[Freeipa-devel] [PATCH] 0093, WAS: Re: Adding client on RHEL 6 fails to get DNS entry

Sat, 26 Feb 2011 09:37:33 -0800 

On Fri, 25 Feb 2011 17:04:10 -0500
Simo Sorce <sso...@redhat.com> wrote:

> On Fri, 25 Feb 2011 15:19:25 -0500
> Simo Sorce <sso...@redhat.com> wrote:
> 
> > On Fri, 25 Feb 2011 14:49:27 -0500
> > Adam Young <ayo...@redhat.com> wrote:
> > 
> > > 2011-02-24 20:46:06,851 DEBUG stderr=
> > > 2011-02-24 20:46:06,878 DEBUG args=/usr/bin/kinit -k
> > > -t /etc/krb5.keytab 2011-02-24 20:46:06,879 DEBUG stdout=
> > > 2011-02-24 20:46:06,879 DEBUG stderr=kinit: Hostname cannot be
> > > canonicalized when creating default server principal name
> > 
> > ah no sorry this is the error, kinit failing ...
> > now on why this happens ...
> > 
> > Simo.
> > 
> > 
> 
> Ok this happens becaue /etc/hosts doesn't have an entry for the
> hostname and DNS doesn't still resolve it (chicken/egg)
> 
> Please open a ticket, the fix is to pass the principal name as
> argument of the kinit command so that it doesn't have to go thorugh
> name resolution to understand what name to use.

The attached patch should fix nsupdates on machines configured like
this one.

Simo.


-- 
Simo Sorce * Red Hat, Inc * New York

>From 0fd4928241c3ff8aa0ff91c6a4f8f9fa0a049e82 Mon Sep 17 00:00:00 2001
From: Simo Sorce <sso...@redhat.com>
Date: Fri, 25 Feb 2011 17:05:12 -0500
Subject: [PATCH 8/8] Fix kinit invocation in ipa-client-install

---
 ipa-client/ipa-install/ipa-client-install |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install
index 4b9bd29c6c08c9b1b7eb9364d14197e7a4c240bc..a6c3a7c61e99c1857137f47c9bb38399576d59ab 100755
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@@ -544,6 +544,7 @@ CCACHE_FILE = "/etc/ipa/.dns_ccache"
 def update_dns(server, hostname):
 
     ip = resolve_ipaddress(server)
+    princ = 'host/%s' % hostname
 
     sub_dict = dict(HOSTNAME=hostname,
                     IPADDRESS=ip,
@@ -569,7 +570,7 @@ def update_dns(server, hostname):
     update_fd.close()
 
     try:
-        ipautil.run(['/usr/bin/kinit', '-k', '-t', '/etc/krb5.keytab'],
+        ipautil.run(['/usr/bin/kinit', '-k', '-t', '/etc/krb5.keytab', princ],
                     env={'KRB5CCNAME':CCACHE_FILE})
     except CalledProcessError, e:
         print >>sys.stderr, "Failed to obtain host TGT."
-- 
1.7.4


_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to