Re: [Freeipa-devel] [PATCH] 045 Add DNS record modification command
On 07/05/2011 04:21 PM, Adam Young wrote:
On 03/30/2011 11:13 AM, Martin Kosek wrote:
Since this is a new-feature type patch it should be pushed only to master.
---
The DNS record plugin does not support modification of a record. One
can only add A type addresses to a DNS record or remove the current
ones. To actually change a DNS record value it has to be removed and
then added with a desired value.
This patch adds a new DNS plugin command dnsrecord-mod which enables
user to:
- modify a DNS record value (note than DNS record can hold multiple values
and those will be overwritten)
- remove a DNS record when an empty value is passed
New tests for this new command have been added to the CLI test suite.
https://fedorahosted.org/freeipa/ticket/1137
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
dns.py has changed enough that this needs a rebase, but from my visual
inspection it looks correct. Can you post an updated patch?
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
OK, here is my attempt at updating the patch. Please review.
From 6930f9812d811c1f643ff202667f7744557cce1d Mon Sep 17 00:00:00 2001
From: Martin Kosek mko...@redhat.com
Date: Tue, 5 Jul 2011 13:50:18 -0400
Subject: [PATCH] Add DNS record modification command
The DNS record plugin does not support modification of a record. One
can only add A type addresses to a DNS record or remove the current
ones. To actually change a DNS record value it has to be removed and
then added with a desired value.
This patch adds a new DNS plugin command dnsrecord-mod which enables
user to:
- modify a DNS record value (note than DNS record can hold multiple values
and those will be overwritten)
- remove a DNS record when an empty value is passed
New tests for this new command have been added to the CLI test suite.
https://fedorahosted.org/freeipa/ticket/1137
---
API.txt | 44 +++
ipalib/plugins/dns.py| 47 ++---
tests/test_xmlrpc/test_dns_plugin.py | 48 -
3 files changed, 133 insertions(+), 6 deletions(-)
diff --git a/API.txt b/API.txt
index 15970a043058b484c30ca9d21b2522a684c4bdcf..e25c8507e2a668feb6f77dd052b19f4d2d5e 100644
--- a/API.txt
+++ b/API.txt
@@ -681,6 +681,50 @@ output: Output('summary', (type 'unicode', type 'NoneType'), 'User-friendly
output: ListOfEntries('result', (type 'list', type 'tuple'), Gettext('A list of LDAP entries', domain='ipa', localedir=None))
output: Output('count', type 'int', 'Number of entries returned')
output: Output('truncated', type 'bool', 'True if not all results were returned')
+command: dnsrecord_mod
+args: 2,37,3
+arg: Str('dnszoneidnsname', cli_name='dnszone', label=Gettext('Zone name', domain='ipa', localedir=None), query=True, required=True)
+arg: Str('idnsname', attribute=True, cli_name='name', label=Gettext('Record name', domain='ipa', localedir=None), multivalue=False, primary_key=True, query=True, required=True)
+option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output'])
+option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output'])
+option: Str('version?', exclude='webui', flags=['no_option', 'no_output'])
+option: List('arecord?', _validate_ipaddr, attribute=True, cli_name='a_rec', label='A record', multivalue=True)
+option: List('record?', _validate_ipaddr, attribute=True, cli_name='_rec', label=' record', multivalue=True)
+option: List('a6record?', attribute=True, cli_name='a6_rec', label='A6 record', multivalue=True)
+option: List('afsdbrecord?', attribute=True, cli_name='afsdb_rec', label='AFSDB record', multivalue=True)
+option: List('aplrecord?', _validate_ipnet, attribute=True, cli_name='apl_rec', label='APL record', multivalue=True)
+option: List('certrecord?', attribute=True, cli_name='cert_rec', label='CERT record', multivalue=True)
+option: List('cnamerecord?', attribute=True, cli_name='cname_rec', label='CNAME record', multivalue=True)
+option: List('dhcidrecord?', attribute=True, cli_name='dhcid_rec', label='DHCID record', multivalue=True)
+option: List('dlvrecord?', attribute=True, cli_name='dlv_rec', label='DLV record', multivalue=True)
