[Freeipa-devel] [PATCH] ipv6 compatible way to check the hostname
Rob Crittenden
rcritten at redhat.com
Fri Mar 28 21:34:41 UTC 2008
Simo Sorce wrote:
> Rob Crittenden wrote:
>> Simo Sorce wrote:
>>> This change checks the machine can resolve address using nsswitch
>>> host name resolution, this means we are also checking that /etc/hosts
>>> is not broken.
>>>
>>> It uses IPv6 aware system functions, so this should make it also IPv6
>>> compatible.
>>>
>>> It does not force to have a DNS set up correctly, but that's
>>> intentional as we might want to install DNS as part of the
>>> installation (--setup-bind) and checking DNS before installing it
>>> wouldn't really work :-)
>>>
>>> It still do try to check the DNS but currently it just exists
>>> silently if DNS is not configured. I am not sure how to raise a
>>> warning without throwing an exception that would make the install
>>> script abort in this case.
>>>
>>> It does error out if DNS is setup incorrectly.
>>>
>>
>> +
>> + rev = None
>> + for rsn in rs:
>> + if rsn.dns_type == dnsclient.DNS_T_A:
>> + rev = rsn
>> + break
>> +
>> + if rev == None:
>> + raise RuntimeError("Cannot find PTR record for %s" % addr)
>> +
>> + reverse = rev.rdata.ptrdname
>>
>> Should you be looking for DNS_T_PTR here instead? If you have an A
>> record you won't have a ptrdname.
>>
>> You need to add a try/except around socket.getaddrinfo() to catch
>> errors if the hostname isn't found so a more useful error message can
>> be returned than 'Name or service not known'
>>
>> gethostbyaddr may need a try/except around it too.
>>
>> rob
>>
>
>
>
> Good points, new patch attached.
I have just a couple more comments (sorry, should have included these in
the first patch):
- We should say why 127.0.0.1/::1 is an Invalid IP address. Or rather,
just say that the hostname needs to resolve to a real address or something.
- When are you planning on filling in the #TODO raise a warning? What
happens if the hostname is a CNAME, will it work? It kinda looks like it
will still be accepted.
rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20080328/ce14903a/attachment.bin>
More information about the Freeipa-devel
mailing list