[Freeipa-devel] [PATCH] 328 Process relative nameserver DNS record correctly
Martin Kosek
mkosek at redhat.com
Tue Nov 6 16:52:17 UTC 2012
On 11/05/2012 11:24 PM, Rob Crittenden wrote:
> Martin Kosek wrote:
>> On 11/02/2012 04:35 PM, Rob Crittenden wrote:
>>> Martin Kosek wrote:
>>>> On 10/25/2012 04:01 PM, Martin Kosek wrote:
>>>>> Nameserver hostname passed to dnszone_add command was always treated
>>>>> as FQDN even though it was a relative DNS name to the new zone. All
>>>>> relative names were being rejected as unresolvable.
>>>>>
>>>>> Modify --name-server option processing in dnszone_add and dnszone_mod
>>>>> to respect FQDN/relative DNS name and do the checks accordingly. With
>>>>> this change, user can add a new zone "example.com" and let dnszone_add
>>>>> to create NS record "ns" in it, when supplied with its IP address. IP
>>>>> address check is more strict so that it is not entered when no forward
>>>>> record is created. Places misusing the option were fixed.
>>>>>
>>>>> Nameserver option now also accepts zone name, which means that NS and A
>>>>> record is placed to DNS zone itself. Also "@" is accepted as a nameserver
>>>>> name, BIND understand it also as a zone name. As a side-effect of this
>>>>> change, other records with hostname part (MX, KX, NS, SRV) accept "@"
>>>>> as valid hostname. BIND replaces it with respective zone name as well.
>>>>>
>>>>> Unit tests were updated to test the new format.
>>>>>
>>>>> https://fedorahosted.org/freeipa/ticket/3204
>>>>>
>>>>> ---
>>>>>
>>>>> With this change, use cases like the following should now work as expected:
>>>>>
>>>>> # ipa dnszone-add example.com --name-server ns --ip-address 10.0.0.1
>>>>>
>>>>> # ipa dnszone-add example.com --name-server ns.example.com. --ip-address
>>>>> 10.0.0.1
>>>>>
>>>>> # ipa dnszone-add example.com --name-server ns.other.zone. --ip-address
>>>>> 10.0.0.1
>>>>>
>>>>> # ipa dnszone-add example.com --name-server example.com. --ip-address
>>>>> 10.0.0.1
>>>>>
>>>>> # ipa dnszone-add example.com --name-server @ --ip-address 10.0.0.1
>>>>>
>>>>> Martin
>>>>>
>>>>>
>>>>
>>>> Forgot to squash NS check fix. Updated patch attached.
>>>
>>> Overall it looks good.
>>>
>>> The API needs to be updated.
>>>
>>> We had no formal string freeze but do we need to change doc strings now or can
>>> these be deferred (except may be the examples)?
>>>
>>>
>>> rob
>>
>> API updated.
>> Relaxed check for root zone that Petr Spacek pointed out was removed.
>>
>> As for the string changes... I think that the only optional change is this one:
>>
>> @@ -1726,10 +1764,10 @@ class dnszone_add(LDAPCreate):
>> takes_options = LDAPCreate.takes_options + (
>> Flag('force',
>> label=_('Force'),
>> - doc=_('Force DNS zone creation even if nameserver not in DNS.'),
>> + doc=_('Force DNS zone creation even if nameserver is not
>> resolvable.'),
>> ),
>> Str('ip_address?', _validate_ipaddr,
>> - doc=_('Add the nameserver to DNS with this IP address'),
>> + doc=_('Add forward record for nameserver located in the created
>> zone'),
>> ),
>> )
>>
>>
>> Other changes are needed to make our processing of domain name clear, like
>>
>> - error=unicode(_("Nameserver address is not a fully
>> qualified domain name")))
>> + error=_("Nameserver address is not a domain name"))
>>
>> Updated patch attached.
>>
>> Martin
>>
>
> Ok, yes, better correct in English than wrong in the native tongue!
>
> ACK
>
> rob
Pushed to master, ipa-3-0.
Martin
More information about the Freeipa-devel
mailing list