-
Notifications
You must be signed in to change notification settings - Fork 907
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature request: Delete PTR when deleting A/AAAA record. #4656
Comments
Agreed; I suppose inside an rrset object we could add a flag 'delete-ptr' to allow for that. When doing that, also think about deleting old PTRs when updating an existing record. |
Any updates about implementing this feature? Thanks. |
Hi is it possible to have some response to the ptr question |
I think this would be somewhat of a misfeature. We don't know what zone the reverse record lives in, we'd need to hunt it. It might even be in several zones. Do we really want the API to do this? Note that if you filter the API so someone can only edit the zones that are 'theirs', this delete call will touch other zones over which someone has no control. I don't think our API should go there, but perhaps I'm not seeing it right. |
We have the feature to add the PTR, so this is the mirror of that. |
@ahupowerdns Although your concerns are pretty valid, don't they also apply to setting the PTR? Especially with IPv6, I've seen the PTR end up in another zone than I expected it (probably my fault, but still). Since the API has no authorization system, but only authentication, you should assume a admin is working on the API whatsoever. The client (such as nsedit) should decide if you want to set/delete PTR's. The API should only provide the option. |
@tuxis-ie if you have a repro for the IPv6 PTR issue, I'd like to see that! |
The PowerDNS API has no authorization but is built in a way that authorization can exist in a proxy layer on top. Introducing features like this requires the authorization layers to perform the same kind of hunting logic / request body parsing in order to properly enforce zone-level permissions. |
At this time I think we should remove set-ptr from the API and not implement delete-ptr. @tuxis-is did you implement delete in nsedit yet? Can you reuse that for set? |
👍 After internal discussion, we are not removing it in 4.2.x though. |
We are removing set-ptr in 4.3.0. This also means we will not build automatic deletion. |
It would be nice to have the possibility to delete a PTR when deleting an A or AAAA record.
Based on: tuxis-ie/nsedit#131
The text was updated successfully, but these errors were encountered: