht, NUR dann soll ein ";" angehängt werden?? Ich bin von der DNS Konfiguration gewohnt, am Ende immer ein ";" zu setzen.
Sollte einfach anpassbar sein.
We will not ship a UCS 3.1-2 release; the next UCS release will be UCS 3.2. As such, this bug is moved to the new target milestone.
BIND also allows names IP sets: acl MyName { 192.168.0.0/16; }; which complicates validation. But we could simply add a .strip(';'), as we always append the last ';'. diff --git a/services/univention-bind/conffiles/etc/bind/named.conf.proxy b/services/univention-bind/conffiles/etc/bind/named.conf.proxy index 992e06b21c..cd10b037f6 100644 --- a/services/univention-bind/conffiles/etc/bind/named.conf.proxy +++ b/services/univention-bind/conffiles/etc/bind/named.conf.proxy @@ -9,9 +9,9 @@ options { directory "/var/cache/bind"; listen-on { any; }; @!@ -dns_allow_query = configRegistry.get('dns/allow/query') -dns_allow_query_cache = configRegistry.get('dns/allow/query/cache') -dns_allow_transfer = configRegistry.get('dns/allow/transfer') +dns_allow_query = configRegistry.get('dns/allow/query', '').rstrip(';') +dns_allow_query_cache = configRegistry.get('dns/allow/query/cache', '').rstrip(';') +dns_allow_transfer = configRegistry.get('dns/allow/transfer', '').rstrip(';') if dns_allow_query: print '\tallow-query { %s; };' % dns_allow_query @@ -35,19 +35,13 @@ logging { }; }; @!@ -if configRegistry.get('dns/forwarder1') or configRegistry.get('dns/forwarder2') or configRegistry.get('dns/forwarder3'): +forwarders = filter(None, (configRegistry.get('dns/forwarder%d' % (key,), '').rstrip(';') for key in range(1, 4))) +if forwarders: print '\n# Found a forwarder in ucr variables, using forwarder in zone ".".' print '# Ignoring any setting of dns/fakeroot.' print 'zone "." {' print '\ttype forward;' - print '\tforwarders {' - if configRegistry['dns/forwarder1']: - print '\t\t%s;' % configRegistry['dns/forwarder1'] - if configRegistry['dns/forwarder2']: - print '\t\t%s;' % configRegistry['dns/forwarder2'] - if configRegistry['dns/forwarder3']: - print '\t\t%s;' % configRegistry['dns/forwarder3'] - print '\t};' + print '\tforwarders { %s; }' % ('; '.join(forwarders),) print '};' elif configRegistry.is_true('dns/fakeroot', True): print '\n# Found no forwarder in ucr variables.'
This issue has been filed against UCS 4.2. UCS 4.2 is out of maintenance and many UCS components have changed in later releases. Thus, this issue is now being closed. If this issue still occurs in newer UCS versions, please use "Clone this bug" or reopen it and update the UCS version. In this case please provide detailed information on how this issue is affecting you.
[feature/ucs5] 4bcc0c9c38 Bug #29821 DNS: Strip semicolons fron UCRV `dns/forwarder` and `dns/allow/*`. doc/changelog/changelog-5.0-0.xml | 5 ++++- .../conffiles/etc/bind/named.conf.proxy | 20 +++++++------------- services/univention-bind/debian/changelog | 1 + 3 files changed, 12 insertions(+), 14 deletions(-)
OK: stripping of ";" OK: changelog entry
UCS 5.0 has been released: https://docs.software-univention.de/release-notes-5.0-0-en.html https://docs.software-univention.de/release-notes-5.0-0-de.html If this error occurs again, please use "Clone This Bug".