> On Nov 12, 2016, at 11:31 AM, Henrique de Moraes Holschuh <h...@debian.org> > wrote: > > But the whole thing really doesn't need any DNS servers *as long as* > everything you need is resolved statically by some module in > /etc/nsswitch.conf... such as the default "files" module, which reads > /etc/hosts.
> root@srv:~# cat /etc/nsswitch.conf > # /etc/nsswitch.conf > # > # Example configuration of GNU Name Service Switch functionality. > # If you have the `glibc-doc-reference' and `info' packages installed, try: > # `info libc "Name Service Switch"' for information about this file. > > passwd: compat > group: compat > shadow: compat > gshadow: files > > hosts: files dns > networks: files > > protocols: db files > services: db files > ethers: db files > rpc: db files > > netgroup: nis If I understand this, it looks at hosts first. With bind9 stopped, ping sso works and says it's pinging 216.17.203.66, srv.slsware.org. > At which point, it boils down to a complete enough, correct /etc/hosts > >> It does seem that /etc/hosts should work, though... > > It does work, provided that you have "files" first in the list of NSS > modules, and you have both the nodename and the FQDN in /etc/hosts for > the correct IPs and in the correct order. Otherwise, it depends. The nodename is another word for hostname, right? (I'd never heard that word before. Wikipedia said it just meant hostname.) /etc/hosts, as I said before: > root@srv:~# cat /etc/hosts > # /etc/hosts: This file describes a number of hostname-to-address > # > # This is to be sent to all hosts that need a hosts file > # (don't really know how yet...) > # > # Host Database > # localhost is used to configure the loopback interface > # sudo cp hosts /etc ; dist `pwd`/hosts /etc all hosts > # The following lines are desirable for IPv6 capable hosts > # when the system is booting. Do not change this entry. > # > ::1 ip6-localhost ip6-loopback > fe00::0 ip6-localnet > ff00::0 ip6-mcastprefix > ff02::1 ip6-allnodes > ff02::2 ip6-allrouters > ff02::3 ip6-allhosts > > 127.0.0.1 localhost localhost.localdomain lh lcl > > # pass I slsware.org -- all routable IPs; no NAT > 216.17.203.64 slsware.org > 216.17.203.65 out.slsware.org oso > 216.17.203.66 srv.slsware.org sso > 216.17.203.67 gobook.slsware.org gso gbo > 216.17.203.68 unused0.slsware.org u0so > 216.17.203.69 unused1.slsware.org u1so > 216.17.203.70 printer.slsware.org pso > 216.17.203.71 broadcast.slsware.org bso > > # misc ne'r-do-wells > 127.0.0.2 ad.doubleclick.net > 127.0.0.2 mmv.admob.com Here's the line: > 216.17.203.66 srv.slsware.org sso That's OK, right? hosts ought to work. But it doesn't -- not on this machine, not today. I've had the FQDN way down in hosts before, and hostname -f found it with no trouble. For many years, I had a CVS playpen to be sure exactly the same hosts file was on all my machines, and as far as I know, there was never a problem. Many years ago I wrote a big shell script to set up iptables (ipchains back then). It uses hostname -f to find out which machine it's on, and how the filter should be configured -- if that command fails, iptables won't be set up on the machine. It's a very important command here. If it gives the wrong answer, it'll be filter the wrong stuff. > The *installer* either asks the user for the FQDN and gets the nodename, > domain name and FQDN from that (and it *should* write them to /etc/hosts > and /etc/hostname appropriately), It always has, all of them. I use the curses netinst expert, and it's always worked flawlessly. This is the first time I've had trouble with the domain. I think I may need to do a little more investigation. Apparently, hosts is supposed to work... > or gets information from DHCP/DHCPv6 > and the DNS while autoconfiguring. I don't use DHCP or autoconfig, so that's never come up. I disabled bind, put the big hosts file (with slsware.org at the top) back, rebooted, and -f said srv.slsware.dmz. I removed all but one occurrence of 'srv' from the big hosts, rebooted, and -f was correct. I replaced the big hosts file. I retyped the srv...org line at the top if the file, rebooted, and -f said srv...dmz. I moved slsware.org to the bottom of the file, rebooted, and -f said srv...dmz. I removed the srv.slsware.dmz line, moved the slsware.org collection back to the top, rebooted, and -f said www...dmz. I give up. This is acting like I've never seen it -- there's never been a problem with hosts before. I have to have those alien FQDNs and aliases and IPs in there so I can SSH to them during the switchover. -- Glenn English