making Sun DNS hostname resolving work without running NIS
2007-12-25 7:48:00
question concerning name resolving without NIS. I've extrapolated all
of the suggested methods into what (IMHO) works the best. Read the
"Caveats" and "Parting comments" sections at the end of this, though.
Problem:
For whatever reason(s), you're not using NIS on your Sun.
You're relying on a properly configured /etc/resolv.conf(5) (and,
therefore, DNS) to resolve hostnames. However, utilities such as
nslookup(8c) can resolve hostnames successfully, but any programs that
are dynamically linked (ping, telnet, ftp, etc) will only resolve
hostnames if they are in the /etc/hosts(5) file.
Quick answer:
As provided by Sun, the resolving routines in /usr/lib/libc.so
don't use DNS to resolve hostnames; they use NIS.
More detailed answer:
Sun's default resolving routines in /usr/lib/libc.so use a
two-step process to resolve names:
1. See if the hostname exists in /etc/hosts.
2. If that fails, then give the hostname to the NIS server, and let
it resolve it.
The NIS server then performs these steps:
1. See if the name exists in /etc/NIS/hosts (or wherever the NIS
master hosts file is)
2. If that fails, and the "B=-b" option was set in /var/yp/Makefile,
the NIS server will attempt to use DNS to attempt to resolve the
name.
Partial solutions:
1. Give in to Sun's belief that everyone loooooves and uses NIS;
install NIS; set up an NIS server.
For a lot of people, this is not a practical solution. Many
organizations are working towards a distributed network, in which each
machine depends on as few as other machines as possible (AFS and DFS
are two prime examples.) In this case, installing NIS and having all
of your machines depending on one NIS server for resolving hostnames
is taking a step backwards instead of forwards.
In addition, unless the domain name server is also the NIS
server, for hostnames that are not known locally, this makes more work
for the NIS master server, and more network traffic. (In other words,
hostname resolve requests not known locally would be handled like
this:
localhost -> NIS server -> nameserver
By setting up each machine to use DNS on its own, you
eliminate the middle man (so to speak), and get this:
localhost -> nameserver
2. Replace the resolving routines in /usr/lib/libc.so with the ones
located in /usr/lib/libresolv.a.
This will make it so that *ALL* hostname resolves will go
directly to DNS, without checking /etc/hosts; the resolving routines
in libresolv.a do not look at /etc/hosts. (Sun's logic behind this is
that if you're attempting to resolve via DNS, naturally NIS has
already made the attempt to resolve from /etc/NIS/hosts, /etc/hosts,
etc.
Besides having the effect of making your machine rely on DNS
for resolving everything, there are few programs that won't like the
fact that /etc/hosts isn't looked at. In particular, syslogd will
fail to recognize the machine "loghost" (because this is defined in
the /etc/hosts file.)
The real (tm) solution:
-----------------------
Throw away Sun's libresolv.a and build a *real* one. Then
merge those routines into your existing C libraries. Here's how you
can do this.
1. Ensure that the "Shlib Custom" optional software category was
loaded from your SunOS 4.1.x media.
2. cd to /usr/lib/shlib.etc
3. su
4. Copy the file included below to README.DNS in this directory.
-----------------------------------------------------------------------
8<----------/usr/lib/shlib.etc/README.DNS----------cut-here---------->8
This is how to get intelligent DNS resolving in your shared
libc library. This assumes that you are already familiar with the
procedure outlined in the original README file.
Note! If you are interested in a System V libc, please substitute
libcs5_pic.a for libc_pic.a in step 6,
libcs5.so.x.y.z for libc.so.x.y.z in step 17.
1. cd to /usr/lib/shlib.etc and become super user, if you haven't
already.
$ cd /usr/lib/shlib.etc
$ su
2. Obtain and unpack the resolv+ package, written by Bill Wisner.
(It should be available via anonymous ftp from
hayes.ims.alaska.edu, in the /networking directory. If it's not,
then use archie to track a copy down, and tailor the commands
below as necessary.)
