LinuxQuestions.org - systemd hostnamectl changes hostname without sudo

Page 1 of 2

Show 50 post(s) from this thread on one page

- Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)

- - systemd hostnamectl changes hostname without sudo (https://www.linuxquestions.org/questions/linux-software-2/systemd-hostnamectl-changes-hostname-without-sudo-4175592291/)

genogebot

10-26-2016 03:00 PM

systemd hostnamectl changes hostname without sudo

If I want to change the hostname on one of my Xubuntu 16.04.1 installations I usually edit /etc/hostname and /etc/hosts, which requires doing the usual 'sudo' to access the files in write mode as both have '-rw-r--r-' permissions.

I recently saw reference to the systemd command 'hostnamectl' which changes the environment variable and edits /etc/hostname at the same time, but I have found that it does not require 'sudo'. I can just enter 'hostnamectl set-hostname <whatever>' in a terminal and the string in /etc/hostname has been changed, without ever being asked for a password.

Is hostnamectl supposed to do that? It means anyone can change the hostname without root access. Surely this should require an admin password to do that.

jefro

10-26-2016 04:30 PM

When I see this I assume that the user has been granted some higher level permission. You'd have to check on that to be sure. I get the feeling that you are not changing the traditional host name.

Look at this for some tips.
https://www.freedesktop.org/software...stnamectl.html

http://www.cyberciti.biz/faq/rhel-re...tname-command/

genogebot

10-26-2016 05:49 PM

Quote:

Originally Posted by jefro (Post 5623378)

When I see this I assume that the user has been granted some higher level permission. You'd have to check on that to be sure. I get the feeling that you are not changing the traditional host name.

I thought the same thing, that somehow I had messed up the permissions, but I can't find anything to support that premise. Just to be sure, though, I performed a fresh unmodified install of Xubuntu 16.04.1 onto an old hard drive, and the same situation occurred on first boot - no password is required to change the hostname through hostnamectl. As to the 'traditional host name', hostnamectl is changing the text in /etc/hostname, and I thought that was the reference for the systems's hostname.

Code:

phil@Xubuntu-Development:~$ hostname

Xubuntu-Development

phil@Xubuntu-Development:~$ cat /etc/hostname

Xubuntu-Development

phil@Xubuntu-Development:~$ hostnamectl set-hostname Xubuntu-Whatever

phil@Xubuntu-Development:~$ hostname

Xubuntu-Whatever

phil@Xubuntu-Development:~$ cat /etc/hostname

Xubuntu-Whatever

phil@Xubuntu-Development:~$ hostnamectl set-hostname Xubuntu-Development

phil@Xubuntu-Development:~$ hostname

Xubuntu-Development

phil@Xubuntu-Development:~$ cat /etc/hostname

Xubuntu-Development

I also tried one of my Linux Mint 18 Mate installations on a different computer, and again hostnamectl does not require a password to rewrite /etc/hostname. At the moment I'm inclined to think this is a bug in either systemd or Ubuntu's implementation of systemd.

Jjanel

10-26-2016 06:03 PM

Wow! "If it's too good|bad to be true, it probably isn't [true]"! Maybe post output of:

ls -l `which hostnamectl`
sum /usr/bin/hostnamectl
dpkg -V systemd

genogebot

10-26-2016 06:11 PM

Quote:

Originally Posted by Jjanel (Post 5623428)

Wow! "If it's too good|bad to be true, it probably isn't [true]"! Maybe post output of:

ls -l `which hostnamectl`
sum /usr/bin/hostnamectl
dpkg -V systemd

Speak, and it shall be done :):

Code:

$ ls -l `which hostnamectl`

-rwxr-xr-x 1 root root 294096 Oct  5 10:13 /usr/bin/hostnamectl

$ sum /usr/bin/hostnamectl

29693  288

$ dpkg -V systemd

??5?????? c /etc/systemd/system.conf

??5?????? c /etc/systemd/timesyncd.conf

??5?????? c /etc/systemd/journald.conf

Code:

$ debsums systemd | grep hostnamectl

/usr/bin/hostnamectl                                                          OK

/usr/share/bash-completion/completions/hostnamectl                            OK

/usr/share/man/man1/hostnamectl.1.gz                                          OK

/usr/share/zsh/vendor-completions/_hostnamectl                                OK

Jjanel

10-26-2016 06:35 PM

file /usr/bin/hostnamectl
will probably say 64bit; mine is 32bit, but it's probably ok [because]
I tried [strace then] ltrace -S -f -o xx [sudo] hostnamectl set-hostname whatever
*BUT* it 'talks' over socket to Dbus, so I have no idea how to trace the systemd 'MONSTER' & gave up.
No idea on the dpkg -V 'errors[?]' ... Over to next LQ 'hacker' :D "Crash Systemd in One Line as Any User"

genogebot

10-26-2016 06:39 PM

Quote:

Originally Posted by Jjanel (Post 5623437)

Yeah, I tried tracing the calls when I was first investigating this, and I hit the same wall. :banghead: I was trying to see at what point /etc/hostname was modified, but I couldn't find any reference to that file in the output, so I just moved on.

Emerson

10-26-2016 06:55 PM

It is true! I have a little domesticated Mint in a VM to support friends who run *buntus. User definitely can change the hostname without elevated rights.

jefro

10-26-2016 07:12 PM

Find the command and change file based permissions. ???

Another systemd bug. ??

genogebot

10-26-2016 08:01 PM

Ok, on the (possibly incorrect) assumption that this is a bug in Ubuntu, I filed a bug report at https://bugs.launchpad.net/ubuntu/+s...d/+bug/1637030. The bug reporting system made it 'private' because it is security-related. Presumably that will change.

Emerson

10-26-2016 08:04 PM

I have RPi here running Raspbian (Debian) for Agocontrol. I tried to change the hostname as unprivileged user and was asked to authenticate.

genogebot

10-26-2016 08:06 PM

Quote:

Originally Posted by Emerson (Post 5623464)

I have RPi here running Raspbian (Debian) for Agocontrol. I tried to change the hostname as unprivileged user and was asked to authenticate.

Thanks, that reinforces the view that this is an Ubuntu systemd implementation bug.

Timothy Miller

10-26-2016 08:11 PM

Quote:

Originally Posted by genogebot (Post 5623465)

Thanks, that reinforces the view that this is an Ubuntu systemd implementation bug.

Yup, I can confirm on my Debian laptop that it asks for authentication when trying it as an unprivileged user.

edit: also tried on one of my Arch linux machines, and was prompted when attempting as a non-privileged user.

genogebot

10-26-2016 11:38 PM

1 Attachment(s)

Quote:

Originally Posted by Jjanel (Post 5623437)

it 'talks' over socket to Dbus, so I have no idea how to trace the systemd 'MONSTER'

I followed the info at https://wiki.ubuntu.com/DebuggingDBus - specifically the part about 'How to monitor the system bus'. I did the modification on the old hard drive installation of Xubuntu 16.04.1 and did

Code:

sudo dbus-monitor --system > dbus-mon.txt

then in another terminal did

Code:

hostnamectl set-hostname Xubuntu-Bad

This produced a 60kB file containing a lot of method call debug text such as:

Code:

method call time=1477537351.012853 sender=:1.66 -> destination=org.freedesktop.hostname1 serial=4 path=/org/freedesktop/hostname1; interface=org.freedesktop.hostname1; member=SetHostname

  string "Xubuntu-Bad"

  boolean true

So if you ever want to trace dbus, maybe that's the way to do it.

Was it helpful? Not in the least :) Not yet, anyway. I'm still digging through it.

I did see (at https://www.freedesktop.org/wiki/Software/systemd/dbus/ this:

Quote:

Security

Read access is generally granted to all clients, but changes may only be made by privileged clients. PolicyKit is not used by this service, and access controlled exclusively via the D-Bus policy enforcement.

So perhaps the problem lies in Ubuntu's dbus security configuration.

Jjanel

12-16-2016 04:23 AM

Your bug got 'resolved'[?]. Is your polkit hostname1 same as github? (sudo[?])

All times are GMT -5. The time now is 03:52 PM.

Page 1 of 2

Show 50 post(s) from this thread on one page