argonaut issueshttps://gitlab.fusiondirectory.org/fusiondirectory/argonaut/-/issues2024-02-16T14:47:00Zhttps://gitlab.fusiondirectory.org/fusiondirectory/argonaut/-/issues/5772add dmarc dns record support to the dns plugin2024-02-16T14:47:00Zbmortieradd dmarc dns record support to the dns plugin## Descriptive title for this enhancement
<!-- required -->
add dmarc dns record support to the dns plugin
### Actual behavior
<!-- What actually happens -->
we don't know if argonaut support correctly the dmarc dns record
### Expe...## Descriptive title for this enhancement
<!-- required -->
add dmarc dns record support to the dns plugin
### Actual behavior
<!-- What actually happens -->
we don't know if argonaut support correctly the dmarc dns record
### Expected behavior
<!-- What you expect to happen-->
to ba able to generated dmarc record from ldap for bind
### Benefits
<!-- optional -->
<!-- What benefits will be realized by the code change? -->
be able to manage dns records with FusionDirectory & argonaut-ldap2zone
### Possible Drawbacks
<!-- optional -->
<!-- What are the possible side-effects or negative impacts of the code change? -->
noneArgonaut 1.4bmortierbmortier2021-07-30https://gitlab.fusiondirectory.org/fusiondirectory/argonaut/-/issues/5771TXT record values should be surrounded by quotes2021-07-29T19:38:55ZbmortierTXT record values should be surrounded by quotes### Description
<!-- Required -->
<!-- Description of the issue -->
The whole spf record should be in quote not the different elements
As you can see the new ldap2zone code as an error when writing txt record
```
fusiondirectory.org....### Description
<!-- Required -->
<!-- Description of the issue -->
The whole spf record should be in quote not the different elements
As you can see the new ldap2zone code as an error when writing txt record
```
fusiondirectory.org. 500 IN TXT "google-site-verification=akTjlpQ713M-fe2DkZMHDotv5T9L2TW0Fi4uwXbgjZI"
fusiondirectory.org. 500 IN TXT "v=spf1" "mx" "a:gestion.fusiondirectory.org" "a:gitlab.fusiondirectory.org" "a:admin.fusiondirectory.org" "a:www.fusiondirectory.org" "a:lists.fusiondirectory.org" "include:spf.mailjet.com" "-all"
fusiondirectory.org. 500 IN TXT "yandex-verification:" "dbfafe61f57022b0"
```
you can see it isolated all the record between quote
The correct way of doing it is like this, exemple gmx.com
```
gmx.com. 300 IN TXT "cs2wypdfpjcvt13xc979nk7wbfyk732l"
gmx.com. 300 IN TXT "google-site-verification=YxvYPeuavgDRQDYTX-3dSD3JNMsDn5yO7loiNot-h0Q"
gmx.com. 300 IN TXT "v=spf1 ip4:213.165.64.0/23 ip4:74.208.5.64/26 ip4:74.208.122.0/26 ip4:212.227.126.128/25 ip4:212.227.15.0/24 ip4:212.227.17.0/27 ip4:74.208.4.192/26 ip4:82.165.159.0/24 ip4:217.72.207.0/27 -all"
gmx.com. 300 IN TXT "tpverification20190725"
gmx.com. 300 IN TXT "facebook-domain-verification=rrwl4taoaitv2jrqmz719qv6f18jgo"
gmx.com. 300 IN TXT "_telesec-domain-validation=A9F0F11D17E6B528593B8E1AE82E6BF2A5F98DCDC131D61E9F07A2EDDAA7452E"
```
### Distribution Name and Version
<!-- Required -->
<!-- Debian, Centos -->
Debian buster
### Argonaut Version
<!-- Required -->
Installed: 1.4-148767
### PERL version used
<!-- Required -->
This is perl 5, version 24, subversion 1 (v5.24.1) built for i686-linux-gnu-thread-multi-64int
### Origin of perl packages
<!-- Required -->
<!-- Distribution packages, Out of distribution -->
dev version from gitlab.fusiondirectory.org
### Steps to Reproduce
<!-- Required -->
1. run argonauldap2pzone
2. look at the generated zone
3. all the txt record miss the " at the start and end of the records
**Expected behavior:**
<!-- What you expect to happen-->
the tx record must start with " and end with "
**Actual behavior:**
<!-- What actually happens -->
```
fusiondirectory.org. IN TXT google-site-verification=akTjlpQ713M-fe2DkZMHDotv5T9L2TW0Fi4uwXbgjZI
fusiondirectory.org. IN TXT v=spf1 mx a:gestion.fusiondirectory.org a:gitlab.fusiondirectory.org a:admin.fusiondirectory.org a:www.fusiondirectory.org a:lists.fusiondire$
fusiondirectory.org. IN TXT yandex-verification: dbfafe61f57022b0
mailjet._domainkey.fusiondirectory.org. IN TXT k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+oSbYtojxCtSSKqphbS9ubaMilrhTaonPS2YkHFZ7yonaVTIIPPpE8uUI/vqmZ3/M2jdBsvGZpbd3dH/Jr5A$
_github-challenge-fusiondirectory.www.fusiondirectory.org. IN TXT 8d4dbb0c2c
```
vue ldap
```
dn: relativeDomainName=fusiondirectory.org.,zoneName=fusiondirectory.org.,ou=dns,dc=fusiondirectory,dc=org
objectClass: dNSZone
relativeDomainName: fusiondirectory.org.
zoneName: fusiondirectory.org.
dNSClass: IN
tXTRecord:: IGdvb2dsZS1zaXRlLXZlcmlmaWNhdGlvbj1ha1RqbHBRNzEzTS1mZTJEa1pNSERvdHY1VDlMMlRXMEZpNHV3WGJnalpJ
tXTRecord: v=spf1 mx a:gestion.fusiondirectory.org a:gitlab.fusiondirectory.org a:admin.fusiondirectory.org a:www.fusiondirectory.org a:lists.fusiondirectory.org include:spf.mailjet.com -all
tXTRecord: yandex-verification: dbfafe61f57022b0
```
**Reproduces how often:**
<!-- What percentage of the time does it reproduce?-->
100%
### Additional Information
<!-- optional -->
<!-- Any additional information, configuration or data that might be necessary to reproduce the issue. -->
noneArgonaut 1.4Côme ChillietCôme Chilliethttps://gitlab.fusiondirectory.org/fusiondirectory/argonaut/-/issues/5770forward zone entries should be aligned correctly2021-02-04T07:44:16Zbmortierforward zone entries should be aligned correctly## Descriptive title for this enhancement
<!-- required -->
forward zone entries should be aligned correctly
### Actual behavior
<!-- What actually happens -->
```
stretch-release IN A 195.154.20.159
ubuntu1604-fixes ...## Descriptive title for this enhancement
<!-- required -->
forward zone entries should be aligned correctly
### Actual behavior
<!-- What actually happens -->
```
stretch-release IN A 195.154.20.159
ubuntu1604-fixes IN A 195.154.20.139
ubuntu1804-fixes IN A 195.154.20.139
ubuntu2004-fixes IN A 195.154.20.139
ubuntu1604-custom IN A 195.154.20.139
ubuntu1804-custom IN A 195.154.20.139
ubuntu2004-custom IN A 195.154.20.139
ubuntu1604-release IN A 195.154.20.139
ubuntu1804-release IN A 195.154.20.139
ubuntu2004-release IN A 195.154.20.139
demo-dev-all-buster IN A 195.154.20.78
openldapmaster-test IN A 195.154.20.194
demo-dev-all-stretch IN A 195.154.20.78
demo-dev-infra-buster IN A 195.154.20.78
demo-fixes-all-buster IN A 195.154.20.78
demo-dev-deploy-buster IN A 195.154.20.78
demo-fixes-all-stretch IN A 195.154.20.78
demo-master-all-buster IN A 195.154.20.78
demo-master-all-stretch IN A 195.154.20.78
demo-dev-identity-buster IN A 195.154.20.78
demo-dev-education-buster IN A 195.154.20.78
IN record a not correctly aligned
```
### Expected behavior
<!-- What you expect to happen-->
to a a nice forward zone easy to read
### Benefits
<!-- optional -->
<!-- What benefits will be realized by the code change? -->
Easier to read in text mode
### Possible Drawbacks
<!-- optional -->
<!-- What are the possible side-effects or negative impacts of the code change? -->
will no always work but we should make sure that its working 90% of the time
### Applicable Issues
<!-- optional -->
<!-- Enter any applicable Issues here -->
dnszone formattingArgonaut 1.4bmortierbmortierhttps://gitlab.fusiondirectory.org/fusiondirectory/argonaut/-/issues/5760Add support for CAA record in argonaut-ldap2zone2021-09-10T15:36:09ZbmortierAdd support for CAA record in argonaut-ldap2zone## Descriptive title for this enhancement
<!-- required -->
we need to support the CAA record when creating dns zone with argonaut-ldap2zone
### Actual behavior
<!-- What actually happens -->
Argonaut-ldap2zone doesn't create the CA...## Descriptive title for this enhancement
<!-- required -->
we need to support the CAA record when creating dns zone with argonaut-ldap2zone
### Actual behavior
<!-- What actually happens -->
Argonaut-ldap2zone doesn't create the CAA record
### Expected behavior
<!-- What you expect to happen-->
Be able to create a dns zone with CAA record coming from fusiondirectory and having CAA record correctly created
### Benefits
<!-- optional -->
<!-- What benefits will be realized by the code change? -->
Be compatible with CAA record asked by some CA see
https://gitlab.fusiondirectory.org/fusiondirectory/fd-plugins/-/issues/6049
### Possible Drawbacks
<!-- optional -->
<!-- What are the possible side-effects or negative impacts of the code change? -->
support of CAA record in https://metacpan.org/pod/DNS::ZoneParse
### Applicable Issues
<!-- optional -->
<!-- Enter any applicable Issues here -->
all dns zone generationArgonaut 1.4bmortierbmortierhttps://gitlab.fusiondirectory.org/fusiondirectory/argonaut/-/issues/5759a Records on the zone are missing the @ symbol2021-07-29T19:39:20Zbmortiera Records on the zone are missing the @ symbol## Descriptive title for this enhancement
<!-- required -->
Argonaut-ldap2zone does not treat correctly a records on zone root, which should use `@` symbol.
### Actual behavior
<!-- What actually happens -->
when putting a @ record ...## Descriptive title for this enhancement
<!-- required -->
Argonaut-ldap2zone does not treat correctly a records on zone root, which should use `@` symbol.
### Actual behavior
<!-- What actually happens -->
when putting a @ record for a zone its not saved correctly in the zone file
![fusiondirectory-wildcard-dns](/uploads/9ae35f2c3faa2b42ab2aaa88ec0d95c4/fusiondirectory-wildcard-dns.png)
A 195.154.20.85
### Expected behavior
<!-- What you expect to happen-->
To be able to store the @ record in the dns plugin
@ A 195.154.20.85
### Step by step description of new behaviour
<!-- Required -->
1. [First Step]
2. [Second Step]
3. [and so on...]
### Benefits
<!-- optional -->
<!-- What benefits will be realized by the code change? -->
being able to add records in dns zone
### Possible Drawbacks
<!-- optional -->
<!-- What are the possible side-effects or negative impacts of the code change? -->
none
### Applicable Issues
<!-- optional -->
<!-- Enter any applicable Issues here -->
* FusionDirectory dns plugin
* Argonaut-ldap2zoneArgonaut 1.4Côme ChillietCôme Chilliethttps://gitlab.fusiondirectory.org/fusiondirectory/argonaut/-/issues/5758DNS record TXT problem with dkim key2021-02-09T15:22:20Zemmanuel thetasDNS record TXT problem with dkim key### Description
I had dkim key in TXT record and I had error when i launch argonaut-ldap2zone
### Distribution Name and Version
Centos7
BIND 9.11.4-P2
### Argonaut Version
1.3
### PERL version used
v5.16.3
### Origin of perl pack...### Description
I had dkim key in TXT record and I had error when i launch argonaut-ldap2zone
### Distribution Name and Version
Centos7
BIND 9.11.4-P2
### Argonaut Version
1.3
### PERL version used
v5.16.3
### Origin of perl packages
Distribution packages
### Steps to Reproduce
1. I had dkim key in TXT record (>255 characters)
2. launch argonaut-ldap2zone on dns server
3. I have this error :
dns_rdata_fromtext: /var/named/data/db.obs-nancay.fr.:66: syntax error
**Expected behavior:**
201808._domainkey.obs-nancay.fr. 86400 IN TXT "v=DKIM1; h=sha256; k=rsa; s=email; p=MIIBIjANBg....
and
load zone
**Actual behavior:**
201808._domainkey.obs-nancay.fr. IN TXT "v=DKIM1\; h=sha256\; k=rsa\; s=email\; p=MIIBIj.....
and
dns_rdata_fromtext: /var/named/data/db.obs-nancay.fr.:66: syntax error
**Reproduces how often:**
100%
### Additional Information
I don't have error with short TXT record (<50 characters)Argonaut 1.4Côme ChillietCôme Chilliethttps://gitlab.fusiondirectory.org/fusiondirectory/argonaut/-/issues/5702Removing a reverse zone in FD does not actually remove the configuration in t...2024-02-16T14:52:04ZjbecotRemoving a reverse zone in FD does not actually remove the configuration in the DNS master### Description
<!-- Required -->
Argonaut-ldap2zone does not remove configuration if we remove a reverse zone.
### Distribution Name and Version
<!-- Required -->
RHEL 7.3
### Argonaut Version
<!-- Required -->
1.2
### PERL versio...### Description
<!-- Required -->
Argonaut-ldap2zone does not remove configuration if we remove a reverse zone.
### Distribution Name and Version
<!-- Required -->
RHEL 7.3
### Argonaut Version
<!-- Required -->
1.2
### PERL version used
<!-- Required -->
v5.16.3
### Origin of perl packages
<!-- Required -->
Epel, Redhat channels (server-optionnal / server) and argonaut-libs
### Steps to Reproduce
<!-- Required -->
1. Create a reverse
2. Add records in that reverse
3. Update via argonaut
4. Delete the reverse
5. Update again with ldap2zone
**Expected behavior:**
At least cleaning /etc/named/named.conf.ldap2zone to not include the /etc/named/named.conf.ldap2zone.reverse file
Removing the corresponding file would be the less
Removing the refering zone file would be a plus (at least on the master side, because it is not handled by argonaut in the slave servers)
**Actual behavior:**
Neither the /etc/named/named.conf.ldap2zone file including /etc/named/named.conf.ldap2zone.reverse and the related file, nor the /var/named/db.reverse. zone file are deleted
The reverse lookup works while the forward may be inconsistent
**Reproduces how often:**
<!-- What percentage of the time does it reproduce?-->
100%
### Additional Information
<!-- optional -->
<!-- Any additional information, configuration or data that might be necessary to reproduce the issue. -->Argonaut 1.4bmortierbmortier