<?xml version='1.0'?> <!--*-nxml-*-->
-<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
+<!-- SPDX-License-Identifier: LGPL-2.1+ -->
-<!--
- This file is part of systemd.
-
- Copyright 2011 Lennart Poettering
- Copyright 2013 Tom Gundersen
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
--->
-
-<refentry id="nss-myhostname" conditional='HAVE_MYHOSTNAME'>
+<refentry id="nss-myhostname" conditional='ENABLE_NSS_MYHOSTNAME'>
<refentryinfo>
<title>nss-myhostname</title>
<productname>systemd</productname>
-
- <authorgroup>
- <author>
- <contrib>Developer</contrib>
- <firstname>Lennart</firstname>
- <surname>Poettering</surname>
- <email>lennart@poettering.net</email>
- </author>
- </authorgroup>
</refentryinfo>
<refmeta>
ending in <literal>.localhost</literal> or <literal>.localhost.localdomain</literal>)
are resolved to the IP addresses 127.0.0.1 and ::1.</para></listitem>
- <listitem><para>The hostname <literal>gateway</literal> is
+ <listitem><para>The hostname <literal>_gateway</literal> is
resolved to all current default routing gateway addresses,
ordered by their metric. This assigns a stable hostname to the
current gateway, useful for referencing it independently of the
<para>To activate the NSS modules, add <literal>myhostname</literal> to the line starting with
<literal>hosts:</literal> in <filename>/etc/nsswitch.conf</filename>.</para>
- <para>It is recommended to place <literal>myhostname</literal> last in the <filename>nsswitch.conf</filename>'
- <literal>hosts:</literal> line to make sure that this mapping is only used as fallback, and that any DNS or
- <filename>/etc/hosts</filename> based mapping takes precedence.</para>
+ <para>It is recommended to place <literal>myhostname</literal> either between <literal>resolve</literal>
+ and "traditional" modules like <literal>files</literal> and <literal>dns</literal>, or after them. In the
+ first version, well-known names like <literal>localhost</literal> and the machine hostname are given
+ higher priority than the external configuration. This is recommended when the external DNS servers and
+ network are not absolutely trusted. In the second version, external configuration is given higher
+ priority and <command>nss-myhostname</command> only provides a fallback mechanism. This might be suitable
+ in closely controlled networks, for example on a company LAN.</para>
</refsect1>
<refsect1>
<para>Here is an example <filename>/etc/nsswitch.conf</filename> file that enables
<command>nss-myhostname</command> correctly:</para>
+ <!-- synchronize with other nss-* man pages and factory/etc/nsswitch.conf -->
<programlisting>passwd: compat mymachines systemd
group: compat mymachines systemd
shadow: compat
-hosts: files mymachines resolve [!UNAVAIL=return] dns <command>myhostname</command>
+# Either (untrusted network):
+hosts: mymachines resolve [!UNAVAIL=return] <command>myhostname</command> files dns
+# Or (only trusted networks):
+hosts: mymachines resolve [!UNAVAIL=return] files dns <command>myhostname</command>
networks: files
protocols: db files