Single-quoted entries are invalid in /etc/resolv.conf on network install with NetworkManager disabled

Bug #809885 reported by Daniel Manrique on 2011-07-13
46
This bug affects 7 people
Affects Status Importance Assigned to Milestone
casper (Ubuntu)
Medium
Unassigned

Bug Description

Binary package hint: casper

Ubuntu release: Oneiric Ocelot (LiveCD daily image from 2011-07-13).
Package: this is present in Casper 1.271.
What I expected to happen: valid entries in /etc/resolv.conf.
What happened instead: all entries in /etc/resolv.conf have single quotes around the values, causing problems while installing some other packages.

More details about this problem:

In a testing environment, we do network installs using the daily Oneiric images. One particularity is that we disable NetworkManager by creating an interface entry in /etc/interfaces prior to booting. Thus, scripts/casper-bottom/23networking is the sole responsible for creation of /etc/resolv.conf.

23networking parses the /tmp/net-${DEVICE}.conf file and takes the DNSDOMAIN value to fill up both the domain and search entries in resolv.conf, as well as the IPV4DNS{0,1} entries for the DNS servers. It ignores the rest of the values in the conf file. The ipconfig utility, which generates /tmp/net-${DEVICE}.conf files based on DHCP information, adds single quotes around the values. Files look like this:

(actual net-eth0.conf from an Oneiric install)

DEVICE='eth0'
IPV4ADDR='10.153.104.249'
IPV4BROADCAST='10.153.104.255'
IPV4NETMASK='255.255.255.0'
IPV4GATEWAY='10.153.104.1'
IPV4DNS0='10.153.104.60'
IPV4DNS1='0.0.0.0'
HOSTNAME=''
DNSDOMAIN='canonical.com'
NISDOMAIN=''
ROOTSERVER='10.153.104.60'
ROOTPATH=''
filename='/oneiric-desktop-i386/pxelinux.0'

23networking takes the values verbatim, including the quotes, and thus generates a resolv.conf that looks like this:

# /etc/resolv.conf
# Autogenerated by casper
search 'canonical.com'
domain 'canonical.com'
nameserver '10.153.104.60'
nameserver '0.0.0.0'

This gives problems later on: while installing postfix, it constructs the hostname by taking the domain name from resolv.conf, coming up with things like host.'domain.com' which are invalid and cause postfix configuration to fail. Also, although an unlikely use case, trying to access hosts by name with this invalid resolv.conf also fails.

This bug is not usually apparent because most installations use NetworkManager, which takes over resolv.conf, rebuilding it from DHCP information, which it doesn't quote, unlike ipconfig.

This bug is very similar in nature to bug 709364. Whereas the change in ipconfig (from klibc) that caused that bug double-quoted DNSDOMAIN to allow for multiple dns domains, this change to ipconfig single-quotes all entries in the generated file, to prevent arbitrary code execution from scripts which simply source the /tmp/net-${DEVICE}.conf file (not the case with casper so it can safely strip the quotes). This change was introduced in klibc in this commit:

commit 46a0f831582629612f0ff9707ad1292887f26bff
Author: Ulrich Dangel <email address hidden>
Date: Fri Apr 15 18:22:08 2011 +0200

Related branches

Changed in casper (Ubuntu):
status: New → Confirmed
Daniel Richard G. (skunk) wrote :

This bug is present in the Oneiric desktop release CDs. The live desktop environment (including Firefox) is broken because of this.

We need a fix on this *a month ago*.

Changed in casper (Ubuntu):
assignee: nobody → Daniel Manrique (roadmr)
importance: Undecided → Medium
milestone: none → precise-alpha-1
status: Confirmed → In Progress

In my case, this bug happens when I boot a using nfsboot.

If casper in confined inside initrd, is there any change that a fixed oneiric compatible initrd can be released?
Replacing the initrd will be no problem for a pxe boot process.

Zhang Cheng (stephenpcg) wrote :

I have the same problem, and I fixed it with some small modification to
~ubuntu-branches/ubuntu/precise/casper/precise : /scripts/casper-bottom/23networking

$ diff casper-bottom/23networking casper-bottom.new/23networking
81c81
< rc_search="$(sed -n 's/"//g;s/^DNSDOMAIN=//p' /tmp/net-"${DEVICE}".conf)"
---
> rc_search="$(sed -n 's/"//g;s/'\''//g;s/^DNSDOMAIN=//p' /tmp/net-"${DEVICE}".conf)"
83,85c83,85
< rc_domain="$(sed -n -e 's/"//g;s/^DNSDOMAIN=\([^ ]\+\) *.*/\1/p' /tmp/net-"${DEVICE}".conf)"
< rc_server0="$(sed -n 's/^IPV4DNS0=//p' /tmp/net-"${DEVICE}".conf)"
< rc_server1="$(sed -n 's/^IPV4DNS1=//p' /tmp/net-"${DEVICE}".conf)"
---
> rc_domain="$(sed -n -e 's/"//g;s/'\''//g;s/^DNSDOMAIN=\([^ ]\+\) *.*/\1/p' /tmp/net-"${DEVICE}".conf)"
> rc_server0="$(sed -n 's/"//g;s/'\''//g;s/^IPV4DNS0=//p' /tmp/net-"${DEVICE}".conf)"
> rc_server1="$(sed -n 's/"//g;s/'\''//g;s/^IPV4DNS1=//p' /tmp/net-"${DEVICE}".conf)"

Brian Murray, can you patch it?

Zhang Cheng (stephenpcg) wrote :

Sorry, I mentioned the wrong person in the last comment, I mean, Daniel Manrique.

Daniel Manrique (roadmr) wrote :

Hi Zhang,

A patch has already been submitted and is awaiting review, see here:

https://code.launchpad.net/~roadmr/ubuntu/oneiric/casper/809885/+merge/67868

Dave Walker (davewalker) on 2011-12-01
Changed in casper (Ubuntu):
milestone: precise-alpha-1 → precise-alpha-2
Brian Murray (brian-murray) wrote :

http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/precise/casper/precise/revision/976

This is fixed in precise now.

casper (1.292) precise; urgency=low

  * Do not let single quotes get into resolv.conf, otherwise DNS lookups
    will fail.

 -- Evan Dandrea <email address hidden> Fri, 25 Nov 2011 17:00:58 +0000

Changed in casper (Ubuntu):
assignee: Daniel Manrique (roadmr) → nobody
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Duplicates of this bug

Other bug subscribers