[Triumf-linux-managers] SL5 authconfig nis/dns misconfiguration
Alexandre Gorelov
iaeg at triumf.ca
Fri Nov 21 11:36:07 PST 2008
I've checked my machines running SL5 and found that file
/etc/nsswitch.conf reads
#hosts: db files nisplus nis dns
hosts: files dns
file is dated Sep 22 2004
Alexandre I. Gorelov
Konstantin Olchanski wrote:
> On our SL5 machines I was seeing problems with DNS - programs
> being stuck inside gethostbyname(), with stack trace indicating they
> were doing something inside the NIS code. Very odd.
>
> It turns out that "authconfig --enablenis ..." changes /etc/nsswitch.conf
> line "hosts: ..." to read "hosts: files nis dns".
>
> (notice the "nis" entry)
>
> This makes the DNS service to first query NIS, then query
> the TRIUMF DNS when resolving hostnames.
>
> This is definitely a mistake because none of the NIS clusters
> we use are configured to resolve hostnames via NIS. DNS should
> always be used for this.
>
> In fact I see that this problem did not exist in SL4 - I only
> see misconfigured SL5 machines, but no misconfigured SL4 ones.
>
> To correct this problem you can edit /etc/nsswitch.conf to
> read "hosts: files dns" or run this sed script:
>
> sed 's/^hosts:.*/hosts: files dns/' -i /etc/nsswitch.conf
>
> Filed Red Hat bug: https://bugzilla.redhat.com/show_bug.cgi?id=472565
>
>
More information about the Triumf-linux-managers
mailing list