hostnamed does not like fqdns with trailing dots

[noloader]

Submission type

• Bug report

systemd version the issue has been seen with

Version 233

Used distribution

Fedora 26, x86_64

$ dnf info systemd.x86_64
Installed Packages
Name         : systemd
Version      : 233
Release      : 6.fc26
Arch         : x86_64
Size         : 9.1 M
Source       : systemd-233-6.fc26.src.rpm
Repo         : @System
From repo    : anaconda
Summary      : System and Service Manager
URL          : http://www.freedesktop.org/wiki/Software/systemd
License      : LGPLv2+ and MIT and GPLv2+
Description  : systemd is a system and service manager that runs as PID 1 and
             : starts the rest of the system...

Expected behaviour you didn't see

When using a fully qualified domain name (FQDN), the FQDN is discarded by systemd. A FQDN name ends in a dot (.), and it indicates the top of the DNS tree. A great discussion of FQDN's is available in W. Richard Steven's TCP/IP Illustrated Volume I.

For a lone hostname, hostnamectl set-hostname --static --transient --pretty asus-f26-x64. results in the following. Notice the FQDN is added as adornment to the pretty name, and discarded completely from the static name:

$ hostnamectl status
   Static hostname: asus-f26-x64
   Pretty hostname: asus-f26-x64.
         Icon name: computer-desktop
           Chassis: desktop
        Deployment: production
    ...

And the same test for a network name using my internal network of home.pvt. hostnamectl set-hostname --static --transient --pretty asus-f26-x64.home.pvt.. Notice the FQDN is completely discarded from all names:

$ hostnamectl status
   Static hostname: asus-f26-x64.home.pvt
         Icon name: computer-desktop
           Chassis: desktop
        Deployment: production
    ...

In case of bug report: Steps to reproduce the problem

See command above for both a hostname and a network name.

---

Thanks to Rabban for looking into the issue, it appears to be due to the following in hostnamectl.c:

if (!hostname_is_valid(name, false))
    return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid static hostname '%s'", name);
...

Where hostname_is_valid signature is:

bool hostname_is_valid(const char *s, bool allow_trailing_dot)

[poettering]

Validating hostnames is a science of its own. Do note that while DNS is frequently assumed to be the one and only defining body of hostnames, things are more complicated, and other naming schemes exist. Moreover the hostname the kernel maintains for the system is used for a verity of things: bluetooth identification for example and tons of other things. hostnamed is relatively conservative in what it accepts, in order to maintain the hostname in some form that is relatively universally useful: it doesn't permit the full DNS syntax (in particular when it comes to non-ASCII), and it does assume the name is in the usual, "normalized" form, that people usually write names as (yes, you may write DNS names with a trailing dot if you follow the RFCs, but it isn't really how normal people write them, for example URLs pretty much never include the trailing dot). Requiring normalization (i.e. no trailing dot) is done so that hostnames remain easily comparable, i.e. to avoid confusion that if some app uses the hostname as is to identify an instance that sometimes it might be written without and sometimes with the dot, but equality is assumed. Moreover an overall size limit of 64 is enforced, which is directly conflicting with DNS (which permits 256), as the kernel enforces such a limit too, and we don't accept data the kernel wouldn't accept. Then, we don't accept empty names (or specifically, empty names are treated magically, and cause a "revert to defaults").

Now, this validation is done by hostnamed, which is supposed to be the gateway to potentially less privileged clients to change the hostname (if they have enough PK privs). Being strict for such clients is really important I believe to make sure things remain well-defined and clean even in the prospect of non-technical users. If you want to use names that do not follow these rules that's entirely OK, but in that case please just use the traditional way to configure the hostname: "vim /etc/hostname" as root, and set it to whatever you need it to be.

I hope that makes some sense?

[EarthlingKira]

Before this is closed due to trolls I'd like to add that the trailing dot is actually not that uncommon if you've ever worked with DNS (and not via dumbed down GUIs), AFAIK in the zone file you must use trailing dots: https://en.wikipedia.org/wiki/Zone_file

The real question for me: how can we assure that the hostname is considered an FQDN and not a relative hostname below a domain name without using the trailing dot?

[poettering]

So I take it this appeared on some internet forum again? Oh my...

[EarthlingKira]

@poettering Yes... I don't know you but to be honest I feel sorry, you may have (had) a tendency for over-engineering but this does not excuse that you have a bunch of people following you for the rest of your life and looking for flaws in all your code or your comments :(

But nonetheless, to go back on topic: If you set up a bigger (internal) network as a sysadmin you may really want hostnames which are FQDNs, to not clutter your (internal) domain with those hostnames.

[roeme]

As @EarthlingKira pointed out, working with FQDNs that are dot-terminated is not uncommon. (For example, my $dayjob requires this). Though the argument could be made that hostnamed is not intended to be used under these scenarios (?). In which the behaviour should be at least documented as such.

[eliasp]

See also: mholt/caddy#1632 (comment)

Quoting RFC 1034 3.1 (page 8) here:

When a user needs to type a domain name, the length of each label is omitted and the labels are separated by dots ("."). Since a complete domain name ends with the root label, this leads to a printed form which ends in a dot.

[poettering]

Ah, right, that troll fefe and his fanbois. Please find another place to troll, thank you.

[poettering]

As @EarthlingKira pointed out, working with FQDNs that are dot-terminated is not uncommon. (For example, my $dayjob requires this). Though the argument could be made that hostnamed is not intended to be used under these scenarios (?). In which the behaviour should be at least documented as such.

Please read my explanations above before commenting.

Also, if you really care that much about full DNS semantics for Linux hostnames, please start working with the kernel folks, and ensure the kernel actually accepts all full fqdns, because right now it does not, as the kernel ensures a 64char limit, while DNS requires 256 chars.