94 lines
4.2 KiB
XML
94 lines
4.2 KiB
XML
<?xml version='1.0'?>
|
||
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
|
||
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
|
||
<!-- SPDX-License-Identifier: LGPL-2.1+ -->
|
||
|
||
<refentry id="nss-resolve" conditional='ENABLE_NSS_RESOLVE'>
|
||
|
||
<refentryinfo>
|
||
<title>nss-resolve</title>
|
||
<productname>systemd</productname>
|
||
</refentryinfo>
|
||
|
||
<refmeta>
|
||
<refentrytitle>nss-resolve</refentrytitle>
|
||
<manvolnum>8</manvolnum>
|
||
</refmeta>
|
||
|
||
<refnamediv>
|
||
<refname>nss-resolve</refname>
|
||
<refname>libnss_resolve.so.2</refname>
|
||
<refpurpose>Hostname resolution via <filename>systemd-resolved.service</filename></refpurpose>
|
||
</refnamediv>
|
||
|
||
<refsynopsisdiv>
|
||
<para><filename>libnss_resolve.so.2</filename></para>
|
||
</refsynopsisdiv>
|
||
|
||
<refsect1>
|
||
<title>Description</title>
|
||
|
||
<para><command>nss-resolve</command> is a plug-in module for the GNU Name Service Switch (NSS) functionality of the
|
||
GNU C Library (<command>glibc</command>) enabling it to resolve hostnames via the
|
||
<citerefentry><refentrytitle>systemd-resolved</refentrytitle><manvolnum>8</manvolnum></citerefentry> local network
|
||
name resolution service. It replaces the <command>nss-dns</command> plug-in module that traditionally resolves
|
||
hostnames via DNS.</para>
|
||
|
||
<para>To activate the NSS module, add <literal>resolve [!UNAVAIL=return]</literal> to the line starting
|
||
with <literal>hosts:</literal> in <filename>/etc/nsswitch.conf</filename>. Specifically, it is
|
||
recommended to place <literal>resolve</literal> early in <filename>/etc/nsswitch.conf</filename>'s
|
||
<literal>hosts:</literal> line. It should be before the <literal>files</literal> entry, since
|
||
<filename>systemd-resolved</filename> supports <filename>/etc/hosts</filename> internally, but with
|
||
caching. To the contrary, it should be after <literal>mymachines</literal>, to give hostnames given to
|
||
local VMs and containers precedence over names received over DNS. Finally, we recommend placing
|
||
<literal>dns</literal> somewhere after <literal>resolve</literal>, to fall back to
|
||
<command>nss-dns</command> if <filename>systemd-resolved.service</filename> is not available.</para>
|
||
|
||
<para>Note that <command>systemd-resolved</command> will synthesize DNS resource
|
||
records in a few cases, for example for <literal>localhost</literal> and the
|
||
current hostname, see
|
||
<citerefentry><refentrytitle>systemd-resolved</refentrytitle><manvolnum>8</manvolnum></citerefentry>
|
||
for the full list. This duplicates the functionality of
|
||
<citerefentry><refentrytitle>nss-myhostname</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
|
||
but it is still recommended (see examples below) to keep
|
||
<command>nss-myhostname</command> configured in
|
||
<filename>/etc/nsswitch.conf</filename>, to keep those names resolveable if
|
||
<command>systemd-resolved</command> is not running.</para>
|
||
</refsect1>
|
||
|
||
<refsect1>
|
||
<title>Example</title>
|
||
|
||
<para>Here is an example <filename>/etc/nsswitch.conf</filename> file that enables <command>nss-resolve</command>
|
||
correctly:</para>
|
||
|
||
<!-- synchronize with other nss-* man pages and factory/etc/nsswitch.conf -->
|
||
<programlisting>passwd: compat systemd
|
||
group: compat systemd
|
||
shadow: compat
|
||
|
||
hosts: mymachines <command>resolve [!UNAVAIL=return]</command> myhostname files dns
|
||
networks: files
|
||
|
||
protocols: db files
|
||
services: db files
|
||
ethers: db files
|
||
rpc: db files
|
||
|
||
netgroup: nis</programlisting>
|
||
</refsect1>
|
||
|
||
<refsect1>
|
||
<title>See Also</title>
|
||
<para>
|
||
<citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
|
||
<citerefentry><refentrytitle>systemd-resolved</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
|
||
<citerefentry><refentrytitle>nss-systemd</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
|
||
<citerefentry><refentrytitle>nss-myhostname</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
|
||
<citerefentry><refentrytitle>nss-mymachines</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
|
||
<citerefentry project='man-pages'><refentrytitle>nsswitch.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
|
||
</para>
|
||
</refsect1>
|
||
|
||
</refentry>
|