Re: [Freeipa-devel] [PATCH 0078-0079] DNSEC: Add TLSA record

2014-06-26 Thread Petr Vobornik

On 25.6.2014 14:35, Martin Basti wrote:

On Wed, 2014-06-25 at 14:31 +0200, Martin Basti wrote:

Ticket https://fedorahosted.org/freeipa/ticket/4328#comment:12
Patches attached.

Note: ACI will be updated in another patch which fix ACIs in DNS plugin


Patches are here

What are patch 0078's dependencies? I'm missing necessary blobs.. 
(current master). Also it requires rebase because of today's pushes to 
master (VERSION conflict).

--
Petr Vobornik

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel


[Freeipa-devel] [PATCH 0078-0079] DNSEC: Add TLSA record

2014-06-25 Thread Martin Basti
Ticket https://fedorahosted.org/freeipa/ticket/4328#comment:12
Patches attached.

Note: ACI will be updated in another patch which fix ACIs in DNS plugin
-- 
Martin^2 Basti

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel


Re: [Freeipa-devel] [PATCH 0078-0079] DNSEC: Add TLSA record

2014-06-25 Thread Martin Basti
On Wed, 2014-06-25 at 14:31 +0200, Martin Basti wrote:
 Ticket https://fedorahosted.org/freeipa/ticket/4328#comment:12
 Patches attached.
 
 Note: ACI will be updated in another patch which fix ACIs in DNS plugin

Patches are here
-- 
Martin^2 Basti
From f429d90eadaa7da6719665dc1f9c5fcdf02dcee5 Mon Sep 17 00:00:00 2001
From: Martin Basti mba...@redhat.com
Date: Wed, 25 Jun 2014 12:36:59 +0200
Subject: [PATCH 1/2] DNSSEC: add TLSA record type

Ticket: https://fedorahosted.org/freeipa/ticket/4328
---
 ACI.txt |  4 +--
 API.txt | 20 ---
 VERSION |  4 +--
 install/share/60ipadns.ldif |  3 ++-
 ipalib/plugins/dns.py   | 59 +
 5 files changed, 66 insertions(+), 24 deletions(-)

diff --git a/ACI.txt b/ACI.txt
index dd9e7c5ae2445fff53b7b3d3905d8b1d4b852aca..4faa6edc7639c341b7743bcb77541ff7be770384 100644
--- a/ACI.txt
+++ b/ACI.txt
@@ -39,11 +39,11 @@ aci: (targetattr = idnsallowsyncptr || idnsforwarders || idnsforwardpolicy || i
 dn: cn=System: Add DNS Entries,cn=permissions,cn=pbac,dc=ipa,dc=example
 aci: (target = ldap:///idnsname=*,cn=dns,dc=ipa,dc=example;)(version 3.0;acl permission:System: Add DNS Entries;allow (add) groupdn = ldap:///cn=System: Add DNS Entries,cn=permissions,cn=pbac,dc=ipa,dc=example;)
 dn: cn=System: Read DNS Entries,cn=permissions,cn=pbac,dc=ipa,dc=example
-aci: (targetattr = a6record || record || afsdbrecord || arecord || certrecord || cn || cnamerecord || dlvrecord || dnamerecord || dnsclass || dnsttl || dsrecord || hinforecord || idnsallowdynupdate || idnsallowquery || idnsallowsyncptr || idnsallowtransfer || idnsforwarders || idnsforwardpolicy || idnsname || idnssoaexpire || idnssoaminimum || idnssoamname || idnssoarefresh || idnssoaretry || idnssoarname || idnssoaserial || idnsupdatepolicy || idnszoneactive || keyrecord || kxrecord || locrecord || managedby || mdrecord || minforecord || mxrecord || naptrrecord || nsec3paramrecord || nsecrecord || nsrecord || nxtrecord || objectclass || ptrrecord || rrsigrecord || sigrecord || srvrecord || sshfprecord || txtrecord)(target = ldap:///idnsname=*,cn=dns,dc=ipa,dc=example;)(version 3.0;acl permission:System: Read DNS Entries;allow (compare,read,search) groupdn = ldap:///cn=System: Read DNS Entries,cn=permissions,cn=pbac,dc=ipa,dc=example;)
+aci: (targetattr = a6record || record || afsdbrecord || arecord || certrecord || cn || cnamerecord || dlvrecord || dnamerecord || dnsclass || dnsttl || dsrecord || hinforecord || idnsallowdynupdate || idnsallowquery || idnsallowsyncptr || idnsallowtransfer || idnsforwarders || idnsforwardpolicy || idnsname || idnssoaexpire || idnssoaminimum || idnssoamname || idnssoarefresh || idnssoaretry || idnssoarname || idnssoaserial || idnsupdatepolicy || idnszoneactive || keyrecord || kxrecord || locrecord || managedby || mdrecord || minforecord || mxrecord || naptrrecord || nsec3paramrecord || nsecrecord || nsrecord || nxtrecord || objectclass || ptrrecord || rrsigrecord || sigrecord || srvrecord || sshfprecord || tlsarecord || txtrecord)(target = ldap:///idnsname=*,cn=dns,dc=ipa,dc=example;)(version 3.0;acl permission:System: Read DNS Entries;allow (compare,read,search) groupdn = ldap:///cn=System: Read DNS Entries,cn=permissions,cn=pbac,dc=ipa,dc=example;)
 dn: cn=System: Remove DNS Entries,cn=permissions,cn=pbac,dc=ipa,dc=example
 aci: (target = ldap:///idnsname=*,cn=dns,dc=ipa,dc=example;)(version 3.0;acl permission:System: Remove DNS Entries;allow (delete) groupdn = ldap:///cn=System: Remove DNS Entries,cn=permissions,cn=pbac,dc=ipa,dc=example;)
 dn: cn=System: Update DNS Entries,cn=permissions,cn=pbac,dc=ipa,dc=example
-aci: (targetattr = a6record || record || afsdbrecord || arecord || certrecord || cn || cnamerecord || dlvrecord || dnamerecord || dnsclass || dnsttl || dsrecord || hinforecord || idnsallowdynupdate || idnsallowquery || idnsallowsyncptr || idnsallowtransfer || idnsforwarders || idnsforwardpolicy || idnsname || idnssoaexpire || idnssoaminimum || idnssoamname || idnssoarefresh || idnssoaretry || idnssoarname || idnssoaserial || idnsupdatepolicy || idnszoneactive || keyrecord || kxrecord || locrecord || managedby || mdrecord || minforecord || mxrecord || naptrrecord || nsec3paramrecord || nsecrecord || nsrecord || nxtrecord || ptrrecord || rrsigrecord || sigrecord || srvrecord || sshfprecord || txtrecord)(target = ldap:///idnsname=*,cn=dns,dc=ipa,dc=example;)(version 3.0;acl permission:System: Update DNS Entries;allow (write) groupdn = ldap:///cn=System: Update DNS Entries,cn=permissions,cn=pbac,dc=ipa,dc=example;)
+aci: (targetattr = a6record || record || afsdbrecord || arecord || certrecord || cn || cnamerecord || dlvrecord || dnamerecord || dnsclass || dnsttl || dsrecord || hinforecord || idnsallowdynupdate || idnsallowquery || idnsallowsyncptr || idnsallowtransfer || idnsforwarders || idnsforwardpolicy || idnsname || idnssoaexpire || idnssoaminimum ||