| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
| |
Let user enter custom ports for zone conditional forwarders or
global forwarders in dnsconfig. Ports can be specified in
a standard BIND format: IP_ADDRESS [port PORT]
https://fedorahosted.org/freeipa/ticket/2462
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add 2 new features to DNS record interactive help to increase its
usability and also make its behavior more consistent with standard
parameter interactive help:
1) Ask for missing DNS parts
When a required part of a newly added DNS record was missing, we
just returned a ValidationError. Now, the interactive help rather
asks for all missing required parts of all DNS records that were
being added by its parts.
2) Let user amend invalid part
When an interactive help asked for a DNS record part value and
user enters an invalid value, the entire interactive help exits
with an error. This may upset a user if he already entered several
correct DNS record part values. Now, the help rather tells user
what's wrong and give him an opportunity to amend the value.
https://fedorahosted.org/freeipa/ticket/2386
|
| |
|
|
|
|
|
|
|
|
| |
DNS Test Day shown that the new RR specific DNS options and the
concepts behind them may not be easily understood. This patch adds
an explanation of the new DNS framework for structured options
to make it easier for the user to understand and use the new
options.
https://fedorahosted.org/freeipa/ticket/2382
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
DNS and host plugin does not work well with domain names ending
with dot. host plugin creates a record with two fqdn attributes
when such hostname is created which then has to be manually fixed.
DNS plugin handled zones with and without trailing dot as two
distinct zones, which may lead to issues when both zones are
created.
This patch sanitizes approach to FQDNs in both DNS and host plugin.
Hostnames are now always normalized to the form without trailing
dot as this form did not work before and it would keep hostname
form consistent without changes in our server/client enrollment
process.
As DNS zones always worked in both forms this patch rather makes
sure that the plugin works with both forms of one zone and prevents
creating 2 identical zones with just different format.
https://fedorahosted.org/freeipa/ticket/2420
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
DNS plugin did not check DNS zone and DNS record validity and
user was thus able to create domains like "foo bar" or other
invalid DNS labels which would really confuse both user and
bind-dyndb-ldap plugin.
This patch at first consolidates hostname/domain name validators
so that they use common functions and we don't have regular
expressions and other checks defined in several places. These
new cleaned validators are then used for zone/record name
validation.
https://fedorahosted.org/freeipa/ticket/2384
|
| |
|
|
|
|
|
|
|
|
|
| |
When an invalid record type is entered during dnsrecord-add
interactive mode, user is provided with a list of allowed values
(record types). However, the provided list contains also
unsupported record types (APL, DHCID, etc.) and any attempt to add
such records would end with error. This patch limits the list
to supported record types only.
https://fedorahosted.org/freeipa/ticket/2378
|
| |
|
|
| |
https://fedorahosted.org/freeipa/ticket/2379
|
| |
|
|
|
|
|
|
|
|
| |
Improve AttrValueNotFound exception error message raised in the DNS
module when a deleted (modified) attribute value is not found
in a record. In order to be consistent with previous DNS module
implementation this error message should include an attribute
label instead of an attribute name.
https://fedorahosted.org/freeipa/ticket/2377
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adding reverse DNS record may be a time consuming task, especially
for IPv6 addresses. Having a way to automatically create a reverse
record when a forward record is created could speed up the process.
host-add command already has this possibility.
This patch takes advantage of the new per-type API and adds new
options for A/AAAA record types: --a-create-reverse and
--aaaa-create-reverse. These commands can be used to automatically
create reverse records for new A/AAAA addresses (both forward
and reverse zones need to be managed by FreeIPA server):
ipa dnsrecord-add example.com foo --a-rec=10.0.0.1 --a-create-reverse
This command would add a new A record to record foo in zone
example.com and a PTR record to appropriate reverse zone for
IP address 10.0.0.1 (for example PTR record 1 in zone
0.0.10.in-addr.arpa. pointing to foo.example.com.).
Few modification were done to new DNS API to support this feature:
- Refactor --ip-address option handling from host-add and place it
to dns.py to be used by both modules
- Add support for "extra" per-type options
- Hide DNS record part options in dnsrecord_find command as they
have no effect for this command
https://fedorahosted.org/freeipa/ticket/2009
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
New version of bind-dyndb-ldap plugin have an ability to
automatically update machine reverse address when its forward
address is updated via GSS-TSIG update. The reverse zone must be
managed by FreeIPA as well in order of this feature to work.
As it would not be secure to enable this behaviour for all zones
there is a global attribute that can enable PTR sync for all zones
and also a per-zone attribute that can enable for chosen zones
only.
