[Freeipa-devel] [PATCH 3] ipa-client-install shouldn't be eager in specifying zone when doing nsupdate

Jan Pazdziora jpazdziora at redhat.com
Thu Dec 4 09:03:38 UTC 2014 

On Wed, Dec 03, 2014 at 05:16:23PM +0100, Martin Basti wrote:
> On 02/12/14 13:00, Jan Pazdziora wrote:
> >Hello,
> >
> >presumably explicitly specifying zone is not needed and can be
> >harmful.
> >
> This should be fixed in template for uploading SSHFP keys as well.
> 
> I have zone bububu.test.
> 
> 2014-12-03T04:00:36Z DEBUG debug
> zone client.bububu.test.
> update delete test.client.bububu.test. IN SSHFP
> show
> send
> update add test.client.bububu.test. 1200 IN SSHFP 1 1
> 8FD003E98D818E4E2813672234410835AB5844AC
> update add test.client.bububu.test. 1200 IN SSHFP 1 2
> 37BF6366A44B67F6CA8FF8A8313B7C964CEA971CCB3E092D775FDF082170AAA4
> update add test.client.bububu.test. 1200 IN SSHFP 3 1
> 3651173F6737DF24EB6494434AC5968B3C90B749
> update add test.client.bububu.test. 1200 IN SSHFP 3 2
> 97EF4030A9DD471A3D4730A819B3A662E11994BB20AFC56FC3875AB1662260BF
> show
> send

Updated patch attached.

-- 
Jan Pazdziora
Principal Software Engineer, Identity Management Engineering, Red Hat
-------------- next part --------------
>From 0de294e74fc8de9dddd71eb8ca7d56080bce3374 Mon Sep 17 00:00:00 2001
From: Jan Pazdziora <jpazdziora at redhat.com>
Date: Tue, 2 Dec 2014 11:48:04 +0100
Subject: [PATCH] No explicit zone specification.

https://fedorahosted.org/freeipa/ticket/4780
---
 ipa-client/ipa-install/ipa-client-install | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install
index 612ff62a12a24672e6bc390bcd5165cd20bf834a..1f45a544ca3ab5ef7b81c20cab552e8cbfc4a6c3 100755
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@@ -1553,7 +1553,6 @@ def do_nsupdate(update_txt):
 
 UPDATE_TEMPLATE_A = """
 debug
-zone $ZONE.
 update delete $HOSTNAME. IN A
 show
 send
@@ -1564,7 +1563,6 @@ send
 
 UPDATE_TEMPLATE_AAAA = """
 debug
-zone $ZONE.
 update delete $HOSTNAME. IN AAAA
 show
 send
@@ -1664,10 +1662,9 @@ def update_ssh_keys(server, hostname, ssh_dir, create_sshfp):
         return
 
     if create_sshfp:
-        zone = '.'.join(hostname.split('.')[1:])
         ttl = 1200
 
-        update_txt = 'debug\nzone %s.\n' % zone
+        update_txt = 'debug\n'
         update_txt += 'update delete %s. IN SSHFP\nshow\nsend\n' % hostname
         for pubkey in pubkeys:
             sshfp = pubkey.fingerprint_dns_sha1()
-- 
1.9.3

More information about the Freeipa-devel mailing list