[Freeipa-devel] [PATCH] 888 always verify hostname
Martin Kosek
mkosek at redhat.com
Tue Oct 11 15:07:48 UTC 2011
On Fri, 2011-10-07 at 09:18 -0400, Rob Crittenden wrote:
> Martin Kosek wrote:
> >>
> >> Yes but the entry is added /etc/hosts at the very END of installation,
> >> apparently too late for some things. We can alternately add this prior
> >> to configuring anything else.
> >
> > But we add the entry to /etc/hosts right in the beginning. After the
> > line marked with<<<<<< is printed. I double-checked it right now.
>
> Ok, this is totally freaky then. See ticket
> https://fedorahosted.org/freeipa/ticket/1931
> >
I think it is worth mentioning there that the /etc/hosts entry is added
in the beginning only if the hostname is not resolvable and IP address
is passed by the user, i.e. only when the following line printed:
# ipa-server-install --setup-dns (or --no-host-dns)
...
Please provide the IP address to be used for this host name: 10.16.78.50
Adding [10.16.78.50 ipa.example.com] to your /etc/hosts file
...
I saw that 1931 should be solved by a new custom hostname parameter
passed to bind-dyndb-ldap plugin.
I did some additional testing of my proposed patch 140 and it behaved
fine. It is able to catch misconfigured /etc/hosts in both following ways:
1) invalid hostname for given IP address
1.2.3.4 foo
or short name first:
1.2.3.4 foo foo.example.com
To sum this up - I think the patch is ready for review.
Martin
More information about the Freeipa-devel
mailing list