[TriLUG] How ssh et al resolves domain names...

Brian Henning bhenning at pineinst.com
Tue Aug 27 13:00:22 EDT 2013


Aaron,

Maybe I'm just daft, but I didn't learn anything from that exercise.
Specifically, you suggested I look for things that ping does that host
doesn't, but the fact is, ping does less than host does.  Did you mean I
should be observing what host does that ping doesn't do?

Anyway, host opens lots of libraries, including libdns, libbind9, libcrypto,
locale stuff, etc etc etc.  After all that, it does this:

(...)
open("/lib64/libresolv.so.2", O_RDONLY) = 3
(...)
open("/etc/gai.conf", O_RDONLY)         = -1 ENOENT (No such file or
directory)
open("/etc/nsswitch.conf", O_RDONLY)    = 6
open("/etc/host.conf", O_RDONLY)        = 6
open("/etc/resolv.conf", O_RDONLY)      = 6
open("/lib64/libnss_files.so.2", O_RDONLY) = 6
open("/etc/hosts", O_RDONLY)            = 6
open("/etc/hosts", O_RDONLY)            = 6
open("/lib64/libnss_dns.so.2", O_RDONLY) = 6

Ping, on the other hand, does only this:
open("/lib64/libresolv.so.2", O_RDONLY) = 3
open("/lib64/libc.so.6", O_RDONLY)      = 3
open("/etc/resolv.conf", O_RDONLY)      = 3
open("/etc/nsswitch.conf", O_RDONLY)    = 3
open("/lib64/libnss_files.so.2", O_RDONLY) = 3
open("/etc/host.conf", O_RDONLY)        = 3
open("/etc/hosts", O_RDONLY)            = 3
open("/lib64/libnss_dns.so.2", O_RDONLY) = 3

(note that I've removed references to ld.so.cache)

Aside from some minor differences in the order of reading config files, they
look strikingly similar.  Both link to libnss_files, then libnss_dns, which
I presume corresponds to this line in nsswitch.conf:

hosts: files dns

What I seem to observe is that both commands finish their search for a host
by invoking the methods in libnss_dns.  That leaves me where I started,
thinking "these should be finding their DNS info the same way but are
getting different results."

I read up on what could be in /etc/host.conf (mine is an empty file), and
none of the options described seemed like they would cause this by being
left to default, or remedy it by being set.

So, sadly, the penny has yet to drop...  I can haz another clue?

Thanks,
~Brian


-----Original Message-----
From: trilug-bounces at trilug.org [mailto:trilug-bounces at trilug.org] On Behalf
Of Aaron Joyner
Sent: Tuesday, August 27, 2013 10:18 AM
To: Triangle Linux Users Group General Discussion
Subject: Re: [TriLUG] How ssh et al resolves domain names...

As an exercise, try the following commands, and see what you can glean
about what those commands are doing:

strace host mirawall -c1 2>&1 | grep open
strace ping mirawall -c1 2>&1 | grep open

Some of the things that show up in the latter, that don't show up in the
former, will be of interest to you.

Please do write back and summarize what you learn,
Aaron S. Joyner






More information about the TriLUG mailing list