Line 166: |
Line 166: |
| ====Services==== | | ====Services==== |
| | | |
− | List of other affected services | + | List of other affected services and vague efforts to get IPv6 running for them. |
| | | |
| httpd | | httpd |
| + | |
| email | | email |
| + | |
| smbd | | smbd |
| + | |
| mysql (already listens for tcp6/3313) | | mysql (already listens for tcp6/3313) |
| + | |
| ntpd (already listens on udp6/123) | | ntpd (already listens on udp6/123) |
| + | |
| sshd as below | | sshd as below |
| | | |
− | SSH (bad hack here so careful as this may open your server up to remote access) | + | ldap as below |
| + | |
| + | =====SSH===== (bad hack here so careful as this may open your server up to remote access) |
| | | |
| mkdir /etc/e-smith/templates-custom/etc/ssh/sshd_config | | mkdir /etc/e-smith/templates-custom/etc/ssh/sshd_config |
Line 199: |
Line 206: |
| ssh root@2001:470:1f13:3ff:2a9:b700:fe99:792c | | ssh root@2001:470:1f13:3ff:2a9:b700:fe99:792c |
| | | |
| + | =====LDAP===== |
| + | |
| + | mkdir -p /etc/e-smith/templates-custom/etc/sysconfig/slapd |
| + | nano /etc/e-smith/templates-custom/etc/sysconfig/slapd/40OPTIONS |
| + | |
| + | Add this code: |
| + | |
| + | { |
| + | { |
| + | # Any custom options |
| + | #SLAPD_OPTIONS=" -4 -d { $ldap{LogLevel} || 256 } -s 0 " |
| + | my $slapdOptions = "#Test"; |
| + | my $logLevel = $ldap{LogLevel} || 256; |
| + | if ($IPv6{'status'} eq "enabled") { |
| + | $slapdOptions = "SLAPD_OPTIONS=\"-d $logLevel -s 0\" " ; |
| + | } else { |
| + | $slapdOptions = "SLAPD_OPTIONS=\"-4 -d $logLevel -s 0\" " ; |
| + | } |
| + | $OUT .= "# Any custom options\n"; |
| + | $OUT .= "$slapdOptions\n"; |
| + | } |
| + | |
| + | Edited the unit file /usr/lib/systemd/system/ldap.service to comment out the Environment line and just leave the config file |
| + | |
| + | #Environment="SLAPD_URLS=ldap:/// ldaps:/// ldapi:///" "SLAPD_OPTIONS=-4 -d 256 -s 0" |
| + | EnvironmentFile=/etc/sysconfig/slapd |
| + | |
| + | systemctl daemon-reload |
| + | systemctl restart ldap.service |
| + | |
| + | '''However, /usr/sbin/cpu is not IPv6 aware and is unmaintained.''' |
| + | |
| + | We can bypass this and force IPv4 by editing: |
| + | |
| + | /etc/cpu-system.conf |
| + | |
| + | Modify the template and change localhost to 127.0.0.1 |
| + | |
| + | [LDAP] |
| + | LDAP_HOST = 127.0.0.1 |
| + | LDAP_PORT = 389 |
| | | |
| ===Other notes=== | | ===Other notes=== |