Bug 772044
Summary: | [RFE] Add ethers (mac address) information to the host object | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Dmitri Pal <dpal> |
Component: | ipa | Assignee: | Rob Crittenden <rcritten> |
Status: | CLOSED ERRATA | QA Contact: | IDM QE LIST <seceng-idm-qe-list> |
Severity: | high | Docs Contact: | |
Priority: | unspecified | ||
Version: | 6.0 | CC: | aakkiang, dpal, jgalipea, mkosek, sigbjorn |
Target Milestone: | rc | Keywords: | FutureFeature |
Target Release: | --- | ||
Hardware: | All | ||
OS: | All | ||
Whiteboard: | |||
Fixed In Version: | ipa-2.2.0-1.el6 | Doc Type: | Enhancement |
Doc Text: |
Cause: IPA host plugin does not allow storing machine MAC addresses.
Consequence: Administrators cannot assign MAC addresses to host entries in IPA.
Change: A new attribute for MAC address was added to IPA host plugin
Result: Administrators can assign MAC address to host entry. The value can then be read from the IPA LDAP server for example via "getent ethers <hostname>" command.
|
Story Points: | --- |
Clone Of: | 691431 | Environment: | |
Last Closed: | 2012-06-20 13:28:43 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 691431 | ||
Bug Blocks: | 736854 |
Description
Dmitri Pal
2012-01-05 18:16:53 UTC
Fixed upstream: master: https://fedorahosted.org/freeipa/changeset/52e3488b75e1ed2de7a021148169901a522dbbcb ipa-2-2: https://fedorahosted.org/freeipa/changeset/d8314c5c054b98a3e583477eff66e6067745f0b6 Please add a description of what is expected with the new feature? Showing an enrolled client does not show macAddress. We don't set the MAC address automatically when a host is enrolled. Right now we are just making the attribute available. To test: 1. yum install nss-pam-ldapd 2. yum install ipa-server 3. ipa-server-install ... 4. kinit admin 5. ipa host-add someserver.example.com --macaddress=00:50:56:30:F6:58 6. edit /etc/nslcd and set the base to your IPA server 7. service nslcd start 8. edit /etc/nsswitch.conf and set ethers to ldap 9. getent ethers someserver.example.com 0:50:56:30:F6:58 someserver.example.com Verified. Version :: ipa-server-2.2.0-4.el6.x86_64, nss-pam-ldapd-0.7.5-14.el6_2.1.x86_64 :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: ipa-host-cli-macaddress-startup: Install nss-pam-ldapd package, set ethers to ldap and create temp directory. :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ PASS ] :: Running 'yum -y install nss-pam-ldapd' :: [ PASS ] :: nss-pam-ldapd package is installed :: [ PASS ] :: Set the base to IPA server :: [ PASS ] :: Running '/bin/mv /etc/nslcd.conf.modified /etc/nslcd.conf' :: [ PASS ] :: Restart nslcd service :: [ PASS ] :: Set ethers to ldap :: [ PASS ] :: Running '/bin/mv /etc/nsswitch.conf.modified /etc/nsswitch.conf' :: [ PASS ] :: Creating temp directory :: [ PASS ] :: Running 'pushd /tmp/tmp.EvrHGmb8p8' :: [ LOG ] :: Duration: 12s :: [ LOG ] :: Assertions: 9 good, 0 bad :: [ PASS ] :: RESULT: ipa-host-cli-macaddress-startup: Install nss-pam-ldapd package, set ethers to ldap and create temp directory. :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: ipa-host-cli-94: add a host with --macaddress --force :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ PASS ] :: Adding host with --mac-address and --force :: [ LOG ] :: Value of MAC address: for mytesthost1.testrelm.com is as expected - MAC address: 00:30:48:7F:2C:FF :: [ PASS ] :: Check if MAC address was added :: [ PASS ] :: Get the ether value associated with the host :: [ PASS ] :: File '/tmp/hostshow_mytesthost1.testrelm.com.out' should contain '0:30:48:7f:2c:ff mytesthost1.testrelm.com' :: [ LOG ] :: Duration: 4s :: [ LOG ] :: Assertions: 4 good, 0 bad :: [ PASS ] :: RESULT: ipa-host-cli-94: add a host with --macaddress --force :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: ipa-host-cli-95: Delete Host :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ PASS ] :: Delete host that was added with --macaddress :: [ LOG ] :: WARNING: Failed to find host. :: [ PASS ] :: Verifying host was deleted. :: [ LOG ] :: Duration: 4s :: [ LOG ] :: Assertions: 