# mkdir resolv+
# cd resolv+
# ftp hayes.ims.alaska.edu
<ftp interaction>
# /bin/sh resolv+.shar
3. Add the -pic flag to the CFLAGS line in the Makefile for resolv+.
(Additionally, you may have to eliminate the ${DEFS} and -O flags
and remove the additional ld and mv steps if, in step 14, you get
this error from ld concerning tmp/gethostnamadr.o:
base relative static symbol(__gethtbyname) botch
Try it first without changing these additional things; if you run
into problems, then go ahead and change them according to this
diff):
*** Makefile.orig Fri Jul 17 03:12:40 1992
--- Makefile Fri Jul 17 03:13:16 1992
***************
*** 19,23 ****
mktemp.o strcasecmp.o strpbrk.o strerror.o
DEFS= -DDEBUG
! CFLAGS= -O ${DEFS} -Iinclude
libresolv.a: ${OBJS}
--- 19,23 ----
mktemp.o strcasecmp.o strpbrk.o strerror.o
DEFS= -DDEBUG
! CFLAGS= -pic -Iinclude
libresolv.a: ${OBJS}
***************
*** 31,46 ****
.c.o:
${CC} ${CFLAGS} -c $*.c
- -ld -x -r $*.o
- mv a.out $*.o
gethostnamadr.o: named/gethostnamadr.c
${CC} -c ${CFLAGS} named/gethostnamadr.c
- -ld -x -r gethostnamadr.o
- mv a.out gethostnamadr.o
sethostent.o: named/sethostent.c
${CC} -c ${CFLAGS} named/sethostent.c
- -ld -x -r sethostent.o
- mv a.out sethostent.o
clean: FRC
--- 31,40 ----
4. Run `make` in the resolv+ directory. This should give you
libresolv.a.
# make
<building messages>
5. Change back to /usr/lib/shlib.etc, and make a temporary directory.
# cd ..
# mkdir tmp
6. Change to the "tmp" directory just made, extract the contents of
the libresolv you just built and the pic .o from libc_pic.a (in
that order!), and rm the file __.SYMDEF.
# cd tmp
# ar x ../resolv+/libresolv.a
# ar x ../libc_pic.a
# rm __.SYMDEF
7. Rename any files that "ar" truncated (grrrrr) to 16 characters to
their original, proper names. (The original README file neglects
to mention the xccs.multibyte.o file; if you use any
Internationalization features and need to handle multi-byte
character sets, do not forget this step.
# /bin/ls -1 | egrep -v .o$
rpc_commondata.
rpc_dtablesize.
xccs.multibyte.
# mv rpc_commondata. rpc_commondata.o
# mv rpc_dtablesize. rpc_dtablesize.o
# mv xccs.multibyte. xccs.multibyte.o
8. Remove the old routine to do the hostname/addr resolution:
# rm gethostent.o
9. Remove the libresolv module that contains `strncasecmp' (which is
now in the main C library, so it is redundant):
# rm strcasecmp.o
10. Go back up to the /usr/lib/shlib.etc directory.
# cd ..
11. Edit the lorder-sparc file. You need to remove the reference to
gethostent.o and add the references to the new resolver library
routines. Use this patch to guide you:
*** lorder-sparc.orig Fri Jul 17 14:16:19 1992
--- lorder-sparc Fri Jul 17 14:17:39 1992
***************
*** 150,154 ****
getwd.o
getnetgrent.o
! gethostent.o
ypxdr.o
ttyname.o
--- 150,161 ----
getwd.o
getnetgrent.o
! gethostnamadr.o
! sethostent.o
! res_query.o
! res_mkquery.o
! res_send.o
! res_debug.o
! res_comp.o
! res_init.o
ypxdr.o
ttyname.o
12. If you are running under SunOS 4.1.2, you will want to add the
entry "mblib.o" to the very end of lorder-sparc. (If you aren't
running SunOS 4.1.2, don't worry about this step.)
Besides adding mblib.o to the very end of lorder-sparc, you will
need to patch the Makefile by adding a "-ldl" to the end of the ld
commands, as follows:
*** Makefile.orig Fri Jul 17 14:32:45 1992
--- Makefile Fri Jul 17 14:33:41 1992
***************
*** 9,13 ****
libc.so:
! ld -assert pure-text `${OBJSORT} lorder-sparc tmp`
/bin/ls /usr/lib/libc.so.* > TMP_FILE
mv a.out libc.so.`cat TMP_FILE | awk -f ${AWKFILE}`
--- 9,13 ----
libc.so:
! ld -assert pure-text `${OBJSORT} lorder-sparc tmp` -ldl
/bin/ls /usr/lib/libc.so.* > TMP_FILE
mv a.out libc.so.`cat TMP_FILE | awk -f ${AWKFILE}`
***************
*** 15,19 ****
libcs5.so:
! ld -assert pure-text `${OBJSORT} lorder-sparc tmp`
/bin/ls /usr/5lib/libc.so.* > TMP_FILE
mv a.out libc.so.`cat TMP_FILE | awk -f ${AWKFILE}`
--- 15,19 ----
libcs5.so:
! ld -assert pure-text `${OBJSORT} lorder-sparc tmp` -ldl
/bin/ls /usr/5lib/libc.so.* > TMP_FILE
mv a.out libc.so.`cat TMP_FILE | awk -f ${AWKFILE}`
13. If you don't have the cwd in root's path (as you shouldn't), then
change the "OBJSORT=objsort" line in the Makefile to
"OBJSORT=./objsort".
