On Mon, 2012-02-27 at 11:47 -0500, Rob Crittenden wrote:
> Martin Kosek wrote:
> > SSH public key support includes a feature to automatically add/update
> > client SSH fingerprints in SSHFP records. However, the update won't
> > work for zones created before this support was added as they don't
> > allow clients to update SSHFP records in their update policies.
> > This patch lets dns upgrade module extend the original policy
> > to allow the SSHFP dynamic updates. It updates only original
> > policy, we don't want it to overwrite custom user policies.
> > https://fedorahosted.org/freeipa/ticket/2394
> ACK if you add a block comment to gen_dns_update_policy() describing why
> we need this update policy.
Comment added and pushed to master, ipa-2-2.
Freeipa-devel mailing list