2 <!DOCTYPE refentry PUBLIC
"-//OASIS//DTD DocBook XML V4.5//EN"
3 "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
4 <!-- SPDX-License-Identifier: LGPL-2.1-or-later -->
6 <refentry id=
"nss-resolve" conditional='ENABLE_NSS_RESOLVE'
>
9 <title>nss-resolve
</title>
10 <productname>systemd
</productname>
14 <refentrytitle>nss-resolve
</refentrytitle>
15 <manvolnum>8</manvolnum>
19 <refname>nss-resolve
</refname>
20 <refname>libnss_resolve.so
.2</refname>
21 <refpurpose>Hostname resolution via
<filename>systemd-resolved.service
</filename></refpurpose>
25 <para><filename>libnss_resolve.so
.2</filename></para>
29 <title>Description
</title>
31 <para><command>nss-resolve
</command> is a plug-in module for the GNU Name Service Switch (NSS) functionality of the
32 GNU C Library (
<command>glibc
</command>) enabling it to resolve hostnames via the
33 <citerefentry><refentrytitle>systemd-resolved
</refentrytitle><manvolnum>8</manvolnum></citerefentry> local network
34 name resolution service. It replaces the
<command>nss-dns
</command> plug-in module that traditionally resolves
35 hostnames via DNS.
</para>
37 <para>To activate the NSS module, add
<literal>resolveĀ [!UNAVAIL=return]
</literal> to the line starting
38 with
<literal>hosts:
</literal> in
<filename>/etc/nsswitch.conf
</filename>. Specifically, it is
39 recommended to place
<literal>resolve
</literal> early in
<filename>/etc/nsswitch.conf
</filename>'s
40 <literal>hosts:
</literal> line. It should be before the
<literal>files
</literal> entry, since
41 <filename>systemd-resolved
</filename> supports
<filename>/etc/hosts
</filename> internally, but with
42 caching. To the contrary, it should be after
<literal>mymachines
</literal>, to give hostnames given to
43 local VMs and containers precedence over names received over DNS. Finally, we recommend placing
44 <literal>dns
</literal> somewhere after
<literal>resolve
</literal>, to fall back to
45 <command>nss-dns
</command> if
<filename>systemd-resolved.service
</filename> is not available.
</para>
47 <para>Note that
<command>systemd-resolved
</command> will synthesize DNS resource records in a few cases,
48 for example for
<literal>localhost
</literal> and the current local hostname, see
49 <citerefentry><refentrytitle>systemd-resolved
</refentrytitle><manvolnum>8</manvolnum></citerefentry> for
50 the full list. This duplicates the functionality of
51 <citerefentry><refentrytitle>nss-myhostname
</refentrytitle><manvolnum>8</manvolnum></citerefentry>, but
52 it is still recommended (see examples below) to keep
<command>nss-myhostname
</command> configured in
53 <filename>/etc/nsswitch.conf
</filename>, to keep those names resolveable if
54 <command>systemd-resolved
</command> is not running.
</para>
58 <title>Example
</title>
60 <para>Here is an example
<filename>/etc/nsswitch.conf
</filename> file that enables
<command>nss-resolve
</command>
63 <!-- synchronize with other nss-* man pages and factory/etc/nsswitch.conf -->
64 <programlisting>passwd: compat systemd
65 group: compat [SUCCESS=merge] systemd
68 hosts: mymachines
<command>resolve [!UNAVAIL=return]
</command> files myhostname dns
76 netgroup: nis
</programlisting>
80 <title>See Also
</title>
82 <citerefentry><refentrytitle>systemd
</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
83 <citerefentry><refentrytitle>systemd-resolved
</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
84 <citerefentry><refentrytitle>nss-systemd
</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
85 <citerefentry><refentrytitle>nss-myhostname
</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
86 <citerefentry><refentrytitle>nss-mymachines
</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
87 <citerefentry project='man-pages'
><refentrytitle>nsswitch.conf
</refentrytitle><manvolnum>5</manvolnum></citerefentry>