[Freeipa-devel] [PATCH] 351 Installer should not connect to 127.0.0.1
Simo Sorce
simo at redhat.com
Wed Jan 16 14:10:36 UTC 2013
On Wed, 2013-01-16 at 15:01 +0100, Martin Kosek wrote:
> On 01/16/2013 02:50 PM, Simo Sorce wrote:
> > On Wed, 2013-01-16 at 10:42 +0100, Martin Kosek wrote:
> >> IPA installer sometimes tries to connect to the Directory Server
> >> via loopback address 127.0.0.1. However, the Directory Server on
> >> pure IPv6 systems may not be listening on this address. This address
> >> may not even be available.
> >>
> >> Rather use the FQDN of the server when connecting to the DS to fix
> >> this issue and make the connection consistent ldapmodify calls which
> >> also use FQDN instead of IP address.
> >>
> >> https://fedorahosted.org/freeipa/ticket/3355
> >
> > Martin,
> > shouldn't the installer rather always use the ldapi socket ?
> >
> > Simo.
> >
>
> Probably yes, but the fix would be much more intrusive than the current patch
> as we connect to ldap://$HOST:389 all over the installer code. My intention was
> to prepare rather a short fix for the upcoming release...
Uhmm wouldn't you just need to replace ldap://$HOST:389 with
ldapi://path ?
However it is understandable to have a short term fix, but can you open
a ticket for the longer term goal of moving away from TCP connections to
LDAPI ones ?
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-devel
mailing list