[PATCH] Use samba-tool to add DNS entries with samba_dnsupdate

Andrew Bartlett abartlet at samba.org
Mon Sep 7 21:36:57 UTC 2015


On Mon, 2015-09-07 at 16:46 +0200, Andreas Schneider wrote:
> On Monday, September 07, 2015 03:45:36 PM Andrew Bartlett wrote:
> > On Thu, 2015-09-03 at 18:53 +0200, Andreas Schneider wrote:
> > > 
> > I would review this, but can you please propose a patch with a 
> > clearer
> > title and rationalle for 'dns faking'.  Can we please define it 
> > into:
> >  - nss DNS emulation
> >  - resolv DNS emulation
> 
> nss DNS emulation is used by most of our code.
> resolv DNS emulation is only used for SRV lookups.
> 
> resolv DNS emulation works only because libresolv is a library on its 
> own and 
> it is using socket function we wrap with socket_wrapper.
> 
> getaddrinfo calls gethosbyname3 which comes from libnss_dns.so and it 
> calls 
> __libc_res_nsearch().
> 
> Maybe we can intercept __libc_res_nsearch(). I have to play around 
> with it.

Andreas,

Thanks for looking into that.  But backing up a little, what of the
above does 'dns faking' turn on and off?

For me, we must have a single source of truth for the names, either a
(single) file, or a DNS server over socket_wrapper.  The part-way
solutions we have and are being proposed are just messing with my head.

The challenge I have is that I want to only rely on our DNS server, not
also the static hosts file.  This is because I want to test changing IP
addresses and names (which is the client task that triggered all this,
a tested set of scripts to change the IP and name of a DC). 

This may well be very different to the requirements you have.  See
below. 

> > I have real trouble working out which mode dns faking is meant to 
> > be,
> > and it has caused me much trouble when attempting to work on this 
> > patch
> > set.
> > 
> > It also doesn't work for me, because this still fails:
> > 
> > make -j testenv SELFTEST_TESTENV="fl2003dc:local"
> > 
> > Perhaps you didn't update your branch?  I expected the attached to 
> > be
> > included at least (but even with this patch that command fails).
> 
> You can't turn of the nss DNS emulation. At least not yet ...

I'm very confused about the state here.  I think we need to back up,
write down a clear rationale, and then slowly enable this one
environment at a time.  

If you can do that, and get me even just a start of this with a patch
series that is both clear in intent, clear in naming (I can't accept
dns faking, please choose another name at this point), and has already
passed a full autobuild, then I'll be glad to move ahead with the
reviews.

Thanks,

Andrew Bartlett

-- 
Andrew Bartlett
https://samba.org/~abartlet/
Authentication Developer, Samba Team         https://samba.org
Samba Development and Support, Catalyst IT   
https://catalyst.net.nz/services/samba








More information about the samba-technical mailing list