#2342: OSGeo UserID registration logs contain unusable IP address
---------------------------+-------------------
Reporter: strk | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone:
Component: Systems Admin | Keywords: ldap
---------------------------+-------------------
They log IP address of the gateway (ngnix?)
Example:
... registered from 10.88.1.4 ....
... registered from fd42:a5ff:18d2:7141:216:3eff:feff:3c88 ...
Note that:
8.8.c.3.f.f.e.f.f.f.e.3.6.1.2.0.1.4.1.7.2.d.8.1.f.f.5.a.2.4.d.f.ip6.arpa
domain name pointer nginx.lxd.
4.1.88.10.in-addr.arpa domain name pointer nginx.lxd.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2342>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2342: OSGeo UserID registration logs contain unusable IP address
---------------------------+----------------------------------------
Reporter: strk | Owner: sac@…
Type: task | Status: new
Priority: critical | Milestone: Sysadmin Contract 2019-II
Component: Systems Admin | Resolution:
Keywords: ldap |
---------------------------+----------------------------------------
Changes (by strk):
* priority: normal => critical
* milestone: => Sysadmin Contract 2019-II
Comment:
The problem also affects the email sent to the registering user, which
would be told that "someone from <internal_ip> requested an OSGeo account
creation". This is a security issue as well as a user-facing issue.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2342#comment:1>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2342: OSGeo UserID registration logs contain unusable IP address
---------------------------+----------------------------------------
Reporter: strk | Owner: sac@…
Type: task | Status: new
Priority: critical | Milestone: Sysadmin Contract 2019-II
Component: Systems Admin | Resolution:
Keywords: ldap |
---------------------------+----------------------------------------
Comment (by strk):
The scripts are using REMOTE_ADDR env variable to retrive the user IP.
What should then be changed to do ?
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2342#comment:2>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2342: OSGeo UserID registration logs contain unusable IP address
---------------------------+----------------------------------------
Reporter: strk | Owner: sac@…
Type: task | Status: new
Priority: critical | Milestone: Sysadmin Contract 2019-II
Component: Systems Admin | Resolution:
Keywords: ldap |
---------------------------+----------------------------------------
Comment (by strk):
Followups in https://git.osgeo.org/gitea/sac/web-cgi-bin/issues/10
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2342#comment:3>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2342: OSGeo UserID registration logs contain unusable IP address
---------------------------+----------------------------------------
Reporter: strk | Owner: sac@…
Type: task | Status: new
Priority: critical | Milestone: Sysadmin Contract 2019-II
Component: Systems Admin | Resolution:
Keywords: ldap |
---------------------------+----------------------------------------
Comment (by strk):
Please see https://git.osgeo.org/gitea/sac/web-cgi-bin/pulls/11
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2342#comment:4>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2342: OSGeo UserID registration logs contain unusable IP address
---------------------------+----------------------------------------
Reporter: strk | Owner: sac@…
Type: task | Status: closed
Priority: critical | Milestone: Sysadmin Contract 2019-II
Component: Systems Admin | Resolution: fixed
Keywords: ldap |
---------------------------+----------------------------------------
Changes (by strk):
* status: new => closed
* resolution: => fixed
Comment:
Fixed via https://git.osgeo.org/gitea/sac/web-cgi-bin/issues/10
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2342#comment:5>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.