Bug 37263 – Verification of the DNS server should return the actual error

Bug 37263 - Verification of the DNS server should return the actual error


Summary:	Verification of the DNS server should return the actual error

Status:	REOPENED

Product:	UCS
Classification:	Unclassified
Component:	UMC - Setup wizard
Version:	UCS 5.0
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	---
Assigned To:	UMC maintainers
QA Contact:	UMC maintainers

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2014-12-09 16:08 CET by Janis Meybohm
Modified:	2021-05-03 21:26 CEST (History)
CC List:	5 users (show)

See Also:	37273 37501
What kind of report is it?:	Bug Report
What type of bug is this?:	6: Setup Problem: Issue for the setup process
Who will be affected by this bug?:	1: Will affect a very few installed domains
How will those affected feel about the bug?:	5: Blocking further progress on the daily work
User Pain:	0.171
Enterprise Customer affected?:	Yes
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):	Error handling, External feedback, Troubleshooting
Max CVSS v3 score:

Attachments
Screenshot_20181128_153750.png (59.89 KB, image/png) 2018-11-28 16:02 CET, Arvid Requate	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Janis Meybohm

2014-12-09 16:08:59 CET

2014120921000262

Nameserver validation says "The specified nameserver %s is not part of a valid UCS domain." looking at the log file (and code) reveals more precise messages that should be shown to the user:

In "def get_fqdn()"
* 'Lookup for nameserver %s failed: %s'
* 'Lookup for nameserver %s timed out: %s'

Comment 1 Janis Meybohm

2014-12-10 08:51:32 CET

In addition more messages should be added (at least to the logfile) when reverse lookup, computing of the domain name etc. goes wrong.

In this case, the PTR record for the DNS server was broken, only pointing to a hostname instead of an FQDN:

dn: relativeDomainName=240,zoneName=1.168.192.in-addr.arpa,cn=dns,dc=x,dc=y
objectClass: top
objectClass: dNSZone
relativeDomainName: 240
zoneName: 1.168.192.in-addr.arpa
pTRRecord: univention.

Comment 2 Alexander Kläser

2014-12-10 11:53:17 CET

*** Bug 37273 has been marked as a duplicate of this bug. ***

Comment 3 Alexander Kläser

2014-12-10 12:11:35 CET

(In reply to Alexander Kläser from comment #2)
> *** Bug 37273 has been marked as a duplicate of this bug. ***

No duplicate, I was a bit too fast

Comment 4 Michael Grandjean

2015-07-28 13:45:34 CEST

A customer experienced this again because of a missing PTR record. More precise error messages would have helped a lot.

Comment 5 Florian Best

2017-06-28 14:52:23 CEST

There is a Customer ID set so I set the flag "Enterprise Customer affected".

Comment 6 Erik Damrose

2018-11-27 12:23:54 CET

We now call univention-join -checkPrerequisites in the UCS system setup, which checks for several issues, such as DC master dns records in the nameserver, return the nslookup output, etc.
Implemented in bug 42022

-> Worksforme

Comment 7 Arvid Requate

2018-11-28 16:02:27 CET

Created attachment 9763 [details]
Screenshot_20181128_153750.png

I've taken a UCS 4.3-2 template via ucs-kt-get and specified the IP of another UCS 4.3-2 DC Master, where I manually removed his ptr record to simulate the error condition. The attached screenshot shows that the additional checks of
Bug #42022 did not improve the error message in this situation. The error message is shown in management-console-module-setup.log:

28.11.18 15:37:17.469  MODULE      ( WARN    ) : Lookup for nameserver 10.200.8.10 failed: NXDOMAIN The DNS query name does not exist: 10.8.200.10.in-addr.arpa.

But if the customer installed from ISO he a) does not know that he should look into this log file b) only sees a warning but not an ERROR and c) he cannot connect to the system via SSH yet, because the software has not been installed yet.

I would expect to 1) see an ERROR logged at some point here and 2) a more detailed error message in the system setup error popup.