On Mon, 10 Jan 2011 12:28:51 +0100 Adam Tkac <at...@redhat.com> wrote:
> the attached patch adds new attributes, idnsAllowQuery and > idnsAllowTransfer, for the idnsZone. With those attributes > it is now possible to set ACLs for the zone directly in LDAP. > > Example of ACL setting: > > idnsAllowQuery: 127.0.0.1 > idnsAllowQuery: ::1 > idnsAllowQuery: 192.168.1.0/24 > > With this setting clients with 127.0.0.1 and ::1 IP addresses and > clients from 192.168.1.0/24 network are allowed to obtain resource > records from the zone. > > Comments are welcomed. Patch looks good, and very useful. I have already reserved the 2 new OIDs you used in our internal registry and it is an ACK from my pov. If I read the patch correctly, a zone missing these attributes will have no issues (thinking of upgrades), can you confirm ? Simo. -- Simo Sorce * Red Hat, Inc * New York _______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel