subject:"\[Freeipa\-devel\] \[PATCH 0135\-0136\] DNS\: Warn about restart when default TTL setting DNS is change DNS\: Support default TTL setting for master DNS zone"

Re: [Freeipa-devel] [PATCH 0135-0136] DNS: Warn about restart when default TTL setting DNS is change DNS: Support default TTL setting for master DNS zone

2016-06-21 Thread Martin Basti




On 21.06.2016 11:55, Petr Spacek wrote:

On 21.6.2016 10:00, Petr Spacek wrote:

On 20.6.2016 19:15, Martin Basti wrote:


On 20.06.2016 18:32, Petr Spacek wrote:

On 20.6.2016 18:05, Martin Basti wrote:

On 20.06.2016 16:57, Petr Spacek wrote:

Hello,

DNS: Warn about restart when default TTL setting DNS is changed

bind-dyndb-ldap 10.0 has to be restarted after each change to default
TTL.

https://fedorahosted.org/freeipa/ticket/2956

DNS: Support default TTL setting for master DNS zones

https://fedorahosted.org/freeipa/ticket/2956




Thank you for patches, but I have a few comments

TTL patch:
1)
VERSION - please put short note why API was incremented

2)
60ipadns.ldif - please keep ordered attr definitions by OID

3)
You missed ACI for updating

Warning patch: LGTM

Thank you very much for review!

Here is revised version.


I cannot apply patches on current master, even with git am -3

I do not what could be problem, there was only "standard" conflict on VERSION.

Anyway, there are patches rebased to current master.

... and now with results from makeaci :-)



ACK

master:
* eefdcc6b076e4305a14f231865636d46e4f16cf5 DNS: Support default TTL 
setting for master DNS zones
* f2974b8d965c14247d8a9d03e0df3b5183e20d76 DNS: Warn about restart when 
default TTL setting DNS is changed


--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Re: [Freeipa-devel] [PATCH 0135-0136] DNS: Warn about restart when default TTL setting DNS is change DNS: Support default TTL setting for master DNS zone

2016-06-21 Thread Petr Spacek

On 21.6.2016 10:00, Petr Spacek wrote:
> On 20.6.2016 19:15, Martin Basti wrote:
>>
>>
>> On 20.06.2016 18:32, Petr Spacek wrote:
>>> On 20.6.2016 18:05, Martin Basti wrote:

 On 20.06.2016 16:57, Petr Spacek wrote:
> Hello,
>
> DNS: Warn about restart when default TTL setting DNS is changed
>
> bind-dyndb-ldap 10.0 has to be restarted after each change to default
> TTL.
>
> https://fedorahosted.org/freeipa/ticket/2956
>
> DNS: Support default TTL setting for master DNS zones
>
> https://fedorahosted.org/freeipa/ticket/2956
>
>
>
 Thank you for patches, but I have a few comments

 TTL patch:
 1)
 VERSION - please put short note why API was incremented

 2)
 60ipadns.ldif - please keep ordered attr definitions by OID

 3)
 You missed ACI for updating

 Warning patch: LGTM
>>> Thank you very much for review!
>>>
>>> Here is revised version.
>>>
>>
>> I cannot apply patches on current master, even with git am -3
> 
> I do not what could be problem, there was only "standard" conflict on VERSION.
> 
> Anyway, there are patches rebased to current master.

... and now with results from makeaci :-)

-- 
Petr^2 Spacek
From a033905194f9f355e6be1f4aecc5affe6174a603 Mon Sep 17 00:00:00 2001
From: Petr Spacek 
Date: Mon, 20 Jun 2016 14:38:56 +0200
Subject: [PATCH] DNS: Support default TTL setting for master DNS zones

https://fedorahosted.org/freeipa/ticket/2956
---
 ACI.txt |  4 ++--
 API.txt |  9 ++---
 VERSION |  4 ++--
 install/share/60ipadns.ldif |  3 ++-
 ipaserver/plugins/dns.py| 15 +++
 5 files changed, 23 insertions(+), 12 deletions(-)

