W dniu 08.08.2014 o 15:32, Zbigniew Jędrzejewski-Szmek pisze: > On Fri, Aug 08, 2014 at 01:24:50PM +0200, Mateusz Jończyk wrote: > We discussed this recently [1]. The idea is that the hostname is > controlled by the dns admin. There's certain logic to this, and its > the way that things have always worked. > > OTOH, maybe a documentation patch explaining the situation would not > be bad. > > [1] > http://www.mail-archive.com/[email protected]/msg21345.html
Hello, Countering the Lennart's rargument: "2) is something where DNS configuration is usually preferable to though, since DNS generally is administrator controlled, who might have select one specific IP address to expose, rather than just all of the local ones, which might include local ones on internal or private interfaces. Also, for reverse resolution it is usually preferable to get an fqdn from DNS back instead of the exact string set with sethostname(). nss-myhostname in this regard is just the fallback for the cases where DNS information is incomplete or not available." Both issues could be solved by patching nss_myhostname: - some configuration file which specifies which IP addresses to expose for the local hostname, - reverse resolution may also be configurable, for example we could ask DNS only for the reverse resolution of local IP addresses (except for 127.0.0.1). We may alternatively just give two recommendations: - for personal desktops and laptops, where the DNS server is on the ISP network, myhostname should be first. - for servers and boxes on corporate, trusted networks (if such exist at all), when the above advantages matter and are more important then security, dns should be first. -- Greetings, Mateusz Jończyk AEI, Informatyka, Semestr 3 Magisterskich, BDiIS
signature.asc
Description: OpenPGP digital signature
_______________________________________________ systemd-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/systemd-devel
