[Freeipa-devel] [PATCHES 0114-0115] DNS: allow to add root zone '.'
Petr Viktorin
pviktori at redhat.com
Thu Sep 25 14:39:55 UTC 2014
On 09/25/2014 04:32 PM, Petr Spacek wrote:
> On 25.9.2014 10:31, Martin Basti wrote:
>> On 24/09/14 16:24, Martin Basti wrote:
>>> On 24/09/14 16:05, Martin Basti wrote:
>>>> On 23/09/14 17:45, Petr Vobornik wrote:
>>>>> On 25.8.2014 14:52, Martin Basti wrote:
>>>>>> Patches attached.
>>>>>>
>>>>>> Ticket: https://fedorahosted.org/freeipa/ticket/4149
>>>>>>
>>>>>> There is a bug in bind-dyndb-ldap (or worse in dirsrv), which
>>>>>> cause the
>>>>>> named service is stopped after deleting zone.
>>>>>> Bug ticket: https://fedorahosted.org/bind-dyndb-ldap/ticket/138
>>>>>>
>>>>>>
>>>>>
>>>>> Review of:
>>>>> http://www.redhat.com/archives/freeipa-devel/2014-September/msg00484.html
>>>>>
>>>>>
>>>>> 1. Please follow pep8 for the new code.
>>>>> # git diff HEAD~7 -U0 | pep8 --diff --ignore=E501
>>>>> Produces 25 erros.
>>>>>
>>>>> Only E124 and E128 could be ignored if they are part of old code.
>>>>
>>>> I left there some pep8 errors. They don't decrease readability
>>>>
>>>>>
>>>>> Patch 120:
>>>>>
>>>>> 3. This patch uses term 'deprecated' in a different meaning than a
>>>>> DeprecatedParam. It creates inconsistency -> future confusion. IMHO
>>>>> this
>>>>> usage is correct since the usual understanding of deprecation is
>>>>> that the
>>>>> param is still usable but user should be prepared that it will be
>>>>> removed
>>>>> in a future. IMHO DeprecatedParam is badly designed but that's not an
>>>>> issue of this patch.
>>>>>
>>>>> I think we can leave this as is and create a ticket to rename
>>>>> DeprecatedParam e.g. to RemovedParam. What do you think?
>>>>>
>>>> https://fedorahosted.org/freeipa/ticket/4566
>>>>> 5. You've removed 'idnssoamname' and 'force' from Web UI but
>>>>> dnszone-add
>>>>> precallback still uses these params. What is the intended purpose?
>>>> User should use modify dialog in webUI for zones.
>>>> Precallback fills default value for idnsmname from LDAP.
>>>> with --force there will be no validation of user specified soa mname
>>>>
>>>> Purpose is a user should let IPA to fill mname with safe value.
>>>>> Patch 123:
>>>>>
>>>>> 10. In `normalize_zonemgr(zonemgr)`, if zonemgr contains '@'
>>>>> shouldn't it
>>>>> be normalized to contain '.' at the end? Or is it handled by
>>>>> bind-dyndb-ldap?
>>>>
>>>> Zone manager (SOA RNAME) can eb relative name, BIND will append zone
>>>> name.
>>>> Currently we cant validate if email address is reachable, it doestn
>>>> matter
>>>> if it is filled with nonexistent absolute name, or nonexistent
>>>> relative name.
>>>>
>>>>> Unrelated to this patch set:
>>>>>
>>>>> a. One is able to run:
>>>>> # ipa dnszone-remove-permission $zone
>>>>> multiple times and it always returns success
>>>>>
>>>>> Is it intentional?
>>>> No, it isn't. I will inspect it and I will send additional patch
>>>>
>>>>>
>>>>> b. Web UI doesn't have means to call dnszone-mod with --force option
>>>> I'm not sure what you mean, it didn't do that before my patches.
>>>>
>>>> Updated patches attached
>>>>
>>> I accidentally removed one line in previous patchset.
>>> Updated patches attached
>>>
>> Sorry my IDE was too smart, and somehow added its configuration file
>> to commit
>> and I didn't notice it.
>> Patches attached.
>
> ACK, it works for me. Replica installation and deletion properly adds
> and deletes records as necessary.
>
> I would defer further improvements to
> https://fedorahosted.org/freeipa/ticket/3343
>
Pushed to:
ipa-4-1: b7e3a990369d85dfd12165891cf9142d669a0259
master: bc2eaa145637e1947449ee53548243ab22059805
--
Petr³
More information about the Freeipa-devel
mailing list