On Mon, 2012-02-27 at 10:36 -0500, Rob Crittenden wrote: > Martin Kosek wrote: > > On Mon, 2012-02-20 at 14:34 +0100, Martin Kosek wrote: > >> On Fri, 2012-02-10 at 16:42 +0100, Martin Kosek wrote: > >>> On Tue, 2012-02-07 at 16:26 +0100, Martin Kosek wrote: > >>>> On Mon, 2012-02-06 at 15:56 -0500, Rob Crittenden wrote: > >>>>> Martin Kosek wrote: > >>>>>> On Mon, 2012-01-30 at 11:52 -0500, Rob Crittenden wrote: > >>>>>>> Martin Kosek wrote: > >>>>>>>> Adding reverse DNS record may be a time consuming task, especially > >>>>>>>> for IPv6 addresses. Having a way to automatically create a reverse > >>>>>>>> record when a forward record is created could speed up the process. > >>>>>>>> host-add command already has this possibility. > >>>>>>>> > >>>>>>>> This patch takes advantage of the new per-type API and adds new > >>>>>>>> options for A/AAAA record types: --a-create-reverse and > >>>>>>>> --aaaa-create-reverse. These commands can be used to automatically > >>>>>>>> create reverse records for new A/AAAA addresses (both forward > >>>>>>>> and reverse zones need to be managed by FreeIPA server): > >>>>>>>> > >>>>>>>> ipa dnsrecord-add example.com foo --a-rec=10.0.0.1 --a-create-reverse > >>>>>>>> > >>>>>>>> This command would add a new A record to record foo in zone > >>>>>>>> example.com and a PTR record to appropriate reverse zone for > >>>>>>>> IP address 10.0.0.1 (for example PTR record 1 in zone > >>>>>>>> 0.0.10.in-addr.arpa. pointing to foo.example.com.). > >>>>>>>> > >>>>>>>> Few modification were done to new DNS API to support this feature: > >>>>>>>> - Refactor --ip-address option handling from host-add and place > >>>>>>>> it > >>>>>>>> to dns.py to be used by both modules > >>>>>>>> - Add support for "extra" per-type options > >>>>>>>> - Hide DNS record part options in dnsrecord_find command as they > >>>>>>>> have no effect for this command > >>>>>>>> > >>>>>>>> https://fedorahosted.org/freeipa/ticket/2009 > >>>>>>> > >>>>>>> Can the options -a-create-reverse and -aaaa-create-reverse be > >>>>>>> combined? > >>>>>>> I was able to create an IPv4 addr using -aaaa-create-reverse: > >>>>>>> > >>>>>>> # ipa dnsrecord-add example.com baz --a-rec=192.168.166.115 > >>>>>>> --aaaa-create-reverse > >>>>>>> Record name: baz > >>>>>>> A record: 192.168.166.115 > >>>>>>> > >>>>>>> Otherwise the patch seems fine. > >>>>>> > >>>>>> These 2 options can be combined, you can add both A and AAAA forward > >>>>>> records and create records in their reverse records at the same time: > >>>>>> > >>>>>> ipa dnsrecord-add example.com bar --a-rec=10.0.0.1 --a-create-reverse > >>>>>> --aaaa-rec=2001::beef:1 --aaaa-create-reverse > >>>>>> > >>>>>> In your case the option --aaaa-create-reverse is ignored as there is no > >>>>>> AAAA rec added. Thus no AAAA record callback which would create this > >>>>>> reverse record is called. > >>>>>> > >>>>>> We may implement some checks which would throw a validation error when > >>>>>> --a-create-reverse/--aaaa-create-reverse is called without a respective > >>>>>> A/AAAA record. > >>>>>> > >>>>>> Martin > >>>>>> > >>>>> > >>>>> Yes, I think that is the way to go, otherwise this is confusing. > >>>>> > >>>>> rob > >>>> > >>>> Now, an exception is thrown if you try to pass --<rrtype>-create-reverse > >>>> without an appropriate --<rrtype>-rec option filled: > >>>> > >>>> # ipa dnsrecord-add example.com baz --a-rec=192.168.166.115 > >>>> --aaaa-create-reverse > >>>> ipa: ERROR: 'aaaarecord' is required > >>>> > >>>> I also refactored pre_callback of dnsrecord-add command a little, I > >>>> didn't like parsing<rrtype> from parameter name using regexes. Now, > >>>> every DNS part option has a link to "parent" DNS record stored in hint > >>>> attribute. > >>>> > >>>> Martin > >>> > >>> Petr Vobornik noticed that reserved IP address passed to --a-rec > >>> (--aaaa-rec) causes an Internal Error when --a-create-reverse is set at > >>> the same time: > >>> > >>> # ipa dnsrecord-add example.com foo --aaaa-ip-address=F:F:F:A::12 > >>> --aaaa-create-reverse > >>> ipa: ERROR: an internal error has occurred > >>> > >>> Attached patch fixes it: > >>> > >>> # ipa dnsrecord-add example.com foo --aaaa-ip-address=F:F:F:A::12 > >>> --aaaa-create-reverse > >>> ipa: ERROR: invalid 'aaaarecord': cannot use IANA reserved IP address > >>> > >>> Martin > >> > >> I rebased the patch for the lastest ipa-2-2 version. There was a > >> conflict with ssh patches that were pushed recently. > >> > >> Martin > > > > Another rebase to current version (my DNS patches 195-199 were pushed). > > > > Martin > > ACK, works for me. > > rob
Pushed to master, ipa-2-2. Martin _______________________________________________ Freeipa-devel mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-devel