diff --git a/ACI.txt b/ACI.txt
index 0646d0d24d0e8a427eabf5aca04566f269e96cd2..98566de35e6ce79633dc4968b3063f6fd1336378 100644
--- a/ACI.txt
+++ b/ACI.txt
@@ -73,13 +73,13 @@ aci: (targetattr = "ipaprivatekey || ipapublickey || ipasecretkey || ipasecretke
 dn: dc=ipa,dc=example
 aci: (targetattr = "cn || idnssecalgorithm || idnsseckeyactivate || idnsseckeycreated || idnsseckeydelete || idnsseckeyinactive || idnsseckeypublish || idnsseckeyref || idnsseckeyrevoke || idnsseckeysep || idnsseckeyzone || objectclass")(target = "ldap:///cn=dns,dc=ipa,dc=example;)(targetfilter = "(objectclass=idnsSecKey)")(version 3.0;acl "permission:System: Manage DNSSEC metadata";allow (all) groupdn = "ldap:///cn=System: Manage DNSSEC metadata,cn=permissions,cn=pbac,dc=ipa,dc=example";)
 dn: dc=ipa,dc=example
-aci: (targetattr = "a6record || record || afsdbrecord || aplrecord || arecord || certrecord || cn || cnamerecord || createtimestamp || dhcidrecord || dlvrecord || dnamerecord || dnsclass || dnsttl || dsrecord || entryusn || hinforecord || hiprecord || idnsallowdynupdate || idnsallowquery || idnsallowsyncptr || idnsallowtransfer || idnsforwarders || idnsforwardpolicy || idnsname || idnssecinlinesigning || idnssoaexpire || idnssoaminimum || idnssoamname || idnssoarefresh || idnssoaretry || idnssoarname || idnssoaserial || idnstemplateattribute || idnsupdatepolicy || idnszoneactive || ipseckeyrecord || keyrecord || kxrecord || locrecord || managedby || mdrecord || minforecord || modifytimestamp || mxrecord || naptrrecord || nsec3paramrecord || nsecrecord || nsrecord || nxtrecord || objectclass || ptrrecord || rprecord || rrsigrecord || sigrecord || spfrecord || srvrecord || sshfprecord || tlsarecord || txtrecord || unknownrecord")(target = "ldap:///idnsname=*,cn=dns,dc=ipa,dc=example;)(version 3.0;acl "permission:System: Read DNS Entries";allow (compare,read,search) groupdn = "ldap:///cn=System: Read DNS Entries,cn=permissions,cn=pbac,dc=ipa,dc=example";)
+aci: (targetattr = "a6record || record || afsdbrecord || aplrecord || arecord || certrecord || cn || cnamerecord || createtimestamp || dhcidrecord || dlvrecord || dnamerecord || dnsclass || dnsdefaultttl || dnsttl || dsrecord || entryusn || hinforecord || hiprecord || idnsallowdynupdate || idnsallowquery || idnsallowsyncptr || idnsallowtransfer || idnsforwarders || idnsforwardpolicy || idnsname || idnssecinlinesigning || idnssoaexpire || idnssoaminimum || idnssoamname || idnssoarefresh || idnssoaretry || idnssoarname || idnssoaserial || idnstemplateattribute || idnsupdatepolicy || idnszoneactive || ipseckeyrecord || keyrecord || kxrecord || locrecord || managedby || mdrecord || minforecord || modifytimestamp || mxrecord || naptrrecord || nsec3paramrecord || nsecrecord || nsrecord || nxtrecord || objectclass || ptrrecord || rprecord || rrsigrecord || sigrecord || spfrecord || srvrecord || sshfprecord || tlsarecord || txtrecord || unknownrecord")(target = "ldap:///idnsname=*,cn=dns,dc=ipa,dc=example;)(version 3.0;acl "permission:System: Read DNS Entries";allow (compare,read,search) groupdn = "ldap:///cn=System: Read DNS Entries,cn=permissions,cn=pbac,dc=ipa,dc=example";)
 dn: dc=ipa,dc=example
 aci: (targetattr = "cn ||

Re: [Freeipa-devel] [PATCH 0135-0136] DNS: Warn about restart when default TTL setting DNS is change DNS: Support default TTL setting for master DNS zone

2016-06-21 Thread Petr Spacek

On 20.6.2016 19:15, Martin Basti wrote:
> 
> 
> On 20.06.2016 18:32, Petr Spacek wrote:
>> On 20.6.2016 18:05, Martin Basti wrote:
>>>
>>> On 20.06.2016 16:57, Petr Spacek wrote:
 Hello,

 DNS: Warn about restart when default TTL setting DNS is changed

 bind-dyndb-ldap 10.0 has to be restarted after each change to default
 TTL.