2 good, 0 bad :: [ PASS ] :: RESULT: ipa-host-cli-95: Delete Host :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: ipa-host-cli-96: Add host with --macaddress and DNS Record :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: Reverse Zone: 65.16.10.in-addr.arpa. :: [ LOG ] :: EXECUTING: ipa host-add --macaddress=00:30:48:7F:2C:ff --ip-address=10.16.65.99 mytesthost2.testrelm.com :: [ PASS ] :: Adding host with mac address 00:30:48:7F:2C:ff and IP Address 10.16.65.99 :: [ LOG ] :: Host name is as expected. :: [ LOG ] :: Principal name is as expected. :: [ PASS ] :: Verifying host was added with IP Address. :: [ LOG ] :: Value of MAC address: for mytesthost2.testrelm.com is as expected - MAC address: 00:30:48:7F:2C:FF :: [ PASS ] :: Check if MAC address was added :: [ PASS ] :: Get the ether value associated with the host :: [ PASS ] :: File '/tmp/hostshow_mytesthost2.testrelm.com.out' should contain '0:30:48:7f:2c:ff mytesthost2.testrelm.com' :: [ PASS ] :: Checking for forward DNS entry :: [ PASS ] :: Checking for reverse DNS entry :: [ LOG ] :: Duration: 12s :: [ LOG ] :: Assertions: 7 good, 0 bad :: [ PASS ] :: RESULT: ipa-host-cli-96: Add host with --macaddress and DNS Record :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: ipa-host-cli-97: Delete host that has --macaddress without deleting DNS Record :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: Host mytesthost2.testrelm.com deleted successfully. :: [ PASS ] :: Deleting host without deleting DNS entries :: [ LOG ] :: WARNING: Failed to find host. :: [ PASS ] :: Verifying host was deleted. :: [ PASS ] :: Checking for forward DNS entry :: [ PASS ] :: Checking for reverse DNS entry :: [ LOG ] :: Duration: 6s :: [ LOG ] :: Assertions: 4 good, 0 bad :: [ PASS ] :: RESULT: ipa-host-cli-97: Delete host that has --macaddress without deleting DNS Record :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: ipa-host-cli-98: Add host with --macaddress without force option - DNS Record Exists :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: EXECUTING: ipa host-add mytesthost2.testrelm.com :: [ PASS ] :: Add host DNS entries exist :: [ LOG ] :: Host name is as expected. :: [ LOG ] :: Principal name is as expected. :: [ PASS ] :: Verifying host was added when DNS records exist. :: [ LOG ] :: Value of MAC address: for mytesthost2.testrelm.com is as expected - MAC address: 00:30:48:7F:2C:FF :: [ PASS ] :: Check if MAC address was added :: [ PASS ] :: Get the ether value associated with the host :: [ PASS ] :: File '/tmp/hostshow_mytesthost2.testrelm.com.out' should contain '0:30:48:7f:2c:ff mytesthost2.testrelm.com' :: [ PASS ] :: Checking for forward DNS entry :: [ PASS ] :: Checking for reverse DNS entry :: [ LOG ] :: Duration: 10s :: [ LOG ] :: Assertions: 7 good, 0 bad :: [ PASS ] :: RESULT: ipa-host-cli-98: Add host with --macaddress without force option - DNS Record Exists :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: ipa-host-cli-99: Delete Host that has -macaddress and Update DNS :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ PASS ] :: Delete host that has --macaddress and update DNS :: [ LOG ] :: WARNING: Failed to find host. :: [ PASS ] :: Verifying host was deleted. :: [ PASS ] :: Checking for forward DNS entry :: [ PASS ] :: Checking for reverse DNS entry :: [ LOG ] :: Duration: 7s :: [ LOG ] :: Assertions: 4 good, 0 bad :: [ PASS ] :: RESULT: ipa-host-cli-99: Delete Host that has -macaddress and Update DNS :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: ipa-host-cli-100: host-mod of a host with --macaddress :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ PASS ] :: Adding host with --mac-address and --force :: [ LOG ] :: EXECUTING : ipa host-mod --macaddress="00:30:48:7F:2C:ee" "mytesthost1.testrelm.com" :: [ PASS ] :: Modify a host that has --macaddress attribute :: [ LOG ] :: Value of MAC address: for mytesthost1.testrelm.com is as expected - MAC address: 00:30:48:7F:2C:EE :: [ PASS ] :: Verifying host MAC address was modified. :: [ PASS ] :: Get the ether value associated with the host :: [ PASS ] :: File '/tmp/hostshow_mytesthost1.testrelm.com.out' should contain '0:30:48:7f:2c:ee mytesthost1.testrelm.com' :: [ PASS ] :: Cleanup delete test host :: [ LOG ] :: Duration: 10s :: [ LOG ] :: Assertions: 6 good, 0 bad :: [ PASS ] :: RESULT: ipa-host-cli-100: host-mod of a host with --macaddress :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: ipa-host-cli-101: setattr --macaddress :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ PASS ] :: Adding host :: [ LOG ] :: Executing: ipa host-mod --setattr macaddress="00:30:48:7F:2C:ff" mytesthost1.testrelm.com :: [ LOG ] :: Successfully set attribute macaddress to "00:30:48:7F:2C:ff" :: [ PASS ] :: Setting attribute macaddress to value of 00:30:48:7F:2C:ff. :: [ LOG ] :: Value of MAC address: for mytesthost1.testrelm.com is as expected - MAC address: 00:30:48:7F:2C:FF :: [ PASS ] :: Verifying host macaddress was modified. :: [ PASS ] :: Get the ether value associated with the host :: [ PASS ] :: File '/tmp/hostshow_mytesthost1.testrelm.com.out' should contain '0:30:48:7f:2c:ff mytesthost1.testrelm.com' :: [ PASS ] :: Cleanup delete test host :: [ LOG ] :: Duration: 7s :: [ LOG ] :: Assertions: 6 good, 0 bad :: [ PASS ] :: RESULT: ipa-host-cli-101: setattr --macaddress :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: ipa-host-cli-102: setattr --macaddress and addattr on macaddress :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ PASS ] :: Adding host :: [ LOG ] :: Executing: ipa host-mod --setattr macaddress="00:30:48:7F:2C:ff" mytesthost1.testrelm.com :: [ LOG ] :: Successfully set attribute macaddress to "00:30:48:7F:2C:ff" :: [ PASS ] :: Setting attribute macaddress to value of 00:30:48:7F:2C:ff. :: [ LOG ] :: Value of MAC address: for mytesthost1.testrelm.com is as expected - MAC address: 00:30:48:7F:2C:FF :: [ PASS ] :: Verifying host macaddress was modified. :: [ LOG ] :: Executing: ipa host-mod --addattr macaddress=00:30:48:7F:2C:ff mytesthost1.testrelm.com :: [ LOG ] :: "ipa host-mod --addattr macaddress=00:30:48:7F:2C:ff mytesthost1.testrelm.com" failed as expected. :: [ PASS ] :: Error message as expected: ipa: ERROR: no modifications to be performed :: [ PASS ] :: Verify expected error message for --addattr. :: [ PASS ] :: Get the ether value associated with the host :: [ PASS ] :: File '/tmp/hostshow_mytesthost1.testrelm.com.out' should contain '0:30:48:7f:2c:ff mytesthost1.testrelm.com' :: [ PASS ] :: Cleanup delete test host :: [ LOG ] :: Duration: 9s :: [ LOG ] :: Assertions: 8 good, 0 bad :: [ PASS ] :: RESULT: ipa-host-cli-102: setattr --macaddress and addattr on macaddress :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: ipa-host-cli-103: Modify Host with --macaddress - host doesn't Exist :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: Executing: ipa host-mod --addattr macaddress=00:30:48:7F:2C:ff mytesthost1.testrelm.com :: [ LOG ] :: "ipa host-mod --addattr macaddress=00:30:48:7F:2C:ff mytesthost1.testrelm.com" failed as expected. :: [ PASS ] :: Error message as expected: ipa: ERROR: mytesthost1.testrelm.com: host not found :: [ PASS ] :: Verify expected error message. :: [ LOG ] :: Duration: 3s :: [ LOG ] :: Assertions: 2 good, 0 bad :: [ PASS ] :: RESULT: ipa-host-cli-103: Modify Host with --macaddress - host doesn't Exist :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: ipa-host-cli-104: addattr --macaddress :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ PASS ] :: Adding host :: [ PASS ] :: Adding attribute macaddress to value of 00:30:48:7F:2C:ff. :: [ LOG ] :: Value of MAC address: for mytesthost1.testrelm.com is as expected - MAC address: 00:30:48:7F:2C:FF :: [ PASS ] :: Verifying host macaddress was modified. :: [ PASS ] :: Get the ether value associated with the host :: [ PASS ] :: File '/tmp/hostshow_mytesthost1.testrelm.com.out' should contain '0:30:48:7f:2c:ff mytesthost1.testrelm.com' :: [ PASS ] :: Cleanup delete test host :: [ LOG ] :: Duration: 6s :: [ LOG ] :: Assertions: 6 good, 0 bad :: [ PASS ] :: RESULT: ipa-host-cli-104: addattr --macaddress :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: ipa-host-cli-105: delattr --macaddress :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ PASS ] :: Adding host with --mac-address and --force :: [ LOG ] :: Value of MAC address: for mytesthost1.testrelm.com is as expected - MAC address: 00:30:48:7F:2C:FF :: [ PASS ] :: Check if MAC address was added :: [ PASS ] :: Get the ether value associated with the host :: [ PASS ] :: File '/tmp/hostshow_mytesthost1.testrelm.com.out' should contain '0:30:48:7f:2c:ff mytesthost1.testrelm.com' :: [ PASS ] :: Delete attribute macaddress=00:30:48:7F:2C:ff. :: [ LOG ] :: ERROR: mytesthost1.testrelm.com verification failed: Value of MAC address: - GOT: EXPECTED: 00:30:48:7F:2C:ff :: [ PASS ] :: Check if MAC address attribute was deleted :: [ PASS ] :: Get the ether value associated with the host, should be empty. :: [ PASS ] :: File '/tmp/hostshow_mytesthost1.testrelm.com.out' should not contain '0:30:48:7f:2c:ff mytesthost1.testrelm.com' :: [ PASS ] :: Cleanup delete test host :: [ LOG ] :: Duration: 8s :: [ LOG ] :: Assertions: 9 good, 0 bad :: [ PASS ] :: RESULT: ipa-host-cli-105: delattr --macaddress :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: ipa-host-cli-106: delattr --macaddress with incorrect value :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ PASS ] :: Adding host with --mac-address and --force :: [ LOG ] :: Value of MAC address: for mytesthost1.testrelm.com is as expected - MAC address: 00:30:48:7F:2C:FF :: [ PASS ] :: Check if MAC address was added :: [ LOG ] :: Executing: ipa host-mod --delattr macaddress=00:30:48:7F:2C:EE mytesthost1.testrelm.com :: [ LOG ] :: "ipa host-mod --delattr macaddress=00:30:48:7F:2C:EE mytesthost1.testrelm.com" failed as expected. :: [ PASS ] :: Error message as expected: ipa: ERROR: macaddress does not contain '00:30:48:7F:2C:EE' :: [ PASS ] :: Verify expected error message. :: [ LOG ] :: Value of MAC address: for mytesthost1.testrelm.com is as expected - MAC address: 00:30:48:7F:2C:FF :: [ PASS ] :: Check if MAC address attribute was not deleted :: [ PASS ] :: Get the ether value associated with the host :: [ PASS ] :: File '/tmp/hostshow_mytesthost1.testrelm.com.out' should contain '0:30:48:7f:2c:ff mytesthost1.testrelm.com' :: [ PASS ] :: Cleanup delete test host :: [ LOG ] :: Duration: 10s :: [ LOG ] :: Assertions: 8 good, 0 bad :: [ PASS ] :: RESULT: ipa-host-cli-106: delattr --macaddress with incorrect value :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: ipa-host-cli-107: Negative - add a host with invalid macaddress :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: Executing: ipa host-add mytesthost1.testrelm.com --macaddress=some:value --force :: [ LOG ] :: "ipa host-add mytesthost1.testrelm.com --macaddress=some:value --force" failed as expected. :: [ PASS ] :: Error message as expected: ipa: ERROR: invalid 'macaddress': Must be of the form HH:HH:HH:HH:HH:HH, where each H is a hexadecimal character. :: [ PASS ] :: Verify expected error message. :: [ LOG ] :: Executing: ipa host-add mytesthost1.testrelm.com --macaddress=some:value --force :: [ LOG ] :: "ipa host-add mytesthost1.testrelm.com --macaddress=some:value --force" failed as expected. :: [ PASS ] :: Error message as expected: ipa: ERROR: invalid 'macaddress': Must be of the form HH:HH:HH:HH:HH:HH, where each H is a hexadecimal character. :: [ PASS ] :: Verify expected error message. :: [ LOG ] :: Duration: 3s :: [ LOG ] :: Assertions: 4 good, 0 bad :: [ PASS ] :: RESULT: ipa-host-cli-107: Negative - add a host with invalid macaddress Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: Cause: IPA host plugin does not allow storing machine MAC addresses. Consequence: Administrators cannot assign MAC addresses to host entries in IPA. Change: A new attribute for MAC address was added to IPA host plugin Result: Administrators can assign MAC address to host entry. The value can then be read from the IPA LDAP server for example via "getent ethers <hostname>" command. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2012-0819.html |