+option: List('dnamerecord?', attribute=True, cli_name='dname_rec', label='DNAME record', multivalue=True)
+option: List('dnskeyrecord?', attribute=True, cli_name='dnskey_rec', label='DNSKEY record', multivalue=True)
+option: List('dsrecord?', attribute=True, cli_name='ds_rec', label='DS record', multivalue=True)
+option: List('hiprecord?', attribute=True, cli_name='hip_rec', label='HIP record', multivalue=True)
+option: List('ipseckeyrecord?', attribute=True,
Re: [Freeipa-devel] [PATCH] 045 Add DNS record modification command
On 03/30/2011 04:52 PM, Adam Young wrote: On 03/30/2011 11:13 AM, Martin Kosek wrote: Since this is a new-feature type patch it should be pushed only to master. --- The DNS record plugin does not support modification of a record. One can only add A type addresses to a DNS record or remove the current ones. To actually change a DNS record value it has to be removed and then added with a desired value. This patch adds a new DNS plugin command dnsrecord-mod which enables user to: - modify a DNS record value (note than DNS record can hold multiple values and those will be overwritten) - remove a DNS record when an empty value is passed New tests for this new command have been added to the CLI test suite. https://fedorahosted.org/freeipa/ticket/1137 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel NACK, The problem is that if there are 10 A records, and I only want to modify one, I have no way to specify which one. The API should be something like: ipa dnsrecord-mod ayoung.boston.devel.redhat.com testa 10.10.2.3 --a-rec=,10.11.12.13 Alternatively, we can decide that we are not going to do mod, and have the WebUI do a delete and an add: ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel This objection is withdrawn. Going to retest this patch with a change to the ui. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 045 Add DNS record modification command
On 03/30/2011 11:13 AM, Martin Kosek wrote: Since this is a new-feature type patch it should be pushed only to master. --- The DNS record plugin does not support modification of a record. One can only add A type addresses to a DNS record or remove the current ones. To actually change a DNS record value it has to be removed and then added with a desired value. This patch adds a new DNS plugin command dnsrecord-mod which enables user to: - modify a DNS record value (note than DNS record can hold multiple values and those will be overwritten) - remove a DNS record when an empty value is passed New tests for this new command have been added to the CLI test suite. https://fedorahosted.org/freeipa/ticket/1137 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel dns.py has changed enough that this needs a rebase, but from my visual inspection it looks correct. Can you post an updated patch? ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 045 Add DNS record modification command
On Mon, 2011-04-04 at 10:45 -0400, Adam Young wrote: On 04/04/2011 10:26 AM, Jakub Hrozek wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 04/04/2011 03:38 PM, Simo Sorce wrote: I think that this is kinda hard to do in CLI..in GUI the user can easily pick a record to mod, but for CLI case I would actually lean towards the approach Martin took in his original patch..that is, a -mod replaces the entries altogether. Why is it hard ? You just need to provide means to delete and add records in the same command. ipa dnsrecord-mod DNSZONE DNSRECORD --del-a-rec=1.2.3.4 \ --add-a-rec=4.3.2.1 to replace all: ipa dnsrecord-mod DNSZONE DNSRECORD --del-all --add-a-rec=4.3.2.1 I was not trying to say it is not technically doable, but it's hard to use. Imagine how the --help output would look like, if for every RR we would also generate a --del equivalent..even now the output almost doesn't fit on screen. I agree. I am not a far of the ability to do operations for multiple record types in the same command. It is strangly in consistant to be able to add an A Record, CNAMe, MX and record all in the same command. We are modifying one or more attributes of the LDAP DNS record object - I don't find it inconsistent. It is the same like when