 https://fedorahosted.org/freeipa/ticket/2956

 DNS: Support default TTL setting for master DNS zones

 https://fedorahosted.org/freeipa/ticket/2956



>>> Thank you for patches, but I have a few comments
>>>
>>> TTL patch:
>>> 1)
>>> VERSION - please put short note why API was incremented
>>>
>>> 2)
>>> 60ipadns.ldif - please keep ordered attr definitions by OID
>>>
>>> 3)
>>> You missed ACI for updating
>>>
>>> Warning patch: LGTM
>> Thank you very much for review!
>>
>> Here is revised version.
>>
> 
> I cannot apply patches on current master, even with git am -3

I do not what could be problem, there was only "standard" conflict on VERSION.

Anyway, there are patches rebased to current master.

-- 
Petr^2 Spacek
From d4a1ea7565862409039c6ea476ec3cedd079e451 Mon Sep 17 00:00:00 2001
From: Petr Spacek 
Date: Mon, 20 Jun 2016 14:38:56 +0200
Subject: [PATCH] DNS: Support default TTL setting for master DNS zones

https://fedorahosted.org/freeipa/ticket/2956
---
 ACI.txt |  2 +-
 API.txt |  9 ++---
 VERSION |  4 ++--
 install/share/60ipadns.ldif |  3 ++-
 ipaserver/plugins/dns.py| 15 +++
 5 files changed, 22 insertions(+), 11 deletions(-)

diff --git a/ACI.txt b/ACI.txt
index 0646d0d24d0e8a427eabf5aca04566f269e96cd2..9dd7f8d5d9df09e11b740f247a4afe3f68328002 100644
--- a/ACI.txt
+++ b/ACI.txt
@@ -73,7 +73,7 @@ aci: (targetattr = "ipaprivatekey || ipapublickey || ipasecretkey || ipasecretke
 dn: dc=ipa,dc=example
 aci: (targetattr = "cn || idnssecalgorithm || idnsseckeyactivate || idnsseckeycreated || idnsseckeydelete || idnsseckeyinactive || idnsseckeypublish || idnsseckeyref || idnsseckeyrevoke || idnsseckeysep || idnsseckeyzone || objectclass")(target = "ldap:///cn=dns,dc=ipa,dc=example;)(targetfilter = "(objectclass=idnsSecKey)")(version 3.0;acl "permission:System: Manage DNSSEC metadata";allow (all) groupdn = "ldap:///cn=System: Manage DNSSEC metadata,cn=permissions,cn=pbac,dc=ipa,dc=example";)
 dn: dc=ipa,dc=example
-aci: (targetattr = "a6record || record || afsdbrecord || aplrecord || arecord || certrecord || cn || cnamerecord || createtimestamp || dhcidrecord || dlvrecord || dnamerecord || dnsclass || dnsttl || dsrecord || entryusn || hinforecord || hiprecord || idnsallowdynupdate || idnsallowquery || idnsallowsyncptr || idnsallowtransfer || idnsforwarders || idnsforwardpolicy || idnsname || idnssecinlinesigning || idnssoaexpire || idnssoaminimum || idnssoamname || idnssoarefresh || idnssoaretry || idnssoarname || idnssoaserial || idnstemplateattribute || idnsupdatepolicy || idnszoneactive || ipseckeyrecord || keyrecord || kxrecord || locrecord || managedby || mdrecord || minforecord || modifytimestamp || mxrecord || naptrrecord || nsec3paramrecord || nsecrecord || nsrecord || nxtrecord || objectclass || ptrrecord || rprecord || rrsigrecord || sigrecord || spfrecord || srvrecord || sshfprecord || tlsarecord || txtrecord || unknownrecord")(target = "ldap:///idnsname=*,cn=dns,dc=ipa,dc=example;)(version 3.0;acl "permission:System: Read DNS Entries";allow (compare,read,search) groupdn = "ldap:///cn=System: Read DNS Entries,cn=permissions,cn=pbac,dc=ipa,dc=example";)
+aci: (targetattr = "a6record || record || afsdbrecord || aplrecord || arecord || certrecord || cn || cnamerecord || createtimestamp || dhcidrecord || dlvrecord || dnamerecord || dnsclass || dnsdefaultttl || dnsttl || dsrecord || entryusn || hinforecord || hiprecord || idnsallowdynupdate || idnsallowquery || idnsallowsyncptr || idnsallowtransfer || idnsforwarders || idnsforwardpolicy || idnsname || idnssecinlinesigning || idnssoaexpire || idnssoaminimum || idnssoamname || idnssoarefresh || idnssoaretry || idnssoarname || idnssoaserial || idnstemplateattribute || idnsupdatepolicy || idnszoneactive || ipseckeyrecord || keyrecord || kxrecord || locrecord || managedby || mdrecord || minforecord || modifytimestamp || mxrecord || naptrrecord || nsec3paramrecord || nsecrecord || nsrecord || nxtrecord || objectclass || ptrrecord || rprecord || rrsigrecord || sigrecord || spfrecord || srvrecord || sshfprecord || tlsarecord || txtrecord || unknownrecord")(target = "ldap:///idnsname=*,cn=dns,dc=ipa,dc=example;)(version 3.0;acl "permission:System: Read DNS Entries";allow (compare,read,search) groupdn = "ldap:///cn=System: Read DNS Entries,cn=permissions,cn=pbac,dc=ipa,dc=example";)
 dn: dc=ipa,dc=example
 aci: (targetattr = "cn || createtimestamp || entryusn || idnssecalgorithm || idnsseckeyactivate || idnsseckeycreated || idnsseckeydelete || idnsseckeyinactive ||

