Bug #4922
closedRudder OpenLDAP Authentication sans ipv4 localhost
Description
Rudder encounters issues when working with a server that has no ipv4 localhost assigned, attempting to connect to ldap results in errors unless "127.0.0.1" is specifically defined as the server the host (as opposed to localhost)
using localhost:
/opt/rudder/bin/ldapsearch -h localhost -p 389 -D "cn=manager,cn=rudder-configuration" -w 'ldap_password' -b 'cn=rudder-configuration' -s onelevel ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
using 127.0.0.1:
root@rudder:/# /opt/rudder/bin/ldapsearch -h 127.0.0.1 -p 389 -D "cn=manager,cn=rudder-configuration" -w 'ldap_password' -b 'cn=rudder-configuration' -s onelevel # extended LDIF # # LDAPv3 # base <cn=rudder-configuration> with scope oneLevel # filter: (objectclass=*) # requesting: ALL # # Nodes, rudder-configuration dn: ou=Nodes,cn=rudder-configuration objectClass: top objectClass: organizationalUnit ou: Nodes description: Branch that stores all the Nodes # Rudder, rudder-configuration dn: ou=Rudder,cn=rudder-configuration objectClass: top objectClass: organizationalUnit ou: Rudder description: Branch that stores all Rudder specific data # Inventories, rudder-configuration dn: ou=Inventories,cn=rudder-configuration objectClass: top objectClass: organizationalUnit ou: Inventories description: Inventory information # Application Properties, rudder-configuration dn: ou=Application Properties,cn=rudder-configuration ou: Application Properties objectClass: organizationalUnit objectClass: top # search result search: 2 result: 0 Success # numResponses: 5 # numEntries: 4
Updated by François ARMAND over 10 years ago
- Category set to System integration
- Target version set to 140
This bug was encoutered on an openvz host.
OpenVZ seems to rewrite /etc/hosts and only set ipv6 information.
So, we should either adapt Rudder parts to be able to work on ipv6-only host, or better check context to abort early on a problematic configuration (that bug was a little to long to understand).
Updated by Layne Breitkreutz over 10 years ago
clarification: issue is having ::1 ALSO defined as localhost
Updated by Matthieu CERDA about 10 years ago
- Target version changed from 140 to 3.0.0~beta1
Updated by Jonathan CLARKE about 10 years ago
- Target version changed from 3.0.0~beta1 to 3.0.0~beta2
Updated by François ARMAND about 10 years ago
- Target version changed from 3.0.0~beta2 to 3.0.0~rc1
Updated by Vincent MEMBRÉ almost 10 years ago
- Target version changed from 3.0.0~rc1 to 3.0.0
Updated by François ARMAND almost 10 years ago
- Target version changed from 3.0.0 to 2.11.6
OpenVZ is correctly supported in Rudder 2.11. This ticket should be requalified on that version.
Updated by Vincent MEMBRÉ almost 10 years ago
- Target version changed from 2.11.6 to 2.11.7
Updated by Vincent MEMBRÉ almost 10 years ago
- Target version changed from 2.11.7 to 2.11.8
Updated by Vincent MEMBRÉ almost 10 years ago
- Target version changed from 2.11.8 to 2.11.9
Updated by Vincent MEMBRÉ almost 10 years ago
- Target version changed from 2.11.9 to 2.11.10
Updated by Vincent MEMBRÉ over 9 years ago
- Target version changed from 2.11.10 to 2.11.11
Updated by Vincent MEMBRÉ over 9 years ago
- Target version changed from 2.11.11 to 2.11.12
Updated by Vincent MEMBRÉ over 9 years ago
- Target version changed from 2.11.12 to 2.11.13
Updated by Vincent MEMBRÉ over 9 years ago
- Target version changed from 2.11.13 to 2.11.14
Updated by Vincent MEMBRÉ about 9 years ago
- Target version changed from 2.11.14 to 2.11.15
Updated by Vincent MEMBRÉ about 9 years ago
- Target version changed from 2.11.15 to 2.11.16
Updated by Vincent MEMBRÉ about 9 years ago
- Target version changed from 2.11.16 to 2.11.17
Updated by Jonathan CLARKE about 9 years ago
This particular bug can be easily solved by asking OpenLDAP to listen on "localhost" instead of "127.0.0.1". This way, OpenLDAP will figure out for itself which IP address "localhost" is, and listen to whichever is appropriate.
Updated by Jonathan CLARKE about 9 years ago
- Status changed from New to In progress
- Assignee set to Jonathan CLARKE
Updated by Jonathan CLARKE about 9 years ago
- Status changed from In progress to Pending technical review
- Assignee changed from Jonathan CLARKE to Benoît PECCATTE
- Pull Request set to https://github.com/Normation/rudder-packages/pull/822
Updated by Jonathan CLARKE about 9 years ago
- Status changed from Pending technical review to Pending release
- % Done changed from 0 to 100
Applied in changeset rudder-packages|94cb86ad68b376c834d1d4f80fcd11a76cf39035.
Updated by Benoît PECCATTE about 9 years ago
Applied in changeset rudder-packages|4d2ce69c96416f7e125aaf398c229cf56b302473.
Updated by Vincent MEMBRÉ about 9 years ago
- Status changed from Pending release to Released