#6518 Can not install IPA server when hostname is not DNS resolvable
Closed: Fixed None Opened 7 years ago by mbabinsk.

On Fedora 25, ipa-server-install crashes during IP address validation due to defective check for server IP addresses.

This actually never worked but the bug was uncovered by glibc update which removed dns and myhostname' fromhosts:` directive.

Steps to reproduce:

1.) pull in the latest freeipa-fedora-test-runner Docker image:

docker pull martbab/freeipa-fedora-test-runner:master-latest

2.) start the container

docker run -d -h master1.ipa.test -v /sys/fs/cgroup:/sys/fs/cgroup:ro --tmpfs /run --tmpfs /tmp -v /dev/urandom:/dev/random:ro martbab/freeipa-fedora-test-runner:master-latest

3.) run ipa-server-install inside:

docker exec $CONTAINER_ID bash -c 'ipa-server-install --debug -U -a Secret123 -p Secret123 -r IPA.TEST'

Expected result:

Installation works

Actual result:

Installation fails with the following traceback in debug mode:

No usable IP address provided nor resolved.
ipa.ipapython.install.cli.install_tool(Server): DEBUG      File "/usr/lib/python2.7/site-packages/ipapython/admintool.py", line 172, in execute
    return_value = self.run()
  File "/usr/lib/python2.7/site-packages/ipapython/install/cli.py", line 318, in run
    cfgr.run()
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 308, in run
    self.validate()
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 317, in validate
    for nothing in self._validator():
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 376, in __runner
    exc_handler(exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 400, in _handle_validate_exception
    self._handle_exception(exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 395, in _handle_exception
    six.reraise(*exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 366, in __runner
    step()
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 363, in <lambda>
    step = lambda: next(self.__gen)
  File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81, in run_generator_with_yield_from
    six.reraise(*exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59, in run_generator_with_yield_from
    value = gen.send(prev_value)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 575, in _configure
    next(validator)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 376, in __runner
    exc_handler(exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 400, in _handle_validate_exception
    self._handle_exception(exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 460, in _handle_exception
    self.__parent._handle_exception(exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 395, in _handle_exception
    six.reraise(*exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 457, in _handle_exception
    super(ComponentBase, self)._handle_exception(exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 395, in _handle_exception
    six.reraise(*exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 366, in __runner
    step()
  File "/usr/lib/python2.7/site-packages/ipapython/install/core.py", line 363, in <lambda>
    step = lambda: next(self.__gen)
  File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 81, in run_generator_with_yield_from
    six.reraise(*exc_info)
  File "/usr/lib/python2.7/site-packages/ipapython/install/util.py", line 59, in run_generator_with_yield_from
    value = gen.send(prev_value)
  File "/usr/lib/python2.7/site-packages/ipapython/install/common.py", line 63, in _install
    for nothing in self._installer(self.parent):
  File "/usr/lib/python2.7/site-packages/ipaserver/install/server/install.py", line 1370, in main
    install_check(self)
  File "/usr/lib/python2.7/site-packages/ipaserver/install/server/install.py", line 270, in decorated
    func(installer)
  File "/usr/lib/python2.7/site-packages/ipaserver/install/server/install.py", line 614, in install_check
    options.ip_addresses)
  File "/usr/lib/python2.7/site-packages/ipaserver/install/installutils.py", line 556, in get_server_ip_address
    raise ScriptError()

ipa.ipapython.install.cli.install_tool(Server): DEBUG    The ipa-server-install command failed, exception: ScriptError: 
ipa.ipapython.install.cli.install_tool(Server): ERROR    The ipa-server-install command failed. See /var/log/ipaserver-install.log for more information

In Fedora 25 container, the following patch seems to do the trick:

--- /usr/lib/python2.7/site-packages/ipaserver/install/installutils.py.orig 2016-10-13 08:35:11.000000000 +0000
+++ /usr/lib/python2.7/site-packages/ipaserver/install/installutils.py  2016-11-25 15:27:36.427786867 +0000
@@ -474,7 +474,7 @@
     # so search path from resolv.conf does not apply
     fqdn = str(dnsutil.DNSName(fqdn).make_absolute())
     try:
-        addrinfos = socket.getaddrinfo(fqdn, None,
+        addrinfos = socket.getaddrinfo(fqdn.rstrip('.'), None,
                                        socket.AF_UNSPEC, socket.SOCK_STREAM)
     except socket.error as ex:
         if ex.errno == socket.EAI_NODATA or ex.errno == socket.EAI_NONAME:

master:

  • 0e093f9 Accept server host names resolvable only using /etc/hosts

ipa-4-4:

  • 47ee287 Accept server host names resolvable only using /etc/hosts

Metadata Update from @mbabinsk:
- Issue assigned to pspacek
- Issue set to the milestone: FreeIPA 4.4.3

6 years ago

Login to comment on this ticket.

Metadata