localhost.localdomain clients refused to join

Machines with hostname 'localhost' or 'localhost.localdomain' are refused from joining IPA domain and proper error message is shown. The hostname check is done both in 'ipa-client-install' script and in 'ipa-join'. https://fedorahosted.org/freeipa/ticket/2112
2025-02-25 18:55:28 -06:00 · 2012-01-20 13:44:48 +01:00 · 2012-01-20 13:44:48 +01:00 · f7b4eb6a09
commit f7b4eb6a09
parent f3b606b627
2 changed files with 9 additions and 0 deletions
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@ -872,6 +872,9 @@ def install(options, env, fstore, statestore):
    if hostname != hostname.lower():
        print 'Invalid hostname \'%s\', must be lower-case.' % hostname
        return CLIENT_INSTALL_ERROR
+    if (hostname == 'localhost') or (hostname == 'localhost.localdomain'):
+        print 'Invalid hostname, \'%s\' must not be used.' % hostname
+        return CLIENT_INSTALL_ERROR

    # when installing with '--no-sssd' option, check whether nss-ldap is installed
    if not options.sssd:
--- a/ipa-client/ipa-join.c
+++ b/ipa-client/ipa-join.c
@ -937,6 +937,12 @@ join(const char *server, const char *hostname, const char *bindpw, const char *b
        goto cleanup;
    }

+    if ((!strcmp(host, "localhost")) || (!strcmp(host, "localhost.localdomain"))){
+        fprintf(stderr, _("The hostname must not be: %s\n"), host);
+        rval = 16;
+        goto cleanup;
+    }
+
    if (bindpw)
        rval = join_ldap(ipaserver, host, &hostdn, bindpw, basedn, &princ, &subject, quiet);
    else {