[PATCH] Use samba-tool to add DNS entries with samba_dnsupdate

[Andrew Bartlett]

On Tue, 2015-09-08 at 08:59 +0200, Andreas Schneider wrote:
> On Tuesday, September 08, 2015 09:36:57 AM Andrew Bartlett wrote:

> > 
> > Andreas,
> > 
> > Thanks for looking into that.  But backing up a little, what of the
> > above does 'dns faking' turn on and off?
> 
> resolv_wrapper can either direct queries specifying a nameserver in
> our own 
> resolv.conf file or fake it (with a dns_hosts_file). This is only for
> code 
> with uses res_(n)search or res_(n)query e.g. libkrb5 or samba code
> doing SRV 
> record lookups.
> 
> All other name resolution is going trough nss_wrapper which wraps 
> getaddrinfo(), gethosbyname*() etc.
> 

> If you want to support only one resource you should implement support
> to load 
> NSS host modules in nss_wrapper. Then implement a NSS host dns module
> using 
> libresolv or directly dlopen() libresolv_wrapper.so.
> 
> This way you only have one source for DNS ...
> 
> 
> I'm happy to discuss details and review patches you send for
> nss_wrapper 
> upstream.

Andreas,

I didn't reply earlier because I had hoped that I would have some time
to attend to this as part of my demote-dc work, but there I've taken a
different approach, skipped emulated DNS and am editing the database
directly.

However, that means that we are all rather stuck here:  For Samba's use
we need that single source of truth, and then probably also per-zone
DNS forwarding.  I realise however that we are along way from that, and
so this effort will likely remain stalled. 

Also stalled are my proposed fixes to samba_dnsupdate, that triggered
this thread.  These are useful changes that users have long requested,
but we have no good way to test them.

Andrew Bartlett


-- 
Andrew Bartlett
https://samba.org/~abartlet/
Authentication Developer, Samba Team         https://samba.org
Samba Development and Support, Catalyst IT   
https://catalyst.net.nz/services/samba