Single-quoted entries are invalid in /etc/resolv.conf on network install with NetworkManager disabled
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
casper (Ubuntu) |
Fix Released
|
Medium
|
Unassigned |
Bug Description
Binary package hint: casper
Ubuntu release: Oneiric Ocelot (LiveCD daily image from 2011-07-13).
Package: this is present in Casper 1.271.
What I expected to happen: valid entries in /etc/resolv.conf.
What happened instead: all entries in /etc/resolv.conf have single quotes around the values, causing problems while installing some other packages.
More details about this problem:
In a testing environment, we do network installs using the daily Oneiric images. One particularity is that we disable NetworkManager by creating an interface entry in /etc/interfaces prior to booting. Thus, scripts/
23networking parses the /tmp/net-
(actual net-eth0.conf from an Oneiric install)
DEVICE='eth0'
IPV4ADDR=
IPV4BROADCAST=
IPV4NETMASK=
IPV4GATEWAY=
IPV4DNS0=
IPV4DNS1='0.0.0.0'
HOSTNAME=''
DNSDOMAIN=
NISDOMAIN=''
ROOTSERVER=
ROOTPATH=''
filename=
23networking takes the values verbatim, including the quotes, and thus generates a resolv.conf that looks like this:
# /etc/resolv.conf
# Autogenerated by casper
search 'canonical.com'
domain 'canonical.com'
nameserver '10.153.104.60'
nameserver '0.0.0.0'
This gives problems later on: while installing postfix, it constructs the hostname by taking the domain name from resolv.conf, coming up with things like host.'domain.com' which are invalid and cause postfix configuration to fail. Also, although an unlikely use case, trying to access hosts by name with this invalid resolv.conf also fails.
This bug is not usually apparent because most installations use NetworkManager, which takes over resolv.conf, rebuilding it from DHCP information, which it doesn't quote, unlike ipconfig.
This bug is very similar in nature to bug 709364. Whereas the change in ipconfig (from klibc) that caused that bug double-quoted DNSDOMAIN to allow for multiple dns domains, this change to ipconfig single-quotes all entries in the generated file, to prevent arbitrary code execution from scripts which simply source the /tmp/net-
commit 46a0f8315826296
Author: Ulrich Dangel <email address hidden>
Date: Fri Apr 15 18:22:08 2011 +0200
Related branches
- Daniel Manrique (community): Needs Resubmitting
- Colin Watson: Needs Fixing
-
Diff: 47 lines (+13/-9)2 files modifieddebian/changelog (+6/-1)
scripts/casper-bottom/23networking (+7/-8)
Changed in casper (Ubuntu): | |
status: | New → Confirmed |
Changed in casper (Ubuntu): | |
assignee: | nobody → Daniel Manrique (roadmr) |
importance: | Undecided → Medium |
milestone: | none → precise-alpha-1 |
status: | Confirmed → In Progress |
Changed in casper (Ubuntu): | |
milestone: | precise-alpha-1 → precise-alpha-2 |
This bug is present in the Oneiric desktop release CDs. The live desktop environment (including Firefox) is broken because of this.
We need a fix on this *a month ago*.