git.samba.org / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ea1841e)
lib/param: change the default for 'allow dns updates' to 'secure only'
authorStefan Metzmacher <metze@samba.org>
Wed, 12 Sep 2012 07:31:17 +0000 (09:31 +0200)
committerStefan Metzmacher <metze@samba.org>
Wed, 12 Sep 2012 14:51:29 +0000 (16:51 +0200)
metze

WHATSNEW.txt patch | blob | history
lib/param/loadparm.c patch | blob | history
selftest/target/Samba4.pm patch | blob | history

diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index f571f55741e9264040d820e8ce9669c84ca22372..e8e2613f0f455e15522a22f53ff07874cc36d37a 100644 (file)
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -140,6 +140,7 @@ We changed the default dns implementation to the internal dns server
 (SAMBA_INTERNAL). BIND9_FLATFILE and BIND9_DLZ are still available,
 but you'll have to add '-dns' to the 'server services' option
 to disable the internal dns server.
+The default for 'allow dns updates' has changed to 'secure only'.
 
 CHANGES SINCE beta7
 =====================
diff --git a/lib/param/loadparm.c b/lib/param/loadparm.c
index 76f87bf528ce92ed4061ff69c098861335f454ae..277a92124b345a01026f42a0d863301475021c07 100644 (file)
--- a/lib/param/loadparm.c
+++ b/lib/param/loadparm.c
@@ -2214,7 +2214,7 @@ struct loadparm_context *loadparm_init(TALLOC_CTX *mem_ctx)
        lpcfg_do_global_parameter(lp_ctx, "rndc command", "/usr/sbin/rndc");
        lpcfg_do_global_parameter(lp_ctx, "nsupdate command", "/usr/bin/nsupdate -g");
 
-        lpcfg_do_global_parameter(lp_ctx, "allow dns updates", "False");
+        lpcfg_do_global_parameter(lp_ctx, "allow dns updates", "secure only");
         lpcfg_do_global_parameter(lp_ctx, "dns recursive queries", "False");
         lpcfg_do_global_parameter(lp_ctx, "dns forwarder", "");
 
diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm
index b1f61187463e05c7ae867793634e520b4e0e41d4..ce005d48740cbd9e5b224049ff26fe703cb2bab1 100644 (file)
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -1191,8 +1191,7 @@ sub provision_dc($$)
        my ($self, $prefix) = @_;
 
        print "PROVISIONING DC...";
-        my $extra_conf_options = "netbios aliases = localDC1-a
-allow dns updates = signed";
+        my $extra_conf_options = "netbios aliases = localDC1-a";
        my $ret = $self->provision($prefix,
                                   "domain controller",
                                   "localdc",
@@ -1251,7 +1250,7 @@ sub provision_fl2003dc($$)
                                   "samba2003.example.com",
                                   "2003",
                                   "locDCpass6",
-                                  undef, "allow dns updates = True", "", undef);
+                                  undef, "allow dns updates = nonsecure and secure", "", undef);
 
        unless($self->add_wins_config("$prefix/private")) {
                warn("Unable to add wins configuration");
Samba Shared Repository