14. Make the new libc.so.
# make libc.so
Now you should have some libc.so.x.y.z built in the current
directory.
15. Make sure your /etc/resolv.conf file contains the correct entries
for your domain. Also, as resolv+'s README file entails, add the
"order" line, and set it to your liking. Ours is:
order local,bind
This means that in attempt to resolve a hostname, first /etc/hosts
will be checked, and then, if that fails, DNS will be used. If
that fails, then an "unknown host" will be returned.
Note that the default if no "order" line is found is to use DNS
only; the exact same thing that the routines in
/usr/lib/libresolv.a employ.
16. Test out your new libc.so at this point before installing it. You
can do so by setting the environment variable LD_LIBRARY_PATH to
the /usr/lib/shlib.etc directory. Make sure that the hostname
resolves work, and are being handled as you specified with the
"order" line in /etc/resolv.conf.
17. If you're satisfied that the new library works, you can install
it, and the new libresolv.a, with the following commands:
# mv /usr/lib/libresolv.a /usr/lib/libresolv.a.OLD
# cp resolv+/libresolv.a /usr/lib/
# ranlib /usr/lib/libresolv.a
# cp libc.so.x.y.z /usr/lib/
# ldconfig
18. You are now running with the new library. You can verify this by
doing a trace command of, let's say, "date".
# trace date
The output should informed you that the new library is being used.
19. For completeness, you should rebuild libc.a so that people
compiling with static linking get the name server routines as
well. This entails removing the gethostent.o routine, and adding
the object files from resolv+.
# cd resolv+
# cp -p /usr/lib/libc.a /usr/lib/libc.a.OLD
# ar dv /usr/lib/libc.a gethostent.o
d - gethostent.o
# ar uv /usr/lib/libc.a *.o
r - mktemp.o
r - strpbrk.o
a - gethostnamadr.o
a - herror.o
a - res_comp.o
a - res_debug.o
a - res_init.o
a - res_mkquery.o
a - res_query.o
a - res_send.o
a - sethostent.o
a - strcasecmp.o
a - strerror.o
# ranlib /usr/lib/libc.a
20. Clean up.
# cd ..
# rm -rf TMP_FILE libc.so.* resolv+ tmp
8<----------/usr/lib/shlib.etc/README.DNS----------cut-here---------->8
-----------------------------------------------------------------------
Caveats:
Note that existing programs that have been compiled with
static libraries (and not dynamic) will still be as drain-bamaged as
ever. (The `mount` command, for example.)
If you have the source, then you can recompile these programs.
(Prime example: As the PROBLEMS file with GNU Emacs states, you can
now relink emacs and have hostname resolving work properly.) If,
however, you don't have the source for the statically linked program,
then you can add an entry to /etc/hosts as a workaround.
I'm still not sure why I couldn't get resolv+ to compile as-is
here; the README file for it specifically says the *only* thing that
should need to be changed is adding -pic to the CFLAGS.
Parting Comments:
Generous thanks to these people for giving me the leads, tips,
and hints necessary to figure out how to do this:
Bill Unruh <unruh@unixg.ubc.ca>
Karsten Leipold <leipold@dfn.de>
Douglas E James <JAMES_DOUGLAS_E@LILLY.COM>
Don Pace <pace@mailer.cc.fsu.edu>
Greg Earle <earle@poseur.JPL.NASA.GOV>
Christopher Davis <ckd@eff.org>
jp107@cus.cam.ac.uk (Jon Peatfield)
Don't take these instructions as gospel. The only thing I
really know about this process is what I've gleaned while doing it on
our sparc here. Doubtlessly there are steps here that can be done
better. Hopefully, if there is a serious problem with one or more of
the steps of this process, then someone will call it to my
<qralston+@pitt.edu> attention.
If you find any inconsistencies, misspellings, errors, etc in
this document, please gripe at me. If there are steps that could be
made clearer, please tell me so.
Also, most importantly, if there's a BETTER way of doing this,
then please let me in on it. ;)
If you find these instructions useful, I'd appreciate it if
you'd drop me a line and tell me so, so I'll know that I didn't spend
hours throwing this thing together for nothing.
Regards,
James
Fri Jul 17 16:14:26 EDT 1992
--
James Ralston Crawford \ Advanced Graphics Lab
qralston+@pitt.edu \ qralston@pittvms.bitnet
"I just hate it when people don't think that I'm, well, sane." -Od
"If someone thought I was sane, I'd worry about THEM." -Sh
Comments
Got something to say?
You must be logged in to post a comment.
