diff options
author | Andrew Bartlett <abartlet@samba.org> | 2013-09-21 22:52:01 -0700 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2013-09-22 14:39:51 -0700 |
commit | 038a9a7c5ec964e5b42e1329eab0573e50a9d3b0 (patch) | |
tree | 989b422b996b03d036a5df858eaa4f6f464a58ae /source4/selftest/provisions/release-4-1-0rc3/private/named.txt | |
parent | 9c11ad25b211242cbe526f280688640658c4a365 (diff) | |
download | samba-038a9a7c5ec964e5b42e1329eab0573e50a9d3b0.tar.gz samba-038a9a7c5ec964e5b42e1329eab0573e50a9d3b0.tar.bz2 samba-038a9a7c5ec964e5b42e1329eab0573e50a9d3b0.zip |
selftest: Add release-4-1-0rc3 saved provision
This version has the regression where we would, on join, write an
all-zero invocationID in the replPropertyMetaData attribute, on
Deleted Objects in particular.
To demonstrate this regression, this is based on the promoted_dc
environment from make test, with the domain altered to match the
pattern used in these trees.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Diffstat (limited to 'source4/selftest/provisions/release-4-1-0rc3/private/named.txt')
-rw-r--r-- | source4/selftest/provisions/release-4-1-0rc3/private/named.txt | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/source4/selftest/provisions/release-4-1-0rc3/private/named.txt b/source4/selftest/provisions/release-4-1-0rc3/private/named.txt new file mode 100644 index 0000000000..ac971595cf --- /dev/null +++ b/source4/selftest/provisions/release-4-1-0rc3/private/named.txt @@ -0,0 +1,45 @@ +# Additional informations for DNS setup using BIND + +# If you are running a capable version of BIND and you wish to support +# secure GSS-TSIG updates, you must make the following configuration +# changes: + +# +# Steps for BIND 9.8.x and 9.9.x ----------------------------------------- +# + +# 1. Insert following lines into the options {} section of your named.conf +# file: +tkey-gssapi-keytab "/data/samba/git/samba/st/promoted_dc/private/dns.keytab"; + +# +# Common Steps for BIND 9.x.x -------------------------------------------- +# + +# 2. Set appropriate ownership and permissions on the dns.keytab file. +# Note that the most distributions have BIND configured to run under a +# non-root user account. For example, Fedora 9 runs BIND as the user +# "named" once the daemon relinquishes its rights. Therefore, the file +# dns.keytab must be readable by the user that BIND run as. If BIND +# is running as a non-root user, the "dns.keytab" file must have its +# permissions altered to allow the daemon to read it. Under Fedora 9, +# execute the following commands: +chgrp named /data/samba/git/samba/st/promoted_dc/private/dns.keytab +chmod g+r /data/samba/git/samba/st/promoted_dc/private/dns.keytab + +# 3. Ensure the BIND zone file(s) that will be dynamically updated are in +# a directory where the BIND daemon can write. When BIND performs +# dynamic updates, it not only needs to update the zone file itself but +# it must also create a journal (.jnl) file to track the dynamic updates +# as they occur. Under Fedora 9, the /var/named directory can not be +# written to by the "named" user. However, the directory /var/named/dynamic +# directory does provide write access. Therefore the zone files were +# placed under the /var/named/dynamic directory. The file directives in +# both example zone statements at the beginning of this file were changed +# by prepending the directory "dynamic/". + +# 4. If SELinux is enabled, ensure that all files have the appropriate +# SELinux file contexts. The dns.keytab file must be accessible by the +# BIND daemon and should have a SELinux type of named_conf_t. This can be +# set with the following command: +chcon -t named_conf_t /data/samba/git/samba/st/promoted_dc/private/dns.keytab |