search

lvps / 389ds-server

Ansible role to configure 389DS
Apache License 2.0
23 stars 14 forks source link

only listen ipv6 #1

Closed pescobar closed 4 years ago

pescobar commented 4 years ago

I tested with ansible-2.7.11 and molecule-2.20.1 and in the testinfra section I get this error:

    =================================== FAILURES ===================================
    _________________ test_389ds_listening_389[ansible://default] __________________

    host = <testinfra.host.Host object at 0x307d810>

        def test_389ds_listening_389(host):
            socket = host.socket('tcp://0.0.0.0:389')

    >       assert socket.is_listening
    E       assert False
    E        +  where False = <socket tcp://0.0.0.0:389>.is_listening

    tests/test_default.py:25: AssertionError
pescobar commented 4 years ago

The problem that I am hitting when running the molecule tests is that the service only listens in the ipv6 address. Some other reported the same problem https://lists.fedoraproject.org/pipermail/389-users/2011-January/012743.html https://bugzilla.redhat.com/show_bug.cgi?id=982582

I could workaround it in the molecule docker container as described here http://gsr-linux.blogspot.com/2010/06/enforcing-directory-server-instances-to.html

I guess a task like this could workaround the issue:

- name: Fix listen address                                                                                                                                                                                            
  ldap_attr:                                                                                                                                                                                                                           
    params: "{{ dirsrv_ldap_auth }}"
    dn: cn=config
    name: "nsslapd-listenhost"
    values: "0.0.0.0"
    state: exact    
  notify: dirsrv restart
pescobar commented 4 years ago

I confirm that this task workarounds the problem:

- name: Fix listen address                                                                                                                                                                                                           
  ldap_attr:                                                                                                                                                                                                                         
    params: "{{ dirsrv_ldap_auth }}"                                                                                                                                                                                                 
    dn: cn=config                                                                                                                                                                                                                    
    name: "nsslapd-listenhost"                                                                                                                                                                                                       
    values: "0.0.0.0"                                                                                                                                                                                                                
    state: exact                                                                                                                                                                                                                     
  notify: dirsrv restart
lvps commented 4 years ago

Hi, thanks for the workaround, I've applied it in the last commit. I've added a new dirsrv_listen_host variable to make the address configurable and set it to 0.0.0.0 in Molecule tests.

Strangely enough I could not reproduce the issue, can you confirm that the fix works?

pescobar commented 4 years ago

I confirm the latest commit workarounds the problem.

I did some tests to try to figure out why you couldn't reproduce the error and I noticed that I hit the problem with molecule-2.20.1 but I don't hit the problem if I ugprade to molecule-2.22.

I guess it's somehow related to how molecule 2.20.1 boots the containers? Anyway I am just guessing, I don't have time to debug deeper to try to find the root problem

lvps commented 4 years ago

Thanks again, I've also updated molecule to 2.22 for good measure. This should be resolved now.