Bug 1360928

Summary: External Authentication configuration fails after setting hostname in appliance console
Product: Red Hat CloudForms Management Engine Reporter: amogh <amavinag>
Component: ApplianceAssignee: Joe Vlcek <jvlcek>
Status: CLOSED CURRENTRELEASE QA Contact: Matt Pusateri <mpusater>
Severity: medium Docs Contact:
Priority: high    
Version: 5.6.0CC: abellott, amavinag, cpelland, jhardy, ncarboni, obarenbo, psavage, simaishi
Target Milestone: GAKeywords: TestOnly
Target Release: 5.8.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: auth::externalauth
Fixed In Version: 5.8.0.0 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 1390723 1390724 (view as bug list) Environment:
Last Closed: 2017-06-12 16:30:53 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1390723, 1390724    

Comment 2 Nick Carboni 2016-08-22 13:06:38 UTC 
What was the hostname that you entered?

I was able to successfully set the hostname (i.e. the workaround you mentioned) using just the console option.
Comment 6 Nick Carboni 2016-09-12 12:47:45 UTC 
Alberto, could you take a look at this when you get a chance? Or maybe JoeV can take a look? It seems like it should be working, but I don't have the environment to try to reproduce it.
Comment 7 Nick Carboni 2016-10-12 15:57:20 UTC 
This seems to be being caused by the way python's `socket.gethostbyaddr("127.0.
0.1")` command works.

For example, that same command run with slightly different /etc/hosts files seems to be causing this issue:

/etc/hosts:
127.0.0.1   test.example.com localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

[root@localhost ~]# python
Python 2.7.5 (default, Sep 15 2016, 22:37:39) 
[GCC 4.8.5 20150623 (Red Hat 4.8.5-4)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import socket
>>> socket.gethostbyaddr("127.0.0.1")
('test.example.com', ['localhost', 'localhost.localdomain', 'localhost4', 'localhost4.localdomain4'], ['127.0.0.1'])

If I change /etc/hosts to:

::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
127.0.0.1   test.example.com localhost localhost.localdomain localhost4 localhost4.localdomain4

[root@localhost ~]# python
Python 2.7.5 (default, Sep 15 2016, 22:37:39) 
[GCC 4.8.5 20150623 (Red Hat 4.8.5-4)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import socket
>>> socket.gethostbyaddr("127.0.0.1")
('localhost', ['localhost.localdomain', 'localhost6', 'localhost6.localdomain6'], ['127.0.0.1'])

For some more reference on how this is relevant https://github.com/ManageIQ/manageiq/pull/5854#issuecomment-165133084 explains how freeipa is using these calls to determine the hostname.

I'm not sure what we can/should do to correct this. I don't think socket.gethostbyaddr("127.0.0.1") should ever be returning aliases for ipv6 addresses, but we can't really change that behavior so, maybe we need logic to add the newly set hostname as an alias for ::1 as well when it is set?
Comment 9 Nick Carboni 2016-10-13 15:13:35 UTC 
Submitted a python bug report for this behavior.

http://bugs.python.org/issue28431
Comment 10 Joe Vlcek 2016-10-19 10:42:14 UTC 
Amogh,

I was not able to reproduce this issue.
I used the appliance_console to set the host name then to
configure IPA successfully.

Can you PM me the credentials to the system where you produced this?

Thank you. JoeV
Comment 11 Nick Carboni 2016-10-19 12:41:16 UTC 
Joe,

This issue is completely dependent on the ordering of the lines in /etc/hosts.

Can you be sure your file has the IPv6 address line first like I did here:
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
127.0.0.1   test.example.com localhost localhost.localdomain localhost4 localhost4.localdomain4

I would expect IPA configuration to fail in that case.

I think the only fix we can make for this would be to also set the hostname for ::1 as well as 127.0.0.1 in the console here (https://github.com/ManageIQ/manageiq/blob/master/gems/pending/appliance_console.rb#L242)
Comment 12 Joe Vlcek 2016-10-19 13:29:02 UTC 
(In reply to Nick Carboni from comment #11)
> Joe,
> 
> This issue is completely dependent on the ordering of the lines in
> /etc/hosts.
> 
> Can you be sure your file has the IPv6 address line first like I did here:
> ::1         localhost localhost.localdomain localhost6
> localhost6.localdomain6
> 127.0.0.1   test.example.com localhost localhost.localdomain localhost4
> localhost4.localdomain4
> 
> I would expect IPA configuration to fail in that case.
> 
> I think the only fix we can make for this would be to also set the hostname
> for ::1 as well as 127.0.0.1 in the console here
> (https://github.com/ManageIQ/manageiq/blob/master/gems/pending/
> appliance_console.rb#L242)

Thank you Nick!

I'll investigate.

Joe
Comment 13 amogh 2016-10-19 13:57:46 UTC 
provided the info requested by JoeV on IRC channel.
Comment 14 CFME Bot 2016-10-25 15:26:25 UTC 
https://github.com/ManageIQ/manageiq/pull/12171
Comment 15 CFME Bot 2016-10-31 21:26:23 UTC 
New commit detected on ManageIQ/manageiq/master:
https://github.com/ManageIQ/manageiq/commit/beb24357317ff8b06d05701e9fe27b53f2c3663d

commit beb24357317ff8b06d05701e9fe27b53f2c3663d
Author:     Joe VLcek <jvlcek>
AuthorDate: Tue Oct 25 09:37:13 2016 -0400
Commit:     Joe VLcek <jvlcek>
CommitDate: Tue Oct 25 11:13:39 2016 -0400

    Set hostname on both IPv6 and IPv4 loopback addrs
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1360928

 gems/pending/Gemfile              | 2 +-
 gems/pending/appliance_console.rb | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)
Comment 16 CFME Bot 2016-11-01 17:46:04 UTC 
New commit detected on ManageIQ/manageiq/euwe:
https://github.com/ManageIQ/manageiq/commit/693e9b8d21abf2625662e54aeba1a03923865df2

commit 693e9b8d21abf2625662e54aeba1a03923865df2
Author:     Nick Carboni <ncarboni>
AuthorDate: Mon Oct 31 17:21:13 2016 -0400
Commit:     Oleg Barenboim <chessbyte>
CommitDate: Tue Nov 1 13:41:20 2016 -0400

    Merge pull request #12171 from jvlcek/bz1360928_ext_auth_hostname
    
    Set hostname on both IPv6 and IPv4 loopback addrs
    (cherry picked from commit d00ab3e15116132e5b951ab466ef0963f2de2909)
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1360928

 gems/pending/Gemfile                            | 2 +-
 gems/pending/appliance_console.rb               | 2 +-
 gems/pending/appliance_console/cli.rb           | 3 +--
 gems/pending/spec/appliance_console/cli_spec.rb | 6 ------
 4 files changed, 3 insertions(+), 10 deletions(-)
Comment 19 Nick Carboni 2016-12-02 20:27:33 UTC 
*** Bug 1291879 has been marked as a duplicate of this bug. ***
Comment 20 Matt Pusateri 2017-03-23 15:41:29 UTC 
Verified on 5.8.0.7