Bug 797562
| Summary: | Invalid host-add when hostname contains trailing dot | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Dmitri Pal <dpal> |
| Component: | ipa | Assignee: | Rob Crittenden <rcritten> |
| Status: | CLOSED ERRATA | QA Contact: | IDM QE LIST <seceng-idm-qe-list> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 6.3 | CC: | aakkiang, jgalipea, mkosek |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | ipa-2.2.0-3.el6 | Doc Type: | Bug Fix |
| Doc Text: |
Cause: IPA host and DNS plugins do not process host names or DNS zone names with a trailing dot properly.
Consequence: The created host record fqdn attribute contains 2 values instead of one normalized value, which may cause issues in further host record processing. A host forward DNS record is not added to DNS zone when the host domain and DNS zone differ in trailing dot.
Fix: All host names are normalized to the format without trailing dot. IPA DNS plugin now accepts DNS zone names in both formats - with and without a trailing dot.
Result: When a host record with a trailing dot is added, the resulting host record has a correct fqdn attribute. Its forward DNS record is added to DNS zone even if the zone has a name with a trailing dot.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2012-06-20 13:19:31 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Dmitri Pal
2012-02-26 18:06:37 UTC
Fixed upstream: master: https://fedorahosted.org/freeipa/changeset/fab033b94973e1270a27be9d271d729d313e6ce0 ipa-2-2: https://fedorahosted.org/freeipa/changeset/3f50b0e017672391b4f3b948d1df32e6e638a902 Verified. version :: ipa-server-2.2.0-4.el6.x86_64 :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: ipa-host-cli-52: host name ending in . :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: EXECUTING : ipa host-add --force myhost.testrelm.com. :: [ PASS ] :: Add host with trailing . - dot should be ignored :: [ PASS ] :: Running 'ipa host-show myhost.testrelm.com > /tmp/host52.out 2>&1' :: [ PASS ] :: Host with trailing dot added and dot was ignored :: [ PASS ] :: Cleanup delete test host :: [ LOG ] :: Duration: 10s :: [ LOG ] :: Assertions: 4 good, 0 bad :: [ PASS ] :: RESULT: ipa-host-cli-52: host name ending in . :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: ipa-host-cli-69: Negative - host name ending in . - a host without trailing . already exist :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: EXECUTING : ipa host-add --force myhost.testrelm.com. when a host without trailing . already exist :: [ PASS ] :: Add host without a trailing . :: [ LOG ] :: Executing: ipa host-add --force myhost.testrelm.com. :: [ LOG ] :: "ipa host-add --force myhost.testrelm.com." failed as expected. :: [ PASS ] :: Error message as expected: ipa: ERROR: host with name myhost.testrelm.com already exists :: [ PASS ] :: Verify expected error message - add a host when a host without trailing . exist. :: [ PASS ] :: Running 'ipa host-show myhost.testrelm.com > /tmp/host69.out 2>&1' :: [ PASS ] :: Host without trailing dot is not added and existing host is not altered. :: [ PASS ] :: Cleanup delete test host :: [ LOG ] :: Duration: 16s :: [ LOG ] :: Assertions: 6 good, 0 bad :: [ PASS ] :: RESULT: ipa-host-cli-69: Negative - host name ending in . - a host without trailing . already exist :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: ipa-host-cli-70: delete a host name ending in . :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: EXECUTING : ipa host-del myhost.testrelm.com. :: [ PASS ] :: Add host with trailing . - dot should be ignored :: [ PASS ] :: Running 'ipa host-show myhost.testrelm.com > /tmp/host70.out 2>&1' :: [ PASS ] :: Host with trailing dot added and dot was ignored :: [ PASS ] :: Delete a host with trailing . - dot should be ignored :: [ LOG ] :: WARNING: Failed to find host. :: [ PASS ] :: Verifying host myhost.testrelm.com was deleted. :: [ LOG ] :: Duration: 13s :: [ LOG ] :: Assertions: 5 good, 0 bad :: [ PASS ] :: RESULT: ipa-host-cli-70: delete a host name ending in . :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: ipa-host-cli-71: host-show when the name ending in . :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: EXECUTING : ipa host-show myhost.testrelm.com. :: [ PASS ] :: Add host with trailing . - dot should be ignored :: [ PASS ] :: Running 'ipa host-show myhost.testrelm.com. > /tmp/host71.out 2>&1' :: [ PASS ] :: host-show ignores the ending . in the hostname :: [ PASS ] :: Cleanup delete test host :: [ LOG ] :: Duration: 10s :: [ LOG ] :: Assertions: 4 good, 0 bad :: [ PASS ] :: RESULT: ipa-host-cli-71: host-show when the name ending in . :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: ipa-host-cli-72: host-add-managedby when the name ending in . :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: EXECUTING : ipa host-add-managedby --hosts="mytesthost2.testrelm.com" "mytesthost1.testrelm.com." :: [ LOG ] :: Adding new host mytesthost1.testrelm.com successful with force option. :: [ LOG ] :: Adding new host mytesthost2.testrelm.com successful with force option. :: [ PASS ] :: Add mangedby host with trailing . - dot should be ignored :: [ PASS ] :: Running 'ipa host-show "mytesthost1.testrelm.com." > /tmp/host72.out 2>&1' :: [ PASS ] :: Value of "Managed by" for mytesthost1.testrelm.com is as