So it gets a NXDOMAIN when trying to lookup newname and this error pops out. (My guess, based on experience, would be that when you changed the IP address and/or hostname of your current host, but you neglected to update /etc/hosts and/or didn't add a DNS entry for your new FQDN in whatever DNS server your network considers authoritative in this manner. That said, being unable to look up its own name may not be a security issue by itself, but that is a thing it should be able to do, and it would be wise to try and find out why it can't, just in case the error is masking a bigger problem. So you're very likely safe - as far as sudo is concerned, at least. Note that, like most security conscious software, sudo fails safe - if it can't look up the host, any entry that specify a host value is considered invalid. However, because that component still exists, sudo does a lookup for the current hostname to see if it may or may not match against any hypothetical entries in the sudoers file that might tell it whether or not to permit this sudo attempt. This has mostly fallen into disuse these days, but it was a way to keep the same sudoers file identical across multiple servers without having to tweak it for every single host. Solution: Configure HostName To encounter the above error, modify the hostname in the hosts configuration file. VolumePath: /home/matt/data/podman/root/volumesĪdditional environment details (AWS, VirtualBox, physical, etc.TL DR: Almost certainly none, but mind the qualifier.Īs man sudoers explains, there is room in a sudoers entry for a 'host' specification. Reason 1: Hostname Not Configured At the time of installing the Linux system, most users keep the default setting and do not assign any hostname, which is one of the reasons for the sudo: unable to resolve host error. Change the IP address in the file to: 8.8.8.8. Temporarily change your DNS to use Google’s nameservers instead of DigitalOcean’s: sudo nano /etc/nf. Git commit: 9b6a98cfd7813513e5697888baa93318395a2055 Make sure your DNS Resolver config file is writable: sudo chmod o+r /etc/nf. This seems to be due to the /etc/hosts file, see below. Apart from that, the command seems to succeed, but I am unsure about other implications.Īdditional information you deem important (e.g. The warning sudo: unable to resolve host a0b3a5d3b2a7 is printed. Repeat the test after adding -pod new:test_pod to the command line, thereby running the image inside a pod, and notice that a warning is output: podman run -pod new:test_pod -rm localhost/myimage:latest sudo -u myuser true Run a dummy command via sudo using the image outside any pod, and notice that the command succeeds without warning: podman run -rm localhost/myimage:latest sudo -u myuser true myuser) and install sudo ( apt-get -yq install sudo) This does not happen when running the same image outside of a pod, and seems to be related to the /etc/hosts file (see below).īuild an image derived from ubuntu:16.04 (let this image be myimage, introduce a system user (e.g. Check /etc/nf to see if you have working name servers defined. Make sure you have a matching hostname in /etc/hostname. But there are several legitimate variants. You want it too look like this: 127.0.0.1 localhost 127.0.1.1 ubuntu-server. Sudo: unable to resolve host a0b3a5d3b2a7 Run a dummy command via sudo using the image outside any pod, and notice that the command succeeds without warning: podman run -rm localhost/myimage:latest sudo -u myuser true. This may mean your DNS lookups are broken.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |