Univention Bugzilla – Full Text Bug Listing |
Description
Alexander Kläser
2013-11-11 17:00:47 CET
Created attachment 5601 [details] Fix same network addresses Nasty: See Bug #28670 comment 42 for a similar issue, which was not fixed completely. The problem is that ChangeSet.(old|new)_ipv[46]s() returns a *set* of IPNetwork() objects. If two interfaces are configured into the same sub-network, the second one is eliminated as a duplicate of the first one (because the network-address of x.x.x.1/24 and x.x.x.2/24 are both x.x.x.0/24 and thus the same). AddressChange() only used that filtered view to detect, if there was change in the number of configured addresses and skipped all changes: # grep "No address change" /var/log/univention/setup.log WARNING:uss.network.plug:Phase skipped: No address change The attached patch fixed that by changing (old|new)_ipv[46]s() to return a list of all IP-Addresses instead of a set and moving the duplicate-network-filtering down into the individual checks. Cool, thanks, Philipp :) ! switching assignee & qa_contact because Philipp wrote the patch. univention-system-setup: r47175,r47178,r47181 YAML: r47182 branches/ucs-3.2/ucs-3.2-0/doc/errata/staging/2014-01-15-univention-system-setup.yaml For extra QA: There was a change to debian/u-s-s-boot.install; please verify that before and after the update the following directories contains the same file names: usr/share/univention-system-setup/startxwithfirefox usr/lib/univention-system-setup/cleanup-pre.d usr/lib/univention-system-setup/cleanup-post.d usr/lib/univention-system-setup/appliance-hooks.d etc/init.d r47203, univention-system-setup_7.0.69-3.564.201401170856, r47204 The aRecord's for the host record in the dns forward zone are not updated/set. (In reply to Florian Best from comment #6) > The aRecord's for the host record in the dns forward zone are not > updated/set. This only happens when additional addresses are added to an already existing address, which is not removed. After discussion with Stefan, this will not be changed: The current implementation of "class simpleComputer" only changes one IP address by default, not all addresses. Adding all IP addresses by default could lead to the situation, where Windows clients will pick the wrong IP address form a different subnet and are unable to connect. Because of that the DNS forward configuration should be explicit: If the admin required multiple addresses to be listed, she should do so herself. We will wait for more user feedback on this issue. PS: For IPv6 it is already required to iterate over all IPv6 addresses, since it is required to try all addresses returned by getaddrinfo() until a working one is found. We don't know what Windows implements, so we wait for more user feedback. See Bug #28562 for a similar issues with univention-join. OK: IP address changes (within the same network) are correctly written into the ldap aRecord attribute of the computer object. (In reply to Philipp Hahn from comment #5) > For extra QA: There was a change to debian/u-s-s-boot.install; please verify > that before and after the update the following directories contains the same > file names: > usr/share/univention-system-setup/startxwithfirefox > usr/lib/univention-system-setup/cleanup-pre.d > usr/lib/univention-system-setup/cleanup-post.d > usr/lib/univention-system-setup/appliance-hooks.d > etc/init.d > > r47203, univention-system-setup_7.0.69-3.564.201401170856, r47204 OK (In reply to Philipp Hahn from comment #7) > (In reply to Florian Best from comment #6) > > The aRecord's for the host record in the dns forward zone are not > > updated/set. > > This only happens when additional addresses are added to an already existing > address, which is not removed. > > After discussion with Stefan, this will not be changed: > The current implementation of "class simpleComputer" only changes one IP > address by default, not all addresses. Adding all IP addresses by default > could lead to the situation, where Windows clients will pick the wrong IP > address form a different subnet and are unable to connect. Because of that > the DNS forward configuration should be explicit: If the admin required > multiple addresses to be listed, she should do so herself. > > We will wait for more user feedback on this issue. > > PS: For IPv6 it is already required to iterate over all IPv6 addresses, > since it is required to try all addresses returned by getaddrinfo() until a > working one is found. We don't know what Windows implements, so we wait for > more user feedback. See Bug #28562 for a similar issues with univention-join. OK YAML: OK |