expected - Managed by: mytesthost1.testrelm.com, mytesthost2.testrelm.com :: [ PASS ] :: Cleanup delete test host 1 :: [ PASS ] :: Cleanup delete test host 2 :: [ LOG ] :: Duration: 19s :: [ LOG ] :: Assertions: 5 good, 0 bad :: [ PASS ] :: RESULT: ipa-host-cli-72: host-add-managedby when the name ending in . :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: ipa-host-cli-73: host-remove-managedby when the name ending in . :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: EXECUTING : ipa host-remove-managedby --hosts="mytesthost2.testrelm.com" "mytesthost1.testrelm.com." :: [ LOG ] :: Adding new host mytesthost1.testrelm.com successful with force option. :: [ LOG ] :: Adding new host mytesthost2.testrelm.com successful with force option. :: [ PASS ] :: Add mangedby host with trailing . :: [ PASS ] :: Running 'ipa host-show "mytesthost1.testrelm.com." > /tmp/host73.out 2>&1' :: [ PASS ] :: Value of "Managed by" for mytesthost1.testrelm.com is as expected - Managed by: mytesthost1.testrelm.com, mytesthost2.testrelm.com :: [ PASS ] :: Remove mangedby host with trailing . - dot should be ignored :: [ LOG ] :: Value of Managed by: for mytesthost1.testrelm.com is as expected - Managed by: mytesthost1.testrelm.com :: [ PASS ] :: Running 'verifyHostAttr mytesthost1.testrelm.com "Managed by" mytesthost1.testrelm.com' :: [ PASS ] :: Cleanup delete test host 1 :: [ PASS ] :: Cleanup delete test host 2 :: [ LOG ] :: Duration: 26s :: [ LOG ] :: Assertions: 7 good, 0 bad :: [ PASS ] :: RESULT: ipa-host-cli-73: host-remove-managedby when the name ending in . :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: ipa-host-cli-74: host-mod when the name ending in . :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: Adding new host mytesthost1.testrelm.com successful with force option. :: [ LOG ] :: EXECUTING : ipa host-mod --desc="this is a brand new description" "mytesthost1.testrelm.com." :: [ PASS ] :: Modify a host with trailing . :: [ LOG ] :: Value of Description: for mytesthost1.testrelm.com is as expected - Description: this is a brand new description :: [ PASS ] :: Verifying host Description was modified. :: [ PASS ] :: Cleanup delete test host :: [ LOG ] :: Duration: 13s :: [ LOG ] :: Assertions: 3 good, 0 bad :: [ PASS ] :: RESULT: ipa-host-cli-74: host-mod when the name ending in . :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: ipa-host-cli-75: host-find when the name ending in . :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: EXECUTING : ipa host-find mytesthost.testrelm.com. :: [ PASS ] :: Add host with trailing . - dot should be ignored :: [ PASS ] :: Running 'ipa host-show mytesthost.testrelm.com > /tmp/host75.out 2>&1' :: [ PASS ] :: Host with trailing dot added and dot was ignored :: [ PASS ] :: Running 'ipa host-find "mytesthost.testrelm.com." > /tmp/host75_2.out 2>&1' :: [ PASS ] :: host-find with a trailing dot in the name - dot was not ignored :: [ PASS ] :: Cleanup delete test host :: [ LOG ] :: Duration: 13s :: [ LOG ] :: Assertions: 6 good, 0 bad :: [ PASS ] :: RESULT: ipa-host-cli-75: host-find when the name ending in . :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: ipa-host-cli-76: host-disable when the name ending in . :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: EXECUTING : ipa host-disable mytesthost.testrelm.com. :: [ PASS ] :: Add host with trailing . - dot should be ignored :: [ PASS ] :: Running 'ipa host-show mytesthost.testrelm.com > /tmp/host76.out 2>&1' :: [ PASS ] :: Host with trailing dot added and dot was ignored :: [ PASS ] :: Running 'ipa-getkeytab -s dell-per310-01.testrelm.com -p host/mytesthost.testrelm.com -k /tmp/host.mytesthost.testrelm.com.keytab' :: [ LOG ] :: Value of Keytab: for mytesthost.testrelm.com is as expected - Keytab: True :: [ PASS ] :: Check if keytab exists :: [ PASS ] :: Running 'ipa host-disable "mytesthost.testrelm.com." > /tmp/host76_2.out 2>&1' :: [ PASS ] :: host-disable with a trailing dot in the name - dot is ignored. :: [ LOG ] :: Value of Keytab: for mytesthost.testrelm.com is as expected - Keytab: False :: [ PASS ] :: Check if keytab was removed. :: [ PASS ] :: Cleanup delete test host :: [ LOG ] :: Duration: 23s :: [ LOG ] :: Assertions: 9 good, 0 bad :: [ PASS ] :: RESULT: ipa-host-cli-76: host-disable when the name ending in .
Technical note added. If any revisions are required, please edit the "Technical Notes" field
accordingly. All revisions will be proofread by the Engineering Content Services team.
New Contents:
Cause: IPA host and DNS plugins do not process host names or DNS zone names with a trailing dot properly.
Consequence: The created host record fqdn attribute contains 2 values instead of one normalized value, which may cause issues in further host record processing. A host forward DNS record is not added to DNS zone when the host domain and DNS zone differ in trailing dot.
Fix: All host names are normalized to the format without trailing dot. IPA DNS plugin now accepts DNS zone names in both formats - with and without a trailing dot.
Result: When a host record with a trailing dot is added, the resulting host record has a correct fqdn attribute. Its forward DNS record is added to DNS zone even if the zone has a name with a trailing dot.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2012-0819.html |