[Freeipa-users] What's the proper format for an automember serverhostname rule?
greg at greg-gilbert.com
greg at greg-gilbert.com
Wed Apr 19 21:35:13 UTC 2017
Follow-up: I guess I can leave off the --hostname part of it and it
doesn't change the hostname.
On 2017-04-19 17:25, greg at greg-gilbert.com wrote:
> Rob, here's what I see in that log:
>
> 2017-04-19T21:18:23Z DEBUG Using servers from command line, disabling DNS discovery
> 2017-04-19T21:18:23Z DEBUG will use provided server: ipa.services.foo
> 2017-04-19T21:18:23Z DEBUG will use discovered realm: IPA.SERVICES.FOO
> 2017-04-19T21:18:23Z DEBUG will use discovered basedn: dc=ipa,dc=services,dc=foo
> 2017-04-19T21:18:23Z INFO Client hostname: 10.100.15.209
> 2017-04-19T21:18:23Z DEBUG Hostname source: Provided as option
> 2017-04-19T21:18:23Z INFO Realm: IPA.SERVICES.FOO
> ...
> 2017-04-19T21:18:23Z DEBUG Starting external process
> 2017-04-19T21:18:23Z DEBUG args=/bin/hostname 10.100.15.209
> 2017-04-19T21:18:23Z DEBUG Process finished, return code=0
> 2017-04-19T21:18:23Z DEBUG stdout=
> 2017-04-19T21:18:23Z DEBUG stderr=
> 2017-04-19T21:18:23Z DEBUG Backing up system configuration file '/etc/hostname'
>
> So whatever that external process is, I guess that's what's resetting the hostname.
>
> For reference, here's the line that runs (on cloud-init) to set up FreeIPA:
>
> /usr/sbin/ipa-client-install \
> --domain=ipa.services.FOO \
> --server=ipa.services.FOO \
> -U \
> --permit \
> --ssh-trust-dns \
> --principal=enrollment \
> --password="PASS" \
> --hostname="{{ ansible_eth0.ipv4.address }}"
>
> On 2017-04-19 16:27, Rob Crittenden wrote:
> greg at greg-gilbert.com wrote: When the instances register themselves with FreeIPA, their hostnames get
> changed to match their IP; that's a FreeIPA rule, I believe. So in this
> case, the hostname is 10.100.*.
>
> ubuntu at 10:~$ hostname
> 10.100.15.130
> There is something very wrong. ipa-client should be setting a FQDN, not
> an IP address. /var/log/ipaclient-install.log may hold some clues.
>
> rob
>
> On 2017-04-19 14:53, Jason B. Nance wrote:
>
> Hi Greg,
>
> I'm trying to set up a rule based on server hostname. So for
> example, 10.100.* would be put into the 'developers' hostgroup. I
> can't figure out the proper format of the inclusive regex. I've tried:
>
> I believe that your regex needs to match the host name, not the IP
> address. Unless your host name is 10.100.<something> I don't think
> that will match. The regex for "anything" is ".*". I think that the
> pcre syntax is what is used.
> Regards,
>
> j
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20170419/dca9ae89/attachment.htm>
More information about the Freeipa-users
mailing list