we edit the user, we can set his email and title using one command. I'm starting to think that the dnsrecord should not be a separate entity exposed by the CLI, but instead should be wrapped up into the dnszone entity. That seems to be how the LDAP object is defined. We treat each record type as a multi-value field, and we use a consistant look and feel as email addresses and phone numbers in the user object. Then, modifying an A record is the same as modifing a phone number: us add-attr/set-addr for each valu. Step one would be to modify the dns zone object to have this API, and to mark the dnsrecord object as deprecated. We can leave it for the remainder of the release, and remove it in 3.0 In LDAP, we have an object for the zone with Object Classes idnszone and idnsrecord (e.g. example.com). Then there are LDAP objects representing DNS records (e.g. www) with OC idnsrecord with the DNS zone object as a parent. Both DNS zone and DNS record objects can contain the actual DNS resource records as its attributes (e.g. attribute srvRecord or aRecord). I think the current dns plugin reflects this structure well by having commands for both dnszone and dnsrecords. We need both objects for managing DNS. Martin ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 045 Add DNS record modification command
On Tue, 05 Apr 2011 17:59:21 +0200 Martin Kosek mko...@redhat.com wrote: I'm starting to think that the dnsrecord should not be a separate entity exposed by the CLI, but instead should be wrapped up into the dnszone entity. That seems to be how the LDAP object is defined. We treat each record type as a multi-value field, and we use a consistant look and feel as email addresses and phone numbers in the user object. Then, modifying an A record is the same as modifing a phone number: us add-attr/set-addr for each valu. Step one would be to modify the dns zone object to have this API, and to mark the dnsrecord object as deprecated. We can leave it for the remainder of the release, and remove it in 3.0 In LDAP, we have an object for the zone with Object Classes idnszone and idnsrecord (e.g. example.com). Then there are LDAP objects representing DNS records (e.g. www) with OC idnsrecord with the DNS zone object as a parent. Both DNS zone and DNS record objects can contain the actual DNS resource records as its attributes (e.g. attribute srvRecord or aRecord). I think the current dns plugin reflects this structure well by having commands for both dnszone and dnsrecords. We need both objects for managing DNS. I strongly agree with Martin. Simo. -- Simo Sorce * Red Hat, Inc * New York ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 045 Add DNS record modification command
On Fri, 01 Apr 2011 13:20:11 +0200 Jakub Hrozek jhro...@redhat.com wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 03/31/2011 11:27 AM, Martin Kosek wrote: On Wed, 2011-03-30 at 16:52 -0400, Adam Young wrote: On 03/30/2011 11:13 AM, Martin Kosek wrote: Since this is a new-feature type patch it should be pushed only to master. --- The DNS record plugin does not support modification of a record. One can only add A type addresses to a DNS record or remove the current ones. To actually change a DNS record value it has to be removed and then added with a desired value. This patch adds a new DNS plugin command dnsrecord-mod which enables user to: - modify a DNS record value (note than DNS record can hold multiple values and those will be overwritten) - remove a DNS record when an empty value is passed New tests for this new command have been added to the CLI test suite. https://fedorahosted.org/freeipa/ticket/1137 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel NACK, The problem is that if there are 10 A records, and I only want to modify one, I have no way to specify which one. The API should be something like: ipa dnsrecord-mod ayoung.boston.devel.redhat.com testa 10.10.2.3 --a-rec=,10.11.12.13 Alternatively, we can decide that we are not going to do mod, and have the WebUI do a delete and an add: Hm, that may be a valid use-case. We should discuss how we want the DNS record modification to