From: Carlos O'Donell <carlos@redhat.com>
To: Peter Polgar <ppeter.bme@gmail.com>,
Carlos O'Donell <carlos@systemhalted.org>,
libc-help@sourceware.org, "Dmitry V. Levin" <ldv@altlinux.org>
Subject: Re: nsswitch.conf - db service for hosts
Date: Fri, 29 Jul 2022 12:23:16 -0400 [thread overview]
Message-ID: <5145d15f-1381-dc7b-a469-bde3159b67ca@redhat.com> (raw)
In-Reply-To: <CAF2BDb8J-8g2OSz+Wb_8UjijWOGRZ0TXzp0xY2GOdKfL+9mwtA@mail.gmail.com>
On 7/24/22 12:56, Peter Polgar via Libc-help wrote:
> Thanks! Now it's clear to me.
>
> Then any idea on how to achieve a static fallback for IP if DNS fails?
> My idea was to have it likes this:
> hosts: files mdns dns db
The only solutions I know about involve a local DNS server that can be tried as a last
resort which provides the fallback resolution.
> So files and mdns can handle localhost and .local first then if dns fails
> db can have a record for the host in question. Without db this apparently
> won't work.
NSS was not designed to be used in this way.
Each service provider should be fully authoritative for the service it provides,
with files being the exception that generally goes first or last, depending on
the use case (MERGE is useful there too).
A solution along the lines of remembering the last result [1][2] and using that
result if everything else fails was discussed, but this kind of design change
has additional complexity that we don't want to accept unless it really
can't be solved in another way.
What you might use is a "fallback" NSS module that does what you want and is
placed at the end of the list. I know that Alt Linux (CC'ing Dmitry) has a
libnss_fallback module, but I don't know if it meets your requirements.
Good luck.
--
Cheers,
Carlos.
[1] https://developers.redhat.com/blog/2018/11/26/etc-nsswitch-conf-non-complexity
[2] https://bugzilla.redhat.com/show_bug.cgi?id=1374228
prev parent reply other threads:[~2022-07-29 16:23 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-07-23 22:18 Peter Polgar
2022-07-24 14:07 ` Carlos O'Donell
2022-07-24 16:56 ` Peter Polgar
2022-07-29 16:23 ` Carlos O'Donell [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5145d15f-1381-dc7b-a469-bde3159b67ca@redhat.com \
--to=carlos@redhat.com \
--cc=carlos@systemhalted.org \
--cc=ldv@altlinux.org \
--cc=libc-help@sourceware.org \
--cc=ppeter.bme@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).