Bug 36012 - Warn about hostnames with underscores
Warn about hostnames with underscores
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: UMC - System diagnostic
UCS 4.1
Other Linux
: P5 normal (vote)
: UCS 4.2-2-errata
Assigned To: Lukas Oyen
Jürn Brodersen
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2014-09-29 09:06 CEST by Janis Meybohm
Modified: 2017-09-20 15:03 CEST (History)
4 users (show)

See Also:
What kind of report is it?: Feature Request
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:
oyen: Patch_Available+


Attachments
36012-diagnostic-hostname-check-420.patch (9.80 KB, patch)
2017-06-08 15:02 CEST, Lukas Oyen
Details | Diff
36012-diagnostic-hostname-check-420.patch (7.59 KB, patch)
2017-06-08 15:03 CEST, Lukas Oyen
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Janis Meybohm univentionstaff 2014-09-29 09:06:47 CEST
We (UMC) allow hostnames to have underscores (bug31798) presumably to be able to takeover AD domains that may contain hostnames converted from NetBIOS names that may contain underscores.

A customer reported via http://forum.univention.de/viewtopic.php?f=48&t=3492 that registering those host names in DNS may fail.

We could add a diagnostic module to check for "not RFC compliant" host names.
Comment 1 Lukas Oyen univentionstaff 2017-06-08 15:02:17 CEST
Created attachment 8909 [details]
36012-diagnostic-hostname-check-420.patch

Check hostnames (filter objectClass=univentionHost, attribute cn) for RFC 1123 [1] compliance. If any non-compliant hostnames are found, a Warning is raised.

[1]: https://tools.ietf.org/html/rfc1123#section-2
Comment 2 Lukas Oyen univentionstaff 2017-06-08 15:03:35 CEST
Created attachment 8910 [details]
36012-diagnostic-hostname-check-420.patch

Update, forgot to squash.
Comment 3 Lukas Oyen univentionstaff 2017-08-01 16:27:16 CEST
Committed in r81609 - r81610 (advisory r81649).
Comment 4 Jürn Brodersen univentionstaff 2017-08-30 15:44:58 CEST
Looks good :)

What I tested:
Checked two computers with: "cn=foo-" and "cn=foo_under" -> The diagnose module warned me about them -> OK

YAML -> OK

Note:
If I understand the RFC correctly dots in hostnames and hostnames up to 255 characters would be ok, too. But that way we might not be able to add them to the dns. Because of that I would say the regex is good.
Comment 5 Lukas Oyen univentionstaff 2017-09-04 09:37:50 CEST
(In reply to Jürn Brodersen from comment #4)
> If I understand the RFC correctly dots in hostnames and hostnames up to 255
> characters would be ok, too. But that way we might not be able to add them
> to the dns. Because of that I would say the regex is good.

The regex is the one from `hostName` from univention.admin.syntax without the underscores.
Comment 6 Erik Damrose univentionstaff 2017-09-20 15:03:38 CEST
<http://errata.software-univention.de/ucs/4.2/166.html>