Red Hat Bugzilla – Bug 990143
Filter out inappropriate multicast and subnet broadcast addresses from dynamic DNS update
Last modified: 2014-10-14 00:46:32 EDT
Currently targeting 6.6
Fixed upstream -> moving to POST
Steps to Reproduce:
1. In LDAP, fill a user entry with a "sudoHost" attribute with a subnet: "192.168.101.0/24"
2. On a fresh Fedora 19 machine which is in the subnet "192.168.101.0/24", and which has NetworkManager service installed, the user tries to execute the command "sudo -l"
"User xxxx is not allowed to run sudo on machine"
The user is allowed to run sudo on the machine
Verified for mulitcast address only as per https://bugzilla.redhat.com/show_bug.cgi?id=909430#c18
[root@rhel66-client1 ~]# rpm -q sssd
snip from sssd_domain_log
(Wed Sep 10 14:01:19 2014) [sssd[be[testrelm.test]]] [delayed_online_authentication_callback] (0x0200): Backend is online, starting delayed online authentication.
(Wed Sep 10 14:01:19 2014) [sssd[be[testrelm.test]]] [ipa_dyndns_update_send] (0x0400): Performing update
(Wed Sep 10 14:01:19 2014) [sssd[be[testrelm.test]]] [ok_for_dns] (0x0200): Multicast IPv4 address 220.127.116.11
(Wed Sep 10 14:01:19 2014) [sssd[be[testrelm.test]]] [ok_for_dns] (0x0200): Link local IPv6 address fe80::5054:ff:fe9e:7b8a
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.