Linux Error: sudo: unable to resolve host <hostname> — Cause, Fix, and Troubleshooting Guide
How to fix the Linux sudo: unable to resolve host error: the machine's hostname is missing from /etc/hosts. Diagnose with hostname, hostnamectl, and fix on Ubuntu/RHEL.
- #linux
- #troubleshooting
- #sudo
- #dns
- #hostname
Summary
sudo: unable to resolve host <hostname> means sudo tried to look up the machine’s own hostname and got no answer. Commands still run — sudo only prints the warning and pauses briefly — but the delay and noise signal a real misconfiguration: the current hostname is not present in /etc/hosts. This is a local name-resolution problem, not a DNS-server problem.
Common Symptoms
- Every
sudocommand printssudo: unable to resolve host web01: Name or service not knownbefore running. - A visible pause (often a few seconds) before each
sudocommand executes. - The warning appeared right after a
hostnamectl set-hostname, a clone/AMI launch, or a first boot from an image. ping $(hostname)fails withName or service not knownwhile external DNS works fine.
Most Likely Causes of the ‘sudo: unable to resolve host ’ Error
The phrase sudo: unable to resolve host <hostname> embeds the current hostname, and the mismatch is almost always local:
- The hostname is not in
/etc/hosts. The single most common cause —sudoresolves the local name via/etc/hostsfirst, and it is missing or points at an old name. - The hostname was changed (
hostnamectl set-hostname) but/etc/hostswas never updated to match. - A cloned VM / cloud image kept the golden-image
/etc/hostsline while the new host got a fresh hostname from cloud-init/DHCP. /etc/hostsis missing the127.0.1.1(Debian/Ubuntu) or loopback mapping entirely.nsswitch.confhosts:line does not listfiles, so/etc/hostsis skipped.
Quick Triage
# What does the system think its name is, and does it resolve?
hostname
getent hosts "$(hostname)" || echo "NOT RESOLVABLE -> this is the cause"
grep -n "$(hostname)" /etc/hosts || echo "hostname absent from /etc/hosts"
If getent hosts "$(hostname)" returns nothing, that is the confirmed cause.
Diagnostic Commands
# The three hostname forms — they must be consistent
hostname # transient/running name sudo looks up
hostname -f 2>/dev/null # FQDN (may itself warn)
hostnamectl # static / transient / pretty hostnames
# The persistent hostname file
cat /etc/hostname
This should match the name in the sudo warning.
# The local resolution table — the file that actually matters here
cat /etc/hosts
Expect a loopback line that includes the hostname. On Debian/Ubuntu:
127.0.0.1 localhost
127.0.1.1 web01 web01.example.com
On RHEL/Rocky the name is usually appended to the 127.0.0.1 line or resolved via the real IP.
# Confirm /etc/hosts is consulted before DNS
grep '^hosts:' /etc/nsswitch.conf
Expect hosts: files dns (files first).
# Does the loopback lookup work now?
getent ahosts "$(hostname)"
Fix / Remediation
-
Add the current hostname to
/etc/hosts— the safe, standard fix. Capture the name first:HN=$(hostname) grep -q "127.0.1.1[[:space:]].*\b${HN}\b" /etc/hosts || \ echo "127.0.1.1 ${HN} ${HN}.$(dnsdomainname 2>/dev/null || echo localdomain)" | sudo tee -a /etc/hostsOn RHEL/Rocky, mapping to the loopback line is also fine:
sudo sed -i "s/^127.0.0.1[[:space:]]\+localhost.*/& ${HN}/" /etc/hosts -
If the hostname itself is wrong, set it correctly and then fix
/etc/hoststo match:sudo hostnamectl set-hostname web01 HN=$(hostname) grep -q "\b${HN}\b" /etc/hosts || echo "127.0.1.1 ${HN}" | sudo tee -a /etc/hosts -
Ensure
nsswitch.confchecks files first if the entry exists but is still not found:grep '^hosts:' /etc/nsswitch.conf # must start with: hosts: filesWarning: Edit
/etc/nsswitch.confcarefully — a malformedhosts:line can break all name resolution. Change only the ordering to putfilesfirst. -
For cloud instances, make the mapping stick across reboots by fixing cloud-init rather than editing by hand — otherwise the next boot rewrites
/etc/hosts:grep -i manage_etc_hosts /etc/cloud/cloud.cfg # set: manage_etc_hosts: localhost (or template it correctly)
Validation
# The lookup that sudo performs now succeeds
getent hosts "$(hostname)" && echo OK
# sudo runs with no warning and no delay
sudo -k; time sudo true
A clean getent hosts result and a sudo true that returns instantly with no unable to resolve host line confirm the fix.
Prevention
- Template
/etc/hostsand/etc/hostnametogether in config management (Ansible, cloud-init, Puppet) so the hostname always has a matching entry. - On cloud images, set
manage_etc_hostsin cloud-init so every instance self-registers its own name. - Bake a health check that runs
getent hosts "$(hostname)"into your image validation / golden-image tests. - When renaming a host, always update
/etc/hostnameand/etc/hostsin the same change.
Related Errors
- Linux Error: Temporary failure in name resolution
- Linux Error: passwd: Authentication token manipulation error
- Linux Error: su: Authentication failure
- Linux Error: Permission denied
Final Notes
sudo: unable to resolve host <hostname> is cosmetic in that commands still run, but it points at a broken local mapping between the running hostname and /etc/hosts. Add the current hostname to /etc/hosts, keep /etc/hostname in sync, and template both through config management so clones and rebuilds never drift.
Want faster Linux incident response? Use DevOps AI Toolkit to turn production errors into clear diagnostics, remediation steps, and reusable runbooks.
Download the Free 500-Prompt DevOps AI Toolkit
500 battle-tested, copy-paste AI prompts engineered by a senior systems engineer — every one with fill-in placeholders and safety/back-out notes. Drop your email and it's yours.
- 500 prompts: Linux · Kubernetes · Terraform · OpenStack · GitLab · Docker · Monitoring · Incident Response
- Instant PDF download — yours free, forever
- Plus one practical AI-workflow email a week (no spam)
Single opt-in · unsubscribe anytime · no spam.