Libguestfs - Feb 2014 - Re: [PATCH] mllib: hostname: replace the hostname on Debian also in /etc/hosts (RHBZ#953907).

In Debian/Ubuntu systems, read the previous hostname from /etc/hostname
before replacing it, and replace it in /etc/hosts with the new hostname.
---
 mllib/hostname.ml | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/mllib/hostname.ml b/mllib/hostname.ml
index fce16ff..0d5b5d4 100644
--- a/mllib/hostname.ml
+++ b/mllib/hostname.ml
@@ -42,7 +42,12 @@ let rec set_hostname (g : Guestfs.guestfs) root hostname     
true
 
   | "linux", ("debian"|"ubuntu"), _ ->
+    let old_hostname = read_etc_hostname g in
     update_etc_hostname g hostname;
+    (match old_hostname with
+    | Some old_hostname -> replace_host_in_etc_hosts g old_hostname hostname
+    | None -> ()
+    );
     true
 
   | "linux",
("fedora"|"rhel"|"centos"|"scientificlinux"|"redhat-based"),
_ ->
@@ -78,3 +83,25 @@ and update_etc_hostname g hostname  
 and update_etc_machine_info g hostname    replace_line_in_file g
"/etc/machine-info" "PRETTY_HOSTNAME" hostname
+
+and read_etc_hostname g +  let filename = "/etc/hostname" in
+  if g#is_file filename then (
+    let lines = Array.to_list (g#read_lines filename) in
+    match lines with
+    | hd :: _ -> Some hd
+    | [] -> None
+  ) else
+    None
+
+and replace_host_in_etc_hosts g oldhost newhost +  if g#is_file
"/etc/hosts" then (
+    let expr = "/files/etc/hosts/*[label() !=
'#comment']/*[label() != 'ipaddr'][. = '" ^ oldhost ^
"']" in
+    g#aug_init "/" 0;
+    let matches = Array.to_list (g#aug_match expr) in
+    List.iter (
+      fun m ->
+        g#aug_set m newhost
+    ) matches;
+    g#aug_save ()
+  )
-- 
1.8.3.1

On Thu, Feb 13, 2014 at 02:15:31PM +0100, Pino Toscano
wrote:
> +    let expr = "/files/etc/hosts/*[label() !=
'#comment']/*[label() != 'ipaddr'][. = '" ^ oldhost ^
"']" in
Quoting?  If oldhost contains a ' character + some Augeas code, this
might be exploitable.

I thought it might be possible to iterate over the Augeas tree.  I'm
fairly sure I used to have some code that did this, but I can't find
it at the moment.

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming blog: http://rwmj.wordpress.com
Fedora now supports 80 OCaml packages (the OPEN alternative to F#)

On Thursday 13 February 2014 13:33:16 Richard W.M. Jones
wrote:
> On Thu, Feb 13, 2014 at 02:15:31PM +0100, Pino Toscano wrote:
> > +    let expr = "/files/etc/hosts/*[label() !=
'#comment']/*[label()
> > != 'ipaddr'][. = '" ^ oldhost ^ "']" in
> Quoting?  If oldhost contains a ' character + some Augeas code, this
> might be exploitable.
Hm right. Gone back in manually checking the values.
> I thought it might be possible to iterate over the Augeas tree.  I'm
> fairly sure I used to have some code that did this, but I can't find
> it at the moment.
At least in libguestfs, the two files which do augeas match+iteration 
are sysprep/sysprep_operation_user_account.ml (which you mentioned 
earlier) and src/inspect-fs-unix.c.

-- 
Pino Toscano