HPE Community
Operating System - HP-UX
1834465 Members
2989 Online
110067 Solutions
New Discussion

Re: nsswitch.conf behaviour at 11.X

 
Charles Keenan
Occasional Advisor

‎11-23-2002 05:41 AM

‎11-23-2002 05:41 AM

nsswitch.conf behaviour at 11.X

Hi all,
I am working with a colleague on a project for HP Customer Education. We have come across a "feature" in nsswitch.conf.

As documented(man nsswitch.conf) without an nsswitch.conf file the fallback policy "SHOULD" be
[SUCCESS=return NOTFOUND=continue UNAVAIL=continue TRYAGAIN=continue]

My test was thus ...
SETUP:
1) Fresh install of 11i with Spetember 2002 media kit including patches from Suppert+ CD.
2) Configure DNS ... OK no problems
3) Add entry to /etc/hosts which is specifically not in DNS database.(hostname=ckwkst)
4) NO /etc/nsswitch.conf

TEST:
1)
nslookup ckwkst
... no problems ...
root@hpeos001[/tmp] # nslookup ckwkst
Name Server: hpeos001.ca.hp.com
Address: 130.1.1.1

Trying DNS
Trying NIS
looking up FILES
Name: ckwkst
Address: 130.1.200.200
Aliases: ckpc

root@hpeos001[/tmp] #

2)
# ping ckwkst
ping: unknown host ckwkst

3)
# echo "hosts: dns files" > /etc/nsswitch.conf

# ping ckwkst

PING ckwkst: 64 byte packets
64 bytes from 130.1.200.200: icmp_seq=0. time=2. ms
64 bytes from 130.1.200.200: icmp_seq=1. time=0. ms

----ckwkst PING Statistics----
2 packets transmitted, 2 packets received, 0% packet loss round-trip (ms) min/avg/max = 0/1/2

... nslookup still works as expected ...

4) I noticed that nslookup uses the "__nsw_getconfig" routine ... I also found this in both libc.2 AND libnsl.1...
Which one is nslookup/ping using ???
root@hpeos001[/tmp] # rm /etc/nsswitch.conf
root@hpeos001[/tmp] # nslookup -swdebug
could not open /etc/nsswitch.conf
__nsw_getconfig: NO POLICY FILE
__nsw_getdefault: default hosts lookup policy
Default Name Server: hpeos001.ca.hp.com
Address: 130.1.1.1

>

!!! can't find __nsw_getdefault in any library but if you try a "nm /usr/lib/libc.2" AND "nm /usr/lib/libnsl.1" you will find entries in BOTH libraries ... a "chatr /usr/sbin/ping" and "chatr /usr/bin/nslookup" will yield the librares used in both progams.

QUESTION:
what is the default behaviour when nsswitch.conf DOES NOT exist ???
The behaviour "seems" to mimic 10.20 as per the behaviour of nsquery without a nsswitch.conf.
Wither the behaviour is inconsistent or the manuals are ... please shed loadsa light !!!


ochayethinoojimmy
0 Kudos
Reply
4 REPLIES 4
Jean-Louis Phelix
Honored Contributor

‎11-25-2002 12:20 AM

‎11-25-2002 12:20 AM

Re: nsswitch.conf behaviour at 11.X

Hi,

There ARE default behaviour when nsswitch.conf doesn't exist, but it depends on the libc your are linked with :

Read http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0x0f6dc1c4ceddd61190050090279cd0f9,00.html

I give you an extract ...

Regards.

On 10.20 it is RRCR (man 4 switch), after it is RCCC (man nsswitch.conf). A problem that I have seen is that if a system doesn't have any nsswitch.conf file, then the default policy is 'harcoded' in some functions. So, on the same system without a nsswitch.conf file, if a binary has been compiled with libc.1 (from 10.20) it will use RRCR, if it has been compiled with libc.2 (from 11.x) it will use RCCC. You can check it using chatr on the binary.

Don't think it's a minor detail because if you use chatr on /usr/sbin/swlist on a 11i for example, you will see libc.1 ...
It works for me (© Bill McNAMARA ...)
0 Kudos
Reply
Charles Keenan
Occasional Advisor

‎11-25-2002 04:09 AM

‎11-25-2002 04:09 AM

Re: nsswitch.conf behaviour at 11.X

Hi Harry/Jean-Louis

1)
chatr ping, ftp, telnet, rlogin, remsh, sendmail(all ARPA-Berkeley services!!!, nsquery
chatr /usr/bin/nslookup
... both using libc.2(11.X) ... supposedly ...

2) NO nsswitch.conf

3) DNS configured ...
4) entry in /etc/hosts not in DNS

Question1:
nslookup finds entry because of RCCC, this I can understand ... but all user programs(ping/telnet/etc) do not !!! Why is this ??? Should they be using RCCC or the "default" behaviour found in /etc/nsswitch.hp_defaults. If so surely the man page or nsswitch.conf is incorrect

Question2:
/etc/nsswitch.hp_defaults is surely wrong for passwd/group(compat) so can we trust it to be a "good" representation of a "default" behaviour ???
ochayethinoojimmy
0 Kudos
Reply
Charles Keenan
Occasional Advisor

‎11-25-2002 05:20 AM

‎11-25-2002 05:20 AM

Re: nsswitch.conf behaviour at 11.X

Found this on my 11i system in /usr/share/doc/11.00RelNotes ....

The new Name Service Switch in 10.30 is not compatible with the old switch in 10.20, and it remains incompatible in 11.0. Some compatibility is available by using the provided default configuration
file, /etc/nsswitch.hp_defaults, which initializes the switch to behave in a compatible manner. To obtain the default, you must copy the file /etc/nsswitch.hp_defaults to /etc/nsswitch.conf.

... so does this mean we can ignore nsswitch.hp_defaults as the pre-defined "default" behaviour when nsswitch.conf does not exist ??
ochayethinoojimmy
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.