Hello all,

related tickets:
https://fedorahosted.org/freeipa/ticket/5676
https://fedorahosted.org/freeipa/ticket/5675
https://fedorahosted.org/freeipa/ticket/5715

I'm trying to implement both tickets, but I don't like the way we decided on devel meeting anymore.

https://fedorahosted.org/freeipa/ticket/5676#comment:1

1)
ipa host-del --updatedns

I propose to only delete A, AAAA and related PTR records (SSHFP records explained later). The record are somehow managed by IPA

I don't like the idea of having an extra option to specify record types that should be removed or a flag that will remove DNS entry completely. IMO that is duplication of dnsrecord-mod/del functionality, host-del should not be used for managing DNS. If somebody wants better granularity, the one should use 'dnsrecord-mod zone rec --type-rec=' or 'dnsrecord-del --del-all'

Note: due backward compatibility --updatedns cannot be migrated to ENUM, new option needed

2)
SSHFP records and host-del (https://fedorahosted.org/freeipa/ticket/5715)

host-del removes SSH keys from LDAP, thus there is no reason to keep SSHFP record in DNS, thus SSHFP records should be removed always (even without --updatedns option)

3)
ipa-client-install --uninstall

SSHFP record are always added via nsupdate to DNS, IMO during client uninstall all SSHFP record related to client should be removed via nsupdate too.

4)
https://fedorahosted.org/freeipa/ticket/5676

ipa-client-install --uninstall --delete-host #suggestions how to name option for removing host entry for ldap welcome

Should this option call 'host-del' or 'host-del --updatedns'?

I would like to avoid additional DNS related option to be added to ipa-client-install

Also do we really want to implement this ticket? What is the gain there?

Martin^2

--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to