behave. The proposed API is not what we want, since we can modify multiple attributes at once, e.g.: ipa dnsrecord-mod DNSZONE DNSRECORD --a-rec=10.0.0.1 ---rec=::1 I can introduce new option --old-DNS_TYPE-rec for each DNS record type available, e.g. --old-a-rec, --old--rec, --old-srv-rec etc. You would be able to do: ipa dnsrecord-mod DNSZONE DNSRECORD --old-a-rec=10.10.2.3 --a-rec=10.11.12.13 This would of course increase the size of this patch. I tried to find how we treat other multi-value LDAP attributes. In most cases the behavior is the same like in my first patch (user mail, mobile...) or the modification is not supported at all (list of privilege permissions). I think that this is kinda hard to do in CLI..in GUI the user can easily pick a record to mod, but for CLI case I would actually lean towards the approach Martin took in his original patch..that is, a -mod replaces the entries altogether. Why is it hard ? You just need to provide means to delete and add records in the same command. ipa dnsrecord-mod DNSZONE DNSRECORD --del-a-rec=1.2.3.4 \ --add-a-rec=4.3.2.1 to replace all: ipa dnsrecord-mod DNSZONE DNSRECORD --del-all --add-a-rec=4.3.2.1 For GUI I guess we can provide an internal XML-RPC only command that allows replacing a record. better not to do special things valid only in one or the other, that's not how we want to do it. The --old-DNS_TYPE approach doesn't sound quite right to me, to be honest, I think that would make the whole -mod command difficult to use.. If the user wants to replace one of the records, he can run -del followed by -add. Indeed it is just as easy to -del and then -add, perhaps instead of a mod command we need to speed up the creation of batch commands for the CLI so that admins can call -del/-add in a single batch command. Simo. -- Simo Sorce * Red Hat, Inc * New York ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 045 Add DNS record modification command
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 03/31/2011 11:27 AM, Martin Kosek wrote: On Wed, 2011-03-30 at 16:52 -0400, Adam Young wrote: On 03/30/2011 11:13 AM, Martin Kosek wrote: Since this is a new-feature type patch it should be pushed only to master. --- The DNS record plugin does not support modification of a record. One can only add A type addresses to a DNS record or remove the current ones. To actually change a DNS record value it has to be removed and then added with a desired value. This patch adds a new DNS plugin command dnsrecord-mod which enables user to: - modify a DNS record value (note than DNS record can hold multiple values and those will be overwritten) - remove a DNS record when an empty value is passed New tests for this new command have been added to the CLI test suite. https://fedorahosted.org/freeipa/ticket/1137 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel NACK, The problem is that if there are 10 A records, and I only want to modify one, I have no way to specify which one. The API should be something like: ipa dnsrecord-mod ayoung.boston.devel.redhat.com testa 10.10.2.3 --a-rec=,10.11.12.13 Alternatively, we can decide that we are not going to do mod, and have the WebUI do a delete and an add: Hm, that may be a valid use-case. We should discuss how we want the DNS record modification to behave. The proposed API is not what we want, since we can modify multiple attributes at once, e.g.: ipa dnsrecord-mod DNSZONE DNSRECORD --a-rec=10.0.0.1 ---rec=::1 I can introduce new option --old-DNS_TYPE-rec for each DNS record type available, e.g. --old-a-rec, --old--rec, --old-srv-rec etc. You would be able to do: ipa dnsrecord-mod DNSZONE DNSRECORD --old-a-rec=10.10.2.3 --a-rec=10.11.12.13 This would of course increase the size of this patch. I tried to find how we treat other multi-value LDAP attributes. In most cases the behavior is the same like in my first patch (user mail, mobile...) or the modification is not supported at all (list of privilege permissions). I think that this is kinda hard to do in CLI..in GUI the user can easily pick a record to mod, but for CLI case I would actually lean towards the approach Martin took in his original patch..that is, a -mod replaces the entries altogether. For GUI I guess we can provide an internal XML-RPC only command that allows replacing a record. The --old-DNS_TYPE approach doesn't sound quite right to me, to be honest, I think that would make the whole -mod command difficult to use.. If the user wants to replace one of the records, he can run -del followed by -add. Jakub -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk2VtOsACgkQHsardTLnvCVZ7wCgmwE18qZOTDj4ZOOATv6cVkcs +A4An0FLlik0ykW4v+BaKsEo1uVbYSTe =P0Am -END PGP SIGNATURE- ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 045 Add DNS record modification command
On Wed, 2011-03-30 at 16:52 -0400, Adam Young wrote: On 03/30/2011 11:13 AM, Martin Kosek wrote: Since this is a new-feature type patch it should be pushed only to master. --- The DNS record plugin does not support modification of a record. One can only add A type addresses to a DNS record or remove the current ones. To actually change a DNS record value it has to be removed and then added with a desired value. This patch adds a new DNS plugin command dnsrecord-mod which enables user to: - modify a DNS record value (note than DNS record can hold multiple values and those will be overwritten) - remove a DNS record when an empty value is passed New tests for this new command have been added to the CLI test suite. https://fedorahosted.org/freeipa/ticket/1137 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel NACK, The problem is that if there are 10 A records, and I only want to modify one, I have no way to specify which one. The API should be something like: ipa dnsrecord-mod ayoung.boston.devel.redhat.com testa 10.10.2.3 --a-rec=,10.11.12.13 Alternatively, we can decide that we are not going to do mod, and have the WebUI do a delete and an add: Hm, that may be a valid use-case. We should discuss how we want the DNS record modification to behave. The proposed API is not what we want, since we can modify multiple attributes at once, e.g.: ipa dnsrecord-mod DNSZONE DNSRECORD --a-rec=10.0.0.1 ---rec=::1 I can introduce new option --old-DNS_TYPE-rec for each DNS record type available, e.g. --old-a-rec, --old--rec, --old-srv-rec etc. You would be able to do: ipa dnsrecord-mod DNSZONE DNSRECORD --old-a-rec=10.10.2.3 --a-rec=10.11.12.13 This would of course increase the size of this patch. I tried to find how we treat other multi-value LDAP attributes. In most cases the behavior is the same like in my first patch (user mail, mobile...) or the modification is not supported at all (list of privilege permissions). ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
[Freeipa-devel] [PATCH] 045 Add DNS record modification command
Since this is a new-feature type patch it should be pushed only to master.
---
The DNS record plugin does not support modification of a record. One
can only add A type addresses to a DNS record or remove the current
ones. To actually change a DNS record value it has to be removed and
then added with a desired value.
This patch adds a new DNS plugin command dnsrecord-mod which enables
user to:
- modify a DNS record value (note than DNS record can hold multiple values
and those will be overwritten)
- remove a DNS record when an empty value is passed
New tests for this new command have been added to the CLI test suite.
https://fedorahosted.org/freeipa/ticket/1137
From 9c9e193c1d76a4c51c496ec3f76d18a4a9dd2b4b Mon Sep 17 00:00:00 2001
From: Martin Kosek mko...@redhat.com
Date: Wed, 30 Mar 2011 17:07:17 +0200
Subject: [PATCH] Add DNS record modification command
The DNS record plugin does not support modification of a record. One
can only add A type addresses to a DNS record or remove the current
ones. To actually change a DNS record value it has to be removed and
then added with a desired value.
This patch adds a new DNS plugin command dnsrecord-mod which enables
user to:
- modify a DNS record value (note than DNS record can hold multiple values
and those will be overwritten)
- remove a DNS record when an empty value is passed
New tests for this new command have been added to the CLI test suite.