This patch adds an API for this control.
https://fedorahosted.org/freeipa/ticket/2176
|
| |
|
|
|
|
|
|
| |
Add ability configure per-zone forwarder for DNS zones. Any data
in such zone will then be considered as non-authoritative and all
queries will be sent to specified forwarder.
https://fedorahosted.org/freeipa/ticket/2108
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Provide a way to specify BIND allow-query and allow-transfer ACLs
for DNS zones.
IMPORTANT: new bind-dyndb-ldap adds a zone transfer ability. To
avoid zone information leaks to unintended places, allow-transfer
ACL for every zone is by default set to none and has to be
explicitly enabled by an Administrator. This is done both for new
DNS zones and old DNS zones during RPM update via new DNS upgrade
plugin.
https://fedorahosted.org/freeipa/ticket/1211
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Implement API for DNS global options supported in bind-dyndb-ldap.
Currently, global DNS option overrides any relevant option in
named.conf. Thus they are not filled by default they are left as
a possibility for a user.
Bool encoding had to be fixed so that Bool LDAP attribute can also
be deleted and not just set to True or False.
https://fedorahosted.org/freeipa/ticket/2216
|
| |
|
|
|
|
|
|
|
|
| |
When a new DNS record is being added to DNS zone via command
ipa dnsrecord-add ZONE @
and the target ZONE does not exist it returns ObjectclassViolation
which may confuse users. Make sure that standard DNS Zone NotFound
exception is returned.
https://fedorahosted.org/freeipa/ticket/2270
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Since A6 is an obsolete RR type, no DNS part option was created.
This is, however, not consistent with the rest of per-type API
and may cause problems. This patch adds at least a DNS part for
raw A6 record data so that the record type is treated consistently.
This patch also fixes interactive mode for A6 records. Their data
were not detected correctly as dnsrecord_add didn't expect
a number in DNS part option name.
https://fedorahosted.org/freeipa/ticket/2309
|
| |
|
|
|
|
|
| |
Add missing SRV record target validator to filter out possible
user errors.
https://fedorahosted.org/freeipa/ticket/2308
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
NSEC record needs special treatment as it is not composed from
a fixed set of DNS parts divided by space, but it contains
a multivalued DNS part "types" containing a list of RR types
it covers.
There was already a special method for parsing raw NSEC record
to DNS parts, but the other direction was missing. This patch
adds special NSEC convertor to fix this issue.
https://fedorahosted.org/freeipa/ticket/2307
|
| |
|
|
|
|
|
|
|
| |
TXT record validation fails to parse the record if it contains
spaces. Standard DNS part parser uses a space to divide record
parts. A special parser thus need to be implemented for this RR
type.
https://fedorahosted.org/freeipa/ticket/2306
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
All DNS record part options in dnsrecord commands need to be
optional so that all of them are not required in every dnsrecord
command. However, FreeIPA API then does not include an information
which DNS record part options are optional in term of creating
a new DNS record. For example, LOC record option "latitude seconds"
is not needed to add a new LOC record.
This patch adds a flag "dnsrecord_optional" to all such options so
that this information is available for any other UI reading the
FreeIPA API.
https://fedorahosted.org/freeipa/ticket/2208
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Having float type as a base type for floating point parameters in
ipalib introduces several issues, e.g. problem with representation
or value comparison. Python language provides a Decimal type which
help overcome these issues.
This patch replaces a float type and Float parameter with a
decimal.Decimal type in Decimal parameter. A precision attribute
was added to Decimal parameter that can be used to limit a number
of decimal places in parameter representation. This approach fixes
a problem with API.txt validation where comparison of float values
may fail on different architectures due to float representation error.
In order to safely transfer the parameter value over RPC it is
being converted to string which is then converted back to
decimal.Decimal number on a server side.
https://fedorahosted.org/freeipa/ticket/2260
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Having a Parameter maxvalue larger that 2G makes Python convert it
to "long" type instead of "int" type. Our framework than fails to
bootstrap the API when it detects long integer in Parameter
maxvalue.
Remove the clashing maxvalue out entirely as we can't transfer
values larger than 2G anyway (xmlrpc limitation).
https://fedorahosted.org/freeipa/ticket/2082
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use new structured DNSRecord parameters to generate per-type API
for all supported DNS RR types. This should help significantly
the end-user with manipulating complex DNS record type (MX, LOC,
etc.).
All enhancements are integrated to current DNS record commands:
1) dnsrecord-add
- Records can be either entered as a raw value (e.g. --mx-rec=
"1 srv1.example.com" for MX record) or per-part:
--mx-preference=1 --mx-exchanger=srv1.example.com
- CLI interactive help behavior was changed. It will ask for
a record type and then ask for all DNS record part values
(e.g. MX Preference value, MX Exchanger value).
