Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature request: Delete PTR when deleting A/AAAA record. #4656

Closed
tuxis-ie opened this issue Nov 3, 2016 · 11 comments
Closed

Feature request: Delete PTR when deleting A/AAAA record. #4656

tuxis-ie opened this issue Nov 3, 2016 · 11 comments
Labels
auth rest-api

Comments

@tuxis-ie
Copy link
Contributor

tuxis-ie commented Nov 3, 2016

It would be nice to have the possibility to delete a PTR when deleting an A or AAAA record.

Based on: tuxis-ie/nsedit#131
@zeha
Copy link
Collaborator

zeha commented Nov 3, 2016

Agreed; I suppose inside an rrset object we could add a flag 'delete-ptr' to allow for that.

When doing that, also think about deleting old PTRs when updating an existing record.

@Habbie Habbie mentioned this issue Feb 16, 2017
Closed
@Halytskyi
Copy link

Halytskyi commented Dec 3, 2018
edited
Loading

Any updates about implementing this feature? Thanks.

@ghost
Copy link

ghost commented Dec 5, 2018

Hi is it possible to have some response to the ptr question

@ahupowerdns
Copy link
Contributor

I think this would be somewhat of a misfeature. We don't know what zone the reverse record lives in, we'd need to hunt it. It might even be in several zones. Do we really want the API to do this? Note that if you filter the API so someone can only edit the zones that are 'theirs', this delete call will touch other zones over which someone has no control. I don't think our API should go there, but perhaps I'm not seeing it right.

@zeha
Copy link
Collaborator

zeha commented Dec 5, 2018

We have the feature to add the PTR, so this is the mirror of that.
Mostly needs typing in I think.

@tuxis-ie
Copy link
Contributor Author

@ahupowerdns Although your concerns are pretty valid, don't they also apply to setting the PTR? Especially with IPv6, I've seen the PTR end up in another zone than I expected it (probably my fault, but still).

Since the API has no authorization system, but only authentication, you should assume a admin is working on the API whatsoever. The client (such as nsedit) should decide if you want to set/delete PTR's. The API should only provide the option.

@zeha
Copy link
Collaborator

zeha commented Dec 11, 2018

@tuxis-ie if you have a repro for the IPv6 PTR issue, I'd like to see that!

@jwhited
Copy link

jwhited commented Apr 12, 2019

Since the API has no authorization system, but only authentication, you should assume a admin is working on the API whatsoever. The client (such as nsedit) should decide if you want to set/delete PTR's. The API should only provide the option.

The PowerDNS API has no authorization but is built in a way that authorization can exist in a proxy layer on top. Introducing features like this requires the authorization layers to perform the same kind of hunting logic / request body parsing in order to properly enforce zone-level permissions.

@zeha
Copy link
Collaborator

zeha commented Apr 12, 2019

At this time I think we should remove set-ptr from the API and not implement delete-ptr.

@tuxis-is did you implement delete in nsedit yet? Can you reuse that for set?

@Habbie
Copy link
Member

Habbie commented Apr 12, 2019
edited
Loading

At this time I think we should remove set-ptr from the API and not implement delete-ptr.

👍

After internal discussion, we are not removing it in 4.2.x though.

@zeha zeha mentioned this issue May 9, 2019
Merged
7 tasks
@Habbie
Copy link
Member

Habbie commented May 14, 2019

We are removing set-ptr in 4.3.0. This also means we will not build automatic deletion.

@Habbie Habbie closed this as completed May 14, 2019
@mbag mbag mentioned this issue Dec 18, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
auth rest-api
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@zeha @Habbie @ahupowerdns @tuxis-ie @Halytskyi @jwhited