Project

General

Profile

Feature #15905

katello-installer should do dns forward reverse validation

Added by Stephen Benjamin almost 3 years ago. Updated about 1 year ago.

Status:
Closed
Priority:
High
Assignee:
Category:
Installer
Target version:
Team Backlog:
Fixed in Releases:
Found in Releases:

Description

Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1243566
Description of problem:

If this product depends on proper forward and reverse dns then the installer should validate that.

Here's an example of a server that is not getting the right hostname with reverse dns.

[root@cragsat61 foreman-proxy]# hostnamectl
Static hostname: cragsat61.usersys.redhat.com
Icon name: computer-vm
Chassis: vm
Machine ID: 1b96bb6696a143219c9183471cc13e7e
Boot ID: 43ab780a2d0a45eeaf0b17c6fb3df24a
Virtualization: kvm
Operating System: Red Hat
CPE OS Name: cpe:/o:redhat:enterprise_linux:7.1:GA:server
Kernel: Linux 3.10.0-229.7.2.el7.x86_64
Architecture: x86_64
[root@cragsat61 foreman-proxy]# host cragsat61.usersys.redhat.com
cragsat61.usersys.redhat.com has address 10.13.145.116
[root@cragsat61 foreman-proxy]# host 10.13.145.116
116.145.13.10.in-addr.arpa domain name pointer dhcp145-116.rdu.redhat.com.

This causes the following foreman proxy error

[root@cragsat61 foreman-proxy]# cat proxy.log
I, [2015-07-15T03:35:02.784001 #21467] INFO -- : 'pulpnode' module is disabled.
W, [2015-07-15T03:35:02.784256 #21467] WARN -- : Couldn't find settings file /etc/foreman-proxy/settings.d/foreman_proxy.yml. Using default settings.
I, [2015-07-15T03:35:02.784378 #21467] INFO -- : 'foreman_proxy' settings were initialized with default values: :enabled: true
I, [2015-07-15T03:35:02.787436 #21467] INFO -- : 'facts' module is disabled.
I, [2015-07-15T03:35:02.787932 #21467] INFO -- : 'dns' module is disabled.
I, [2015-07-15T03:35:02.791412 #21467] INFO -- : 'tftp' module is disabled.
I, [2015-07-15T03:35:02.791787 #21467] INFO -- : 'dhcp' module is disabled.
I, [2015-07-15T03:35:03.443661 #21467] INFO -- : 'puppet' settings were initialized with default values: :puppet_provider: puppetrun, :puppetdir: /etc/puppet
I, [2015-07-15T03:35:03.448143 #21467] INFO -- : 'bmc' module is disabled.
I, [2015-07-15T03:35:03.448642 #21467] INFO -- : 'realm' module is disabled.
E, [2015-07-15T14:49:52.845480 #21478] ERROR -- : Untrusted client dhcp145-116.rdu.redhat.com attempted to access /environments/KT_davesworld_Library_daveview1_5/classes. Check :trusted_hosts: in settings.yml
10.13.145.116 - - [15/Jul/2015 14:49:52] "GET /puppet/environments/KT_davesworld_Library_daveview1_5/classes HTTP/1.1" 403 158 0.0277

Se untrusted client above

Version-Release number of selected component (if applicable):

6.1 public beta

How reproducible:

create a content view and try to publish promote when reverse dns points to different fqdn

Actual results:

Expected results:

Installer should run this test pre installation and kick out if there is an issue with forward or reverse dns

Additional info:

Associated revisions

Revision bcff3f45 (diff)
Added by Chris Roberts over 1 year ago

Fixes #15905 - Add forward/reverse dns check

Revision 89e843f6 (diff)
Added by Ewoud Kohl van Wijngaarden over 1 year ago

Refs #15905 - Handle multiple IPs in DNS check

History

#1 Updated by Justin Sherrill almost 3 years ago

  • Legacy Backlogs Release (now unused) set to 114

#2 Updated by Chris Roberts almost 3 years ago

  • Status changed from New to Assigned
  • Assignee set to Chris Roberts
  • Difficulty set to medium

#3 Updated by The Foreman Bot almost 2 years ago

  • Status changed from Assigned to Ready For Testing
  • Pull request https://github.com/Katello/katello-installer/pull/522 added

#4 Updated by Chris Roberts over 1 year ago

  • % Done changed from 0 to 100
  • Status changed from Ready For Testing to Closed

#5 Updated by The Foreman Bot over 1 year ago

  • Pull request https://github.com/Katello/katello-installer/pull/561 added

Also available in: Atom PDF