From: Libor Peltan <libor.peltan@nic.cz>
Date: Sun, 29 Nov 2020 17:24:34 +0000 (+0100)
Subject: conf: difference-no-serial requires zone-in-journal
X-Git-Tag: v3.1.0~301^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=eb79f265de463bb2d328eabb65ec9856bf974b17;p=thirdparty%2Fknot-dns.git

conf: difference-no-serial requires zone-in-journal
---

diff --git a/doc/operation.rst b/doc/operation.rst
index 544457a449..9abeea6000 100644
--- a/doc/operation.rst
+++ b/doc/operation.rst
@@ -416,9 +416,20 @@ only stored in the journal.
 The zone file's SOA serial must be properly set to a number which is higher than the
 current SOA serial in the zone (not in the zone file) if manually updated!
 
-.. NOTE::
-   In case :ref:`zone_zonefile-load` is set to `difference-no-serial`,
-   the SOA serial is handled by the server automatically during server reload.
+Example 4
+---------
+
+Auto-increment SOA serial::
+
+   zonefile-sync: -1
+   zonefile-load: difference-no-serial
+   journal-content: all
+
+This is similar to the previous setup, but the SOA serial is handled by the server
+automatically. So the user no longer needs to care about it in the zone file.
+
+However, this requires setting :ref:`zone_journal-content` to `all` so that
+the information about the last real SOA serial is preserved in case of server re-start.
 
 .. _DNSSEC Key states:
 
diff --git a/src/knot/conf/tools.c b/src/knot/conf/tools.c
index 3aee8b4ebf..5a5f25a8a7 100644
--- a/src/knot/conf/tools.c
+++ b/src/knot/conf/tools.c
@@ -623,6 +623,16 @@ int check_zone(
 		CONF_LOG(LOG_NOTICE, "option 'disable-any' is deprecated and has no effect");
 	}
 
+	conf_val_t zf_load = conf_zone_get_txn(args->extra->conf, args->extra->txn,
+	                                       C_ZONEFILE_LOAD, yp_dname(args->id));
+	conf_val_t journal = conf_zone_get_txn(args->extra->conf, args->extra->txn,
+	                                       C_JOURNAL_CONTENT, yp_dname(args->id));
+	if (conf_opt(&zf_load) == ZONEFILE_LOAD_DIFSE &&
+	    conf_opt(&journal) != JOURNAL_CONTENT_ALL) {
+		args->err_str = "'zonefile-load: difference-no-serial' requires 'journal-content: all'";
+		return KNOT_EINVAL;
+	}
+
 	conf_val_t signing = conf_zone_get_txn(args->extra->conf, args->extra->txn,
 	                                       C_DNSSEC_SIGNING, yp_dname(args->id));
 	conf_val_t validation = conf_zone_get_txn(args->extra->conf, args->extra->txn,
diff --git a/tests/knot/test_confio.c b/tests/knot/test_confio.c
index 0eee132461..191c161623 100644
--- a/tests/knot/test_confio.c
+++ b/tests/knot/test_confio.c
@@ -955,16 +955,18 @@ static const yp_item_t desc_remote[] = {
 	{ NULL }
 };
 
-static const knot_lookup_t catalog_roles[] = {
+static const knot_lookup_t opts[] = {
 	{ 0, NULL }
 };
 
 #define ZONE_ITEMS \
 	{ C_FILE,              YP_TSTR,  YP_VNONE }, \
 	{ C_MASTER,            YP_TREF,  YP_VREF = { C_RMT }, YP_FMULTI, { check_ref } }, \
+	{ C_ZONEFILE_LOAD,     YP_TOPT,  YP_VOPT = { opts, 0 } }, \
+	{ C_JOURNAL_CONTENT,   YP_TOPT,  YP_VOPT = { opts, 0 } }, \
 	{ C_DNSSEC_SIGNING,    YP_TBOOL, YP_VNONE }, \
 	{ C_DNSSEC_VALIDATION, YP_TBOOL, YP_VNONE }, \
-	{ C_CATALOG_ROLE,      YP_TOPT,  YP_VOPT = { catalog_roles, 0 } }, \
+	{ C_CATALOG_ROLE,      YP_TOPT,  YP_VOPT = { opts, 0 } }, \
 	{ C_CATALOG_TPL,       YP_TREF,  YP_VREF = { C_RMT } }, \
 	{ C_COMMENT,           YP_TSTR,  YP_VNONE },