[TriLUG] Reverse Lookup Using /etc/hosts

Barry Gaskins barry.gaskins at gmail.com
Thu Apr 26 09:50:55 EDT 2007


   If you are using java then another thing to watch out for is InetAddress
Caching
You would not see it in a short lived java program that is run once from the
command line like the one Tanner wrote, but if you have an application that
stays running for days at a time, note that java will do a lookup once and
then keep the value in cache, possible forever (or at least until the
application is shut down and restarted.  You can see a discussion of this
behavior here:
http://java.sun.com/j2se/1.4.2/docs/api/java/net/InetAddress.html

So if you make changes to your configuration you might need to restart your
java application to notice the change.

   - Barry Gaskins

On 4/26/07, Tanner Lovelace <clubjuggler at gmail.com> wrote:
>
> On 4/25/07, Joseph Mack NA3T <jmack at wm7d.net> wrote:
> > On Wed, 25 Apr 2007, Alexei Znamensky wrote:
> >
> > > Tarus,
> > >
> > > nslookup/host works exclusively with DNS, it doesn't follow the
> system's
> > > resolver order (read /etc/nsswitch.conf or host.conf).
> >
> > there is no resolver facility in Linux which applications
> > ask for name resolution. Applications do what they want and
> > can ignore files in /etc
>
> Not true.  The programs nslookup, host, and even dig have
> always gone directly to DNS since they are tools to debug
> DNS!  Anything, however, that uses the gethostbyname system
> call does follow what is in /etc/nsswitch.conf.  For instance,
> with this line in nsswitch.conf
>
> hosts:          files dns
>
> If I run ping www.trilug.org and examine what files it opens I get this:
>
> open("/etc/ld.so.preload", O_RDONLY)    = -1 ENOENT (No such file or
> directory)
> open("/etc/ld.so.cache", O_RDONLY)      = 3
> open("/lib/tls/i686/cmov/libc.so.6", O_RDONLY) = 3
> open("/etc/nsswitch.conf", O_RDONLY)    = 3
> open("/etc/ld.so.cache", O_RDONLY)      = 3
> open("/lib/libnss_db.so.2", O_RDONLY)   = 3
> open("/lib/tls/i686/cmov/libnss_files.so.2", O_RDONLY) = 3
> open("/usr/lib/libdb3.so.3", O_RDONLY)  = 3
> open("/var/lib/misc/protocols.db", O_RDWR|O_LARGEFILE) = -1 ENOENT (No
> such file or directory)
> open("/var/lib/misc/protocols.db", O_RDONLY|O_LARGEFILE) = -1 ENOENT
> (No such file or directory)
> open("/etc/protocols", O_RDONLY)        = 3
> open("/etc/resolv.conf", O_RDONLY)      = 4
> open("/etc/host.conf", O_RDONLY)        = 4
> open("/etc/hosts", O_RDONLY)            = 4
> open("/etc/ld.so.cache", O_RDONLY)      = 4
> open("/lib/tls/i686/cmov/libnss_dns.so.2", O_RDONLY) = 4
> open("/lib/tls/i686/cmov/libresolv.so.2", O_RDONLY) = 4
>
> Note that it does go to /etc/hosts first, as specified by nsswitch.conf.
> If I then change the line in nsswitch.conf to be this instead:
>
> hosts:          dns
>
> and rerun the same test I get this:
>
> open("/etc/ld.so.preload", O_RDONLY)    = -1 ENOENT (No such file or
> directory)
> open("/etc/ld.so.cache", O_RDONLY)      = 3
> open("/lib/tls/i686/cmov/libc.so.6", O_RDONLY) = 3
> open("/etc/nsswitch.conf", O_RDONLY)    = 3
> open("/etc/ld.so.cache", O_RDONLY)      = 3
> open("/lib/libnss_db.so.2", O_RDONLY)   = 3
> open("/lib/tls/i686/cmov/libnss_files.so.2", O_RDONLY) = 3
> open("/usr/lib/libdb3.so.3", O_RDONLY)  = 3
> open("/var/lib/misc/protocols.db", O_RDWR|O_LARGEFILE) = -1 ENOENT (No
> such file or directory)
> open("/var/lib/misc/protocols.db", O_RDONLY|O_LARGEFILE) = -1 ENOENT
> (No such file or directory)
> open("/etc/protocols", O_RDONLY)        = 3
> open("/etc/resolv.conf", O_RDONLY)      = 4
> open("/etc/ld.so.cache", O_RDONLY)      = 4
> open("/lib/tls/i686/cmov/libnss_dns.so.2", O_RDONLY) = 4
> open("/lib/tls/i686/cmov/libresolv.so.2", O_RDONLY) = 4
> open("/etc/host.conf", O_RDONLY)        = 4
>
> Note that it does not look in /etc/hosts.
>
> So, to say "there is no resolver facility in Linux which applications
> ask for name resolution" is just wrong.  It isn't ping that's searching
> these files, it's gethostbyname in the C library calling into libnss_*.
> The libnss libraries are the resolver.
>
> To answer Tarus's question specifically, try this:  Add this
> line to /etc/hosts:
>
> 192.168.0.1    test-host
>
> Then compile and run this program:
>
> import java.net.InetAddress;
>
> public class reversedns
> {
>
>   public static void main(String args[])
>   {
>     try {
>       InetAddress addr = InetAddress.getByName("192.168.0.1");
>       System.out.println(addr.getHostName());
>     }
>     catch (Exception e)
>     {
>       System.err.println("Error: " + e.getMessage());
>     }
>   }
> }
>
> Running it using "java reversedns" should correctly print out
>
> test-host
>
> assuming that the nsswitch.conf line is like this:
>
> hosts:          files dns
>
> If you remove "files" from that line and re-run the test it will print out
>
> 192.168.0.1
>
> So, yes, the java name resolver should follow the settings in
> nsswitch.conf.
>
> Ok, this e-mail is long and rambling enough, but hopefully it is somewhat
> informative. :-)
>
> Cheers,
> Tanner
>
> --
> Tanner Lovelace
> clubjuggler at gmail dot com
> http://wtl.wayfarer.org/
> (fieldless) In fess two roundels in pale, a billet fesswise and an
> increscent, all sable.
> --
> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ  : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
>



More information about the TriLUG mailing list