2) dnsrecord-mod
- This command can now operate in 2 modes. When only a raw DNS
record is entered (e.g. --mx-rec="1 srv1.example.com") it
operates in standard mode and replaces any previous mxrecord
value with the --mx-rec value.
When any structured parameter (e.g. --mx-preference) is passed
it modifies just the specified parts of one mxrecord value
referred by --mx-rec:
--mx-rec="1 srv1.example.com" --mx-preference=2
- New interactive help has been implemented. It will ask for a
record to be modified (in the same manner as dnsrecord-del)
and then let user change DNS record part(s) for chosen
records.
3) All dnsrecord-* commands have now --structured option
- When this option is passed, instead of displaying raw DNS values
all DNS records are parsed and displayed per-part. Example:
$ ipa dnsrecord-show example.com @ --structured
Record name: @
Records:
Record type: MX
Record data: 0 server1.example.com.
MX Preference: 0
MX Exchanger: server1.example.com.
Record type: NS
Record data: ns1.example.com.
NS Hostname: ns1.example.com.
All API changes are compatible with clients without this patch.
https://fedorahosted.org/freeipa/ticket/2082
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Current DNS record processing architecture has many flaws,
including custom execute() methods which does not take advantage
of base LDAP commands or nonstandard and confusing DNS record
option processing.
This patch refactors DNS record processing with the following
improvements:
* Every DNS record has now own Parameter type. Each DNS record
consists from one or more "parts" which are also Parameters.
This architecture will enable much easier implementation of
future per-DNS-type API.
* Validation is now not written as a separate function for
every parameter but is delegated to DNS record parts.
* Normalization is also delegated to DNS record parts.
* Since standard LDAP base commands execute method is now used,
dnsrecord-add and dnsrecord-mod correctly supports --setattr
and --addattr options.
* In order to prevent confusion unsupported DNS record types
are now hidden. They are still present in the plugin so that
old clients receive proper validation error.
The patch also contains several fixes:
* Fix domain-name validation and normalization- allow domain
names that are not fully qualified. For example --cname-rec=bar
is a valid domain-name for bind which will translate it then
as bar.<owning-domain>. This change implies, that fully qualified
domain names must end with '.'.
* Do not let user accidentally remove entire zone with command
"ipa dnsrecord-del @ --del-all".
* Fix --ttl and --class option processing in dnsrecord-add and
dnsrecord-mod.
All API changes are compatible with clients without this patch.
https://fedorahosted.org/freeipa/ticket/2082
|
| |
|
|
|
|
|
|
|
| |
This makes no changes to the functionality in the command-line or
GUI because these all have defaults anyway. This is mostly to show
them properly in the UI and prevent someone from trying to erase the
value (and getting a nasty schema error in response).
https://fedorahosted.org/freeipa/ticket/2015
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
enabled for a specific parameter by setting the "csv" option to True.
Remove "List" parameter type and replace all occurences of it with appropriate
multi-valued parameter ("Str" in most cases) with csv enabled.
Add new parameter type "Any", capable of holding values of any type. This is
needed by the "batch" command, as "Str" is not suitable type for the "methods"
parameter.
ticket 2007
|
| |
|
|
|
|
|
| |
Change our default zone manager to hostmaster@<domain> (as per
RFC 2142 recommendation).
https://fedorahosted.org/freeipa/ticket/1981
|
| |
|
|
|
|
|
|
|
|
| |
The validator has been improved to support better both SOA format
(e-mail address in a domain name format, without '@') and standard
e-mail format. Allow '\.' character in a SOA format encoding the
standard '.' in the local-part of an e-mail. Normalization code
has been moved to one common function.
https://fedorahosted.org/freeipa/ticket/2053
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Parameters in LDAP objects missed an information if they are real
LDAP attributes or not. Real LDAP attributes are written to
entry_attrs dictionary in plugin callbacks and are being encoded.
This causes issues when plugin callbacks does not expect that
the parameters values are already encoded for submission to LDAP.
This patch introduces a new flag "noattribute" used to mark that
a parameter is not an LDAP attribute and thus should not be encoded
or added to entry_attrs. Param documentation is improved to describe
the meaning of this and other Param flags or attributes.
https://fedorahosted.org/freeipa/ticket/2097
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Implement missing validators for DNS RR types so that we can capture
at least basic user errors. Additionally, a normalizer creating
a fully-qualified domain name has been implemented for several RRs
where name server may mis-interpret the domain name otherwise.
Unit tests exercising these new validators for the most common
RR types have been added. This patch also consolidates hard-coded
values in DNS test to one place.
https://fedorahosted.org/freeipa/ticket/1106
|
| |
|
|
|
|
|
|
|
|
|
|
| |
--allow-dynupdate was implemented as a Flag parameter type, which
is not convenient for LDAP attributes. When a DNS zone with
permitted dynamic updates was modified and the --allow-dynupdate
flag was not set, dynamic updates were turned off.
This patch changes the option type to Bool parameter type which
behaves according to user expectations when modifying the zone.
https://fedorahosted.org/freeipa/ticket/2039
|
| |
|
|
|
|
|
|
|
|
|
| |
Do at least a basic validation of DNS zone manager mail address.
Do not require '@' to be in the mail address as the SOA record
stores this value without it and people may be used to configure
it that way. '@' is always removed by the installer/dns plugin before
the DNS zone is created.
https://fedorahosted.org/freeipa/ticket/1966
|
| |
|
|
| |
https://fedorahosted.org/freeipa/ticket/1982
|
| |
|
|
| |
ticket 1627
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch reverts the use of pygettext for i18n string extraction. It
was originally introduced because the help documentation for commands
are in the class docstring and module docstring.
Docstrings are a Python construct whereby any string which immediately
follows a class declaration, function/method declaration or appears
first in a module is taken to be the documentation for that
object. Python automatically assigns that string to the __doc__
variable associated with the object. Explicitly assigning to the
__doc__ variable is equivalent and permitted.
We mark strings in the source for i18n translation by embedding them
in _() or ngettext(). Specialized extraction tools (e.g. xgettext)
scan the source code looking for strings with those markers and
extracts the string for inclusion in a translation catalog.
It was mistakingly assumed one could not mark for translation Python
docstrings. Since some docstrings are vital for our command help
system some method had to be devised to extract docstrings for the
translation catalog. pygettext has the ability to locate and extract
docstrings and it was introduced to acquire the documentation for our
commands located in module and class docstrings.
However pygettext was too large a hammer for this task, it lacked any
fined grained ability to extract only the docstrings we were
interested in. In practice it extracted EVERY docstring in each file
it was presented with. This caused a large number strings to be
extracted for translation which had no reason to be translated, the
string might have been internal code documentation never meant to be
seen by users. Often the superfluous docstrings were long, complex and
likely difficult to translate. This placed an unnecessary burden on
our volunteer translators.
Instead what is needed is some method to extract only those strings
intended for translation. We already have such a mechanism and it is
already widely used, namely wrapping strings intended for translation
in calls to _() or _negettext(), i.e. marking a string for i18n
translation. Thus the solution to the docstring translation problem is
to mark the docstrings exactly as we have been doing, it only requires
that instead of a bare Python docstring we instead assign the marked
string to the __doc__ variable. Using the hypothetical class foo as
an example.
class foo(Command):
'''
The foo command takes out the garbage.
'''
Would become:
class foo(Command):
__doc__ = _('The foo command takes out the garbage.')
But which docstrings need to be marked for translation? The makeapi
tool knows how to iterate over every command in our public API. It was
extended to validate every command's documentation and report if any
documentation is missing or not marked for translation. That
information was then used to identify each docstring in the code which
needed to be transformed.
In summary what this patch does is:
* Remove the use of pygettext (modification to install/po/Makefile.in)
* Replace every docstring with an explicit assignment to __doc__ where
the rhs of the assignment is an i18n marking function.
* Single line docstrings appearing in multi-line string literals
(e.g. ''' or """) were replaced with single line string literals
because the multi-line literals were introducing unnecessary
whitespace and newlines in the string extracted for translation. For
example:
'''
The foo command takes out the garbage.
'''
Would appear in the translation catalog as:
"\n
The foo command takes out the garbage.\n
"
The superfluous whitespace and newlines are confusing to translators
and requires us to strip leading and trailing whitespace from the
translation at run time.
* Import statements were moved from below the docstring to above
it. This was necessary because the i18n markers are imported
functions and must be available before the the doc is
parsed. Technically only the import of the i18n markers had to
appear before the doc but stylistically it's better to keep all the
imports together.
* It was observed during the docstring editing process that the
command documentation was inconsistent with respect to the use of
periods to terminate a sentence. Some doc had a trailing period,
others didn't. Consistency was enforced by adding a period to end of
every docstring if one was missing.
|
| |
|
|
|
|
|
|
|
| |
dns.py at line 976 has an invalid i18n string and cannot be processed
during message extraction causing message catalog generation to fail.
