pdns icon indicating copy to clipboard operation
pdns copied to clipboard
verified publisher icon PowerDNS

auth: Per zone metadata setting ENABLE-LUA-RECORDS can not be set via API

Open aj-gh opened this issue 3 years ago • 1 comments

  • Program: Authoritative
  • Issue type: Bug report

Short description

It seems that it's currently not possible to enable LUA records on a per-zone basis using the API as that setting is not whitelisted.

Environment

  • Operating system: Ubuntu 20.04
  • Software version: 4.8.0-alpha0.264.master.g7eaadaa85
  • Software source: pdns repo

Steps to reproduce

  1. Try to set ENABLE-LUA-RECORDS using the API
  2. Result: Unsupported metadata kind 'ENABLE-LUA-RECORDS'

Expected behaviour

Possible to set ENABLE-LUA-RECORDS using the API.

Actual behaviour

Unsupported metadata kind 'ENABLE-LUA-RECORDS'

Other information

Ref: https://github.com/PowerDNS/pdns/blob/master/pdns/ws-auth.cc#L862 & as discussed.

aj-gh avatar Sep 22 '22 11:09 aj-gh

Enabling this access by default would turn the REST API into a remote shell, which users may not want. Perhaps we can hide this ability behind a pdns.conf flag.

Habbie avatar Sep 23 '22 13:09 Habbie