https://fedorahosted.org/389/ticket/311 https://fedorahosted.org/389/attachment/ticket/311/0001-Trac-Ticket-311-IP-lookup-failing-with-multiple-DNS-.patch Bug description: DNS keyword in ACI only accepted an FQDN returned from gethostbyaddr. If an alias hostname was set in an ACI, a request sent from the host was treated as the one from the primary hostname and it failed to get the expected access rights. Fix description: This patch is advertising a keyword "dnsalias". In addition to the primary hostname, by setting the secondary host- names as dnsalias, clients requests would obtain the expected access rights. When an IP address is associated with multiple hostnames (primary: hostA, aliases: hostB and hostC), they could be listed, for instance, in an aci as follows: {{{ aci: (targetattr = "*") (version 3.0;acl "dnsalias example";allow (all) dns="hostA.example.com" or dnsalias="hostB.example.com" or dnslias= "hostC.example.com";) }}} -- 389-devel mailing list 389-devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-devel