The format parameters are trapped inside the i18n string. Also it's
not necessary to promote the i18n string literal to unicode via the u
prefix because the _() function returns unicode.
|
| |
|
|
| |
https://fedorahosted.org/freeipa/ticket/1632
|
| |
|
|
|
|
|
| |
Check that NS address passed in dnszone-add is a domain name and
not an IP address. Make this clear also the parameter help.
https://fedorahosted.org/freeipa/ticket/1567
|
| |
|
|
|
|
|
|
| |
Implement a test for new dnszone-find option --forward-only.
Fix example for reverse zone (zone was not fully qualified and
DNS plugin would forbid adding PTR records).
https://fedorahosted.org/freeipa/ticket/1473
|
| |
|
|
|
|
|
| |
In order for this to work, chaining of parameters through
default_from is made possible.
ticket 1474
|
| |
|
|
|
|
|
|
| |
The CSS text-transform sometimes produces incorrect capitalization,
so the code has been modified to use translated labels that already
contain the correct capitalization.
Ticket #1424
|
| |
|
|
|
|
|
|
|
| |
Implements a new option to filter out reverse zones.
This patch also do some clean up in dns plugin - debug prints were
accidentally left here in the last dns patch.
https://fedorahosted.org/freeipa/ticket/1471
|
| |
|
|
|
|
|
|
|
| |
The object_name, object_name_plural and messages that use these
attributes have been converted to support translation. The label
attribute in the Param class has been modified to accept unicode
string.
Ticket #1435
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The DNS record plugin does not support modification of a record. One
can only add A type addresses to a DNS record or remove the current
ones. To actually change a DNS record value it has to be removed and
then added with a desired value.
This patch adds a new DNS plugin command "dnsrecord-mod" which enables
user to:
- modify a DNS record value (note than DNS record can hold multiple values
and those will be overwritten)
- remove a DNS record when an empty value is passed
New tests for this new command have been added to the CLI test suite.
https://fedorahosted.org/freeipa/ticket/1137
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The entity labels in the following locations have been fixed:
- search facet title: plural
- details facet title: singular
- association facet title: singular
- breadcrumb: plural
- adder dialog title: singular
- deleter dialog title: plural
Some entity labels have been changed into the correct plural form.
Unused file install/ui/test/data/i18n_messages.json has been removed.
Ticket #1249
Ticket #1387
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A new attribute label_singular has been added to all entities which
contains the singular form of the entity label in lower cases except
for acronyms (e.g. HBAC) or proper nouns (e.g. Kerberos). In the Web
UI, this label can be capitalized using CSS text-transform.
The existing 'label' attribute is intentionally left unchanged due to
inconsistencies in the current values. It contains mostly the plural
form of capitalized entity label, but some are singular. Also, it
seems currently there is no comparable capitalization method on the
server-side. So more work is needed before the label can be changed.
Ticket #1249
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When a new DNS zone is being created a local hostname is set as a
nameserver of the new zone. However, when the zone is created
during ipa-replica-prepare, the the current master/replica doesn't
have to be an IPA server with DNS support. This would lead to DNS
zones with incorrect NS records as they wouldn't point to a valid
name server.
Now, a list of all master servers with DNS support is retrieved
during DNS zone creation and added as NS records for a new DNS
zone.
https://fedorahosted.org/freeipa/ticket/1261
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Interactive mode for commands manipulating with DNS records
(dnsrecord-add, dnsrecord-del) is not usable. This patch enhances
the server framework with new callback for interactive mode, which
can be used by commands to inject their own interactive handling.
The callback is then used to improve aforementioned commands'
interactive mode.
https://fedorahosted.org/freeipa/ticket/1018
|
| |
|
|
|
|
|
|
|
|
|
| |
When adding a new DNS zone in the WebUI, IPA server will verify
whether the nameserver is in DNS. Sometimes it is necessary to
skip the verification.
This patch adds a --force option already available in CLI which
can skip this the verification.
https://fedorahosted.org/freeipa/ticket/1105
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Current PTR validation is unclear and may misled the user. This
patch improves the validation process so that the eventual exception
is clearer. New check that the PTR record is fully qualified has
been added to ensure that the reverse zone resolution behaves as
expected.
Additionally, several strings in the DNS plugin were prepared for
localization.
https://fedorahosted.org/freeipa/ticket/1129
|
| |
|
|
|
|
|
|
|
| |
This patch fixes a stacktrace that is printed out when a IPv6
AAAA record with subnet prefix length (e.g. /64) is added.
The same error message as when IPv4 record with subnet prefix
length is used.
https://fedorahosted.org/freeipa/ticket/1115
|