https://fedorahosted.org/freeipa/ticket/1137
---
ipalib/plugins/dns.py| 95 --
tests/test_xmlrpc/test_dns_plugin.py | 48 -
2 files changed, 113 insertions(+), 30 deletions(-)
diff --git a/ipalib/plugins/dns.py b/ipalib/plugins/dns.py
index f58e1ae1fae170270e8d065ada42da2f898992f5..cc70413bb387852307ac262379eb075b0a9b546c 100644
--- a/ipalib/plugins/dns.py
+++ b/ipalib/plugins/dns.py
@@ -189,9 +189,12 @@ _record_validators = {
u'NAPTR': _validate_naptr,
}
-def has_cli_options(entry, no_option_msg):
+def has_cli_options(entry, no_option_msg, allow_empty_attr=False):
entry = dict((t, entry.get(t, [])) for t in _record_attributes)
-numattr = reduce(lambda x,y: x+y,
+if allow_empty_attr:
+numattr = len(entry)
+else:
+numattr = reduce(lambda x,y: x+y,
map(lambda x: len(x), [ v for v in entry.values() if v is not None ]))
if numattr == 0:
raise errors.OptionError(no_option_msg)
@@ -514,6 +517,30 @@ class dnsrecord(LDAPObject):
cliname = attr
return cliname
+def _nsrecord_pre_callback(self, ldap, dn, entry_attrs, *keys, **options):
+if options.get('force', False):
+return dn
+
+for ns in options['nsrecord']:
+is_ns_rec_resolvable(ns)
+return dn
+
+def _ptrrecord_pre_callback(self, ldap, dn, entry_attrs, *keys, **options):
+components = dn.split(',',2)
+addr = components[0].split('=')[1]
+zone = components[1].split('=')[1]
+if zone.find('ip6') != -1:
+zone = zone.replace('.ip6.arpa.','')
+zone_len = 32
+else:
+zone = zone.replace('.in-addr.arpa.','')
+zone_len = 4
+
+if len(addr.split('.'))+len(zone.split('.')) != zone_len:
+raise errors.ValidationError(name='cn', error=unicode('IP address must have exactly '+str(zone_len)+' components'))
+
+return dn
+
api.register(dnsrecord)
@@ -648,35 +675,11 @@ class dnsrecord_add(LDAPCreate, dnsrecord_cmd_w_record_options):
has_cli_options(options, self.no_option_msg)
return super(dnsrecord_add, self).args_options_2_entry(*keys, **options)
-def _nsrecord_pre_callback(self, ldap, dn, entry_attrs, *keys, **options):
-if options.get('force', False):
-return dn
-
-for ns in options['nsrecord']:
-is_ns_rec_resolvable(ns)
-return dn
-
-def _ptrrecord_pre_callback(self, ldap, dn, entry_attrs, *keys, **options):
-components = dn.split(',',2)
-addr = components[0].split('=')[1]
-zone = components[1].split('=')[1]
-if zone.find('ip6') != -1:
-zone = zone.replace('.ip6.arpa.','')
-zone_len = 32
-else:
-zone = zone.replace('.in-addr.arpa.','')
-zone_len = 4
-
-if len(addr.split('.'))+len(zone.split('.')) != zone_len:
-raise errors.ValidationError(name='cn', error=unicode('IP address must have exactly '+str(zone_len)+' components'))
-
-return dn
-
def pre_callback(self, ldap, dn, entry_attrs, *keys, **options):
for rtype in options:
rtype_cb = '_%s_pre_callback' % rtype
-if hasattr(self, rtype_cb):
-dn = getattr(self, rtype_cb)(ldap, dn, entry_attrs, *keys, **options)
+if hasattr(self.obj, rtype_cb):
+dn = getattr(self.obj, rtype_cb)(ldap, dn, entry_attrs, *keys,
Re: [Freeipa-devel] [PATCH] 045 Add DNS record modification command
On 03/30/2011 11:13 AM, Martin Kosek wrote: Since this is a new-feature type patch it should be pushed only to master. --- The DNS record plugin does not support modification of a record. One can only add A type addresses to a DNS record or remove the current ones. To actually change a DNS record value it has to be removed and then added with a desired value. This patch adds a new DNS plugin command dnsrecord-mod which enables user to: - modify a DNS record value (note than DNS record can hold multiple values and those will be overwritten) - remove a DNS record when an empty value is passed New tests for this new command have been added to the CLI test suite. https://fedorahosted.org/freeipa/ticket/1137 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel NACK, The problem is that if there are 10 A records, and I only want to modify one, I have no way to specify which one. The API should be something like: ipa dnsrecord-mod ayoung.boston.devel.redhat.com testa 10.10.2.3 --a-rec=,10.11.12.13 Alternatively, we can decide that we are not going to do mod, and have the WebUI do a delete and an add: ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
