[Freeipa-users] What should the --hostname option do?
Martin Basti
mbasti at redhat.com
Wed Dec 7 09:50:13 UTC 2016
On 07.12.2016 08:48, List dedicated to discussions about use,
configuration and deployment of the IPA server. wrote:
> Hello,
>
> the --hostname option to the installer currently modifies the hostname
> of the machine. In some environments, namely in unprivileged
> containers, that operation is not denied. In some cases, it is
> possible to change the FQDN of the container from outside, for example
> with docker run's -h option. However, in some environments, namely in
> OpenShift, there is not such possibility.
>
> I have found out that disabling the change by turning /bin/hostnamectl
> and /usr/bin/domainname makes ipa-server-install pass while the server
> gets configured with the hostname specified as the parameter to
> --hostname option so it does not seem to be essential for the FQDN to
> change. Of course, some operations might no longer work, like ssh to
> the FreeIPA machine as sshd would need to be set with
> GSSAPIStrictAcceptorCheck no.
>
> I wonder if either change of the --hostname semantics, or some new
> option would be useful, to specify the hostname to be used by the
> FreeIPA software while not touching the configuration of the hostname
> for the machine.
>
I agree that --hostname options should not touch system's hostname, I
don't see reason why application installer should change system hostname.
I'd start with deprecating current behavior of this option in next release
As you mentioned we need find what cases can be broken when we will use
different local and external hostname, but anyway we have do this for
containers.
Martin^2
More information about the Freeipa-users
mailing list