LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
LinkBack Search this Thread
Old 11-17-2012, 01:32 PM   #1
sneakyimp
Member
 
Registered: Dec 2004
Posts: 762

Rep: Reputation: 48
getting errors related to hostname -- security problem? ok to change hostname?


I set up an Amazon EC2 instance running Ubuntu. I have since restarted this virtual machine. I'm not certain, but I believe that restarting a machine can result in the LAN IP address changing. I have assigned an "elastic IP" to this server instance so that the public may access it.

The other day the web server on this virtual machine became unresponsive. While I was logged in, I tried to check the hostname and got an error:
Code:
sneakyimp@ip-11-22-33-44:~$ hostname -f
hostname: Name or service not known
I also get errors when trying to perform a sudo command:
Code:
sneakyimp@ip-11-22-33-44:~$ sudo /etc/init.d/apache2 restart
sudo: unable to resolve host ip-11-22-33-44
 * Restarting web server apache2                                                                                                                                                                                     apache2: apr_sockaddr_info_get() failed for ip-11-22-33-44
apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
 ... waiting apache2: apr_sockaddr_info_get() failed for ip-11-22-33-44
apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
I don't recall this happening before and wonder what might have happened. I have spent a lot of time hardening this server and would be quite surprised if it has been compromised. The reason for the apache becoming unresponsive appears to have been caused by a separate machine (an Amazon RDS database node).

On the other hand, this machine is running in a virtualized environment. I suppose anything is possible.

Is it OK for me to change the hostname to something like www.example.com? Should this be done by editing /etc/hostname or by using the hostname command? I believe the original one was assigned by the Amazon EC2 system, but cannot be sure of that. When I instantiate new servers from a machine image based on this server, they appear to have different hostnames that are assigned by the EC2 system. Also, I'm not sure what system processes might be affected when I change the hostname. The default hostnames are also pretty unhelpful when I receive fail2ban or samhain notifications. Lastly, I expect in the near future I may have numerous copies of this virtual machine all serving www.example.com and I'd like to be able to distinguish them.

I'm also wary of assuming a hostname that might cause some kind of network conflict. Unfortunately, I'm not really sure what role the hostname on a particular system plays in the grander scheme of networking. I've noticed that the default hostname style supplied by EC2 for these machines is somewhat different for new machines than when I set up this particular machine a couple of years ago. I'm wondering if hostname must be unique on a LAN or within a particular network? Here's an example of a more recent EC2 hostname:
Code:
domU-12-34-56-78-90-AB.compute-1.internal
Perhaps they are using IPv6 on their internal network.

I checked "man hostname" and was unable to find out much. This seemed to be the most informative bit:
Quote:
Originally Posted by man hostname
If a machine has multiple network interfaces/addresses or is used in a mobile environment, then it may either have multiple FQDNs/domain names or none at all. Therefore avoid using hostname --fqdn, hostname --domain and dnsdomainname. hostname --ip-address is subject to the same limitations so it should be avoided as well.
 
Old 11-18-2012, 07:12 AM   #2
Habitual
Senior Member
 
Registered: Jan 2011
Distribution: Slack14_64_Multilib
Posts: 2,725
Blog Entries: 3

Rep: Reputation: 627Reputation: 627Reputation: 627Reputation: 627Reputation: 627Reputation: 627
post your sanitized /etc/hosts file i from p-11-22-33-44 please.

Also have a look at https://forums.aws.amazon.com/thread...threadID=70081

"hostname -f" fails on every EC2 host I manage.

EIPs do NOT change on instance reboot/restart. Stopping them, yes, bouncing them, no.

"apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName" is non-fatal. An "error" I usually ignore both on and off EC2 hosts.

You can give an EC2 instance a "public IP" but until you edit the Security Group/Port it may not really be "public".

Please let us know.
 
Old 11-18-2012, 05:25 PM   #3
sneakyimp
Member
 
Registered: Dec 2004
Posts: 762

Original Poster
Rep: Reputation: 48
Quote:
Originally Posted by Habitual View Post
post your sanitized /etc/hosts file i from p-11-22-33-44 please.
Code:
sneakyimp@ip-11-22-33-44:/home/sneakyimp$ cat /etc/hosts
127.0.0.1 localhost

# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
Quote:
Originally Posted by Habitual View Post
Thanks for the link. Going now...

Quote:
Originally Posted by Habitual View Post
"hostname -f" fails on every EC2 host I manage.
It works fine on some of my more recent instances.

Quote:
Originally Posted by Habitual View Post
EIPs do NOT change on instance reboot/restart. Stopping them, yes, bouncing them, no.
EIPs? Bouncing? Can you please clarify?

Quote:
Originally Posted by Habitual View Post
"apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName" is non-fatal. An "error" I usually ignore both on and off EC2 hosts.
Yes I'm not concerned about this error -- just a bit confused by the need to check hostname. I'm guessing it tries to report "sudo command by X from host Y" in the auth log file. Wondering why my hosts file contains an IP address that bears no relation to the machine's current ip.

Quote:
Originally Posted by Habitual View Post
You can give an EC2 instance a "public IP" but until you edit the Security Group/Port it may not really be "public".
Yes this machine has an elastic IP and has been serving copious amounts of web traffice for about 2 years.

Quote:
Originally Posted by Habitual View Post
Please let us know.
Thanks for your response.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
clients CAN resolve hostname of server w/nslookup, but CANNOT access by hostname WTF? psycroptic Linux - Networking 9 11-10-2012 11:24 AM
https://hostname:1800/ or any hostname:port/ is blocked by smoothwall edgarhmg Linux - Security 3 02-23-2011 07:39 PM
Changed hostname during install, now CUPS has wrong hostname on web interface slinx Linux - Software 1 08-07-2009 08:01 PM
after hostname change, syslogd still output previous hostname to messages file tiger2000 Linux - General 3 07-22-2009 09:36 PM
Hostname problem related gnome tentolga Linux - Networking 2 08-27-2004 04:59 AM


All times are GMT -5. The time now is 03:03 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration