Package: freeipa-server Version: 4.0.4-2 Severity: normal Dear Maintainer, Bind configuration template (/usr/share/ipa/bind.named.conf.template) fits Fedora conventions of config and other files placement, which leads to inability to start bind9 service during ipa-server-install which in turn leads to failure of the server configuration. There are 3 main problems in the template: 1) It presumes bind's zone and other data files are placed in /var/named. It doesn't exist on my Debian system and these files are placed in /var/cache/bind. The quick and easy fix is to change directory directive in template to /var/cache/bind and create bind owned /var/cache/bind/data directory. 2) Template replaces existing /etc/bind/named.conf.local. But my Debian has options section of bind configuration placed in /etc/bind/named.conf.options (IMHO default). It causes 2 options sections in the configuration and bind refuses to start because of incorrect config. Comment out options in /etc/bind/named.conf.options is enough to make it continue. 3) Template includes file /etc/named.rfc1912.zones, where some default zones are placed on Fedora. In Debian, I think those zones are being set via /etc/bind/named.conf.default-zones. The nicest thing would be to break template into files corresponding to Debian configuration and make ipa-server-install apply those, but maybe replacing /etc/bind/named.conf instead of /etc/named.conf.local would be enough (with some template tweaks). Thank you for packaging freeipa though, because it's quite nice piece of software missing in Debian ecosystem in my opinion.
-- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (650, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.16-3-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages freeipa-server depends on: ii 389-ds-base 1.3.3.5-2 ii acl 2.2.52-2 ii apache2 2.4.10-6 ii bind9 1:9.9.5.dfsg-5 ii bind9-dyndb-ldap 6.0-1 ii certmonger 0.75.14-2 ii dogtag-pki-server-theme 10.2.0-2 ii fonts-font-awesome 4.2.0~dfsg-1 ii freeipa-admintools 4.0.4-2 ii freeipa-client 4.0.4-2 ii init-system-helpers 1.21 ii krb5-admin-server 1.12.1+dfsg-11 ii krb5-kdc 1.12.1+dfsg-11 ii krb5-kdc-ldap 1.12.1+dfsg-11 ii krb5-pkinit 1.12.1+dfsg-11 ii ldap-utils 2.4.40-2 ii libapache2-mod-auth-kerb 5.4-2.2 ii libapache2-mod-nss 1.0.10-2 ii libapache2-mod-wsgi 4.3.0-1 ii libc6 2.19-12 ii libcomerr2 1.42.12-1 ii libjs-dojo-core 1.10.2+dfsg-1 ii libjs-jquery 1.7.2+dfsg-3.2 ii libk5crypto3 1.12.1+dfsg-11 ii libkrad0 1.12.1+dfsg-11 ii libkrb5-3 1.12.1+dfsg-11 ii libldap-2.4-2 2.4.40-2 ii libnspr4 2:4.10.7-1 ii libnss3 2:3.17.2-1 ii libnss3-1d 2:3.17.2-1 ii libnss3-tools 2:3.17.2-1 ii libsasl2-modules-gssapi-mit 2.1.26.dfsg1-12 ii libssl1.0.0 1.0.1j-1 ii libtalloc2 2.1.1-2 ii libtevent0 0.9.21-1 ii libunistring0 0.9.3-5.2 ii libuuid1 2.25.2-2 ii libverto1 0.2.4-1 ii memcached 1.4.21-1 ii ntp 1:4.2.6.p5+dfsg-3.1 ii pki-ca 10.2.0-2 ii python 2.7.8-2 ii python-freeipa 4.0.4-2 ii python-krbv 1.0.90-1 ii python-ldap 2.4.10-1 ii python-pyasn1 0.1.7-1 ii python-qrcode 5.0.1-1 ii python-selinux 2.3-2 ii python-yubico 1.1.0-2 pn python:any <none> ii samba-libs 2:4.1.13+dfsg-2 ii slapi-nis 0.54-1 freeipa-server recommends no packages. freeipa-server suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
