sudo doesn't work on Ubuntu toolbox

[jeroenev]

trying to use sudo on Ubuntu Jammy toolbox gives this error:

sudo: unable to resolve host toolbox: Name or service not known

[akdev1l]

Hey thanks for the issue,

Unfortunately this is a bug in upstream toolbox - I made a PR to fix it but I am not holding my breath that it will be merged in a timely manner.

The issue is that toolbox sets the hostname to toolbox in all toolboxes - this name is not resolvable so sudo does not like it.

The upstream issue: containers/toolbox#969

I have actually fixed this in my fork - you could give it a try: https://github.com/akdev1l/toolbox

It will set the hostname to $toolbox_name.$host_hostname so it avoids the DNS issue

[jeroenev]

Thanks for the update.
Any idea how fedora fixes this in their own containers? Do they add toolbox to /etc/hosts or something?
Because i don't seem to have this issue when using the official toolbox provided by fedora

[akdev1l]

mm that is a nice observation. I actually just tried with upstream toolbox and this is what I get:

[akdev@toolbox ~]$ cat /etc/hosts 
# Loopback entries; do not change.
# For historical reasons, localhost precedes localhost.localdomain:
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4 toolbox
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
# See hosts(5) for proper format and other examples:
# 192.168.1.10 foo.mydomain.org foo
# 192.168.1.13 bar.mydomain.org bar
[akdev@toolbox ~]$ cat /etc/os-release 
PRETTY_NAME="Ubuntu 22.04.1 LTS"
NAME="Ubuntu"
VERSION_ID="22.04"
VERSION="22.04.1 LTS (Jammy Jellyfish)"
VERSION_CODENAME=jammy
ID=ubuntu
ID_LIKE=debian
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
UBUNTU_CODENAME=jammy
[akdev@toolbox ~]$ sudo whoami
root

toolbox version:

[akdev@canzuk toolbox]$ toolbox --version
toolbox version 0.0.99.3

it seems like it does add toolbox to the /etc/hosts file for me and sudo works correctly - would you mind sharing the output of:

toolbox --version && cat /etc/os-release && cat /etc/hostname

from inside the toolbox?

[jeroenev]

when run from a fedora Toolbox (host is silverblue for me):

toolbox version 0.0.99.3
NAME="Fedora Linux"
VERSION="36 (Container Image)"
ID=fedora
VERSION_ID=36
VERSION_CODENAME=""
PLATFORM_ID="platform:f36"
PRETTY_NAME="Fedora Linux 36 (Container Image)"
ANSI_COLOR="0;38;2;60;110;180"
LOGO=fedora-logo-icon
CPE_NAME="cpe:/o:fedoraproject:fedora:36"
HOME_URL="https://fedoraproject.org/"
DOCUMENTATION_URL="https://docs.fedoraproject.org/en-US/fedora/f36/system-administrators-guide/"
SUPPORT_URL="https://ask.fedoraproject.org/"
BUG_REPORT_URL="https://bugzilla.redhat.com/"
REDHAT_BUGZILLA_PRODUCT="Fedora"
REDHAT_BUGZILLA_PRODUCT_VERSION=36
REDHAT_SUPPORT_PRODUCT="Fedora"
REDHAT_SUPPORT_PRODUCT_VERSION=36
PRIVACY_POLICY_URL="https://fedoraproject.org/wiki/Legal:PrivacyPolicy"
VARIANT="Container Image"
VARIANT_ID=container
toolbox

when it's ran from the Ubuntu Jammy toolbox:

toolbox version 0.0.99.3
PRETTY_NAME="Ubuntu 22.04.1 LTS"
NAME="Ubuntu"
VERSION_ID="22.04"
VERSION="22.04.1 LTS (Jammy Jellyfish)"
VERSION_CODENAME=jammy
ID=ubuntu
ID_LIKE=debian
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
UBUNTU_CODENAME=jammy
toolbox

/etc/hosts seems the same to me for both environments, was just a guess, there must be something extra that makes toolbox resolve correctly inside the fedora toolbox but not in the Ubuntu toolbox. Don't exactly know what, maybe some systemd-resolvd settings?
though I'm definitely no expert in that department :)

[akdev1l]

Do you an entry similar to this:

127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4 toolbox 

in the /etc/hosts?

Also do you get this problem if you create a new container with the Ubuntu Jammy image? I tried to reproduce but I wasn't able to, maybe this was something I actually fixed 🤔

[jeroenev]

I have that entry without toolbox in both Fedora and Ubuntu toolboxes by default
Tried creating a new container, also deleted and re-downloaded the ubuntu22.04 image and it gives same issue:

[jeroenev]

Seems like /etc/hosts points to /run/host/etc/hosts by default?
Should I edit my host OS's /etc/hosts file?
Then again, I probably can't do that easily on Silverblue, since it's immutable

[akdev1l]

Ah you nailed it - I actually had toolbox added to my /etc/hosts file hence why I couldn't reproduce. You can edit your /etc/hosts file to work around this issue.

I think I found the actual cause - looks the /etc/nsswitch.conf file changes in Ubuntu:

[akdev@canzuk toolbox]$ toolbox run -c fedora-toolbox-36 awk /hosts/ /etc/nsswitch.conf
hosts:      files myhostname mdns4_minimal [NOTFOUND=return] resolve [!UNAVAIL=return] dns
[akdev@canzuk toolbox]$ toolbox run -c ubuntu-toolbox-22.04  awk /hosts/ /etc/nsswitch.conf
hosts:          files mdns4_minimal [NOTFOUND=return] dns

Ubuntu doesn't come with libnss-myhostname installed by default which Fedora does - this is a fallback module that essentially returns an address for the current hostname.

It is worth noting that this is not part of the official requirements for toolbox images: https://containertoolbx.org/distros/ so I would still categorize this as an upstream bug - that said I will push a fix with libnss-myhostname

[akdev1l]

fixed was pushed - https://github.com/akdev1l/toolbox-images/actions/runs/2966620154

when the jobs succeed you should be able to try again and the new toolboxes created should not have this issue anymore.

If you want to fix the issue in your current toolboxes without modifying the host you can just install libnss-myhostname in the toolboxes

[jeroenev]

Great, thanks a lot for looking into it! :)