search

twpayne / chezmoi

Manage your dotfiles across multiple diverse machines, securely.
https://www.chezmoi.io/
MIT License
13.36k stars 493 forks source link

Docker desktop edited /etc/hosts and breaks .chezmoi.hostname #3095

Closed kuzmik closed 1 year ago

kuzmik commented 1 year ago

Describe the bug

MacOS 13.4.1 Chezmoi 2.34.3 (homebrew)

I recently installed docker desktop, and it apparently decided to edit my /etc/hosts file, which has broken hostname determination.

To reproduce

Steps to reproduce the behavior.

Edit /etc/hosts to make it look like this:

##
# Host Database
#
# localhost is used to configure the loopback interface
# when the system is booting.  Do not change this entry.
##
127.0.0.1   localhost
255.255.255.255 broadcasthost
::1             localhost
# Added by Docker Desktop
# To allow the same kube context to work on the host and the container:
127.0.0.1 kubernetes.docker.internal
# End of section
#

Running execute template:

13:02 <nick@arcadia:~ $ > chezmoi execute-template '{{ .chezmoi.hostname }}'
kubernetes

Expected behavior

I expected execute-template to report "arcadia" as the hostname.

Output of command with the --verbose flag

13:15 <nick@arcadia:~ $ > chezmoi --verbose execute-template '{{ .chezmoi.hostname }}'
kubernetes

