[Freeipa-devel] [PATCH] 490 add DNS lookup to new hosts/services
Adam Young
ayoung at redhat.com
Thu Aug 5 14:22:08 UTC 2010
On 08/05/2010 08:45 AM, Rob Crittenden wrote:
> Adam Young wrote:
>> On 07/30/2010 04:02 PM, Adam Young wrote:
>>> On 07/22/2010 02:25 PM, Rob Crittenden wrote:
>>>> Make sure that the host behind new host and service records is
>>>> actually a resolvable DNS A record. There is a --force flag if you
>>>> know what you are doing (or just feel like charging ahead anyway).
>>>>
>>>> We use a lot of made-up names in the self-tests, had to add the
>>>> force flag to all of them.
>>>>
>>>> rob
>>>>
>>>>
>>>> _______________________________________________
>>>> Freeipa-devel mailing list
>>>> Freeipa-devel at redhat.com
>>>> https://www.redhat.com/mailman/listinfo/freeipa-devel
>>> I can't get this patch to apply:
>>>
>>> [ayoung at ayoung freeipa]$ git apply
>>> ~/Documents/IPA/freeipa-490-dns.patch
>>> error: patch failed: ipalib/util.py:28
>>> error: ipalib/util.py: patch does not apply
>>>
>>>
>>>
>>> I've tried it both with and without patch 484
>>>
>>>
>>> _______________________________________________
>>> Freeipa-devel mailing list
>>> Freeipa-devel at redhat.com
>>> https://www.redhat.com/mailman/listinfo/freeipa-devel
>>
>>
>> OK, disregard that, I was able to apply it on top of 484, build and
>> deploy.
>>
>> I'd give it an ACK except that I can't figure out how to work around
>> service-add where the service is not yet resolvable. I understand
>> that this is not desired, but I'm fairly certain that not being able
>> to do this will mess up someone.
>> ipa service-add-host --force --hosts=web.example.com
>> HTTP/web.example.com
>> Usage: ipa [global-options] service-add-host PRINCIPAL
>>
>> ipa: error: no such option: --force
>>
>>
>
> Good catch, this was an oversight. The add-host option is for adding
> hosts that are allowed to manage this service (keytab, certificate). I
> completely forgot to disable enforcement of DNS on that. I'll resubmit
> the patch once I get that worked out.
>
> rob
Are these the only two permutations (Host, Service ) X (Force , No
Force) or are there others? Is there something I should test with the
--dns option?
More information about the Freeipa-devel
mailing list