public inbox for libc-help@sourceware.org
 help / color / mirror / Atom feed
* nsswitch.conf - db service for hosts
@ 2022-07-23 22:18 Peter Polgar
  2022-07-24 14:07 ` Carlos O'Donell
  0 siblings, 1 reply; 4+ messages in thread
From: Peter Polgar @ 2022-07-23 22:18 UTC (permalink / raw)
  To: libc-help

Hi,

I am trying to use the db service in nsswitch.conf. I couldn't make it work
so I decided to get some hints from the source code.
A comment in test-netdb.c:310 says that "db is not implemented for hosts".
Also seen in the nss/Makefile:128 that "hosts" is filtered out from the
list of dbs.
Do these mean that db service is not implemented for hosts?
If it is implemented how can I find the path where nsswitch is looking for
the db?

I am on Ubuntu 20.04 LTS with GLIBC 2.31-0ubuntu9.9, libnss-db/focal,now
2.2.3pre1-6build6

Thanks!
Peter

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: nsswitch.conf - db service for hosts
  2022-07-23 22:18 nsswitch.conf - db service for hosts Peter Polgar
@ 2022-07-24 14:07 ` Carlos O'Donell
  2022-07-24 16:56   ` Peter Polgar
  0 siblings, 1 reply; 4+ messages in thread
From: Carlos O'Donell @ 2022-07-24 14:07 UTC (permalink / raw)
  To: Peter Polgar; +Cc: libc-help

On Sat, Jul 23, 2022 at 6:19 PM Peter Polgar via Libc-help
<libc-help@sourceware.org> wrote:
> I am trying to use the db service in nsswitch.conf. I couldn't make it work
> so I decided to get some hints from the source code.
> A comment in test-netdb.c:310 says that "db is not implemented for hosts".
> Also seen in the nss/Makefile:128 that "hosts" is filtered out from the
> list of dbs.
> Do these mean that db service is not implemented for hosts?

Correct, hosts, network, key and alias are not provided for the db service.

Not all backends provide all services.

> If it is implemented how can I find the path where nsswitch is looking for
> the db?

It is not implemented. Not all backing stores are good choices for the
kind of data to cache and the values that need to be cached.

Adding hosts would require an evaluation of how the data should be
stored and invalidated.

Cheers,
Carlos.

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: nsswitch.conf - db service for hosts
  2022-07-24 14:07 ` Carlos O'Donell
@ 2022-07-24 16:56   ` Peter Polgar
  2022-07-29 16:23     ` Carlos O'Donell
  0 siblings, 1 reply; 4+ messages in thread
From: Peter Polgar @ 2022-07-24 16:56 UTC (permalink / raw)
  To: Carlos O'Donell, libc-help

Thanks! Now it's clear to me.

Then any idea on how to achieve a static fallback for IP if DNS fails?
My idea was to have it likes this:
hosts:   files mdns dns db

So files and mdns can handle localhost and .local first then if dns fails
db can have a record for the host in question. Without db this apparently
won't work.

Peter

On Sun, 24 Jul 2022, 16:07 Carlos O'Donell, <carlos@systemhalted.org> wrote:

> On Sat, Jul 23, 2022 at 6:19 PM Peter Polgar via Libc-help
> <libc-help@sourceware.org> wrote:
> > I am trying to use the db service in nsswitch.conf. I couldn't make it
> work
> > so I decided to get some hints from the source code.
> > A comment in test-netdb.c:310 says that "db is not implemented for
> hosts".
> > Also seen in the nss/Makefile:128 that "hosts" is filtered out from the
> > list of dbs.
> > Do these mean that db service is not implemented for hosts?
>
> Correct, hosts, network, key and alias are not provided for the db service.
>
> Not all backends provide all services.
>
> > If it is implemented how can I find the path where nsswitch is looking
> for
> > the db?
>
> It is not implemented. Not all backing stores are good choices for the
> kind of data to cache and the values that need to be cached.
>
> Adding hosts would require an evaluation of how the data should be
> stored and invalidated.
>
> Cheers,
> Carlos.
>

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: nsswitch.conf - db service for hosts
  2022-07-24 16:56   ` Peter Polgar
@ 2022-07-29 16:23     ` Carlos O'Donell
  0 siblings, 0 replies; 4+ messages in thread
From: Carlos O'Donell @ 2022-07-29 16:23 UTC (permalink / raw)
  To: Peter Polgar, Carlos O'Donell, libc-help, Dmitry V. Levin

On 7/24/22 12:56, Peter Polgar via Libc-help wrote:
> Thanks! Now it's clear to me.
> 
> Then any idea on how to achieve a static fallback for IP if DNS fails?
> My idea was to have it likes this:
> hosts:   files mdns dns db

The only solutions I know about involve a local DNS server that can be tried as a last
resort which provides the fallback resolution.

> So files and mdns can handle localhost and .local first then if dns fails
> db can have a record for the host in question. Without db this apparently
> won't work.

NSS was not designed to be used in this way.

Each service provider should be fully authoritative for the service it provides,
with files being the exception that generally goes first or last, depending on
the use case (MERGE is useful there too).

A solution along the lines of remembering the last result [1][2] and using that
result if everything else fails was discussed, but this kind of design change
has additional complexity that we don't want to accept unless it really
can't be solved in another way.

What you might use is a "fallback" NSS module that does what you want and is 
placed at the end of the list. I know that Alt Linux (CC'ing Dmitry) has a
libnss_fallback module, but I don't know if it meets your requirements.

Good luck.

-- 
Cheers,
Carlos.

[1] https://developers.redhat.com/blog/2018/11/26/etc-nsswitch-conf-non-complexity
[2] https://bugzilla.redhat.com/show_bug.cgi?id=1374228


^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2022-07-29 16:23 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-07-23 22:18 nsswitch.conf - db service for hosts Peter Polgar
2022-07-24 14:07 ` Carlos O'Donell
2022-07-24 16:56   ` Peter Polgar
2022-07-29 16:23     ` Carlos O'Donell

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).