Arch Linux

btwxt

Member

Registered: 2009-12-14

Posts: 34

[SOLVED] oidentd IPv6 support

I noticed in the oidentd man pages there is a bug on NetBSD that prevents IPv6 lookup. 

Sure enough, it's in Arch as well.  I have a configuration that worked fine in Debian,
if that's any sort of clue, and it works for IPv4 connections.

Any ideas on patches/fixes?

Last edited by btwxt (2010-03-06 20:05:23)

lucke

Member

From: Poland

Registered: 2004-11-30

Posts: 4,018

Re: [SOLVED] oidentd IPv6 support

Don't see a mention of any NetBSD bug in the oident's manpage.

For whatever it's worth, oidentd has been answering queries from IPv6 IRC servers for me.

btwxt

Member

Registered: 2009-12-14

Posts: 34

Re: [SOLVED] oidentd IPv6 support

lucke:

My mistake, it said Solaris has no IPv6 support. 

Still only working for IPv4 for me.  Not a big issue, but slightly annoying.

Out of curiosity, are you using the main config file /etc/oidentd.conf,
the $HOME/.oidentd.conf, or both?

Last edited by btwxt (2010-03-05 06:48:52)

lucke

Member

From: Poland

Registered: 2004-11-30

Posts: 4,018

Re: [SOLVED] oidentd IPv6 support

I just have one rule in /etc/oidentd.conf.

I was using a tunnel from sixxs for a while, but I'm not using it at the moment, because my PoP started having problems with reliability. I know that at some point oidentd on IPv6 stopped working for me. After a bit of fiddling I observed thought that it could either work for IPv4 or IPv6 - it had to be bound to the IPv6 address if it was to work with IPv6. I might've been running two oidentds at some point, one for IPv4 and one for IPv6 - I don't really remember how I got both v4 and v6 to work, it's a bit hazy in my mind.

btwxt

Member

Registered: 2009-12-14

Posts: 34

Re: [SOLVED] oidentd IPv6 support

That makes sense.  I don't know what arguments were passed to it in Debian (I just used /etc/init.d/oidentd start, and it worked) so I'll have to fiddle with it.

Thanks!

snakebite

Member

From: Norway

Registered: 2009-05-13

Posts: 42

Re: [SOLVED] oidentd IPv6 support

Replace

/usr/sbin/oidentd

in your /etc/rc.d/oidentd with

/usr/sbin/oidentd -a ::

and it should work for both IPv4 and IPv6 (works for me).

btwxt

Member

Registered: 2009-12-14

Posts: 34

Re: [SOLVED] oidentd IPv6 support

snakebite:

Thanks a lot.  That works great for IPv4 and IPv6.

:]

iynque

Member

Registered: 2015-10-04

Posts: 1

Re: [SOLVED] oidentd IPv6 support

I kept trying to figure this out on Lubuntu and ended up here over and over again while searching for an answer, so I'm posting here for anyone else having trouble like I did.

Today I finally got it working. Using htop, I noticed that the command running oidentd was /usr/sbin/oidentd -mf -a :: -P 10.0.0.1 -u oidentd -g oidentd. There's the problem! I want to use ipv6, but oidentd is working with my router at 10.0.0.1 instead of the router's ipv6 address. Turns out theres some code in /etc/init.d/oidentd so that "If we have a default router, then allow it to proxy auth requests to us," which was pulling my router's ipv4 address and adding -P 10.0.0.1 to my oidentd options.

I had to edit /etc/init.d/oidentd and change the way this was handled. So for OIDENT_OPTIONS="" I changed the line to OIDENT_OPTIONS="-a ::" to use ipv6 (as suggested here), but I also commented out a whole section:

#if [ "${OIDENT_BEHIND_PROXY}" = "yes" ]; then
#  # If we have a default router, then allow it to proxy auth requests to us
#  if [ -x /bin/netstat ] && [ -x /usr/bin/awk ]; then
#    GATEWAY=`netstat -nr | awk '/^0.0.0.0/{print $2;}'`
#  elif [ -x /bin/ip ] && [ -x /usr/bin/awk ]; then
#    GATEWAY=`ip route show 0.0.0.0/0 | awk '/^default via /{print $3}'`
#  fi
#  if [ -n "${GATEWAY}" ]; then
#    OIDENT_OPTIONS="${OIDENT_OPTIONS} -P ${GATEWAY}"
#  fi
#fi

…and instead of grabbing that IP address (which was always an ipv4 address), I changed the OPTIONS line just below that to the following:

OPTIONS="${OIDENT_OPTIONS} -P ::ffff:0: -u ${OIDENT_USER} -g ${OIDENT_GROUP}"

…with my router's ipv6 address inserted.

Now it finally works correctly.

There's probably a better way to do this, but me 'n' Google can't seem to find it.