URL: https://github.com/freeipa/freeipa/pull/1100
Author: tomaskrizek
 Title: #1100: [Backport][ipa-4-5] Make sure upgrade also checks for IPv6 stack
Action: opened

PR body:
"""
Opening the ipa-4-5 backport manually so it can pass through CI quicker. 
Original PR: #1095 
"""

To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/1100/head:pr1100
git checkout pr1100
From 112bd85af6d48e9c9cf79884200682a0b99993be Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy <aboko...@redhat.com>
Date: Tue, 19 Sep 2017 12:06:39 +0300
Subject: [PATCH] Make sure upgrade also checks for IPv6 stack

 - Add check for IPv6 stack to upgrade process
 - Change IPv6 checker to also check that localhost resolves to ::1

Part of fixes https://pagure.io/freeipa/issue/7083
---
 ipaplatform/redhat/tasks.py         | 19 ++++++++++++++++---
 ipaserver/install/server/upgrade.py |  1 +
 2 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/ipaplatform/redhat/tasks.py b/ipaplatform/redhat/tasks.py
index 560f83d1c3..9c0c016b3c 100644
--- a/ipaplatform/redhat/tasks.py
+++ b/ipaplatform/redhat/tasks.py
@@ -150,9 +150,22 @@ def check_ipv6_stack_enabled(self):
         """
         if not os.path.exists(paths.IF_INET6):
             raise RuntimeError(
-                "IPv6 kernel module has to be enabled. If you do not wish to "
-                "use IPv6, please disable it on the interfaces in "
-                "sysctl.conf and enable the IPv6 kernel module.")
+                "IPv6 stack has to be enabled in the kernel and some "
+                "interface has to have ::1 address assigned. Typically "
+                "this is 'lo' interface. If you do not wish to use IPv6 "
+                "globally, disable it on the specific interfaces in "
+                "sysctl.conf except 'lo' interface.")
+
+        try:
+            localhost6 = ipautil.CheckedIPAddress('::1', allow_loopback=True)
+            if localhost6.get_matching_interface() is None:
+                raise ValueError("no interface for ::1 address found")
+        except ValueError:
+            raise RuntimeError(
+                 "IPv6 stack is enabled in the kernel but there is no "
+                 "interface that has ::1 address assigned. Add ::1 address "
+                 "resolution to 'lo' interface. You might need to enable IPv6 "
+                 "on the interface 'lo' in sysctl.conf.")
 
     def restore_pre_ipa_client_configuration(self, fstore, statestore,
                                              was_sssd_installed,
diff --git a/ipaserver/install/server/upgrade.py b/ipaserver/install/server/upgrade.py
index 893e29b3f3..3a520b0dd4 100644
--- a/ipaserver/install/server/upgrade.py
+++ b/ipaserver/install/server/upgrade.py
@@ -1861,6 +1861,7 @@ def upgrade_configuration():
 def upgrade_check(options):
     try:
         installutils.check_server_configuration()
+        tasks.check_ipv6_stack_enabled()
     except RuntimeError as e:
         root_logger.error(e)
         sys.exit(1)
_______________________________________________
FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org
To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org

Reply via email to