picnoir
/
glibc
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nss: Use "files dns" as the default for the hosts database (bug 28700) 

This matches what is currently in nss/nsswitch.conf.  The new ordering
matches what most distributions use in their installed configuration
files.

It is common to add localhost to /etc/hosts because the name does not
exist in the DNS, but is commonly used as a host name.

With the built-in "dns [!UNAVAIL=return] files" default, dns is
searched first and provides an answer for "localhost" (NXDOMAIN).
We never look at the files database as a result, so the contents of
/etc/hosts is ignored.  This means that "getent hosts localhost"
fail without a /etc/nsswitch.conf file, even though the host name
is listed in /etc/hosts.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
This commit is contained in:
Florian Weimer 2021-12-17 12:01:20 +01:00
parent ce1e5b1122
commit b99b0f93ee
3 changed files with 5 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
manual/nss.texi
View File

@ -324,9 +324,8 @@ missing.
@cindex default value, and NSS @cindex default value, and NSS
For the @code{hosts} and @code{networks} databases the default value is For the @code{hosts} and @code{networks} databases the default value is
@code{dns [!UNAVAIL=return] files}. I.e., the system is prepared for @code{files dns}. I.e., local configuration will override the contents
the DNS service not to be available but if it is available the answer it of the domain name system (DNS).
returns is definitive.
The @code{passwd}, @code{group}, and @code{shadow} databases was The @code{passwd}, @code{group}, and @code{shadow} databases was
traditionally handled in a special way. The appropriate files in the traditionally handled in a special way. The appropriate files in the

2
nss/XXX-lookup.c
View File

@ -28,7 +28,7 @@
|* ALTERNATE_NAME - name of another service which is examined in *| |* ALTERNATE_NAME - name of another service which is examined in *|
|* case DATABASE_NAME is not found *| |* case DATABASE_NAME is not found *|
|* *| |* *|
|* DEFAULT_CONFIG - string for default conf (e.g. "dns files") *| |* DEFAULT_CONFIG - string for default conf (e.g. "files dns") *|
|* *| |* *|
\*******************************************************************/ \*******************************************************************/

4
nss/nss_database.c
View File

@ -80,7 +80,7 @@ enum nss_database_default
{ {
nss_database_default_defconfig = 0, /* "nis [NOTFOUND=return] files". */ nss_database_default_defconfig = 0, /* "nis [NOTFOUND=return] files". */
nss_database_default_compat, /* "compat [NOTFOUND=return] files". */ nss_database_default_compat, /* "compat [NOTFOUND=return] files". */
nss_database_default_dns, /* "dns [!UNAVAIL=return] files". */ nss_database_default_dns, /* "files dns". */
nss_database_default_files, /* "files". */ nss_database_default_files, /* "files". */
nss_database_default_nis, /* "nis". */ nss_database_default_nis, /* "nis". */
nss_database_default_nis_nisplus, /* "nis nisplus". */ nss_database_default_nis_nisplus, /* "nis nisplus". */
@ -133,7 +133,7 @@ nss_database_select_default (struct nss_database_default_cache *cache,
#endif #endif
case nss_database_default_dns: case nss_database_default_dns:
line = "dns [!UNAVAIL=return] files"; line = "files dns";
break; break;
case nss_database_default_files: case nss_database_default_files: