Hi, The ipa-client-install script and ipa-join use different methods of resolving the hostname, the former uses gethostbyaddr() call, while the latter reads the "uinfo.nodename".
This can result ipa-client-install failures in case of broken PTR records. https://fedorahosted.org/freeipa/ticket/4027 -- Tomas Babej Associate Software Engeneer | Red Hat | Identity Management RHCE | Brno Site | IRC: tbabej | freeipa.org
From b9eea8f7bfb501dcc9bffd36f8c4a856721d78c2 Mon Sep 17 00:00:00 2001 From: Tomas Babej <[email protected]> Date: Tue, 26 Nov 2013 12:15:33 +0100 Subject: [PATCH] ipa-client-install: Always pass hostname to the ipa-join The ipa-client-install script and ipa-join use different methods of resolving the hostname, the former uses gethostbyaddr() call, while the latter reads the "uinfo.nodename". This can result ipa-client-install failures in case of broken PTR records. https://fedorahosted.org/freeipa/ticket/4027 --- ipa-client/ipa-install/ipa-client-install | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install index e79cb48b04e7bdf23f6fd757e022e57dbb544640..a57f82fc245de84dabb5829af1f42b0373e987f3 100755 --- a/ipa-client/ipa-install/ipa-client-install +++ b/ipa-client/ipa-install/ipa-client-install @@ -2236,13 +2236,13 @@ def install(options, env, fstore, statestore): (ccache_fd, ccache_name) = tempfile.mkstemp() os.close(ccache_fd) env['KRB5CCNAME'] = os.environ['KRB5CCNAME'] = ccache_name - join_args = ["/usr/sbin/ipa-join", "-s", cli_server[0], "-b", str(realm_to_suffix(cli_realm))] + join_args = ["/usr/sbin/ipa-join", + "-s", cli_server[0], + "-b", str(realm_to_suffix(cli_realm)), + "-h", hostname] if options.debug: join_args.append("-d") env['XMLRPC_TRACE_CURL'] = 'yes' - if options.hostname: - join_args.append("-h") - join_args.append(options.hostname) if options.force_join: join_args.append("-f") if options.principal is not None: -- 1.8.3.1
_______________________________________________ Freeipa-devel mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-devel
