[Freeipa-devel] [PATCH] 045 Add DNS record modification command
Martin Kosek
mkosek at redhat.com
Thu Mar 31 09:27:25 UTC 2011
On Wed, 2011-03-30 at 16:52 -0400, Adam Young wrote:
> On 03/30/2011 11:13 AM, Martin Kosek wrote:
> > Since this is a new-feature type patch it should be pushed only to master.
> > -------
> > The DNS record plugin does not support modification of a record. One
> > can only add A type addresses to a DNS record or remove the current
> > ones. To actually change a DNS record value it has to be removed and
> > then added with a desired value.
> >
> > This patch adds a new DNS plugin command "dnsrecord-mod" which enables
> > user to:
> > - modify a DNS record value (note than DNS record can hold multiple values
> > and those will be overwritten)
> > - remove a DNS record when an empty value is passed
> >
> > New tests for this new command have been added to the CLI test suite.
> >
> > https://fedorahosted.org/freeipa/ticket/1137
> >
> >
> > _______________________________________________
> > Freeipa-devel mailing list
> > Freeipa-devel at redhat.com
> > https://www.redhat.com/mailman/listinfo/freeipa-devel
>
>
>
> NACK,
>
> The problem is that if there are 10 A records, and I only want to
> modify one, I have no way to specify which one.
>
> The API should be something like:
>
> ipa dnsrecord-mod ayoung.boston.devel.redhat.com testa 10.10.2.3
> --a-rec=,10.11.12.13
>
>
> Alternatively, we can decide that we are not going to do mod, and have
> the WebUI do a delete and an add:
Hm, that may be a valid use-case. We should discuss how we want the DNS
record modification to behave.
The proposed API is not what we want, since we can modify multiple
attributes at once, e.g.:
ipa dnsrecord-mod DNSZONE DNSRECORD --a-rec=10.0.0.1 --aaaa-rec=::1
I can introduce new option --old-<DNS_TYPE>-rec for each DNS record type
available, e.g. --old-a-rec, --old-aaaa-rec, --old-srv-rec etc. You
would be able to do:
ipa dnsrecord-mod DNSZONE DNSRECORD --old-a-rec=10.10.2.3
--a-rec=10.11.12.13
This would of course increase the size of this patch. I tried to find
how we treat other multi-value LDAP attributes. In most cases the
behavior is the same like in my first patch (user mail, mobile...) or
the modification is not supported at all (list of privilege
permissions).
More information about the Freeipa-devel
mailing list