1 <?xml version='
1.0'
?> <!--*- Mode: nxml; nxml-child-indent: 2; indent-tabs-mode: nil -*-->
2 <!DOCTYPE refentry PUBLIC
"-//OASIS//DTD DocBook XML V4.2//EN"
3 "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
6 SPDX-License-Identifier: LGPL-2.1+
8 This file is part of systemd.
10 Copyright 2011 Lennart Poettering
11 Copyright 2013 Tom Gundersen
14 <refentry id=
"nss-resolve" conditional='ENABLE_RESOLVE'
>
17 <title>nss-resolve
</title>
18 <productname>systemd
</productname>
22 <contrib>Developer
</contrib>
23 <firstname>Lennart
</firstname>
24 <surname>Poettering
</surname>
25 <email>lennart@poettering.net
</email>
31 <refentrytitle>nss-resolve
</refentrytitle>
32 <manvolnum>8</manvolnum>
36 <refname>nss-resolve
</refname>
37 <refname>libnss_resolve.so
.2</refname>
38 <refpurpose>Provide hostname resolution via
<filename>systemd-resolved.service
</filename></refpurpose>
42 <para><filename>libnss_resolve.so
.2</filename></para>
46 <title>Description
</title>
48 <para><command>nss-resolve
</command> is a plug-in module for the GNU Name Service Switch (NSS) functionality of the
49 GNU C Library (
<command>glibc
</command>) enabling it to resolve host names via the
50 <citerefentry><refentrytitle>systemd-resolved
</refentrytitle><manvolnum>8</manvolnum></citerefentry> local network
51 name resolution service. It replaces the
<command>nss-dns
</command> plug-in module that traditionally resolves
52 hostnames via DNS.
</para>
54 <para>To activate the NSS module, add
<literal>resolve
</literal> to the line starting with
55 <literal>hosts:
</literal> in
<filename>/etc/nsswitch.conf
</filename>. Specifically, it is recommended to place
56 <literal>resolve
</literal> early in
<filename>/etc/nsswitch.conf
</filename>'s
<literal>hosts:
</literal> line (but
57 after the
<literal>files
</literal> or
<literal>mymachines
</literal> entries), right before the
58 <literal>dns
</literal> entry if it exists, followed by
<literal>[!UNAVAIL=return]
</literal>, to ensure DNS queries
60 <citerefentry><refentrytitle>systemd-resolved
</refentrytitle><manvolnum>8</manvolnum></citerefentry> if it is
61 running, but are routed to
<command>nss-dns
</command> if this service is not available.
</para>
63 <para>Note that
<command>systemd-resolved
</command> will synthesize DNS resource
64 records in a few cases, for example for
<literal>localhost
</literal> and the
66 <citerefentry><refentrytitle>systemd-resolved
</refentrytitle><manvolnum>8</manvolnum></citerefentry>
67 for the full list. This duplicates the functionality of
68 <citerefentry><refentrytitle>nss-myhostname
</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
69 but it is still recommended (see examples below) to keep
70 <command>nss-myhostname
</command> configured in
71 <filename>/etc/nsswitch.conf
</filename>, to keep those names resolveable if
72 <command>systemd-resolved
</command> is not running.
</para>
76 <title>Example
</title>
78 <para>Here is an example
<filename>/etc/nsswitch.conf
</filename> file that enables
<command>nss-resolve
</command>
81 <programlisting>passwd: compat mymachines systemd
82 group: compat mymachines systemd
85 hosts: files mymachines
<command>resolve [!UNAVAIL=return]
</command> dns myhostname
93 netgroup: nis
</programlisting>
97 <title>See Also
</title>
99 <citerefentry><refentrytitle>systemd
</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
100 <citerefentry><refentrytitle>systemd-resolved
</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
101 <citerefentry><refentrytitle>nss-systemd
</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
102 <citerefentry><refentrytitle>nss-myhostname
</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
103 <citerefentry><refentrytitle>nss-mymachines
</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
104 <citerefentry project='man-pages'
><refentrytitle>nsswitch.conf
</refentrytitle><manvolnum>5</manvolnum></citerefentry>