859
edits
Changes
Jump to navigation
Jump to search
Line 166:
Line 166: − + + + + + + − + + + Line 199:
Line 206: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
→LDAP
====Services====
====Services====
List of other affected services
List of other affected services and vague efforts to get IPv6 running for them.
httpd
httpd
email
email
smbd
smbd
mysql (already listens for tcp6/3313)
mysql (already listens for tcp6/3313)
ntpd (already listens on udp6/123)
ntpd (already listens on udp6/123)
sshd as below
sshd as below
SSH (bad hack here so careful as this may open your server up to remote access)
ldap as below
=====SSH===== (bad hack here so careful as this may open your server up to remote access)
mkdir /etc/e-smith/templates-custom/etc/ssh/sshd_config
mkdir /etc/e-smith/templates-custom/etc/ssh/sshd_config
ssh root@2001:470:1f13:3ff:2a9:b700:fe99:792c
ssh root@2001:470:1f13:3ff:2a9:b700:fe99:792c
=====LDAP=====
mkdir -p /etc/e-smith/templates-custom/etc/sysconfig/slapd
nano /etc/e-smith/templates-custom/etc/sysconfig/slapd/40OPTIONS
Add this code:
{
{
# Any custom options
#SLAPD_OPTIONS=" -4 -d { $ldap{LogLevel} || 256 } -s 0 "
my $slapdOptions = "#Test";
my $logLevel = $ldap{LogLevel} || 256;
if ($IPv6{'status'} eq "enabled") {
$slapdOptions = "SLAPD_OPTIONS=\"-d $logLevel -s 0\" " ;
} else {
$slapdOptions = "SLAPD_OPTIONS=\"-4 -d $logLevel -s 0\" " ;
}
$OUT .= "# Any custom options\n";
$OUT .= "$slapdOptions\n";
}
Edited the unit file /usr/lib/systemd/system/ldap.service to comment out the Environment line and just leave the config file
#Environment="SLAPD_URLS=ldap:/// ldaps:/// ldapi:///" "SLAPD_OPTIONS=-4 -d 256 -s 0"
EnvironmentFile=/etc/sysconfig/slapd
systemctl daemon-reload
systemctl restart ldap.service
'''However, /usr/sbin/cpu is not IPv6 aware and is unmaintained.'''
We can bypass this and force IPv4 by editing:
/etc/cpu-system.conf
Modify the template and change localhost to 127.0.0.1
[LDAP]
LDAP_HOST = 127.0.0.1
LDAP_PORT = 389
===Other notes===
===Other notes===