[Freeipa-devel] [PATCH] 799 The IP address provided to ipa-server-install must be local
Rob Crittenden
rcritten at redhat.com
Tue Jun 14 12:56:40 UTC 2011
Martin Kosek wrote:
> On Mon, 2011-06-13 at 16:41 -0400, Rob Crittenden wrote:
>> Compare the configured interfaces with the supplied IP address and
>> optional netmask to determine if the interface is available.
>>
>> Note the subtle change when comparing addresses. We have two object
>> types, IPNetwork and IPAddress. We should only compare addresses when we
>> don't have an IPNetwork otherwise we can end up comparing an address to
>> an object with a netmask and get a bad result.
>>
>> https://fedorahosted.org/freeipa/ticket/1175
>
> NACK.
>
> 1) This breaks ipa-replica-prepare:
>
> # ipa-replica-prepare vm-046.idm.lab.bos.redhat.com
> --ip-address=10.16.78.46
> Usage: ipa-replica-prepare [options] FQDN (e.g. replica.example.com)
>
> ipa-replica-prepare: error: option --ip-address: invalid IP address
> 10.16.78.46: No network interface matches the provided IP address and
> netmask
>
> Actually, this is not your fault, we just don't use IP address checking
> in IPAOptionParser correctly. --ip-address option in ipa-replica-prepare
> has type "ipnet" which is validated by the CheckedIPAddress. As
> match_local defaults to True, your new exception is raised.
Ok, but is 10.16.78.46 a configured network interface?
>
> I think we need 2 new option types for IPAOptionParser such as "iplocal"
> and "ipnetlocal" which would be used for --ip-address option in
> ipa-server-install or ipa-dns-install and which would use
> match_local=True. Current types "ip" and "ipnet" should use
> match_local=False.
>
> 2) CheckedIPAddress functionality (i.e. this fix) is neither in ipa-2-0
> stable branch nor in RHEL 6.1. But this should be OK since it is
> targeted for RHEL 6.2.
Right, I wasn't planning on pushing this to 2.0.
rob
More information about the Freeipa-devel
mailing list