Issue #2765 has been updated by Markus Roberts. Assigned to changed from Bruce Williams to Markus Roberts
---------------------------------------- Bug #2765: puppetrun --no-fqdn configuration option is effectively always set http://projects.reductivelabs.com/issues/2765 Author: Mr Paxos Status: Accepted Priority: Normal Assigned to: Markus Roberts Category: SSL Target version: 0.25.2 Affected version: 0.25.1 Keywords: puppetrun ldap fqdn no-fqdn certificates certificate-names Branch: puppetrun as of 0.25.1 always uses the cn= value of the dn: as the entire node's hostname. Earlier versions (I checked 0.23.2) of puppetrun would default to building a fqdn using the cn= and dc= fields on the dn:. Puppetrun could be instructed to only use the cn= value for the hostname by using the configuration option --no-fqdn. The ability to construct the fqdn using the dc= fields is important when managing subdomains. Take for instance the following two dn:'s, dn: cn=alpha,ou=Hosts,dc=sub1,dc=example,dc=com dn: cn=alpha,ou=Hosts,dc=sub2,dc=example,dc=com With the current logic in puppetrun, these two different dn:'s would evaluate to 'alpha' which is a bit ambiguous. The work-around is to put the fqdn into the cn= field. However, this breaks other uses of ldap. I tried to add this functionality back into puppetrun. Be advised that I do not speak ruby at all. Take the following diff's as a proof of concept and nothing more. <pre> --- /usr/lib64/ruby/site_ruby/1.8/puppet/indirector/node/ldap.rb 2009-10-30 17:43:20.000000000 -0700 +++ ldap.rb 2009-10-30 17:42:52.000000000 -0700 @@ -55,7 +55,7 @@ end infos = [] - ldapsearch(filter) { |entry| infos << entry2hash(entry) } + ldapsearch(filter) { |entry| infos << entry2hash(entry, request.options[:fqdn]) } return infos.collect do |info| info2node(info[:name], info) @@ -78,9 +78,15 @@ end # Convert the found entry into a simple hash. - def entry2hash(entry) + def entry2hash(entry, fqdn = true) result = {} - result[:name] = entry.dn.split(',')[0].split("=")[1] + + if fqdn + result[:name] = entry.dn.sub("cn=",'').sub(/ou=hosts,/i, '').gsub(",dc=",".") + else + result[:name] = entry.dn.split(',')[0].split("=")[1] + end + result[:parent] = get_parent_from_entry(entry) if parent_attribute result[:classes] = get_classes_from_entry(entry) result[:stacked] = get_stacked_values_from_entry(entry) --- /usr/lib64/ruby/site_ruby/1.8/puppet/application/puppetrun.rb 2009-10-30 17:43:19.000000000 -0700 +++ puppetrun.rb 2009-10-30 17:43:07.000000000 -0700 @@ -176,12 +176,12 @@ if Puppet[:node_terminus] == "ldap" and (options[:all] or @classes) if options[:all] - @hosts = Puppet::Node.search("whatever").collect { |node| node.name } + @hosts = Puppet::Node.search("whatever", :fqdn => options[:fqdn]).collect { |node| node.name } puts "all: %s" % @hosts.join(", ") else @hosts = [] @classes.each do |klass| - list = Puppet::Node.search("whatever", :class => klass).collect { |node| node.name } + list = Puppet::Node.search("whatever", :fqdn => options[:fqdn], :class => klass).collect { |node| node.name } puts "%s: %s" % [klass, list.join(", ")] @hosts += list </pre> -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://reductivelabs.com/redmine/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
