[PATCH] Use samba-tool to add DNS entries with samba_dnsupdate
abartlet at samba.org
Mon Sep 7 21:36:57 UTC 2015
On Mon, 2015-09-07 at 16:46 +0200, Andreas Schneider wrote:
> On Monday, September 07, 2015 03:45:36 PM Andrew Bartlett wrote:
> > On Thu, 2015-09-03 at 18:53 +0200, Andreas Schneider wrote:
> > >
> > I would review this, but can you please propose a patch with a
> > clearer
> > title and rationalle for 'dns faking'. Can we please define it
> > into:
> > - nss DNS emulation
> > - resolv DNS emulation
> nss DNS emulation is used by most of our code.
> resolv DNS emulation is only used for SRV lookups.
> resolv DNS emulation works only because libresolv is a library on its
> own and
> it is using socket function we wrap with socket_wrapper.
> getaddrinfo calls gethosbyname3 which comes from libnss_dns.so and it
> Maybe we can intercept __libc_res_nsearch(). I have to play around
> with it.
Thanks for looking into that. But backing up a little, what of the
above does 'dns faking' turn on and off?
For me, we must have a single source of truth for the names, either a
(single) file, or a DNS server over socket_wrapper. The part-way
solutions we have and are being proposed are just messing with my head.
The challenge I have is that I want to only rely on our DNS server, not
also the static hosts file. This is because I want to test changing IP
addresses and names (which is the client task that triggered all this,
a tested set of scripts to change the IP and name of a DC).
This may well be very different to the requirements you have. See
> > I have real trouble working out which mode dns faking is meant to
> > be,
> > and it has caused me much trouble when attempting to work on this
> > patch
> > set.
> > It also doesn't work for me, because this still fails:
> > make -j testenv SELFTEST_TESTENV="fl2003dc:local"
> > Perhaps you didn't update your branch? I expected the attached to
> > be
> > included at least (but even with this patch that command fails).
> You can't turn of the nss DNS emulation. At least not yet ...
I'm very confused about the state here. I think we need to back up,
write down a clear rationale, and then slowly enable this one
environment at a time.
If you can do that, and get me even just a start of this with a patch
series that is both clear in intent, clear in naming (I can't accept
dns faking, please choose another name at this point), and has already
passed a full autobuild, then I'll be glad to move ahead with the
Authentication Developer, Samba Team https://samba.org
Samba Development and Support, Catalyst IT
More information about the samba-technical