Re: [Freeipa-devel] [PATCH 0135-0136] DNS: Warn about restart when default TTL setting DNS is change DNS: Support default TTL setting for master DNS zone

2016-06-20 Thread Martin Basti




On 20.06.2016 18:32, Petr Spacek wrote:

On 20.6.2016 18:05, Martin Basti wrote:


On 20.06.2016 16:57, Petr Spacek wrote:

Hello,

DNS: Warn about restart when default TTL setting DNS is changed

bind-dyndb-ldap 10.0 has to be restarted after each change to default
TTL.

https://fedorahosted.org/freeipa/ticket/2956

DNS: Support default TTL setting for master DNS zones

https://fedorahosted.org/freeipa/ticket/2956




Thank you for patches, but I have a few comments

TTL patch:
1)
VERSION - please put short note why API was incremented

2)
60ipadns.ldif - please keep ordered attr definitions by OID

3)
You missed ACI for updating

Warning patch: LGTM

Thank you very much for review!

Here is revised version.



I cannot apply patches on current master, even with git am -3
Martin^2

--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Re: [Freeipa-devel] [PATCH 0135-0136] DNS: Warn about restart when default TTL setting DNS is change DNS: Support default TTL setting for master DNS zone

2016-06-20 Thread Petr Spacek

On 20.6.2016 18:05, Martin Basti wrote:
> 
> 
> On 20.06.2016 16:57, Petr Spacek wrote:
>> Hello,
>>
>> DNS: Warn about restart when default TTL setting DNS is changed
>>
>> bind-dyndb-ldap 10.0 has to be restarted after each change to default
>> TTL.
>>
>> https://fedorahosted.org/freeipa/ticket/2956
>>
>> DNS: Support default TTL setting for master DNS zones
>>
>> https://fedorahosted.org/freeipa/ticket/2956
>>
>>
>>
> Thank you for patches, but I have a few comments
> 
> TTL patch:
> 1)
> VERSION - please put short note why API was incremented
> 
> 2)
> 60ipadns.ldif - please keep ordered attr definitions by OID
> 
> 3)
> You missed ACI for updating
> 
> Warning patch: LGTM

Thank you very much for review!

Here is revised version.

-- 
Petr^2 Spacek
From c05f83896a124004935f578bddbbb881fb892197 Mon Sep 17 00:00:00 2001
From: Petr Spacek 
Date: Mon, 20 Jun 2016 14:38:56 +0200
Subject: [PATCH] DNS: Support default TTL setting for master DNS zones

https://fedorahosted.org/freeipa/ticket/2956
---
 ACI.txt |  2 +-
 API.txt |  9 ++---
 VERSION |  4 ++--
 install/share/60ipadns.ldif |  3 ++-
 ipaserver/plugins/dns.py| 15 +++
 5 files changed, 22 insertions(+), 11 deletions(-)

