Bug 1777873 - libvirt_guest NSS module should also map lowercase VM name
Summary: libvirt_guest NSS module should also map lowercase VM name
Alias: None
Product: Virtualization Tools
Classification: Community
Component: libvirt
Version: unspecified
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
Assignee: Michal Privoznik
QA Contact:
Depends On:
TreeView+ depends on / blocked
Reported: 2019-11-28 14:43 UTC by Pieter Hollants
Modified: 2022-05-27 12:44 UTC (History)
3 users (show)

Fixed In Version: libvirt-8.4.0
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed: 2022-05-27 12:44:50 UTC

Attachments (Terms of Use)

Description Pieter Hollants 2019-11-28 14:43:56 UTC
Description of problem:
If the libvirt_guest NSS module is configured in /etc/nsswitch.conf to provide hostname -> IP mapping _and_ a VM name is used that is not all lowercase, the mapping will fail when used with e.g. "ssh" because it automatically lowercases hostnames and libvirt_guest maps the original case only.

Version-Release number of selected component (if applicable):

Steps to Reproduce:
1. Configure /etc/nsswitch.conf to use "libvirt_guest" for "hosts" lookups
2. Define and start am VM with a uppercase name such as "FooBar" connected to the NATed "default" network
3. Verify VM is running with "virsh -c qemu:///system list"
4. Verify expected lease with "virsh -c qemu:///system net-dhcp-leases default"
5. "ssh -v FooBar"

Actual results:
"ssh -v FooBar" will fail and show that connecting fails because the actual lookup is done on "foobar" for which "getent hosts foobar" does not provide a host -> IP mapping as NSS lookups are case-sensitive.

Expected results:
Either libvirt_guest should also add lower-cased host -> IP mapping so that "getent hosts foobar" and thus "ssh -v FooBar" work _or_ the documentation at https://libvirt.org/nss.html should be updated that libvirt_guest explictly works with all lower-cased VM names only.

Comment 2 Michal Privoznik 2022-05-27 09:20:47 UTC
Patch posted on the list:


Comment 3 Michal Privoznik 2022-05-27 12:44:50 UTC
Merged as:

commit 7f463b4c0d9c7f07c335b44fc47432414222f209
Author:     Michal Prívozník <mprivozn>
AuthorDate: Fri May 27 09:00:59 2022 +0200
Commit:     Michal Prívozník <mprivozn>
CommitDate: Fri May 27 13:43:14 2022 +0200

    nss: Compare hostname case insensitive
    There are some tools that convert hostname to lowercase before
    resolving it (e.g. ssh). In a way it makes sense because DNS is
    case insensitive and in case of ssh the lowercase version is then
    used to find matching record in its config file. However, our NSS
    module performs case sensitive comparison, which makes it useless
    with ssh. Just consider a machine named FooBar.
    Therefore, switch to case insensitive string comparison.
    Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1777873
    Signed-off-by: Michal Privoznik <mprivozn>
    Reviewed-by: Martin Kletzander <mkletzan>


Note You need to log in before you can comment on or make changes to this bug.