Project

General

Profile

Bug #25842

DNS resolver should not be case sensitive

Added by Michael Schiessl 9 months ago. Updated 6 months ago.

Status:
Closed
Priority:
Low
Category:
foreman-installer script
Target version:
-
Difficulty:
Triaged:
Yes
Bugzilla link:

Description

I'm totally new here, so I'd like to say kindly hello to the project team in first.

I installed foreman on a bare metal installed CentOS7 like described in your documentation and faced against a minor bug in foreman-installer prerequsites.

The installer already fails if the hostname is case-sensitive for forward and reverse resolution only.

[root@FOREMAN ~]# foreman-installer -i
Reverse DNS foreman.testlab.site.example.local does not match hostname FOREMAN.testlab.site.example.local
Your system does not meet configuration criteria
[root@FOREMAN ~]#
[root@FOREMAN ~]#
[root@FOREMAN ~]# host FOREMAN.testlab.site.example.local
FOREMAN.testlab.site.example.local has address 10.20.30.40
[root@FOREMAN ~]# host 10.20.30.40
40.30.20.10.in-addr.arpa domain name pointer foreman.testlab.site.example.local.
[root@FOREMAN ~]#

DNS names should not be case sensitive.

See also here
http :// tools.ietf.org/html/draft-vixie-dnsext-dns0x20-00
https :// developers.google.com/speed/public-dns/docs/security?csw=1#randomize_case

As a workaround I added following line to /etc/hosts
10.20.30.40 esh-mgmtsrv01-t foreman.testlab.site.example.local

After the workaround the installer succeeded

Associated revisions

Revision 3cded20f (diff)
Added by Ewoud Kohl van Wijngaarden 7 months ago

Fixes #25842 - Correct DNS comparisons

DNS labels are case insenstive so regular string comparisons don't
always work. The Resolv::DNS::Name class implements the correct
comparisons.

History

#1 Updated by Ewoud Kohl van Wijngaarden 9 months ago

  • Triaged changed from No to Yes
  • Category set to foreman-installer script
  • Found in Releases 1.20.0 added

The offending check appears to be https://github.com/theforeman/foreman-installer/blob/575a642380833b4a4b1ca9d186e8ded26b4fd831/checks/dns.rb#L29

If you wrap the hostnames in Resolv::DNS::Name.create() you use Ruby's DNS-aware comparisons:

[1] pry(main)> Resolv::DNS::Name.create("y.z") == Resolv::DNS::Name.create("Y.Z")
=> true

This would be a great first contribution :)

Note we recently added a check to prevent uppercase hostnames. This was mostly motivated by Katello because these kind of bugs show up in more places.

https://github.com/theforeman/foreman-installer/blob/575a642380833b4a4b1ca9d186e8ded26b4fd831/checks/hostname.rb#L52-L53

That said, IMHO we should support this because the RFCs allow it.

#2 Updated by The Foreman Bot 7 months ago

  • Assignee set to Ewoud Kohl van Wijngaarden
  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/foreman-installer/pull/325 added

#3 Updated by Ewoud Kohl van Wijngaarden 7 months ago

  • Status changed from Ready For Testing to Closed

#4 Updated by Tomer Brisker 6 months ago

  • Fixed in Releases 1.22.0 added

Also available in: Atom PDF