Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 20 Jan 2008 12:40:37 +0530
From:      wahjava.ml@gmail.com (Ashish Shukla =?utf-8?B?4KSG4KS24KWA4KS3IA==?= =?utf-8?B?4KS24KWB4KSV4KWN4KSy?=)
To:        Chris Whitehouse <cwhiteh@onetel.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: localhost in sudoers
Message-ID:  <87tzl97z0y.fsf@chateau.d.lf>
In-Reply-To: <47928A73.2040904@onetel.com> (Chris Whitehouse's message of "Sat\, 19 Jan 2008 23\:40\:35 %2B0000")
References:  <47924869.2000909@onetel.com> <877ii5fsh0.fsf@chateau.d.lf> <47928A73.2040904@onetel.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

>>>>> On Sat, 19 Jan 2008 23:40:35 +0000, Chris Whitehouse <cwhiteh@onetel.=
com> said:

    Chris> I think my question really is why doesn't sudoers recognise loca=
lhost
    Chris> or 127.0.0.1?

Quoting from sudo.c of sudo-1.6.8p12 in "init_vars(int)" routine:

=2D---8<----8<----
    /*
     * We avoid gethostbyname() if possible since we don't want
     * sudo to block if DNS or NIS is hosed.
     * "host" is the (possibly fully-qualified) hostname and
     * "shost" is the unqualified form of the hostname.
     */
    sudo_user.host_fqdn_queried =3D FALSE;
    nohostname =3D gethostname(thost, sizeof(thost));
    if (nohostname)
	user_host =3D user_shost =3D "localhost";
    else {
	user_host =3D estrdup(thost);
	if ((p =3D strchr(user_host, '.'))) {
	    *p =3D '\0';
	    user_shost =3D estrdup(user_host);
	    *p =3D '.';
	} else {
	    user_shost =3D user_host;
	}
    }
=2D--->8---->8----

As you can see, it uses gethostname() to return the hostname. So, your
host won't be 'localhost' unless its not able to retrieve hostname or
your hostname is set to 'localhost'.

Why they did this probably because any entry for 'localhost' is valid
for execution on all machines, ;) .

HTH
=2D-=20
Ashish Shukla =E0=A4=86=E0=A4=B6=E0=A5=80=E0=A4=B7 =E0=A4=B6=E0=A5=81=E0=A4=
=95=E0=A5=8D=E0=A4=B2                      http://wahjava.wordpress.com/
=C2=B7-- =C2=B7- =C2=B7=C2=B7=C2=B7=C2=B7 =C2=B7--- =C2=B7- =C2=B7=C2=B7=C2=
=B7- =C2=B7- =C2=B7--=C2=B7-=C2=B7 --=C2=B7 -- =C2=B7- =C2=B7=C2=B7 =C2=B7-=
=C2=B7=C2=B7 =C2=B7-=C2=B7-=C2=B7- -=C2=B7-=C2=B7 --- --

--=-=-=
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHkvPwHy+EEHYuXnQRArUtAJ0df4aWOz61pDFGfUd5LcMvEkLE5ACfU/Nb
yV41/9pd5LrIbbPSsW+YWBQ=
=Uf+l
-----END PGP SIGNATURE-----
--=-=-=--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?87tzl97z0y.fsf>