Bug#731583: Compares hostname no longer using FQDN

Wed, 12 Feb 2014 04:27:54 -0800 

Package: sudo
Version: 1.8.9p5-1
Followup-For: Bug #731583

This bug is still present in 1.8.9p5-1.

I thought you'd want to know that manipulating the 'fqdn' setting
(which is on by default anyway) does not have any effect.

I found the following relating to the 'fqdn' option in sudoers(5):

   This option is only effective when the “canonical” host name, as
   returned by the getaddrinfo() or gethostbyname() function, is
   a fully-qualified domain name.  This is usually the case when the
   system is configured to use DNS for host name resolution.

   If the system is configured to use the /etc/hosts file in
   preference to DNS, the “canonical” host name may not be
   fully-qualified.

What does this mean? And if so, why must it not be fully-qualified?

The manpage continues:

   In the /etc/hosts file, the first host name of the entry is
   considered to be the “canonical” name; subsequent names are
   aliases that are not used by sudoers.  For example, the following
   hosts file line for the machine “xyzzy” has the fully-qualified
   domain name as the “canonical” host name, and the short version
   as an alias.

      192.168.1.1    xyzzy.sudo.ws xyzzy

Right, this is what I have…

   If the machine's hosts file entry is not formatted properly, the
   fqdn option will not be effective if it is queried before DNS.

So is this properly formatted?

-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.12-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_NZ, LC_CTYPE=en_NZ.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages sudo depends on:
ii  libc6           2.17-97
ii  libpam-modules  1.1.8-1
ii  libpam0g        1.1.8-1
ii  libselinux1     2.2.2-1

sudo recommends no packages.

sudo suggests no packages.

-- Configuration Files:
/etc/sudoers [Errno 13] Permission denied: u'/etc/sudoers'
/etc/sudoers.d/README [Errno 13] Permission denied: u'/etc/sudoers.d/README'

-- no debconf information


-- 
 .''`.   martin f. krafft <[email protected]>      Related projects:
: :'  :  proud Debian developer               http://debiansystem.info
`. `'`   http://people.debian.org/~madduck    http://vcs-pkg.org
  `-  Debian - when you have better things to do than fixing systems

Attachment: digital_signature_gpg.asc
Description: Digital signature (see http://martin-krafft.net/gpg/sig-policy/999bbcc4/current)

Reply via email to