man: move "files" after "resolve" in the suggested configuration

resolved caches files, so we should move nss-files after nss-resolve
to speed up local access (and yes, people like to have thousands of
lines in /etc/hosts).

See https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/LCX6YXLM62QEYJSOLJBWXXVXTZVL73GI/
for the background.

diff --git a/man/nss-myhostname.xml b/man/nss-myhostname.xml
index 908c91eb7cdb00e362b436f0944ec4db9c35a9f1..9a1125caae33420f2468246b101f381dc881cc3d 100644 (file)
--- a/man/nss-myhostname.xml
+++ b/man/nss-myhostname.xml
@@ -83,7 +83,7 @@
 group:          compat mymachines systemd
 shadow:         compat
 
-hosts:          files mymachines resolve [!UNAVAIL=return] dns <command>myhostname</command>
+hosts:          mymachines resolve [!UNAVAIL=return] files dns <command>myhostname</command>
 networks:       files
 
 protocols:      db files

diff --git a/man/nss-mymachines.xml b/man/nss-mymachines.xml
index 40b0abee344ea7805a36dc3cea0eda83f73d6368..71865874dd9e5dba0898c29e6a6f709ffb94a83b 100644 (file)
--- a/man/nss-mymachines.xml
+++ b/man/nss-mymachines.xml
@@ -69,7 +69,7 @@
 group:          compat <command>mymachines</command> systemd
 shadow:         compat
 
-hosts:          files <command>mymachines</command> resolve [!UNAVAIL=return] dns myhostname
+hosts:          <command>mymachines</command> resolve [!UNAVAIL=return] files dns myhostname
 networks:       files
 
 protocols:      db files

diff --git a/man/nss-resolve.xml b/man/nss-resolve.xml
index e4ea4e189822e5a11a30cada3bc47a9736884047..5c8b7458816eb273a96cb7c1de4c495c9f3bc167 100644 (file)
--- a/man/nss-resolve.xml
+++ b/man/nss-resolve.xml
@@ -34,14 +34,15 @@
     name resolution service. It replaces the <command>nss-dns</command> plug-in module that traditionally resolves
     hostnames via DNS.</para>
 
-    <para>To activate the NSS module, add <literal>resolve</literal> to the line starting with
-    <literal>hosts:</literal> in <filename>/etc/nsswitch.conf</filename>. Specifically, it is recommended to place
-    <literal>resolve</literal> early in <filename>/etc/nsswitch.conf</filename>'s <literal>hosts:</literal> line (but
-    after the <literal>files</literal> or <literal>mymachines</literal> entries), right before the
-    <literal>dns</literal> entry if it exists, followed by <literal>[!UNAVAIL=return]</literal>, to ensure DNS queries
-    are always routed via
-    <citerefentry><refentrytitle>systemd-resolved</refentrytitle><manvolnum>8</manvolnum></citerefentry> if it is
-    running, but are routed to <command>nss-dns</command> if this service is not available.</para>
+    <para>To activate the NSS module, add <literal>resolve [!UNAVAIL=return]</literal> to the line starting
+    with <literal>hosts:</literal> in <filename>/etc/nsswitch.conf</filename>. Specifically, it is
+    recommended to place <literal>resolve</literal> early in <filename>/etc/nsswitch.conf</filename>'s
+    <literal>hosts:</literal> line. It should be before the <literal>files</literal> entry, since
+    <filename>systemd-resolved</filename> supports <filename>/etc/hosts</filename> internally, but with
+    caching. To the contrary, it should be after <literal>mymachines</literal>, to give hostnames given to
+    local VMs and containers precedence over names received over DNS. Finally, we recommend placing
+    <literal>dns</literal> somewhere after <literal>resolve</literal>, to fall back to
+    <command>nss-dns</command> if <filename>systemd-resolved.service</filename> is not available.</para>
 
     <para>Note that <command>systemd-resolved</command> will synthesize DNS resource
     records in a few cases, for example for <literal>localhost</literal> and the
@@ -66,7 +67,7 @@
 group:          compat mymachines systemd
 shadow:         compat
 
-hosts:          files mymachines <command>resolve [!UNAVAIL=return]</command> dns myhostname
+hosts:          mymachines <command>resolve [!UNAVAIL=return]</command> files dns myhostname
 networks:       files
 
 protocols:      db files

diff --git a/man/nss-systemd.xml b/man/nss-systemd.xml
index e343c406f29931b0e3eac1caa3507b6ec5128627..a5b3de73e720b980d0ad313e4cc66909d063df23 100644 (file)
--- a/man/nss-systemd.xml
+++ b/man/nss-systemd.xml
@@ -65,7 +65,7 @@
 group:          compat [SUCCESS=merge] mymachines [SUCCESS=merge] <command>systemd</command>
 shadow:         compat
 
-hosts:          files mymachines resolve [!UNAVAIL=return] dns myhostname
+hosts:          mymachines resolve [!UNAVAIL=return] files dns myhostname
 networks:       files
 
 protocols:      db files