Wow, incredibly cursed DNS/NSS quirk I have ran into. If a machines hostname is FQDN like I knew having your hostname as a FQDN was a bad idea, but this is a """interesing""" one, Reminds me of a previous run in with DNS Search Paths
test.com
and you do a lookup without some local cache involved like systemd-resolved. NSS rules will turn a query for whatever
into whatever.com
:# hostname
test.com
# cat /etc/resolv.conf
nameserver 192.168.181.1
# getent ahosts google
2a00:1450:4009:820::200e STREAM google.com
2a00:1450:4009:820::200e DGRAM
2a00:1450:4009:820::200e RAW
216.58.204.78 STREAM
216.58.204.78 DGRAM
216.58.204.78 RAW
# ping google
PING google(zzz) 56 data bytes
64 bytes from ...1e100.net (2a00:...): icmp_seq=1 ttl=116 time=7.40 ms
benjojo
replied 26 Oct 2024 16:05 +0000
in reply to: https://benjojo.co.uk/u/benjojo/h/6lV571tfs2F7Bfwvs5
If someone can explain the exact NSS mechanisms that are activating here (step by step) I would love to know, I've tried to understand so far and have failed
demize@unstable.syst..
replied 26 Oct 2024 16:09 +0000
in reply to: https://benjojo.co.uk/u/benjojo/h/mbD2s82JT3D52c19LT
@benjojo honestly it sounds to me like it's just inventing a search path out of thin air which didn't seem like that cursed behavior until I wrote it out
benjojo
reposted 26 Oct 2024 16:31 +0000
original: grawity@social.treehouse.systems
@benjojo Part of the glibc res_init() code where it reads the `domain` and `search` parameters from /etc/resolv.conf - if the configured search list ends up empty, it populates it with an entry based on the system hostname (chopping off the first part); search for domain_from_hostname() in resolv/res_init.c ...which works well enough for most systems when they have FQDN hostnames *under* a domain, as opposed to just the bare domain. So it's not a nsswitch feature as such; it's a feature of Glibc's libresolv which happens to be used by libnss_dns (and deliberately unimplemented by systemd-resolved's nsswitch module from what I remember). (to be honest, although I don't like putting FQDNs in the system hostname in general, it befuddles me in particular when people have just the bare domain as their server name. it's like, "Address: London" in a way)
tef@mastodon.social
replied 26 Oct 2024 16:11 +0000
in reply to: https://benjojo.co.uk/u/benjojo/h/6lV571tfs2F7Bfwvs5
fanf@mendeddrum.org
replied 27 Oct 2024 00:44 +0000
in reply to: https://benjojo.co.uk/u/benjojo/h/6lV571tfs2F7Bfwvs5
@benjojo huh, i’ve always believed that bare hostnames are dodgy because stuff that wants the fqdn has to talk to the dns and employ heuristics, so it’s more failure-prone i’ve always configured my machines with a full hostname and i’ve never encountered a problem nor heard of any advice against it