diff --git a/ACI.txt b/ACI.txt
index 0646d0d24d0e8a427eabf5aca04566f269e96cd2..9dd7f8d5d9df09e11b740f247a4afe3f68328002 100644
--- a/ACI.txt
+++ b/ACI.txt
@@ -73,7 +73,7 @@ aci: (targetattr = "ipaprivatekey || ipapublickey || ipasecretkey || ipasecretke
 dn: dc=ipa,dc=example
 aci: (targetattr = "cn || idnssecalgorithm || idnsseckeyactivate || idnsseckeycreated || idnsseckeydelete || idnsseckeyinactive || idnsseckeypublish || idnsseckeyref || idnsseckeyrevoke || idnsseckeysep || idnsseckeyzone || objectclass")(target = "ldap:///cn=dns,dc=ipa,dc=example;)(targetfilter = "(objectclass=idnsSecKey)")(version 3.0;acl "permission:System: Manage DNSSEC metadata";allow (all) groupdn = "ldap:///cn=System: Manage DNSSEC metadata,cn=permissions,cn=pbac,dc=ipa,dc=example";)
 dn: dc=ipa,dc=example
-aci: (targetattr = "a6record || record || afsdbrecord || aplrecord || arecord || certrecord || cn || cnamerecord || createtimestamp || dhcidrecord || dlvrecord || dnamerecord || dnsclass || dnsttl || dsrecord || entryusn || hinforecord || hiprecord || idnsallowdynupdate || idnsallowquery || idnsallowsyncptr || idnsallowtransfer || idnsforwarders || idnsforwardpolicy || idnsname || idnssecinlinesigning || idnssoaexpire || idnssoaminimum || idnssoamname || idnssoarefresh || idnssoaretry || idnssoarname || idnssoaserial || idnstemplateattribute || idnsupdatepolicy || idnszoneactive || ipseckeyrecord || keyrecord || kxrecord || locrecord || managedby || mdrecord || minforecord || modifytimestamp || mxrecord || naptrrecord || nsec3paramrecord || nsecrecord || nsrecord || nxtrecord || objectclass || ptrrecord || rprecord || rrsigrecord || sigrecord || spfrecord || srvrecord || sshfprecord || tlsarecord || txtrecord || unknownrecord")(target = "ldap:///idnsname=*,cn=dns,dc=ipa,dc=example;)(version 3.0;acl "permission:System: Read DNS Entries";allow (compare,read,search) groupdn = "ldap:///cn=System: Read DNS Entries,cn=permissions,cn=pbac,dc=ipa,dc=example";)
+aci: (targetattr = "a6record || record || afsdbrecord || aplrecord || arecord || certrecord || cn || cnamerecord || createtimestamp || dhcidrecord || dlvrecord || dnamerecord || dnsclass || dnsdefaultttl || dnsttl || dsrecord || entryusn || hinforecord || hiprecord || idnsallowdynupdate || idnsallowquery || idnsallowsyncptr || idnsallowtransfer || idnsforwarders || idnsforwardpolicy || idnsname || idnssecinlinesigning || idnssoaexpire || idnssoaminimum || idnssoamname || idnssoarefresh || idnssoaretry || idnssoarname || idnssoaserial || idnstemplateattribute || idnsupdatepolicy || idnszoneactive || ipseckeyrecord || keyrecord || kxrecord || locrecord || managedby || mdrecord || minforecord || modifytimestamp || mxrecord || naptrrecord || nsec3paramrecord || nsecrecord || nsrecord || nxtrecord || objectclass || ptrrecord || rprecord || rrsigrecord || sigrecord || spfrecord || srvrecord || sshfprecord || tlsarecord || txtrecord || unknownrecord")(target = "ldap:///idnsname=*,cn=dns,dc=ipa,dc=example;)(version 3.0;acl "permission:System: Read DNS Entries";allow (compare,read,search) groupdn = "ldap:///cn=System: Read DNS Entries,cn=permissions,cn=pbac,dc=ipa,dc=example";)
 dn: dc=ipa,dc=example
 aci: (targetattr = "cn || createtimestamp || entryusn || idnssecalgorithm || idnsseckeyactivate || idnsseckeycreated || idnsseckeydelete || idnsseckeyinactive || idnsseckeypublish || idnsseckeyref || idnsseckeyrevoke || idnsseckeysep || idnsseckeyzone || modifytimestamp || objectclass")(target = "ldap:///cn=dns,dc=ipa,dc=example;)(targetfilter = "(objectclass=idnsSecKey)")(version 3.0;acl "permission:System: Read DNSSEC metadata";allow (compare,read,search) groupdn = "ldap:///cn=System: Read DNSSEC

