hesiod in RELENG_7 not working or poorly documented

Wed Jun 11 09:20:14 UTC 2008

Hi all.

I'm trying to setup a hesiod/kerberos based domain. Kerberos works just 
fine but as for hesiod I can't understand what I need to do to make it work.

Originally I have created a sample zone 'ns.local':

$TTL 86400      ; 1 day
@       IN SOA server.local. hostmaster.server.local. (
         2008061101 3600    900     2419200 3600    )
;       Serial     Refresh Retry   Expire  Minimum
         IN NS  server.local.
         IN MX  0 server.local.

test.passwd     TXT "test:*:2001:2001::0:0:Test user:/home/test:/bin/tcsh"
2001.uid        CNAME test.passwd

test.group      TXT "test:*:2001:"
2001.gid        CNAME test.group

And used this configuration file:

rhs = local
lhs = hs
classes = IN

The hesinfo works with no problems:

# hesinfo test passwd
test:*:2001:2001::0:0:Test user:/home/test:/bin/tcsh

However finger stands that user test is uknown:

I'm using the following nsswitch.conf:

#
# nsswitch.conf(5) - name service switch configuration file
# $FreeBSD: src/etc/nsswitch.conf,v 1.1 2006/05/03 15:14:47 ume Exp $
#
group: compat
group_compat: dns
hosts: files dns
networks: files
passwd: compat
passwd_compat: dns
shells: files
services: compat
services_compat: dns
protocols: files
rpc: files

And I do have the +::::... lines in /etc/passwd and /etc/group.

I've tried to debug the cause of the error and it reveals that hesinfo 
and finger makes different lookups:

hesinfo:
client 127.0.0.1#62846: view internal: query: 
test.passwd.hs.tandem.local IN TXT +

finger:
client 127.0.0.1#51278: view internal: query: 
passwd-0.passwd.hs.tandem.local IN TXT +

I've searched the net for 'passwd-0' cause and tried to make something 
for this to work, but all my efforts were futile.

Can anyone help me with hesiod configuration? Just a little sample of 
your working zone would be enough.

-- 
Sphinx of black quartz judge my vow.