Output of chezmoi doctor

```console 13:15 cz doctor RESULT CHECK MESSAGE ok version v2.34.3, commit 439ccf8f4f092a3b1f909e430775db933dc7c740, built at 2023-07-03T07:12:43Z, built by Homebrew ok latest-version v2.34.3 ok os-arch darwin/arm64 ok uname Darwin arcadia 22.5.0 Darwin Kernel Version 22.5.0: Thu Jun 8 22:22:20 PDT 2023; root:xnu-8796.121.3~7/RELEASE_ARM64_T6000 arm64 ok go-version go1.20.5 (gc) ok executable /opt/homebrew/bin/chezmoi ok upgrade-method brew-upgrade ok config-file ~/.config/chezmoi/chezmoi.yaml, last modified 2023-07-14T13:06:50-04:00 warning source-dir ~/.local/share/chezmoi is a git working tree (dirty) ok suspicious-entries no suspicious entries warning working-tree ~/.local/share/chezmoi is a git working tree (dirty) ok dest-dir ~ is a directory warning umask 077 ok cd-command found /bin/zsh ok cd-args /bin/zsh ok diff-command found /opt/homebrew/bin/delta ok edit-command found /opt/homebrew/bin/subl ok edit-args subl -w ok git-command found /opt/homebrew/bin/git, version 2.41.0 ok merge-command found /usr/bin/vimdiff ok shell-command found /bin/zsh ok shell-args /bin/zsh info age-command age not found in $PATH info gpg-command gpg not found in $PATH info pinentry-command not set ok 1password-command found /usr/local/bin/op, version 2.19.0 info bitwarden-command bw not found in $PATH info dashlane-command dcli not found in $PATH info gopass-command gopass not found in $PATH info keepassxc-command keepassxc-cli not found in $PATH info keepassxc-db not set info keeper-command keeper not found in $PATH info lastpass-command lpass not found in $PATH info pass-command pass not found in $PATH info passhole-command ph not found in $PATH info rbw-command rbw not found in $PATH info vault-command vault not found in $PATH info secret-command not set ```

Additional context

Add any other context about the problem here.

halostatue commented 1 year ago

Excluding .internal$ from name matching like done with .localdomain or localhost.* in #3082 would be OK, but I worry about the increasing complexity of the rules involved and wonder if falling back to shell commands rather than trying to parse /etc/hosts might be safer overall.

What do you think, @twpayne ?

twpayne commented 1 year ago

Hmm, this feels like a bug in Docker Desktop. It really shouldn't override the FQDN hostname, and, as @halostatue says, I am worried about the increasing complexity of filtering out obviously-incorrect domain names.

I was wondering how the hostname command actually works, but each distribution seems to have its own implementation of it, and on my Ubuntu machines, weirdly:

$ dpkg-query -S $(which hostname)
dpkg-query: no path found matching pattern /usr/bin/hostname

@kuzmik, note that full-qualified domain names are pretty unreliable. For example, if you're on macOS, then they can change depending on what network the machine is connected to. So, I would not recommend using it, and instead use .chezmoi.hostname.

If you really want the FQDN hostname, then you can use the output template function, for example:

{{ $fqdnHostname := output "hostname" "--fqdn" }}
{{ if eq $fqdnHostname "myhost.mydomain.com" }}
...
{{ end }}
halostatue commented 1 year ago

Note that --fqdn does not work on /bin/hostname on macOS. It would be -f.

kuzmik commented 1 year ago

Oh sorry about the confusion, I'm not actually using FQDN in my templates, just hostname.

[user]
  name = Nick Kuzmik
{{- if eq .chezmoi.hostname "arcadia" }}
  email = nick.kuzmik@withpersona.com
{{- else }}
  email = nick@kuzmik.org
{{- end}}

This lead to some work git commits being created by my personal account, which is how I tracked down .hostname not working properly. That and my busted PS1 prompt; I think I was getting too clever, and I definitely a better way to differentiate my work laptop from my others. I even have a comment in my dotfiles readme: NB: I use some templating in here that detects if I am on my work laptop via hostname arcadia. If I ever get a new work laptop, this will need to be addressed.

plasticle commented 1 year ago

This might be related.

I have a heavily modified /etc/hosts file on most of my machines.

chezmoi data returns "fqdnHostname": "localhost.localdomain" "hostname": "localhost"

I do have the proper hostname set in /etc/hostname and a line in my hosts file that links 127.0.0.1 to the proper hostname, as well as 127.0.0.1 localhost 127.0.0.1 localhost.localdomain

FWIW, it is causing problems with templates when referencing chezmoi.hostname. Edit: this is on Debian 12. With a similar setup on a MacOS machine, it returns the expected hostname.

twpayne commented 1 year ago

I have a heavily modified /etc/hosts file on most of my machines.

What exactly are the contents of your /etc/hosts on the machines that exhibit the problem?

plasticle commented 1 year ago

What exactly are the contents of your /etc/hosts on the machines that exhibit the problem?

127.0.0.1 localhost.localdomain
127.0.0.1 local
255.255.255.255 broadcasthost
::1 localhost
::1 ip6-localhost
::1 ip6-loopback
fe80::1%lo0 localhost
ff00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
0.0.0.0 0.0.0.0
0.0.0.0 wizhumpgyros.com
0.0.0.0 webmail-who-int.000webhostapp.com
0.0.0.0 010sec.com
0.0.0.0 01mspmd5yalky8.com
0.0.0.0 0byv9mgbn0.com
...
[roughly 18000 entries for various hosts]
...
127.0.0.1 computer001

it's over 18,000 lines, obtained from various blocklists around the web. computer001 would be whatever actual hostname.

twpayne commented 1 year ago

@plasticle what's the output of chezmoi doctor on this machine?

plasticle commented 1 year ago

@plasticle what's the output of chezmoi doctor on this machine?

ok        version              v2.34.3, commit 439ccf8f4f092a3b1f909e430775db933dc7c740, built at 2023-07-03T21:53:16Z, built by goreleaser
warning   latest-version       v2.35.0
ok        os-arch              linux/amd64 (Debian GNU/Linux 12 (bookworm))
ok        uname                Linux yig 6.1.0-7-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.20-2 (2023-04-08) x86_64 GNU/Linux
ok        go-version           go1.20.5 (gc)
ok        executable           ~/bin/chezmoi
ok        upgrade-method       replace-executable
ok        config-file          ~/.config/chezmoi/chezmoi.toml, last modified 2023-07-17T15:46:00-04:00
ok        source-dir           ~/.local/share/chezmoi is a git working tree (clean)
ok        suspicious-entries   no suspicious entries
ok        working-tree         ~/.local/share/chezmoi is a git working tree (clean)
ok        dest-dir             ~ is a directory
ok        umask                002
ok        cd-command           found /usr/bin/zsh
ok        cd-args              /usr/bin/zsh
info      diff-command         not set
warning   edit-command         codium not found in $PATH
ok        edit-args            codium --wait
ok        git-command          found /usr/bin/git, version 2.39.2
ok        merge-command        found /usr/bin/vimdiff
ok        shell-command        found /usr/bin/zsh
ok        shell-args           /usr/bin/zsh
info      age-command          age not found in $PATH
ok        gpg-command          found /usr/bin/gpg, version 2.2.40
info      pinentry-command     not set
info      1password-command    op not found in $PATH
info      bitwarden-command    bw not found in $PATH
info      dashlane-command     dcli not found in $PATH
info      gopass-command       gopass not found in $PATH
info      keepassxc-command    keepassxc-cli not found in $PATH
info      keepassxc-db         not set
info      keeper-command       keeper not found in $PATH
info      lastpass-command     lpass not found in $PATH
info      pass-command         pass not found in $PATH
info      passhole-command     ph not found in $PATH
info      rbw-command          rbw not found in $PATH
info      vault-command        vault not found in $PATH
info      secret-command       not set
twpayne commented 1 year ago

Thanks for the output of chezmoi doctor.

The localhost bug should be fixed in chezmoi 2.35.0. Could you upgrade to this version and retry? You can do a quick test with:

$ chezmoi execute-template '{{ .chezmoi.hostname }}'

(after upgrading, of course)

plasticle commented 1 year ago

@twpayne, Yep, looks fixed now. Thanks!

twpayne commented 1 year ago

Back to the original topic, it looks like Docker Desktop has been breaking /etc/hosts for years and Docker is not willing/able to fix it.

I'll add a work-around :(

kuzmik commented 1 year ago

Thank you, everyone!