New CentOS 7.4 and invalid fqdn under Python

Issues related to configuring your network
Post Reply
tolistim
Posts: 6
Joined: 2018/05/16 15:05:22

New CentOS 7.4 and invalid fqdn under Python

Post by tolistim » 2018/05/16 15:10:53

Hi All,

I've just installed the latest CentOS 7.4 and I'm running into what appears to be something odd in the network stack. Using the provided Python 2.7.5 dated Apr 11, 2018, when I use the socket class, I'm getting an injected fqdn from the DNS thieves at barefruit:

Code: Select all

$ python
Python 2.7.5 (default, Apr 11 2018, 07:36:10) 
[GCC 4.8.5 20150623 (Red Hat 4.8.5-28)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import socket
>>> socket.getfqdn()
'unallocated.barefruit.co.uk'
Does anyone know of how that can happen on a brand new system that's ONLY able to communicate with the internal network (no public access)? Better still, what can be done to sort it out?

As a follow-up check, calling hostname --fqdn returns the proper internal DHCP name:

Code: Select all

$ hostname --fqdn
toaster.build.tolisgroup.com
Next follow-up - it seems that wifi was enabled and the system did have external access. Disabling wifi resolved the issue within Python, but I'm still concerned about their server being able to get into my system, but only in Python.
Last edited by tolistim on 2018/05/16 15:22:17, edited 1 time in total.

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: New CentOS 7.4 and invalid fqdn under Python

Post by TrevorH » 2018/05/16 15:20:37

I've just installed the latest CentOS 7.4
That's sort of a contradiction in terms as 7.4 is not the latest, 7.5 is. But I doubt if that would affect the results.

Did you look in /etc/hosts? Did you check host your.ip.add.ress to see what that says? What are your DNS servers in /etc/resolv.conf?
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

tolistim
Posts: 6
Joined: 2018/05/16 15:05:22

Re: New CentOS 7.5 and invalid fqdn under Python

Post by tolistim » 2018/05/16 15:30:47

You're correct, it is a 7.5 install - subject corrected.

/etc/hosts:

Code: Select all

$ cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
/etc/resolve.conf:

Code: Select all

$ cat /etc/resolv.conf 
# Generated by NetworkManager
search build.tolisgroup.com
nameserver 68.105.28.11
nameserver 68.105.29.11
nameserver 68.105.28.12
# NOTE: the libc resolver may not support more than 3 nameservers.
# The nameservers listed below may not be recognized.
nameserver 2001:578:3f::30
nameserver 2001:578:3f:1::30
(these are Cox DNS servers)

The result of the host call:

Code: Select all

$ host 192.168.0.18
Host 18.0.168.192.in-addr.arpa. not found: 3(NXDOMAIN)
Everything appears as expected.

The issue is only visible in Python's socket class.

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: New CentOS 7.4 and invalid fqdn under Python

Post by TrevorH » 2018/05/16 15:34:09

Did you try looking up your external ip address on those nameservers?
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

tolistim
Posts: 6
Joined: 2018/05/16 15:05:22

Re: New CentOS 7.4 and invalid fqdn under Python

Post by tolistim » 2018/05/16 15:39:54

Sorry - yes, I did but forgot to add it to that email:

Code: Select all

$ host 70.162.78.88
88.78.162.70.in-addr.arpa domain name pointer ip70-162-78-88.ph.ph.cox.net.
As expected.

Also, if I try to connect with a bad address, I get the Cox insertions as always (did you know that Amazon has the best pricing on bad.website.addr?).

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: New CentOS 7.4 and invalid fqdn under Python

Post by TrevorH » 2018/05/16 16:05:31

Afraid I am out of ideas apart from the big hammer of running your test via strace and checking the various calls that get made to see where that is coming from.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

tolistim
Posts: 6
Joined: 2018/05/16 15:05:22

Re: New CentOS 7.5 and invalid fqdn under Python

Post by tolistim » 2018/05/16 18:16:44

A bit more information - this seems to ONLY affect RHEL, Fedora, and CentOS. The same version of Python on any other current system - Debian, Mint, Ubuntu, OpenSuSE, Oracle, Arch, and Slackware all return the expected machine.build.tolisgroup.com fqdn.

Additionally, while it only occurs in Python's "socket" class, it seems related to something in the build environment since a fresh build of my own 2.7 and 2.3 Python packages provides the same incorrect resolution of the fqdn.

I'll take this to the Python forums unless someone else has input.

Tim

tolistim
Posts: 6
Joined: 2018/05/16 15:05:22

Re: New CentOS 7.4 and invalid fqdn under Python

Post by tolistim » 2018/05/16 19:01:23

Resolution -

I received an answer from another user off-forum. He received from Cox the following when he reported this:
This is expected bahavior[sic]. The Cox Business Online DNS resolvers have NXDOMAIN redirection services that redirect any unknown host to a sponsored search page. You can opt out of this by changing your resolver from .11/.12 to .14
I did just that, changing my resolv.conf to call .14 for the three servers and the issue is resolved.

Digging into this further, it seems that all of my non-RH systems set the nameserver to 127.0.0.1 and search to build.tolisgroup.com while my RH-based system all pulled the DNS values from the DHCP server.

Post Reply