-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/31/2011 11:27 AM, Martin Kosek wrote: > On Wed, 2011-03-30 at 16:52 -0400, Adam Young wrote: >> On 03/30/2011 11:13 AM, Martin Kosek wrote: >>> Since this is a new-feature type patch it should be pushed only to master. >>> ------- >>> The DNS record plugin does not support modification of a record. One >>> can only add A type addresses to a DNS record or remove the current >>> ones. To actually change a DNS record value it has to be removed and >>> then added with a desired value. >>> >>> This patch adds a new DNS plugin command "dnsrecord-mod" which enables >>> user to: >>> - modify a DNS record value (note than DNS record can hold multiple values >>> and those will be overwritten) >>> - remove a DNS record when an empty value is passed >>> >>> New tests for this new command have been added to the CLI test suite. >>> >>> https://fedorahosted.org/freeipa/ticket/1137 >>> >>> >>> _______________________________________________ >>> Freeipa-devel mailing list >>> Freeipa-devel@redhat.com >>> https://www.redhat.com/mailman/listinfo/freeipa-devel >> >> >> >> NACK, >> >> The problem is that if there are 10 A records, and I only want to >> modify one, I have no way to specify which one. >> >> The API should be something like: >> >> ipa dnsrecord-mod ayoung.boston.devel.redhat.com testa 10.10.2.3 >> --a-rec=,10.11.12.13 >> >> >> Alternatively, we can decide that we are not going to do mod, and have >> the WebUI do a delete and an add: > > Hm, that may be a valid use-case. We should discuss how we want the DNS > record modification to behave. > > The proposed API is not what we want, since we can modify multiple > attributes at once, e.g.: > > ipa dnsrecord-mod DNSZONE DNSRECORD --a-rec=10.0.0.1 --aaaa-rec=::1 > > I can introduce new option --old-<DNS_TYPE>-rec for each DNS record type > available, e.g. --old-a-rec, --old-aaaa-rec, --old-srv-rec etc. You > would be able to do: > > ipa dnsrecord-mod DNSZONE DNSRECORD --old-a-rec=10.10.2.3 > --a-rec=10.11.12.13 > > This would of course increase the size of this patch. I tried to find > how we treat other multi-value LDAP attributes. In most cases the > behavior is the same like in my first patch (user mail, mobile...) or > the modification is not supported at all (list of privilege > permissions). >
I think that this is kinda hard to do in CLI..in GUI the user can easily pick a record to mod, but for CLI case I would actually lean towards the approach Martin took in his original patch..that is, a -mod replaces the entries altogether. For GUI I guess we can provide an internal XML-RPC only command that allows replacing a record. The --old-<DNS_TYPE> approach doesn't sound quite right to me, to be honest, I think that would make the whole -mod command difficult to use.. If the user wants to replace one of the records, he can run -del followed by -add. Jakub -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk2VtOsACgkQHsardTLnvCVZ7wCgmwE18qZOTDj4ZOOATv6cVkcs +A4An0FLlik0ykW4v+BaKsEo1uVbYSTe =P0Am -----END PGP SIGNATURE----- _______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel