mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-23 07:33:27 -06:00
f1ed123cad
IPA client and server tool set used authconfig acutil module to for client DNS operations. This is not optimal DNS interface for several reasons: - does not provide native Python object oriented interface but but rather C-like interface based on functions and structures which is not easy to use and extend - acutil is not meant to be used by third parties besides authconfig and thus can break without notice Replace the acutil with python-dns package which has a feature rich interface for dealing with all different aspects of DNS including DNSSEC. The main target of this patch is to replace all uses of acutil DNS library with a use python-dns. In most cases, even though the larger parts of the code are changed, the actual functionality is changed only in the following cases: - redundant DNS checks were removed from verify_fqdn function in installutils to make the whole DNS check simpler and less error-prone. Logging was improves for the remaining checks - improved logging for ipa-client-install DNS discovery https://fedorahosted.org/freeipa/ticket/2730 https://fedorahosted.org/freeipa/ticket/1837
16 lines
540 B
Plaintext
16 lines
540 B
Plaintext
This is a set of libraries common to IPA clients and servers though mostly
|
|
geared currently towards command-line tools.
|
|
|
|
A brief overview:
|
|
|
|
config.py - identify the IPA server domain and realm. It uses python-dns to
|
|
try to detect this information first and will fall back to
|
|
/etc/ipa/default.conf if that fails.
|
|
|
|
ipautil.py - helper functions
|
|
|
|
entity.py - entity is the main data type. User and Group extend this class
|
|
(but don't add anything currently).
|
|
|
|
ipavalidate.py - basic data validation routines
|