[Freeipa-devel] [PATCH] 328 Process relative nameserver DNS record correctly

Rob Crittenden rcritten at redhat.com
Mon Nov 5 22:24:55 UTC 2012 

Martin Kosek wrote:
> On 11/02/2012 04:35 PM, Rob Crittenden wrote:
>> Martin Kosek wrote:
>>> On 10/25/2012 04:01 PM, Martin Kosek wrote:
>>>> Nameserver hostname passed to dnszone_add command was always treated
>>>> as FQDN even though it was a relative DNS name to the new zone. All
>>>> relative names were being rejected as unresolvable.
>>>>
>>>> Modify --name-server option processing in dnszone_add and dnszone_mod
>>>> to respect FQDN/relative DNS name and do the checks accordingly. With
>>>> this change, user can add a new zone "example.com" and let dnszone_add
>>>> to create NS record "ns" in it, when supplied with its IP address. IP
>>>> address check is more strict so that it is not entered when no forward
>>>> record is created. Places misusing the option were fixed.
>>>>
>>>> Nameserver option now also accepts zone name, which means that NS and A
>>>> record is placed to DNS zone itself. Also "@" is accepted as a nameserver
>>>> name, BIND understand it also as a zone name. As a side-effect of this
>>>> change, other records with hostname part (MX, KX, NS, SRV) accept "@"
>>>> as valid hostname. BIND replaces it with respective zone name as well.
>>>>
>>>> Unit tests were updated to test the new format.
>>>>
>>>> https://fedorahosted.org/freeipa/ticket/3204
>>>>
>>>> ---
>>>>
>>>> With this change, use cases like the following should now work as expected:
>>>>
>>>> # ipa dnszone-add example.com --name-server ns --ip-address 10.0.0.1
>>>>
>>>> # ipa dnszone-add example.com --name-server ns.example.com. --ip-address
>>>> 10.0.0.1
>>>>
>>>> # ipa dnszone-add example.com --name-server ns.other.zone. --ip-address
>>>> 10.0.0.1
>>>>
>>>> # ipa dnszone-add example.com --name-server example.com. --ip-address 10.0.0.1
>>>>
>>>> # ipa dnszone-add example.com --name-server @ --ip-address 10.0.0.1
>>>>
>>>> Martin
>>>>
>>>>
>>>
>>> Forgot to squash NS check fix. Updated patch attached.
>>
>> Overall it looks good.
>>
>> The API needs to be updated.
>>
>> We had no formal string freeze but do we need to change doc strings now or can
>> these be deferred (except may be the examples)?
>>
>>
>> rob
>
> API updated.
> Relaxed check for root zone that Petr Spacek pointed out was removed.
>
> As for the string changes... I think that the only optional change is this one:
>
> @@ -1726,10 +1764,10 @@ class dnszone_add(LDAPCreate):
>       takes_options = LDAPCreate.takes_options + (
>           Flag('force',
>                label=_('Force'),
> -             doc=_('Force DNS zone creation even if nameserver not in DNS.'),
> +             doc=_('Force DNS zone creation even if nameserver is not
> resolvable.'),
>           ),
>           Str('ip_address?', _validate_ipaddr,
> -            doc=_('Add the nameserver to DNS with this IP address'),
> +            doc=_('Add forward record for nameserver located in the created
> zone'),
>           ),
>       )
>
>
> Other changes are needed to make our processing of domain name clear, like
>
> -                    error=unicode(_("Nameserver address is not a fully
> qualified domain name")))
> +                    error=_("Nameserver address is not a domain name"))
>
> Updated patch attached.
>
> Martin
>

Ok, yes, better correct in English than wrong in the native tongue!

ACK

rob

More information about the Freeipa-devel mailing list