On 25/09/14 17:13, Martin Kosek wrote:
On 09/25/2014 04:39 PM, Petr Viktorin wrote:
On 09/25/2014 04:32 PM, Petr Spacek wrote:
On 25.9.2014 10:31, Martin Basti wrote:
On 24/09/14 16:24, Martin Basti wrote:
On 24/09/14 16:05, Martin Basti wrote:
On 23/09/14 17:45, Petr Vobornik wrote:
On 25.8.2014 14:52, Martin Basti wrote:
Patches attached.

Ticket: https://fedorahosted.org/freeipa/ticket/4149

There is a bug in bind-dyndb-ldap (or worse in dirsrv), which
cause the
named service is stopped after deleting zone.
Bug ticket: https://fedorahosted.org/bind-dyndb-ldap/ticket/138


Review of:
http://www.redhat.com/archives/freeipa-devel/2014-September/msg00484.html


1. Please follow pep8 for the new code.
  # git diff HEAD~7 -U0 | pep8 --diff --ignore=E501
Produces 25 erros.

Only E124 and E128 could be ignored if they are part of old code.
I left there some pep8 errors. They don't decrease readability

Patch 120:

3. This patch uses term 'deprecated' in a different meaning than a
DeprecatedParam. It creates inconsistency -> future confusion. IMHO
this
usage is correct since the usual understanding of deprecation is
that the
param is still usable but user should be prepared that it will be
removed
in a future.  IMHO DeprecatedParam is badly designed but that's not an
issue of this patch.

I think we can leave this as is and create a ticket to rename
DeprecatedParam e.g. to RemovedParam. What do you think?

https://fedorahosted.org/freeipa/ticket/4566
5. You've removed 'idnssoamname' and 'force' from Web UI but
dnszone-add
precallback still uses these params. What is the intended purpose?
User should use modify dialog in webUI for zones.
Precallback fills default value for idnsmname from LDAP.
with --force there will be no validation of user specified soa mname

Purpose is a user should let IPA to fill mname with safe value.
Patch 123:

10. In `normalize_zonemgr(zonemgr)`, if zonemgr contains '@'
shouldn't it
be normalized to contain '.' at the end? Or is it handled by
bind-dyndb-ldap?
Zone manager (SOA RNAME) can eb relative name, BIND will append zone
name.
Currently we cant validate if email address is reachable, it doestn
matter
if it is filled with nonexistent absolute name, or nonexistent
relative name.

Unrelated to this patch set:

a. One is able to run:
   # ipa dnszone-remove-permission $zone
multiple times and it always returns success

Is it intentional?
No, it isn't. I will inspect it and I will send additional patch

b. Web UI doesn't have means to call dnszone-mod with --force option
I'm not sure what you mean, it didn't do that before my patches.

Updated patches attached

I accidentally removed one line in previous patchset.
Updated patches attached

Sorry my IDE was too smart, and somehow added its configuration file
to commit
and I didn't notice it.
Patches attached.
ACK, it works for me. Replica installation and deletion properly adds
and deletes records as necessary.

I would defer further improvements to
https://fedorahosted.org/freeipa/ticket/3343

Pushed to:
ipa-4-1: b7e3a990369d85dfd12165891cf9142d669a0259
master: bc2eaa145637e1947449ee53548243ab22059805

I reopened the ticket, we missed update to DNS help page (ipa help dns):

https://fedorahosted.org/freeipa/ticket/4149#comment:18

Martin

Thanks!
Patch attached.


--
Martin Basti

From 2ed3e111e31e29cb100479c4445e87f32c35c8a4 Mon Sep 17 00:00:00 2001
From: Martin Basti <mba...@redhat.com>
Date: Fri, 26 Sep 2014 10:15:59 +0200
Subject: [PATCH] Remove --ip-address, --name-server otpions from DNS help

Ticket: https://fedorahosted.org/freeipa/ticket/4149
---
 ipalib/plugins/dns.py | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/ipalib/plugins/dns.py b/ipalib/plugins/dns.py
index 64dc6f4bd9e1ed93ac325bf66a2d4859b8b03fb9..df42c6bfe9d19c6530cc7e90663306f937aaede5 100644
--- a/ipalib/plugins/dns.py
+++ b/ipalib/plugins/dns.py
@@ -87,9 +87,7 @@ ipa dnsrecord-mod --mx-rec="0 mx.example.com." --mx-preference=1
 EXAMPLES:
 """) + _("""
  Add new zone:
-   ipa dnszone-add example.com --name-server=ns \\
-                               --admin-email=ad...@example.com \\
-                               --ip-address=192.0.2.1
+   ipa dnszone-add example.com --admin-email=ad...@example.com
 """) + _("""
  Add system permission that can be used for per-zone privilege delegation:
    ipa dnszone-add-permission example.com
@@ -105,8 +103,7 @@ EXAMPLES:
    ipa dnszone-mod example.com --allow-transfer=192.0.2.0/24
 """) + _("""
  Add new reverse zone specified by network IP address:
-   ipa dnszone-add --name-from-ip=192.0.2.0/24 \\
-                   --name-server=ns.example.com.
+   ipa dnszone-add --name-from-ip=192.0.2.0/24
 """) + _("""
  Add second nameserver for example.com:
    ipa dnsrecord-add example.com @ --ns-rec=nameserver2.example.com
-- 
1.8.3.1

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to