summaryrefslogtreecommitdiff
path: root/man/nss-resolve.xml
AgeCommit message (Collapse)Author
2016-11-21man: make /etc/nsswitch.conf documentation for nss-resolve match exampleLennart Poettering
Fixes: #4683
2016-10-24man: sync up the suggested nsswitch.conf configuration for our four NSS modulesLennart Poettering
This unifies the suggested nsswitch.conf configuration for our four NSS modules to this: hosts: files mymachines resolve [!UNAVAIL=return] dns myhostname Note that this restores "myhostname" to the suggested configuration of nss-resolve for the time being, undoing 4484e1792b64b01614f04b7bde97bf019f601bf9. "myhostname" should probably be dropped eventually, but when we do this we should do it in full, and not only drop it from the suggested nsswitch.conf for one of the modules, but also drop it in source and stop referring to it altogether. Note that nss-resolve doesn't replace nss-myhostname in full: the former only works if D-Bus/resolved is available for resolving the local hostname, the latter works in all cases even if D-Bus or resolved are not in operation, hence there's some value in keeping the line as it is right now. Note that neither dns nor myhostname are considered at all with the above configuration unless the resolve module actually returns UNAVAIL. Thus, even though handling of local hostname resolving is implemented twice this way it is only executed once for each lookup.
2016-10-01nss-resolve: return NOTFOUND instead of UNAVAIL on resolution errorsMartin Pitt
It needs to be possible to tell apart "the nss-resolve module does not exist" (which can happen when running foreign-architecture programs) from "the queried DNS name failed DNSSEC validation" or other errors. So return NOTFOUND for these cases too, and only keep UNAVAIL for the cases where we cannot handle the given address family. This makes it possible to configure a fallback to "dns" without breaking DNSSEC, with "resolve [!UNAVAIL=return] dns". Add this to the manpage. This does not change behaviour if resolved is not running, as that already falls back to the "dns" glibc module. Fixes #4157
2016-10-01man: drop myhostname from recommended nsswitch host configurationMartin Pitt
resolve includes myhostname functionality, so there is no need to add it again.
2016-07-22nss: add new "nss-systemd" NSS module for mapping dynamic usersLennart Poettering
With this NSS module all dynamic service users will be resolvable via NSS like any real user.
2016-02-23man: change recommended order of NSS modules in /etc/nsswitch.confLennart Poettering
So far we recommended placing "nss-mymachines" after "nss-resolve" in the order of preference in /etc/nsswitch.conf. This change reverse this order. Rationale: single-label names are resolved via LLMNR by resolved, which has to time out if no peer by that name exists. By placing "nss-mymachines" first (which always responds immediately) we avoid running into this timeout for most containers. Both modules should return the same data if LLMNR is used by the container anyway. While we are at it, improve the man pages of the three NSS modules in other ways a bit.
2015-11-06doc: use expanded forms for written styleJan Engelhardt
2015-11-06doc: correct punctuation and improve typography in documentationJan Engelhardt
2015-09-04man: always use the same example in nss module documentationLennart Poettering
Show the same recommended example file in all three man pages, just highlight the different, relevant parts. This should be less confusing for users, and clarify what we actually recommend how /etc/nsswitch.conf is set up.
2015-08-26man: document nss-resolveLennart Poettering