diff options
Diffstat (limited to 'man/man5/host.conf.5')
-rw-r--r-- | man/man5/host.conf.5 | 204 |
1 files changed, 204 insertions, 0 deletions
diff --git a/man/man5/host.conf.5 b/man/man5/host.conf.5 new file mode 100644 index 0000000..822ad49 --- /dev/null +++ b/man/man5/host.conf.5 @@ -0,0 +1,204 @@ +.\" Copyright (c) 1997 Martin Schulze (joey@infodrom.north.de) +.\" Much of the text is copied from the manpage of resolv+(8). +.\" +.\" SPDX-License-Identifier: GPL-2.0-or-later +.\" +.\" 2003-08-23 Martin Schulze <joey@infodrom.org> Updated according to glibc 2.3.2 +.TH host.conf 5 2024-05-02 "Linux man-pages (unreleased)" +.SH NAME +host.conf \- resolver configuration file +.SH DESCRIPTION +The file +.I /etc/host.conf +contains configuration information specific to the resolver library. +It should contain one configuration keyword per line, followed by +appropriate configuration information. +The following keywords are recognized: +.TP +.I trim +This keyword may be listed more than once. +Each time it should be +followed by a list of domains, separated by colons (\[aq]:\[aq]), semicolons +(\[aq];\[aq]) or commas (\[aq],\[aq]), with the leading dot. +When set, the +resolver library will automatically trim the given domain name from the +end of any hostname resolved via DNS. +This is intended for use with +local hosts and domains. +(Related note: +.I trim +will not affect hostnames gathered via NIS or the +.BR hosts (5) +file. +Care should be taken to +ensure that the first hostname for each entry in the hosts file is +fully qualified or unqualified, as appropriate for the local +installation.) +.TP +.I multi +Valid values are +.IR on " and " off . +If set to +.IR on , +the resolver library will return all valid addresses for a host that +appears in the +.I /etc/hosts +file, +instead of only the first. +This is +.I off +by default, as it may cause a substantial performance loss at sites +with large hosts files. +.TP +.I reorder +Valid values are +.IR on " and " off . +If set to +.IR on , +the resolver library +will attempt to reorder host addresses so that local addresses +(i.e., on the same subnet) are listed first when a +.BR gethostbyname (3) +is performed. +Reordering is done for all lookup methods. +The default value is +.IR off . +.SH ENVIRONMENT +The following environment variables can be used to allow users to +override the behavior which is configured in +.IR /etc/host.conf : +.TP +.B RESOLV_HOST_CONF +If set, this variable points to a file that should be read instead of +.IR /etc/host.conf . +.TP +.B RESOLV_MULTI +Overrides the +.I multi +command. +.TP +.B RESOLV_REORDER +Overrides the +.I reorder +command. +.TP +.B RESOLV_ADD_TRIM_DOMAINS +A list of domains, +separated by +colons (\[aq]:\[aq]), semicolons (\[aq];\[aq]), or commas (\[aq],\[aq]), +with the leading dot, +which will be added to the list of domains that should be trimmed. +.TP +.B RESOLV_OVERRIDE_TRIM_DOMAINS +A list of domains, +separated by +colons (\[aq]:\[aq]), semicolons (\[aq];\[aq]), or commas (\[aq],\[aq]), +with the leading dot, +which will replace the list of domains that should be trimmed. +Overrides the +.I trim +command. +.SH FILES +.TP +.I /etc/host.conf +Resolver configuration file +.TP +.I /etc/resolv.conf +Resolver configuration file +.TP +.I /etc/hosts +Local hosts database +.SH NOTES +The following differences exist compared to the original implementation. +A new command +.I spoof +and a new environment variable +.B RESOLV_SPOOF_CHECK +can take arguments like +.IR off ", " nowarn ", and " warn . +Line comments can appear anywhere and not only at the beginning of a line. +.SS Historical +The +.BR nsswitch.conf (5) +file is the modern way of controlling the order of host lookups. +.P +In glibc 2.4 and earlier, the following keyword is recognized: +.TP +.I order +This keyword specifies how host lookups are to be performed. +It should be followed by one or more lookup methods, separated by commas. +Valid methods are +.IR bind ", " hosts ", and " nis . +.TP +.B RESOLV_SERV_ORDER +Overrides the +.I order +command. +.P +.\" commit 7d68cdaa4f748e87ee921f587ee2d483db624b3d +Since glibc 2.0.7, and up through glibc 2.24, +the following keywords and environment variable +have been recognized but never implemented: +.TP +.I nospoof +Valid values are +.IR on " and " off . +If set to +.IR on , +the resolver library will attempt to prevent hostname spoofing to +enhance the security of +.BR rlogin " and " rsh . +It works as follows: after performing a host address lookup, +the resolver library will perform a hostname lookup for that address. +If the two hostnames +do not match, the query fails. +The default value is +.IR off . +.TP +.I spoofalert +Valid values are +.IR on " and " off . +If this option is set to +.I on +and the +.I nospoof +option is also set, +the resolver library will log a warning of the error via the +syslog facility. +The default value is +.IR off . +.TP +.I spoof +Valid values are +.IR off ", " nowarn ", and " warn . +If this option is set to +.IR off , +spoofed addresses are permitted and no warnings will be emitted +via the syslog facility. +If this option is set to +.IR warn , +the resolver library will attempt to prevent hostname spoofing to +enhance the security and log a warning of the error via the syslog +facility. +If this option is set to +.IR nowarn , +the resolver library will attempt to prevent hostname spoofing to +enhance the security but not emit warnings via the syslog facility. +Setting this option to anything else is equal to setting it to +.IR nowarn . +.TP +.B RESOLV_SPOOF_CHECK +Overrides the +.IR nospoof ", " spoofalert ", and " spoof +commands in the same way as the +.I spoof +command is parsed. +Valid values are +.IR off ", " nowarn ", and " warn . +.SH SEE ALSO +.BR gethostbyname (3), +.BR hosts (5), +.BR nsswitch.conf (5), +.BR resolv.conf (5), +.BR hostname (7), +.BR named (8) |