[Freeipa-devel] [PATCH] 799 The IP address provided to ipa-server-install must be local
Martin Kosek
mkosek at redhat.com
Tue Jun 14 08:25:51 UTC 2011
On Mon, 2011-06-13 at 16:41 -0400, Rob Crittenden wrote:
> Compare the configured interfaces with the supplied IP address and
> optional netmask to determine if the interface is available.
>
> Note the subtle change when comparing addresses. We have two object
> types, IPNetwork and IPAddress. We should only compare addresses when we
> don't have an IPNetwork otherwise we can end up comparing an address to
> an object with a netmask and get a bad result.
>
> https://fedorahosted.org/freeipa/ticket/1175
NACK.
1) This breaks ipa-replica-prepare:
# ipa-replica-prepare vm-046.idm.lab.bos.redhat.com
--ip-address=10.16.78.46
Usage: ipa-replica-prepare [options] FQDN (e.g. replica.example.com)
ipa-replica-prepare: error: option --ip-address: invalid IP address
10.16.78.46: No network interface matches the provided IP address and
netmask
Actually, this is not your fault, we just don't use IP address checking
in IPAOptionParser correctly. --ip-address option in ipa-replica-prepare
has type "ipnet" which is validated by the CheckedIPAddress. As
match_local defaults to True, your new exception is raised.
I think we need 2 new option types for IPAOptionParser such as "iplocal"
and "ipnetlocal" which would be used for --ip-address option in
ipa-server-install or ipa-dns-install and which would use
match_local=True. Current types "ip" and "ipnet" should use
match_local=False.
2) CheckedIPAddress functionality (i.e. this fix) is neither in ipa-2-0
stable branch nor in RHEL 6.1. But this should be OK since it is
targeted for RHEL 6.2.
Martin
More information about the Freeipa-devel
mailing list