mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-24 16:10:02 -06:00
server install: require IPv6 stack to be enabled
Add checks to install and replica install to verify IPv6 stack is enabled. IPv6 is required by some IPA parts (AD, conncheck, ...). https://pagure.io/freeipa/issue/6608 Reviewed-By: Martin Basti <mbasti@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
This commit is contained in:
parent
1aa314c796
commit
a572e61cb5
@ -358,6 +358,7 @@ class BasePathNamespace(object):
|
||||
IPA_CUSTODIA_AUDIT_LOG = '/var/log/ipa-custodia.audit.log'
|
||||
IPA_GETKEYTAB = '/usr/sbin/ipa-getkeytab'
|
||||
EXTERNAL_SCHEMA_DIR = '/usr/share/ipa/schema.d'
|
||||
IF_INET6 = '/proc/net/if_inet6'
|
||||
|
||||
@property
|
||||
def USER_CACHE_PATH(self):
|
||||
|
@ -103,6 +103,11 @@ class BaseTaskNamespace(object):
|
||||
|
||||
raise NotImplementedError()
|
||||
|
||||
def check_ipv6_stack_enabled(self):
|
||||
"""Check whether IPv6 kernel module is loaded"""
|
||||
|
||||
raise NotImplementedError()
|
||||
|
||||
def restore_hostname(self, fstore, statestore):
|
||||
"""
|
||||
Restores the original hostname as backed up in the
|
||||
|
@ -134,6 +134,20 @@ class RedHatTaskNamespace(BaseTaskNamespace):
|
||||
'Install the policycoreutils package and start '
|
||||
'the installation again.' % restorecon)
|
||||
|
||||
def check_ipv6_stack_enabled(self):
|
||||
"""Checks whether IPv6 kernel module is loaded.
|
||||
|
||||
Function checks if /proc/net/if_inet6 is present. If IPv6 stack is
|
||||
enabled, it exists and contains the interfaces configuration.
|
||||
|
||||
:raises: RuntimeError when IPv6 stack is disabled
|
||||
"""
|
||||
if not os.path.exists(paths.IF_INET6):
|
||||
raise RuntimeError(
|
||||
"IPv6 kernel module has to be enabled. If you do not wish to "
|
||||
"use IPv6, please disable it on the interfaces in "
|
||||
"sysctl.conf and enable the IPv6 kernel module.")
|
||||
|
||||
def restore_pre_ipa_client_configuration(self, fstore, statestore,
|
||||
was_sssd_installed,
|
||||
was_sssd_configured):
|
||||
|
@ -330,6 +330,7 @@ def install_check(installer):
|
||||
raise RuntimeError(
|
||||
"Installing IPA server in FIPS mode is not supported")
|
||||
|
||||
tasks.check_ipv6_stack_enabled()
|
||||
tasks.check_selinux_status()
|
||||
|
||||
if options.master_password:
|
||||
|
@ -517,6 +517,7 @@ def install_check(installer):
|
||||
raise RuntimeError(
|
||||
"Installing IPA server in FIPS mode is not supported")
|
||||
|
||||
tasks.check_ipv6_stack_enabled()
|
||||
tasks.check_selinux_status()
|
||||
|
||||
if is_ipa_configured():
|
||||
@ -1007,6 +1008,7 @@ def promote_check(installer):
|
||||
installer._enrollment_performed = False
|
||||
installer._top_dir = tempfile.mkdtemp("ipa")
|
||||
|
||||
tasks.check_ipv6_stack_enabled()
|
||||
tasks.check_selinux_status()
|
||||
|
||||
if is_ipa_configured():
|
||||
|
Loading…
Reference in New Issue
Block a user