[Freeipa-devel] [PATCH] 224 Add SSHFP update policy for existing zones
Martin Kosek
mkosek at redhat.com
Mon Feb 27 17:05:26 UTC 2012
On Mon, 2012-02-27 at 11:47 -0500, Rob Crittenden wrote:
> Martin Kosek wrote:
> > SSH public key support includes a feature to automatically add/update
> > client SSH fingerprints in SSHFP records. However, the update won't
> > work for zones created before this support was added as they don't
> > allow clients to update SSHFP records in their update policies.
> >
> > This patch lets dns upgrade module extend the original policy
> > to allow the SSHFP dynamic updates. It updates only original
> > policy, we don't want it to overwrite custom user policies.
> >
> > https://fedorahosted.org/freeipa/ticket/2394
>
> ACK if you add a block comment to gen_dns_update_policy() describing why
> we need this update policy.
>
> rob
>
Comment added and pushed to master, ipa-2-2.
Martin
More information about the Freeipa-devel
mailing list