Home Explore Help
Register Sign In
Apq
/
389-ds-base
mirror of https://github.com/389ds/389-ds-base.git
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

Bug 518890 - setup-ds-admin.pl - improve hostname validation

https://bugzilla.redhat.com/show_bug.cgi?id=518890
Resolves: bug 518890
Bug Description: setup-ds-admin.pl - No fully qualified domain name in brackets + Error: failed to open an LDAP connection to host 'host.domain' port '389' as user 'cn=Directory Manager'. Error: unknown.
Reviewed by: nhosoi, nkinder (Thanks!)
Branch: master
Fix Description: Create a new function called checkHostname.  This function
will perform various checks on the given hostname:
* see if it looks like an fqdn
* see if it resolves
* see if its IP addresses resolve back to the given hostname
In interactive mode, if there are problems with the hostname, the user will
be warned, and prompted to proceed anyway with the problematic hostname.
The prompt default is No, so the user will have to type Yes to proceed with
the problematic hostname.
In silent mode, the warning messages will be printed and logged.
Platforms tested: RHEL6 x86_64
Flag Day: no
Doc impact: Yes - will need to update the install guide
Rich Megginson 14 years ago
parent
53839a8b27
commit
2af43a860b
4 changed files with 88 additions and 6 deletions
Split View Show Diff Stats
  1. 5 0
      ldap/admin/src/scripts/DSCreate.pm.in
  2. 65 2
      ldap/admin/src/scripts/DSUtil.pm.in
  3. 8 2
      ldap/admin/src/scripts/SetupDialogs.pm.in
  4. 10 2
      ldap/admin/src/scripts/setup-ds.res.in

+ 5 - 0
ldap/admin/src/scripts/DSCreate.pm.in
View File 

@@ -139,6 +139,11 @@ sub sanityCheckParams {
 
         debug(0, "WARNING: The root password is less than 8 characters long.  You should choose a longer one.\n");
 
     }
 
 
+    my $str = checkHostname($inf->{General}->{FullMachineName});
 
+    if ($str) {
 
+        debug(0, $str);
 
+    }
 
+
 
     return ();
 
 }

+ 65 - 2
ldap/admin/src/scripts/DSUtil.pm.in
View File 

@@ -49,12 +49,12 @@ require Exporter;
 
                 process_maptbl check_and_add_entry getMappedEntries addErr
 
                 getHashedPassword debug createInfFromConfig shellEscape
 
                 isValidServerID isValidUser isValidGroup makePaths getLogin getGroup
 
-                remove_tree remove_pidfile setDebugLog);
 
+                remove_tree remove_pidfile setDebugLog checkHostname);
 
 @EXPORT_OK = qw(portAvailable getAvailablePort isValidDN addSuffix getMappedEntries
 
                 process_maptbl check_and_add_entry getMappedEntries addErr
 
                 getHashedPassword debug createInfFromConfig shellEscape
 
                 isValidServerID isValidUser isValidGroup makePaths getLogin getGroup
 
-                remove_tree remove_pidfile setDebugLog);
 
+                remove_tree remove_pidfile setDebugLog checkHostname);
 
 
 use strict;
 
 
@@ -190,6 +190,69 @@ sub isValidGroup {
 
     return ();
 
 }
 
 
+# arguments
 
+# - hostname - the hostname to look for
 
+# - res - the Resource object to use to construct messages
 
+# returns - the error message string, or "" upon success
 
+sub checkHostname {
 
+    my $hn = shift;
 
+    my $res = shift;
 
+
 
+    # see if hostname is an fqdn
 
+    if ($hn !~ /\./) {
 
+        if ($res) {
 
+            return $res->getText('warning_hostname_not_fully_qualified', $hn);
 
+        } else {
 
+            return "Warning: hostname $hn is not a fully qualified host and domain name\n";
 
+        }
 
+    }
 
+
 
+    # see if we can resolve the hostname
 
+    my ($name, $aliases, $addrtype, $length, @addrs) = gethostbyname($hn);
 
+    if (!$name) {
 
+        if ($res) {
 
+            return $res->getText('warning_no_such_hostname', $hn);
 
+        } else {
 
+            return "Warning: could not resolve hostname $hn\n";
 
+        }
 
+    }
 
+    debug(1, "found for hostname $hn: name=$name\n");
 
+    debug(1, "aliases=$aliases\n");
 
+    debug(1, "addrtype=$addrtype\n");
 
+    my $found = 0;
 
+    my @hostip = ();
 
