]> git.ipfire.org Git - thirdparty/systemd.git/blob - man/nss-mymachines.xml
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
man: fix link markup
[thirdparty/systemd.git] / man / nss-mymachines.xml
1 <?xml version='1.0'?> <!--*-nxml-*-->
2 <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3 "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
4 <!-- SPDX-License-Identifier: LGPL-2.1+ -->
5
6 <refentry id="nss-mymachines" conditional='ENABLE_NSS_MYMACHINES'>
7
8 <refentryinfo>
9 <title>nss-mymachines</title>
10 <productname>systemd</productname>
11 </refentryinfo>
12
13 <refmeta>
14 <refentrytitle>nss-mymachines</refentrytitle>
15 <manvolnum>8</manvolnum>
16 </refmeta>
17
18 <refnamediv>
19 <refname>nss-mymachines</refname>
20 <refname>libnss_mymachines.so.2</refname>
21 <refpurpose>Hostname resolution for local container instances</refpurpose>
22 </refnamediv>
23
24 <refsynopsisdiv>
25 <para><filename>libnss_mymachines.so.2</filename></para>
26 </refsynopsisdiv>
27
28 <refsect1>
29 <title>Description</title>
30
31 <para><command>nss-mymachines</command> is a plug-in module for the GNU Name Service Switch (NSS) functionality of
32 the GNU C Library (<command>glibc</command>), providing hostname resolution for the names of containers running
33 locally that are registered with
34 <citerefentry><refentrytitle>systemd-machined.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>. The
35 container names are resolved to the IP addresses of the specific container, ordered by their scope. This
36 functionality only applies to containers using network namespacing (see the description of
37 <option>--private-network</option> in
38 <citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry>).
39 Note that the name that is resolved is the one registered with <command>systemd-machined</command>, which
40 may be different than the hostname configured inside of the container.</para>
41
42 <para>To activate the NSS module, add <literal>mymachines</literal> to the line starting with
43 <literal>hosts:</literal> in <filename>/etc/nsswitch.conf</filename>.</para>
44
45 <para>It is recommended to place <literal>mymachines</literal> after the <literal>files</literal> or
46 <literal>compat</literal> entry of the <filename>/etc/nsswitch.conf</filename> line to make sure that its
47 mappings are preferred over other resolvers such as DNS, but so that <filename>/etc/hosts</filename>
48 based mappings take precedence.</para>
49 </refsect1>
50
51 <refsect1>
52 <title>Configuration in <filename>/etc/nsswitch.conf</filename></title>
53
54 <para>Here is an example <filename>/etc/nsswitch.conf</filename> file that enables
55 <command>nss-mymachines</command> correctly:</para>
56
57 <!-- synchronize with other nss-* man pages and factory/etc/nsswitch.conf -->
58 <programlisting>passwd: compat systemd
59 group: compat systemd
60 shadow: compat
61
62 hosts: <command>mymachines</command> resolve [!UNAVAIL=return] myhostname files dns
63 networks: files
64
65 protocols: db files
66 services: db files
67 ethers: db files
68 rpc: db files
69
70 netgroup: nis</programlisting>
71
72 </refsect1>
73
74 <refsect1>
75 <title>Example: Mappings provided by <filename>nss-mymachines</filename></title>
76
77 <para>The container <literal>rawhide</literal> is spawned using
78 <citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry>:
79 </para>
80
81 <programlisting># systemd-nspawn -M rawhide --boot --network-veth --private-users=pick
82 Spawning container rawhide on /var/lib/machines/rawhide.
83 Selected user namespace base 20119552 and range 65536.
84 ...
85
86 $ machinectl --max-addresses=3
87 MACHINE CLASS SERVICE OS VERSION ADDRESSES
88 rawhide container systemd-nspawn fedora 30 169.254.40.164 fe80::94aa:3aff:fe7b:d4b9
89
90 $ ping -c1 rawhide
91 PING rawhide(fe80::94aa:3aff:fe7b:d4b9%ve-rawhide (fe80::94aa:3aff:fe7b:d4b9%ve-rawhide)) 56 data bytes
92 64 bytes from fe80::94aa:3aff:fe7b:d4b9%ve-rawhide (fe80::94aa:3aff:fe7b:d4b9%ve-rawhide): icmp_seq=1 ttl=64 time=0.045 ms
93 ...
94 $ ping -c1 -4 rawhide
95 PING rawhide (169.254.40.164) 56(84) bytes of data.
96 64 bytes from 169.254.40.164 (169.254.40.164): icmp_seq=1 ttl=64 time=0.064 ms
97 ...
98
99 # machinectl shell rawhide /sbin/ip a
100 Connected to machine rawhide. Press ^] three times within 1s to exit session.
101 1: lo: &lt;LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
102 ...
103 2: host0@if21: &lt;BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
104 link/ether 96:aa:3a:7b:d4:b9 brd ff:ff:ff:ff:ff:ff link-netnsid 0
105 inet 169.254.40.164/16 brd 169.254.255.255 scope link host0
106 valid_lft forever preferred_lft forever
107 inet6 fe80::94aa:3aff:fe7b:d4b9/64 scope link
108 valid_lft forever preferred_lft forever
109 Connection to machine rawhide terminated.
110 </programlisting>
111 </refsect1>
112
113 <refsect1>
114 <title>See Also</title>
115 <para>
116 <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
117 <citerefentry><refentrytitle>systemd-machined.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
118 <citerefentry><refentrytitle>machinectl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
119 <citerefentry><refentrytitle>nss-systemd</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
120 <citerefentry><refentrytitle>nss-resolve</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
121 <citerefentry><refentrytitle>nss-myhostname</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
122 <citerefentry project='man-pages'><refentrytitle>nsswitch.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
123 <citerefentry project='man-pages'><refentrytitle>getent</refentrytitle><manvolnum>1</manvolnum></citerefentry>
124 </para>
125 </refsect1>
126
127 </refentry>
Unnamed repository; edit this file 'description' to name the repository.