On Fri, Sep 15, 2017 at 04:28:31PM -0300, x9p wrote: > > > Hi. > > Hi. > > > > > While DNS lookups for localhost are unusual any reasonable configured > > DNS should have no trouble resolving it. Especially since there are OSes > > that try to resolve *everything* by default via including localhost (AIX > > comes to mind). > > > > Understand, but disagree with sudo doing DNS lookups. Will fill a bug with > them.
sudo(8) says: sudo supports a plugin architecture for security policies and input/output logging. Third parties can develop and distribute their own policy and I/O logging plugins to work seamlessly with the sudo front end. The default security policy is sudoers, which is configured via the file /etc/sudoers, or via LDAP. And LDAP means TCP, and TCP usually mean DNS requests. So it's unusual (sudo does not exhibit such behavior here), but possible. > > While you mentioned misconfigured resolv.conf I believe your problem > > lies somewhat deeper than this. > > Actually it is deeper. I did not pay that much attention to the strace I > did before. > > https://pastebin.com/j0rw5Kgn > > 10.1.2.9 is the DNS of the company I work for, turned out I had not > connected to the VPN yet by the time i issued the sudo command. A stray nameserver in resolv.conf, which can happen if resolvconf is used carelessly. Even more weird things are always possible with NetworkManager. > resolv.conf is not a symlink to systemd, just a plain file. I explicitly > removed the symlink and created a normal file. And of course one can never disregard a misconfigured VPN script. > > Specifically I'm interested with: > > > > grep hosts /etc/nsswitch.conf > > > > grep localhost /etc/hosts > > > > Reco > > > > Did not touched these, are the default from stretch: > > root@localhost:~# grep hosts /etc/nsswitch.conf > hosts: files mdns4_minimal [NOTFOUND=return] dns myhostname > root@localhost:~# grep localhost /etc/hosts > 127.0.0.1 localhost > 127.0.1.1 localhost > ::1 localhost ip6-localhost ip6-loopback Curious. Can you reproduce the behaviour if sudo is run as root? I propose to simplify things a bit (needs to be run as root): strace -o /tmp/sudo -econnect,open sudo -i Reco