]>
Commit | Line | Data |
---|---|---|
fea681da | 1 | .\" Copyright (c) 1997 Martin Schulze (joey@infodrom.north.de) |
c2ac5c4e | 2 | .\" Much of the text is copied from the manpage of resolv+(8). |
fea681da | 3 | .\" |
e4a74ca8 | 4 | .\" SPDX-License-Identifier: GPL-2.0-or-later |
fea681da | 5 | .\" |
fea681da | 6 | .\" 2003-08-23 Martin Schulze <joey@infodrom.org> Updated according to glibc 2.3.2 |
ab47278f | 7 | .TH HOST.CONF 5 (date) "Linux man-pages (unreleased)" |
fea681da MK |
8 | .SH NAME |
9 | host.conf \- resolver configuration file | |
10 | .SH DESCRIPTION | |
11 | The file | |
12 | .I /etc/host.conf | |
13 | contains configuration information specific to the resolver library. | |
14 | It should contain one configuration keyword per line, followed by | |
c13182ef | 15 | appropriate configuration information. |
0921ce4a | 16 | The following keywords are recognized: |
fea681da | 17 | .TP |
c13182ef MK |
18 | .I trim |
19 | This keyword may be listed more than once. | |
20 | Each time it should be | |
f81fb444 MK |
21 | followed by a list of domains, separated by colons (\(aq:\(aq), semicolons |
22 | (\(aq;\(aq) or commas (\(aq,\(aq), with the leading dot. | |
c13182ef | 23 | When set, the |
6e9c8c17 | 24 | resolver library will automatically trim the given domain name from the |
c13182ef MK |
25 | end of any hostname resolved via DNS. |
26 | This is intended for use with | |
27 | local hosts and domains. | |
3845a120 MK |
28 | (Related note: |
29 | .I trim | |
68d8192f MK |
30 | will not affect hostnames gathered via NIS or the |
31 | .BR hosts (5) | |
32 | file. | |
c13182ef | 33 | Care should be taken to |
fea681da | 34 | ensure that the first hostname for each entry in the hosts file is |
f177a935 | 35 | fully qualified or unqualified, as appropriate for the local |
fea681da MK |
36 | installation.) |
37 | .TP | |
38 | .I multi | |
39 | Valid values are | |
40 | .IR on " and " off . | |
41 | If set to | |
42 | .IR on , | |
6e9c8c17 | 43 | the resolver library will return all valid addresses for a host that |
fea681da MK |
44 | appears in the |
45 | .I /etc/hosts | |
46 | file, | |
c13182ef MK |
47 | instead of only the first. |
48 | This is | |
fea681da MK |
49 | .I off |
50 | by default, as it may cause a substantial performance loss at sites | |
51 | with large hosts files. | |
52 | .TP | |
fea681da MK |
53 | .I reorder |
54 | Valid values are | |
55 | .IR on " and " off . | |
56 | If set to | |
57 | .IR on , | |
6e9c8c17 MK |
58 | the resolver library |
59 | will attempt to reorder host addresses so that local addresses | |
fea681da MK |
60 | (i.e., on the same subnet) are listed first when a |
61 | .BR gethostbyname (3) | |
c13182ef MK |
62 | is performed. |
63 | Reordering is done for all lookup methods. | |
64 | The default value is | |
fea681da MK |
65 | .IR off . |
66 | .SH ENVIRONMENT | |
0921ce4a | 67 | The following environment variables can be used to allow users to |
c13182ef | 68 | override the behavior which is configured in |
0921ce4a | 69 | .IR /etc/host.conf : |
fea681da MK |
70 | .TP |
71 | .B RESOLV_HOST_CONF | |
bd4144a1 | 72 | If set, this variable points to a file that should be read instead of |
fea681da MK |
73 | .IR /etc/host.conf . |
74 | .TP | |
fea681da MK |
75 | .B RESOLV_MULTI |
76 | Overrides the | |
77 | .I multi | |
78 | command. | |
79 | .TP | |
80 | .B RESOLV_REORDER | |
81 | Overrides the | |
82 | .I reorder | |
83 | command. | |
84 | .TP | |
85 | .B RESOLV_ADD_TRIM_DOMAINS | |
3ded684c | 86 | A list of domains, separated by colons (\(aq:\(aq), semicolons (\(aq;\(aq), or |
f81fb444 | 87 | commas (\(aq,\(aq), with the leading dot, which will be added to the list of |
fea681da MK |
88 | domains that should be trimmed. |
89 | .TP | |
90 | .B RESOLV_OVERRIDE_TRIM_DOMAINS | |
3ded684c | 91 | A list of domains, separated by colons (\(aq:\(aq), semicolons (\(aq;\(aq), or |
f81fb444 | 92 | commas (\(aq,\(aq), with the leading dot, which will replace the list of |
c13182ef MK |
93 | domains that should be trimmed. |
94 | Overrides the | |
fea681da MK |
