|
From: | Hartmut Goebel |
Subject: | Re: Contents of /etc/hosts |
Date: | Thu, 6 Oct 2016 12:07:37 +0200 |
User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0 |
Am 06.10.2016 um 02:57 schrieb John
Darrington:
127.0.0.1 localhost ::1 localhost 127.0.0.1 gambrinus ::1 gambrinus Or am I missing something? Hmm. I have never seen it done this way elsewhere, and I really wonder how some services will react if they discover that 127.0.0.1 is not called "localhost"? Or that one address is known by two names. I think it possible they might assume a security breach and refuse to work. This should not be a problem. One could always add several entries for the same IP-address. And "getent hosts 127.0.0.1" will return the first entry in /etc/hosts AFAIKT. I started digging through the man pages, but did not finish. It's a deep maybe recursive mess of documentation where nothing is said about Maybe we need to refer to the gethostbyname(2) and gethostbyname(3) documentation, which both are listed in "man hostname". * gethostbyname(2) [1], uses uname[2], which returns what ever has been set with sethostname (AFAICT) and always returns a single string. * gethostbyname(3) [3] returns a structure capable to hold an name, several aliases, and several addresses. Nevertheless my conclusion is that any program should be able to handle any ip-address and and hostname and must not rely on any assumtion regarding these. (Exept perhaps to assume "localhost" is defined.) [1] http://man7.org/linux/man-pages/man2/gethostname.2.html [2] http://man7.org/linux/man-pages/man2/uname.2.html [3] http://man7.org/linux/man-pages/man3/gethostbyname.3.html [4] http://man7.org/linux/man-pages/man5/hosts.5.html Kerberos is very fussy about such things. Yes, it is, forward and backward resolution must match. But this can be done with a the hostname's non-loopback IP-address being in front of the loopback entry. ASAIK --
Schönen Gruß Hartmut Goebel Dipl.-Informatiker (univ), CISSP, CSSLP, ISO 27001 Lead Implementer Information Security Management, Security Governance, Secure Software Development
Goebel Consult, Landshut
Blog:
http://www.goebel-consult.de/blog/feiertagsarbeit-bei-teletrust
|
smime.p7s
Description: S/MIME Cryptographic Signature
[Prev in Thread] | Current Thread | [Next in Thread] |