Книга: Linux Network Administrator Guide, Second Edition

The host.conf File

The host.conf File

The /etc/host.conf tells the older Linux standard library resolver functions which services to use, and in what order.

Options in host.conf must appear on separate lines. Fields may be separated by white space (spaces or tabs). A hash sign (#) introduces a comment that extends to the next newline. The following options are available:

order

This option determines the order in which the resolving services are tried. Valid options are bind for querying the name server, hosts for lookups in /etc/hosts, and nis for NIS lookups. Any or all of them may be specified. The order in which they appear on the line determines the order in which the respective services are tried.

multi

multi takes on or off as options. This determines if a host in /etc/hosts is allowed to have several IP addresses, which is usually referred to as being "multi-homed." The default is off. This flag has no effect on DNS or NIS queries.

nospoof

As we'll explain in the section "Reverse Lookups", DNS allows you to find the hostname belonging to an IP address by using the in-addr.arpa domain. Attempts by name servers to supply a false hostname are called spoofing. To guard against this, the resolver can be configured to check whether the original IP address is in fact associated with the obtained hostname. If not, the name is rejected and an error is returned. This behavior is turned on by setting nospoof on.

alert

This option takes on or off as arguments. If it is turned on, any spoof attempts will cause the resolver to log a message to the syslog facility.

trim

This option takes an argument specifying a domain name that will be removed from hostnames before lookup. This is useful for hosts entries, for which you might only want to specify hostnames without a local domain. If you specify your local domain name here, it will be removed from a lookup of a host with the local domain name appended, thus allowing the lookup in /etc/hosts to succeed. The domain name you add must end with the (.) character (e.g.,: linux.org.au.) if trim is to work correctly.

trim options accumulate; you can consider your host as being local to several domains.

A sample file for vlager is shown in Example 6.1.

Example 6.1: Sample host.conf File

# /etc/host.conf
# We have named running, but no NIS (yet)
order bind,hosts
# Allow multiple addrs
multi on
# Guard against spoof attempts
nospoof on
# Trim local domain (not really necessary).
trim vbrew.com.

Resolver environment variables

The settings from host.conf may be overridden using a number of environment variables:

RESOLV_HOST_CONF

This variable specifies a file to be read instead of /etc/host.conf.

RESOLV_SERV_ORDER

This variable overrides the order option given in host.conf. Services are given as hosts, bind, and nis, separated by a space, comma, colon, or semicolon.

RESOLV_SPOOF_CHECK

This variable determines the measures taken against spoofing. It is completely disabled by off. The values warn and warn off enable spoof checking by turning logging on and off, respectively. A value of * turns on spoof checks, but leaves the logging facility as defined in host.conf.

RESOLV_MULTI

This variable uses a value of on or off to override the multi options from host.conf.

RESOLV_OVERRIDE_TRIM_DOMAINS

This variable specifies a list of trim domains that override those given in host.conf. Trim domains were explained earlier when we discussed the trim keyword.

RESOLV_ADD_TRIM_DOMAINS

This variable specifies a list of trim domains that are added to those given in host.conf.

Оглавление книги


Генерация: 0.071. Запросов К БД/Cache: 0 / 0
поделиться
Вверх Вниз