[Freeipa-devel] [PATCH] ipv6 compatible way to check the hostname

Simo Sorce ssorce at redhat.com
Mon Mar 31 13:50:51 UTC 2008 

On Mon, 2008-03-31 at 09:29 -0400, Rob Crittenden wrote:
> Simo Sorce wrote:
> > On Fri, 2008-03-28 at 17:34 -0400, Rob Crittenden wrote:
> >> Simo Sorce wrote:
> >>> Rob Crittenden wrote:
> >>>> Simo Sorce wrote:
> >>>>> This change checks the machine can resolve address using nsswitch 
> >>>>> host name resolution, this means we are also checking that /etc/hosts 
> >>>>> is not broken.
> >>>>>
> >>>>> It uses IPv6 aware system functions, so this should make it also IPv6 
> >>>>> compatible.
> >>>>>
> >>>>> It does not force to have a DNS set up correctly, but that's 
> >>>>> intentional as we might want to install DNS as part of the 
> >>>>> installation (--setup-bind) and checking DNS before installing it 
> >>>>> wouldn't really work :-)
> >>>>>
> >>>>> It still do try to check the DNS but currently it just exists 
> >>>>> silently if DNS is not configured. I am not sure how to raise a 
> >>>>> warning without throwing an exception that would make the install 
> >>>>> script abort in this case.
> >>>>>
> >>>>> It does error out if DNS is setup incorrectly.
> >>>>>
> >>>> +
> >>>> +    rev = None
> >>>> +    for rsn in rs:
> >>>> +        if rsn.dns_type == dnsclient.DNS_T_A:
> >>>> +            rev = rsn
> >>>> +            break
> >>>> +
> >>>> +    if rev == None:
> >>>> +        raise RuntimeError("Cannot find PTR record for %s" % addr)
> >>>> +
> >>>> +    reverse = rev.rdata.ptrdname
> >>>>
> >>>> Should you be looking for DNS_T_PTR here instead? If you have an A 
> >>>> record you won't have a ptrdname.
> >>>>
> >>>> You need to add a try/except around socket.getaddrinfo() to catch 
> >>>> errors if the hostname isn't found so a more useful error message can 
> >>>> be returned than 'Name or service not known'
> >>>>
> >>>> gethostbyaddr may need a try/except around it too.
> >>>>
> >>>> rob
> >>>>
> >>>
> >>>
> >>> Good points, new patch attached.
> >> I have just a couple more comments (sorry, should have included these in 
> >> the first patch):
> >>
> >> - We should say why 127.0.0.1/::1 is an Invalid IP address. Or rather, 
> >> just say that the hostname needs to resolve to a real address or something.
> >> - When are you planning on filling in the #TODO raise a warning? What 
> >> happens if the hostname is a CNAME, will it work? It kinda looks like it 
> >> will still be accepted.
> > 
> > Good points again, newer patch attached.
> >  
> > 
> 
> Looks great, ack.

Pushed.

-- 
Simo Sorce * Red Hat, Inc * New York

More information about the Freeipa-devel mailing list