[Freeipa-devel] [PATCHES 0114-0115] DNS: allow to add root zone '.'

Martin Basti mbasti at redhat.com
Fri Sep 26 08:20:40 UTC 2014 

On 25/09/14 17:13, Martin Kosek wrote:
> On 09/25/2014 04:39 PM, Petr Viktorin wrote:
>> On 09/25/2014 04:32 PM, Petr Spacek wrote:
>>> On 25.9.2014 10:31, Martin Basti wrote:
>>>> On 24/09/14 16:24, Martin Basti wrote:
>>>>> On 24/09/14 16:05, Martin Basti wrote:
>>>>>> On 23/09/14 17:45, Petr Vobornik wrote:
>>>>>>> On 25.8.2014 14:52, Martin Basti wrote:
>>>>>>>> Patches attached.
>>>>>>>>
>>>>>>>> Ticket: https://fedorahosted.org/freeipa/ticket/4149
>>>>>>>>
>>>>>>>> There is a bug in bind-dyndb-ldap (or worse in dirsrv), which
>>>>>>>> cause the
>>>>>>>> named service is stopped after deleting zone.
>>>>>>>> Bug ticket: https://fedorahosted.org/bind-dyndb-ldap/ticket/138
>>>>>>>>
>>>>>>>>
>>>>>>> Review of:
>>>>>>> http://www.redhat.com/archives/freeipa-devel/2014-September/msg00484.html
>>>>>>>
>>>>>>>
>>>>>>> 1. Please follow pep8 for the new code.
>>>>>>>   # git diff HEAD~7 -U0 | pep8 --diff --ignore=E501
>>>>>>> Produces 25 erros.
>>>>>>>
>>>>>>> Only E124 and E128 could be ignored if they are part of old code.
>>>>>> I left there some pep8 errors. They don't decrease readability
>>>>>>
>>>>>>> Patch 120:
>>>>>>>
>>>>>>> 3. This patch uses term 'deprecated' in a different meaning than a
>>>>>>> DeprecatedParam. It creates inconsistency -> future confusion. IMHO
>>>>>>> this
>>>>>>> usage is correct since the usual understanding of deprecation is
>>>>>>> that the
>>>>>>> param is still usable but user should be prepared that it will be
>>>>>>> removed
>>>>>>> in a future.  IMHO DeprecatedParam is badly designed but that's not an
>>>>>>> issue of this patch.
>>>>>>>
>>>>>>> I think we can leave this as is and create a ticket to rename
>>>>>>> DeprecatedParam e.g. to RemovedParam. What do you think?
>>>>>>>
>>>>>> https://fedorahosted.org/freeipa/ticket/4566
>>>>>>> 5. You've removed 'idnssoamname' and 'force' from Web UI but
>>>>>>> dnszone-add
>>>>>>> precallback still uses these params. What is the intended purpose?
>>>>>> User should use modify dialog in webUI for zones.
>>>>>> Precallback fills default value for idnsmname from LDAP.
>>>>>> with --force there will be no validation of user specified soa mname
>>>>>>
>>>>>> Purpose is a user should let IPA to fill mname with safe value.
>>>>>>> Patch 123:
>>>>>>>
>>>>>>> 10. In `normalize_zonemgr(zonemgr)`, if zonemgr contains '@'
>>>>>>> shouldn't it
>>>>>>> be normalized to contain '.' at the end? Or is it handled by
>>>>>>> bind-dyndb-ldap?
>>>>>> Zone manager (SOA RNAME) can eb relative name, BIND will append zone
>>>>>> name.
>>>>>> Currently we cant validate if email address is reachable, it doestn
>>>>>> matter
>>>>>> if it is filled with nonexistent absolute name, or nonexistent
>>>>>> relative name.
>>>>>>
>>>>>>> Unrelated to this patch set:
>>>>>>>
>>>>>>> a. One is able to run:
>>>>>>>    # ipa dnszone-remove-permission $zone
>>>>>>> multiple times and it always returns success
>>>>>>>
>>>>>>> Is it intentional?
>>>>>> No, it isn't. I will inspect it and I will send additional patch
>>>>>>
>>>>>>> b. Web UI doesn't have means to call dnszone-mod with --force option
>>>>>> I'm not sure what you mean, it didn't do that before my patches.
>>>>>>
>>>>>> Updated patches attached
>>>>>>
>>>>> I accidentally removed one line in previous patchset.
>>>>> Updated patches attached
>>>>>
>>>> Sorry my IDE was too smart, and somehow added its configuration file
>>>> to commit
>>>> and I didn't notice it.
>>>> Patches attached.
>>> ACK, it works for me. Replica installation and deletion properly adds
>>> and deletes records as necessary.
>>>
>>> I would defer further improvements to
>>> https://fedorahosted.org/freeipa/ticket/3343
>>>
>> Pushed to:
>> ipa-4-1: b7e3a990369d85dfd12165891cf9142d669a0259
>> master: bc2eaa145637e1947449ee53548243ab22059805
>>
> I reopened the ticket, we missed update to DNS help page (ipa help dns):
>
> https://fedorahosted.org/freeipa/ticket/4149#comment:18
>
> Martin

Thanks!
Patch attached.


-- 
Martin Basti

-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mbasti-0129-Remove-ip-address-name-server-otpions-from-DNS-help.patch
Type: text/x-patch
Size: 1519 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20140926/8cec4977/attachment.bin>

More information about the Freeipa-devel mailing list