]>
Commit | Line | Data |
---|---|---|
fea681da | 1 | .\" Copyright (c) 1997 Martin Schulze (joey@infodrom.north.de) |
c2ac5c4e | 2 | .\" Much of the text is copied from the manpage of resolv+(8). |
fea681da | 3 | .\" |
1dd72f9c | 4 | .\" %%%LICENSE_START(GPLv2+_DOC_FULL) |
fea681da MK |
5 | .\" This is free documentation; you can redistribute it and/or |
6 | .\" modify it under the terms of the GNU General Public License as | |
7 | .\" published by the Free Software Foundation; either version 2 of | |
8 | .\" the License, or (at your option) any later version. | |
9 | .\" | |
10 | .\" The GNU General Public License's references to "object code" | |
11 | .\" and "executables" are to be interpreted as the output of any | |
12 | .\" document formatting or typesetting system, including | |
13 | .\" intermediate and printed output. | |
14 | .\" | |
15 | .\" This manual is distributed in the hope that it will be useful, | |
16 | .\" but WITHOUT ANY WARRANTY; without even the implied warranty of | |
17 | .\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
18 | .\" GNU General Public License for more details. | |
19 | .\" | |
20 | .\" You should have received a copy of the GNU General Public | |
c715f741 MK |
21 | .\" License along with this manual; if not, see |
22 | .\" <http://www.gnu.org/licenses/>. | |
6a8d8745 | 23 | .\" %%%LICENSE_END |
fea681da | 24 | .\" |
fea681da | 25 | .\" 2003-08-23 Martin Schulze <joey@infodrom.org> Updated according to glibc 2.3.2 |
9ba01802 | 26 | .TH HOST.CONF 5 2019-03-06 "Linux" "Linux System Administration" |
fea681da MK |
27 | .SH NAME |
28 | host.conf \- resolver configuration file | |
29 | .SH DESCRIPTION | |
30 | The file | |
31 | .I /etc/host.conf | |
32 | contains configuration information specific to the resolver library. | |
33 | It should contain one configuration keyword per line, followed by | |
c13182ef | 34 | appropriate configuration information. |
0921ce4a | 35 | The following keywords are recognized: |
fea681da | 36 | .TP |
c13182ef MK |
37 | .I trim |
38 | This keyword may be listed more than once. | |
39 | Each time it should be | |
f81fb444 MK |
40 | followed by a list of domains, separated by colons (\(aq:\(aq), semicolons |
41 | (\(aq;\(aq) or commas (\(aq,\(aq), with the leading dot. | |
c13182ef | 42 | When set, the |
6e9c8c17 | 43 | resolver library will automatically trim the given domain name from the |
c13182ef MK |
44 | end of any hostname resolved via DNS. |
45 | This is intended for use with | |
46 | local hosts and domains. | |
3845a120 MK |
47 | (Related note: |
48 | .I trim | |
68d8192f MK |
49 | will not affect hostnames gathered via NIS or the |
50 | .BR hosts (5) | |
51 | file. | |
c13182ef | 52 | Care should be taken to |
fea681da | 53 | ensure that the first hostname for each entry in the hosts file is |
f177a935 | 54 | fully qualified or unqualified, as appropriate for the local |
fea681da MK |
55 | installation.) |
56 | .TP | |
57 | .I multi | |
58 | Valid values are | |
59 | .IR on " and " off . | |
60 | If set to | |
61 | .IR on , | |
6e9c8c17 | 62 | the resolver library will return all valid addresses for a host that |
fea681da MK |
63 | appears in the |
64 | .I /etc/hosts | |
65 | file, | |
c13182ef MK |
66 | instead of only the first. |
67 | This is | |
fea681da MK |
68 | .I off |
69 | by default, as it may cause a substantial performance loss at sites | |
70 | with large hosts files. | |
71 | .TP | |
fea681da MK |
72 | .I reorder |
73 | Valid values are | |
74 | .IR on " and " off . | |
75 | If set to | |
76 | .IR on , | |
6e9c8c17 MK |
77 | the resolver library |
78 | will attempt to reorder host addresses so that local addresses | |
fea681da MK |
79 | (i.e., on the same subnet) are listed first when a |
80 | .BR gethostbyname (3) | |
c13182ef MK |
81 | is performed. |
82 | Reordering is done for all lookup methods. | |
83 | The default value is | |
fea681da MK |
84 | .IR off . |
85 | .SH ENVIRONMENT | |
0921ce4a | 86 | The following environment variables can be used to allow users to |
c13182ef | 87 | override the behavior which is configured in |
0921ce4a | 88 | .IR /etc/host.conf : |
fea681da MK |
89 | .TP |
90 | .B RESOLV_HOST_CONF | |
bd4144a1 | 91 | If set, this variable points to a file that should be read instead of |
fea681da MK |
92 | .IR /etc/host.conf . |
93 | .TP | |
fea681da MK |
94 | .B RESOLV_MULTI |
95 | Overrides the | |
96 | .I multi | |
97 | command. | |
98 | .TP | |
99 | .B RESOLV_REORDER | |
100 | Overrides the | |
101 | .I reorder | |
102 | command. | |
103 | .TP | |
104 | .B RESOLV_ADD_TRIM_DOMAINS | |
f81fb444 MK |
105 | A list of domains, separated by colons (\(aq:\(aq), semicolons (\(aq;\(aq) or |
106 | commas (\(aq,\(aq), with the leading dot, which will be added to the list of | |
fea681da MK |
107 | domains that should be trimmed. |
108 | .TP | |
109 | .B RESOLV_OVERRIDE_TRIM_DOMAINS | |
f81fb444 MK |
110 | A list of domains, separated by colons (\(aq:\(aq), semicolons (\(aq;\(aq) or |
111 | commas (\(aq,\(aq), with the leading dot, which will replace the list of | |
c13182ef MK |
112 | domains that should be trimmed. |
113 | Overrides the | |
fea681da MK |
114 | .I trim |
115 | command. | |
116 | .SH FILES | |
117 | .TP | |
118 | .I /etc/host.conf | |
119 | Resolver configuration file | |
120 | .TP | |
121 | .I /etc/resolv.conf | |
122 | Resolver configuration file | |
123 | .TP | |
124 | .I /etc/hosts | |
125 | Local hosts database | |
126 | .SH NOTES | |
127 | The following differences exist compared to the original implementation. | |
128 | A new command | |
129 | .I spoof | |
130 | and a new environment variable | |
131 | .B RESOLV_SPOOF_CHECK | |
132 | can take arguments like | |
3845a120 | 133 | .IR off ", " nowarn ", and " warn . |
fea681da | 134 | Line comments can appear anywhere and not only at the beginning of a line. |
0921ce4a | 135 | .SS Historical |
e51f148a SA |
136 | The |
137 | .BR nsswitch.conf (5) | |
138 | file is the modern way of controlling the order of host lookups. | |
139 | .PP | |
0921ce4a SP |
140 | In glibc 2.4 and earlier, the following keyword is recognized: |
141 | .TP | |
142 | .I order | |
143 | This keyword specifies how host lookups are to be performed. | |
144 | It should be followed by one or more lookup methods, separated by commas. | |
145 | Valid methods are | |
146 | .IR bind ", " hosts ", and " nis . | |
e51f148a | 147 | .TP |
0921ce4a | 148 | .B RESOLV_SERV_ORDER |
3845a120 MK |
149 | Overrides the |
150 | .I order | |
151 | command. | |
0921ce4a | 152 | .PP |
c8097a40 NF |
153 | .\" commit 7d68cdaa4f748e87ee921f587ee2d483db624b3d |
154 | Since glibc 2.0.7, and up through glibc 2.24, the following keywords and environment variable have | |
e51f148a SA |
155 | been recognized but never implemented: |
156 | .TP | |
157 | .I nospoof | |
158 | Valid values are | |
159 | .IR on " and " off . | |
160 | If set to | |
161 | .IR on , | |
6e9c8c17 | 162 | the resolver library will attempt to prevent hostname spoofing to |
e51f148a SA |
163 | enhance the security of |
164 | .BR rlogin " and " rsh . | |
6e9c8c17 MK |
165 | It works as follows: after performing a host address lookup, |
166 | the resolver library will perform a hostname lookup for that address. | |
e51f148a | 167 | If the two hostnames |
a23d8efa | 168 | do not match, the query fails. |
e51f148a SA |
169 | The default value is |
170 | .IR off . | |
171 | .TP | |
172 | .I spoofalert | |
173 | Valid values are | |
174 | .IR on " and " off . | |
175 | If this option is set to | |
176 | .I on | |
177 | and the | |
178 | .I nospoof | |
6e9c8c17 MK |
179 | option is also set, |
180 | the resolver library will log a warning of the error via the | |
e51f148a SA |
181 | syslog facility. |
182 | The default value is | |
183 | .IR off . | |
184 | .TP | |
185 | .I spoof | |
186 | Valid values are | |
f6d08687 | 187 | .IR off ", " nowarn ", and " warn . |
e51f148a SA |
188 | If this option is set to |
189 | .IR off , | |
190 | spoofed addresses are permitted and no warnings will be emitted | |
191 | via the syslog facility. | |
192 | If this option is set to | |
193 | .IR warn , | |
6e9c8c17 | 194 | the resolver library will attempt to prevent hostname spoofing to |
e51f148a SA |
195 | enhance the security and log a warning of the error via the syslog |
196 | facility. | |
197 | If this option is set to | |
198 | .IR nowarn , | |
6e9c8c17 | 199 | the resolver library will attempt to prevent hostname spoofing to |
e51f148a SA |
200 | enhance the security but not emit warnings via the syslog facility. |
201 | Setting this option to anything else is equal to setting it to | |
202 | .IR nowarn . | |
203 | .TP | |
204 | .B RESOLV_SPOOF_CHECK | |
205 | Overrides the | |
3845a120 | 206 | .IR nospoof ", " spoofalert ", and " spoof |
e51f148a SA |
207 | commands in the same way as the |
208 | .I spoof | |
209 | command is parsed. | |
210 | Valid values are | |
3845a120 | 211 | .IR off ", " nowarn ", and " warn . |
47297adb | 212 | .SH SEE ALSO |
fea681da | 213 | .BR gethostbyname (3), |
7b46b4fa SA |
214 | .BR hosts (5), |
215 | .BR nsswitch.conf (5), | |
216 | .BR resolv.conf (5), | |
fea681da | 217 | .BR hostname (7), |
0921ce4a | 218 | .BR named (8) |