URL: https://github.com/freeipa/freeipa/pull/1101 Author: tomaskrizek Title: #1101: [Backport][ipa-4-6] Make sure upgrade also checks for IPv6 stack Action: opened
PR body: """ This PR was opened automatically because PR #1095 was pushed to master and backport to ipa-4-6 is required. """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/1101/head:pr1101 git checkout pr1101
From 57d5fd8bd8fe05512bc3dba3e66170188c0c11fa Mon Sep 17 00:00:00 2001 From: Alexander Bokovoy <aboko...@redhat.com> Date: Tue, 19 Sep 2017 12:06:39 +0300 Subject: [PATCH] Make sure upgrade also checks for IPv6 stack - Add check for IPv6 stack to upgrade process - Change IPv6 checker to also check that localhost resolves to ::1 Part of fixes https://pagure.io/freeipa/issue/7083 --- ipaplatform/redhat/tasks.py | 19 ++++++++++++++++--- ipaserver/install/server/upgrade.py | 1 + 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/ipaplatform/redhat/tasks.py b/ipaplatform/redhat/tasks.py index 99f04353c3..cb78c94810 100644 --- a/ipaplatform/redhat/tasks.py +++ b/ipaplatform/redhat/tasks.py @@ -146,9 +146,22 @@ def check_ipv6_stack_enabled(self): """ if not os.path.exists(paths.IF_INET6): raise RuntimeError( - "IPv6 kernel module has to be enabled. If you do not wish to " - "use IPv6, please disable it on the interfaces in " - "sysctl.conf and enable the IPv6 kernel module.") + "IPv6 stack has to be enabled in the kernel and some " + "interface has to have ::1 address assigned. Typically " + "this is 'lo' interface. If you do not wish to use IPv6 " + "globally, disable it on the specific interfaces in " + "sysctl.conf except 'lo' interface.") + + try: + localhost6 = ipautil.CheckedIPAddress('::1', allow_loopback=True) + if localhost6.get_matching_interface() is None: + raise ValueError("no interface for ::1 address found") + except ValueError: + raise RuntimeError( + "IPv6 stack is enabled in the kernel but there is no " + "interface that has ::1 address assigned. Add ::1 address " + "resolution to 'lo' interface. You might need to enable IPv6 " + "on the interface 'lo' in sysctl.conf.") def restore_pre_ipa_client_configuration(self, fstore, statestore, was_sssd_installed, diff --git a/ipaserver/install/server/upgrade.py b/ipaserver/install/server/upgrade.py index a3a2864c84..06e188615a 100644 --- a/ipaserver/install/server/upgrade.py +++ b/ipaserver/install/server/upgrade.py @@ -1908,6 +1908,7 @@ def upgrade_configuration(): def upgrade_check(options): try: installutils.check_server_configuration() + tasks.check_ipv6_stack_enabled() except RuntimeError as e: logger.error("%s", e) sys.exit(1)
_______________________________________________ FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org