+    # see if reverse resolution works
 
+    foreach my $ii (@addrs) {
 
+        my $hn2 = gethostbyaddr($ii, $addrtype);
 
+        my $ip = join('.', unpack('C4', $ii));
 
+        debug(1, "\thost=$hn2 ip=$ip\n");
 
+        push @hostip, [$hn2, $ip];
 
+        if (lc($hn) eq lc($hn2)) {
 
+            $found = 1;
 
+            last;
 
+        }
 
+    }
 
+    if (!$found) {
 
+        my $retstr = "";
 
+        if ($res) {
 
+            $retstr = $res->getText('warning_reverse_resolve', $hn, $hn);
 
+        } else {
 
+            $retstr = "Warning: Hostname $hn is valid, but none of the IP addresses\nresolve back to $hn\n";
 
+        }
 
+        for my $ii (@hostip) {
 
+            if ($res) {
 
+                $retstr .= $res->getText('warning_reverse_resolve_sub', $ii->[1], $ii->[0]);
 
+            } else {
 
+                $retstr .= "\taddress $ii->[1] resolves to host $ii->[0]\n";
 
+            }
 
+        }
 
+        return $retstr;
 
+    }
 
+
 
+    debug(1, "hostname $hn resolves correctly\n");
 
+    return '';
 
+}
 
+
 
 # delete the subtree starting from the passed entry
 
 sub delete_all
 
 {

+ 8 - 2
ldap/admin/src/scripts/SetupDialogs.pm.in
View File 

@@ -134,8 +134,14 @@ my $hostdlg = new Dialog (
 
         my $self = shift;
 
         my $ans = shift;
 
         my $res = $DialogManager::NEXT;
 
-        if ($ans !~ /\./) {
 
-            $self->{manager}->alert("dialog_hostname_warning", $ans);
 
+        my $str;
 
+        if ($str = checkHostname($ans, $self->{manager}->{res})) {
 
+            my $promptary = ["dialog_hostname_warning", $str, $ans];
 
+            my $yesorno = $self->{manager}->showPrompt($promptary, $self->{manager}->getText("no"));
 
+            $res = DialogYesNo::handleResponse($self, $yesorno);
 
+            if ($res == $DialogManager::NEXT) {
 
+                $res = $DialogManager::SAME if (!DialogYesNo::isYes($self));
 
+            }
 
         }
 
         $self->{manager}->{inf}->{General}->{FullMachineName} = $ans;
 
         return $res;

+ 10 - 2
ldap/admin/src/scripts/setup-ds.res.in
View File 

@@ -37,8 +37,6 @@ dialog_hostname_text = Enter the fully qualified domain name of the computer\non
 
 
 dialog_hostname_prompt = Computer name
 
 
-dialog_hostname_warning = The hostname %s does not look like a\nfully qualified host and domain name.\nIf you feel you have made a mistake,\nplease go back to this dialog and enter another name.\n\n
 
-
 
 # ----------- SSUser Dialog Resource  ----------------
 
 dialog_ssuser_text = The server must run as a specific user in a specific group.\nIt is strongly recommended that this user should have no privileges\non the computer (i.e. a non-root user).  The setup procedure\nwill give this user/group some permissions in specific paths/files\nto perform server-specific operations.\n\nIf you have not yet created a user and group for the server,\ncreate this user and group using your native operating\nsystem utilities.\n\n
 
 
@@ -192,3 +190,13 @@ error_invalid_dbinst_dir = Invalid database instance dir '%s'.\n
 
 error_cant_backup_db = Failed to back up backend instance '%s'.  Error: %s\n
 
 error_cant_convert_db = Failed to convert backend instance '%s'.  Error: %s\n
 
 error_missing_entrydn = Backend instance '%s' does not have database files to upgrade.\n
 
+warning_hostname_not_fully_qualified = The hostname '%s' does not look like a\nfully qualified host and domain name.\n
 
+warning_no_such_hostname = Could not find an address for hostname '%s'.\n
 
+warning_reverse_resolve = Hostname '%s' is valid, but none of the IP addresses\
 
+resolve back to %s\n
 
+warning_reverse_resolve_sub = - address %s resolves to host %s\n
 
+dialog_hostname_warning = \nWARNING: There are problems with the hostname.\n%s\
 
+Please check the spelling of the hostname and/or your network configuration.\
 
+If you proceed with this hostname, you may encounter problems.\
 
+\
 
+Do you want to proceed with hostname '%s'?