PUzzling sshd behaviour

Simon L. Nielsen simon at FreeBSD.org
Fri Sep 5 10:11:29 PDT 2003


On 2003.09.05 12:29:10 -0400, Dwayne MacKinnon wrote:
> Ted Faber wrote:
> >On Fri, Sep 05, 2003 at 12:04:04PM -0400, Dwayne MacKinnon wrote:
> >
> >>That much I know. I was just wondering why the daemon is trying DNS 
> >>lookup when the IP in question is listed in /etc/hosts. I thought 
> >>listings in /etc/hosts would supercede the need for a DNS lookup. Of 
> >>course, I could be wrong... it wouldn't be the first time. :-)
> >
> >
> >If you haven't you need to check out /etc/host.conf , the file that
> >configures the hostname lookup order (at least on 4.8).  
> >man 5 host.conf will tell you all about it.  If you have already
> >configured this, you might want to look again.  (man -k resolver should
> >help you find whatever it is on 5.x - I suspect it's nsswitch.)
> 
> My host.conf is a FreeBSD 4.8 default one: it lists hosts, then bind. 
> That's why I don't understand why it's doing DNS... there's a listing in 
> hosts, and according to host.conf the hosts listing should be found first.

Do you use Privilege Separation?  That can give interesting results with
DNS due to chroot into /var/empty...  see the mailing lists archives.

-- 
Simon L. Nielsen
FreeBSD Documentation Team
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20030905/7874e973/attachment.bin


More information about the freebsd-hackers mailing list