On 23.4.2012 23:18, Nalin Dahyabhai wrote:
On Mon, Apr 23, 2012 at 05:40:27PM +0200, Jan Cholasta wrote:
On 23.4.2012 17:21, Jan Cholasta wrote:
On 16.4.2012 22:51, Nalin Dahyabhai wrote:
The ethers.byname and ethers.byaddr NIS maps pair host names and
hardware network addresses. This should close ticket #2259.


Please add this to install/updates/50-nis.update as well.

Besides that, ACK on all 3 patches. I have checked only if ypcat and
ypmatch work as expected, I would prefer if someone with more LDAP/NIS
knowledge took a look at the patches before pushing them.

I have just noticed one issue: we allow the octets in MAC addresses
to be separated not only by ":", but also by "|", "\" or "-". Your
patch doesn't seem to work for MAC addresses not using ":" as a
separator:

$ ipa host-mod host.example.com --macaddress 00:11:22:33:44:55

$ ypcat ethers
00:11:22:33:44:55 host.example.com

$ ipa host-mod host.example.com --macaddress 00-11-22-33-44-55

$ ypcat ethers
<nothing>

Updated patch attached, but I'm skeptical that software which consumes
this data will handle anything other than ':', as neither RFC 2307 nor
ethers(5) mention it.  For that reason I'd lean toward either not
accepting data in that format, or fixing it up on its way in to the
directory -- we can fix it up when the compat plugins are computing the
data they'll serve (and I can revise the patch to configure them to do
so), but software that looks at the non-compat data won't benefit from
it.

Nalin

I agree and IMO fixing the value when the compat plugins are computing the data they'll serve is the best way to go, as someone might already have non-colon separated MAC addresses in their DS.


The patch works fine, however it causes an error during IPA installs and upgrades.

Excerpt from ipaserver-install.log:

INFO New entry: nis-domain=idm.lab.bos.redhat.com+nis-map=ethers.byaddr, cn=NIS Server, cn=plugins, cn=config
...
ERROR Add failure 'NoneType' object is not callable
INFO New entry: nis-domain=idm.lab.bos.redhat.com+nis-map=ethers.byname, cn=NIS Server, cn=plugins, cn=config
...
ERROR Add failure 'NoneType' object is not callable

The error is:

Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/ipaserver/install/ldapupdate.py", line 652, in __update_record
    self.conn.addEntry(entry)
File "/usr/lib/python2.7/site-packages/ipaserver/ipaldap.py", line 495, in addEntry
    arg_desc = 'entry=%s' % (entry)
TypeError: 'NoneType' object is not callable

I'm not sure what is causing it. You might be triggering some bug in LDAP updater code (Rob, can you take a look at this please?)


I'm just curious, why you do this:

default:nis-keys-format: %mregsub("%{macAddress} %{fqdn}","(..[:\\\|-]..[:\\\|-]..[:\\\|-]..[:\\\|-]..[:\\\|-]..) (.*)","%1")

and not simply this:

default:nis-keys-format: ${macAddress}

?


Honza

--
Jan Cholasta

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to