Re: [Freeipa-devel] [PATCH 0135-0136] DNS: Warn about restart when default TTL setting DNS is change DNS: Support default TTL setting for master DNS zone

2016-06-20 Thread Martin Basti




On 20.06.2016 16:57, Petr Spacek wrote:

Hello,

DNS: Warn about restart when default TTL setting DNS is changed

bind-dyndb-ldap 10.0 has to be restarted after each change to default
TTL.

https://fedorahosted.org/freeipa/ticket/2956

DNS: Support default TTL setting for master DNS zones

https://fedorahosted.org/freeipa/ticket/2956




Thank you for patches, but I have a few comments

TTL patch:
1)
VERSION - please put short note why API was incremented

2)
60ipadns.ldif - please keep ordered attr definitions by OID

3)
You missed ACI for updating

Warning patch: LGTM
-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

[Freeipa-devel] [PATCH 0135-0136] DNS: Warn about restart when default TTL setting DNS is change DNS: Support default TTL setting for master DNS zone

2016-06-20 Thread Petr Spacek

Hello,

DNS: Warn about restart when default TTL setting DNS is changed

bind-dyndb-ldap 10.0 has to be restarted after each change to default
TTL.

https://fedorahosted.org/freeipa/ticket/2956

DNS: Support default TTL setting for master DNS zones

https://fedorahosted.org/freeipa/ticket/2956

-- 
Petr^2 Spacek
From 66af2a2f96fef7e4dff5ae8c35fc03c6f4701194 Mon Sep 17 00:00:00 2001
From: Petr Spacek 
Date: Mon, 20 Jun 2016 14:38:56 +0200
Subject: [PATCH] DNS: Support default TTL setting for master DNS zones

https://fedorahosted.org/freeipa/ticket/2956
---
 ACI.txt |  2 +-
 API.txt |  9 ++---
 VERSION |  2 +-
 install/share/60ipadns.ldif |  3 ++-
 ipaserver/plugins/dns.py| 11 +--
 5 files changed, 19 insertions(+), 8 deletions(-)

diff --git a/ACI.txt b/ACI.txt
index 0646d0d24d0e8a427eabf5aca04566f269e96cd2..9dd7f8d5d9df09e11b740f247a4afe3f68328002 100644
--- a/ACI.txt
+++ b/ACI.txt
@@ -73,7 +73,7 @@ aci: (targetattr = "ipaprivatekey || ipapublickey || ipasecretkey || ipasecretke
 dn: dc=ipa,dc=example
 aci: (targetattr = "cn || idnssecalgorithm || idnsseckeyactivate || idnsseckeycreated || idnsseckeydelete || idnsseckeyinactive || idnsseckeypublish || idnsseckeyref || idnsseckeyrevoke || idnsseckeysep || idnsseckeyzone || objectclass")(target = "ldap:///cn=dns,dc=ipa,dc=example;)(targetfilter = "(objectclass=idnsSecKey)")(version 3.0;acl "permission:System: Manage DNSSEC metadata";allow (all) groupdn = "ldap:///cn=System: Manage DNSSEC metadata,cn=permissions,cn=pbac,dc=ipa,dc=example";)
 dn: dc=ipa,dc=example
-aci: (targetattr = "a6record || record || afsdbrecord || aplrecord || arecord || certrecord || cn || cnamerecord || createtimestamp || dhcidrecord || dlvrecord || dnamerecord || dnsclass || dnsttl || dsrecord || entryusn || hinforecord || hiprecord || idnsallowdynupdate || idnsallowquery || idnsallowsyncptr || idnsallowtransfer || idnsforwarders || idnsforwardpolicy || idnsname || idnssecinlinesigning || idnssoaexpire || idnssoaminimum || idnssoamname || idnssoarefresh || idnssoaretry || idnssoarname || idnssoaserial || idnstemplateattribute || idnsupdatepolicy || idnszoneactive || ipseckeyrecord || keyrecord || kxrecord || locrecord || managedby || mdrecord || minforecord || modifytimestamp || mxrecord || naptrrecord || nsec3paramrecord || nsecrecord || nsrecord || nxtrecord || objectclass || ptrrecord || rprecord || rrsigrecord || sigrecord || spfrecord || srvrecord || sshfprecord || tlsarecord || txtrecord || unknownrecord")(target = "ldap:///idnsname=*,cn=dns,dc=ipa,dc=example;)(version 3.0;acl "permission:System: Read DNS Entries";allow (compare,read,search) groupdn = "ldap:///cn=System: Read DNS Entries,cn=permissions,cn=pbac,dc=ipa,dc=example";)
+aci: (targetattr = "a6record || record || afsdbrecord || aplrecord || arecord || certrecord || cn || cnamerecord || createtimestamp || dhcidrecord || dlvrecord || dnamerecord || dnsclass || dnsdefaultttl || dnsttl || dsrecord || entryusn || hinforecord || hiprecord || idnsallowdynupdate || idnsallowquery || idnsallowsyncptr || idnsallowtransfer || idnsforwarders || idnsforwardpolicy || idnsname || idnssecinlinesigning || idnssoaexpire || idnssoaminimum || idnssoamname || idnssoarefresh || idnssoaretry || idnssoarname || idnssoaserial || idnstemplateattribute || idnsupdatepolicy || idnszoneactive || ipseckeyrecord || keyrecord || kxrecord || locrecord || managedby || mdrecord || minforecord || modifytimestamp || mxrecord || naptrrecord || nsec3paramrecord || nsecrecord || nsrecord || nxtrecord || objectclass || ptrrecord || rprecord || rrsigrecord || sigrecord || spfrecord || srvrecord || sshfprecord || tlsarecord || txtrecord || unknownrecord")(target = "ldap:///idnsname=*,cn=dns,dc=ipa,dc=example;)(version 3.0;acl "permission:System: Read DNS Entries";allow (compare,read,search) groupdn = "ldap:///cn=System: Read DNS Entries,cn=permissions,cn=pbac,dc=ipa,dc=example";)
 dn: dc=ipa,dc=example
 aci: (targetattr = "cn || createtimestamp || entryusn || idnssecalgorithm || idnsseckeyactivate || idnsseckeycreated || idnsseckeydelete || idnsseckeyinactive || idnsseckeypublish || idnsseckeyref || idnsseckeyrevoke || idnsseckeysep || idnsseckeyzone || modifytimestamp || objectclass")(target = "ldap:///cn=dns,dc=ipa,dc=example;)(targetfilter = "(objectclass=idnsSecKey)")(version 3.0;acl "permission:System: Read DNSSEC metadata";allow (compare,read,search) groupdn = "ldap:///cn=System: Read DNSSEC metadata,cn=permissions,cn=pbac,dc=ipa,dc=example";)
 dn: dc=ipa,dc=example
diff --git a/API.txt b/API.txt
index eb14d44eedfdca44043e808d3ef31d6300281cd6..eb5ace6001f1fe8833341d0cd638a007b8187275 100644
--- a/API.txt
+++ b/API.txt
@@ -1565,11 +1565,12 @@ output: Entry('result')
 output: Output('summary', type=[, ])
 output: PrimaryKey('value')
 command: dnszone_add
-args: 1,28,3
+args: 1,29,3
 arg: DNSNameParam('idnsname', cli_name='name')
 option: Str('addattr*',

Re: [Freeipa-devel] [PATCH 0135-0136] DNS: Warn about restart when default TTL setting DNS is change DNS: Support default TTL setting for master DNS zone

Re: [Freeipa-devel] [PATCH 0135-0136] DNS: Warn about restart when default TTL setting DNS is change DNS: Support default TTL setting for master DNS zone

Re: [Freeipa-devel] [PATCH 0135-0136] DNS: Warn about restart when default TTL setting DNS is change DNS: Support default TTL setting for master DNS zone

Re: [Freeipa-devel] [PATCH 0135-0136] DNS: Warn about restart when default TTL setting DNS is change DNS: Support default TTL setting for master DNS zone

Re: [Freeipa-devel] [PATCH 0135-0136] DNS: Warn about restart when default TTL setting DNS is change DNS: Support default TTL setting for master DNS zone

Re: [Freeipa-devel] [PATCH 0135-0136] DNS: Warn about restart when default TTL setting DNS is change DNS: Support default TTL setting for master DNS zone

[Freeipa-devel] [PATCH 0135-0136] DNS: Warn about restart when default TTL setting DNS is change DNS: Support default TTL setting for master DNS zone

7 matches

Site Navigation

Mail list logo

Footer information