95 | .I trim |
96 | command. | |
97 | .SH FILES | |
98 | .TP | |
99 | .I /etc/host.conf | |
100 | Resolver configuration file | |
101 | .TP | |
102 | .I /etc/resolv.conf | |
103 | Resolver configuration file | |
104 | .TP | |
105 | .I /etc/hosts | |
106 | Local hosts database | |
107 | .SH NOTES | |
108 | The following differences exist compared to the original implementation. | |
109 | A new command | |
110 | .I spoof | |
111 | and a new environment variable | |
112 | .B RESOLV_SPOOF_CHECK | |
113 | can take arguments like | |
3845a120 | 114 | .IR off ", " nowarn ", and " warn . |
fea681da | 115 | Line comments can appear anywhere and not only at the beginning of a line. |
0921ce4a | 116 | .SS Historical |
e51f148a SA |
117 | The |
118 | .BR nsswitch.conf (5) | |
119 | file is the modern way of controlling the order of host lookups. | |
120 | .PP | |
0921ce4a SP |
121 | In glibc 2.4 and earlier, the following keyword is recognized: |
122 | .TP | |
123 | .I order | |
124 | This keyword specifies how host lookups are to be performed. | |
125 | It should be followed by one or more lookup methods, separated by commas. | |
126 | Valid methods are | |
127 | .IR bind ", " hosts ", and " nis . | |
e51f148a | 128 | .TP |
0921ce4a | 129 | .B RESOLV_SERV_ORDER |
3845a120 MK |
130 | Overrides the |
131 | .I order | |
132 | command. | |
0921ce4a | 133 | .PP |
c8097a40 | 134 | .\" commit 7d68cdaa4f748e87ee921f587ee2d483db624b3d |
15f0b7af AC |
135 | Since glibc 2.0.7, and up through glibc 2.24, |
136 | the following keywords and environment variable | |
137 | have been recognized but never implemented: | |
e51f148a SA |
138 | .TP |
139 | .I nospoof | |
140 | Valid values are | |
141 | .IR on " and " off . | |
142 | If set to | |
143 | .IR on , | |
6e9c8c17 | 144 | the resolver library will attempt to prevent hostname spoofing to |
e51f148a SA |
145 | enhance the security of |
146 | .BR rlogin " and " rsh . | |
6e9c8c17 MK |
147 | It works as follows: after performing a host address lookup, |
148 | the resolver library will perform a hostname lookup for that address. | |
e51f148a | 149 | If the two hostnames |
a23d8efa | 150 | do not match, the query fails. |
e51f148a SA |
151 | The default value is |
152 | .IR off . | |
153 | .TP | |
154 | .I spoofalert | |
155 | Valid values are | |
156 | .IR on " and " off . | |
157 | If this option is set to | |
158 | .I on | |
159 | and the | |
160 | .I nospoof | |
6e9c8c17 MK |
161 | option is also set, |
162 | the resolver library will log a warning of the error via the | |
e51f148a SA |
163 | syslog facility. |
164 | The default value is | |
165 | .IR off . | |
166 | .TP | |
167 | .I spoof | |
168 | Valid values are | |
f6d08687 | 169 | .IR off ", " nowarn ", and " warn . |
e51f148a SA |
170 | If this option is set to |
171 | .IR off , | |
172 | spoofed addresses are permitted and no warnings will be emitted | |
173 | via the syslog facility. | |
174 | If this option is set to | |
175 | .IR warn , | |
6e9c8c17 | 176 | the resolver library will attempt to prevent hostname spoofing to |
e51f148a SA |
177 | enhance the security and log a warning of the error via the syslog |
178 | facility. | |
179 | If this option is set to | |
180 | .IR nowarn , | |
6e9c8c17 | 181 | the resolver library will attempt to prevent hostname spoofing to |
e51f148a SA |
182 | enhance the security but not emit warnings via the syslog facility. |
183 | Setting this option to anything else is equal to setting it to | |
184 | .IR nowarn . | |
185 | .TP | |
186 | .B RESOLV_SPOOF_CHECK | |
187 | Overrides the | |
3845a120 | 188 | .IR nospoof ", " spoofalert ", and " spoof |
e51f148a SA |
189 | commands in the same way as the |
190 | .I spoof | |
191 | command is parsed. | |
192 | Valid values are | |
3845a120 | 193 | .IR off ", " nowarn ", and " warn . |
47297adb | 194 | .SH SEE ALSO |
fea681da | 195 | .BR gethostbyname (3), |
7b46b4fa SA |
196 | .BR hosts (5), |
197 | .BR nsswitch.conf (5), | |
198 | .BR resolv.conf (5), | |
fea681da | 199 | .BR hostname (7), |
0921ce4a | 200 | .BR named (8) |