[Freeipa-devel] [PATCH] ipv6 compatible way to check the hostname
Simo Sorce
ssorce at redhat.com
Mon Mar 31 00:03:18 UTC 2008
On Fri, 2008-03-28 at 17:34 -0400, Rob Crittenden wrote:
> Simo Sorce wrote:
> > Rob Crittenden wrote:
> >> Simo Sorce wrote:
> >>> This change checks the machine can resolve address using nsswitch
> >>> host name resolution, this means we are also checking that /etc/hosts
> >>> is not broken.
> >>>
> >>> It uses IPv6 aware system functions, so this should make it also IPv6
> >>> compatible.
> >>>
> >>> It does not force to have a DNS set up correctly, but that's
> >>> intentional as we might want to install DNS as part of the
> >>> installation (--setup-bind) and checking DNS before installing it
> >>> wouldn't really work :-)
> >>>
> >>> It still do try to check the DNS but currently it just exists
> >>> silently if DNS is not configured. I am not sure how to raise a
> >>> warning without throwing an exception that would make the install
> >>> script abort in this case.
> >>>
> >>> It does error out if DNS is setup incorrectly.
> >>>
> >>
> >> +
> >> + rev = None
> >> + for rsn in rs:
> >> + if rsn.dns_type == dnsclient.DNS_T_A:
> >> + rev = rsn
> >> + break
> >> +
> >> + if rev == None:
> >> + raise RuntimeError("Cannot find PTR record for %s" % addr)
> >> +
> >> + reverse = rev.rdata.ptrdname
> >>
> >> Should you be looking for DNS_T_PTR here instead? If you have an A
> >> record you won't have a ptrdname.
> >>
> >> You need to add a try/except around socket.getaddrinfo() to catch
> >> errors if the hostname isn't found so a more useful error message can
> >> be returned than 'Name or service not known'
> >>
> >> gethostbyaddr may need a try/except around it too.
> >>
> >> rob
> >>
> >
> >
> >
> > Good points, new patch attached.
>
> I have just a couple more comments (sorry, should have included these in
> the first patch):
>
> - We should say why 127.0.0.1/::1 is an Invalid IP address. Or rather,
> just say that the hostname needs to resolve to a real address or something.
> - When are you planning on filling in the #TODO raise a warning? What
> happens if the hostname is a CNAME, will it work? It kinda looks like it
> will still be accepted.
Good points again, newer patch attached.
--
Simo Sorce * Red Hat, Inc * New York
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-743-hostname-check.patch
Type: text/x-patch
Size: 4949 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20080330/20329377/attachment.bin>
More information about the Freeipa-devel
mailing list