> sudo(8) says: > > sudo supports a plugin architecture for security policies and > input/output logging. Third parties can develop and distribute their > own policy and I/O logging plugins to work seamlessly with the sudo > front end. The default security policy is sudoers, which is configured > via the file /etc/sudoers, or via LDAP. > > And LDAP means TCP, and TCP usually mean DNS requests. > > So it's unusual (sudo does not exhibit such behavior here), but > possible. >
Agree there are situations where sudo does TCP. Disagree with that occurring in my simplistic setup. sudo should not hang for X seconds if my DNS servers are incorrect. > A stray nameserver in resolv.conf, which can happen if resolvconf is > used carelessly. Even more weird things are always possible with > NetworkManager. Am too old, I like /etc/resolv.conf being just a file. Am avoiding to turn this into a systemd talk. >> resolv.conf is not a symlink to systemd, just a plain file. I explicitly >> removed the symlink and created a normal file. > > And of course one can never disregard a misconfigured VPN script. > > > >> > Specifically I'm interested with: >> > >> > grep hosts /etc/nsswitch.conf >> > >> > grep localhost /etc/hosts >> > >> > Reco >> > >> >> Did not touched these, are the default from stretch: >> >> root@localhost:~# grep hosts /etc/nsswitch.conf >> hosts: files mdns4_minimal [NOTFOUND=return] dns myhostname >> root@localhost:~# grep localhost /etc/hosts >> 127.0.0.1 localhost >> 127.0.1.1 localhost >> ::1 localhost ip6-localhost ip6-loopback > > Curious. Can you reproduce the behaviour if sudo is run as root? > I propose to simplify things a bit (needs to be run as root): > strace was already run as root (did "sudo su" as root to prove the point), otherwise strace would fail with "effective uid is not 0". x9p