Bug 472565 - authconfig --enablenis breaks DNS
authconfig --enablenis breaks DNS
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: authconfig (Show other bugs)
All Linux
medium Severity medium
: rc
: ---
Assigned To: Tomas Mraz
Depends On:
  Show dependency treegraph
Reported: 2008-11-21 14:16 EST by Konstantin Olchanski
Modified: 2008-11-24 15:09 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2008-11-24 15:09:12 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Konstantin Olchanski 2008-11-21 14:16:57 EST
authconfig-5.3.21-3.el5.x86_64 option "--enablenis" changes /etc/nsswitch.conf to read "hosts: files nis dns". Notice how by adding the "nis" entry, this configures DNS to query NIS before querying any name servers.

This behaviour is surprising. As a long time NIS user and administrator I have never ever used NIS to resolve DNS queries.

This actually happens to misbehave. I see programs stuck inside gethostbyname(), with gethostbyname() in turn being stuck trying to make NIS calls. (This is a no-bug - do not use NIS to do DNS!)

RHEL4 does not seem to have this problem. I see most of my SL4 machines read "hosts: files dns", so at least some older versions of authconfig did not have this problem.

Anyhow, I see no mention of any of this in authconfig documentation, authconfig rpm changelog or in Red Hat bugzilla.

To undo this unwanted change, run this sed script:

sed 's/^hosts:.*/hosts: files dns/' -i /etc/nsswitch.conf

Comment 1 Tomas Mraz 2008-11-24 15:09:12 EST
As far as I know this was always the case - even in the RHEL-4 authconfig that if you enable nis for user information it will add it to hosts: in nsswitch.conf. 

So this is no regression.

But in the 5.3 update of Red Hat Enterprise Linux, there will be a new enhancement of authconfig that it will support --enablepreferdns option which will make it to put dns just after files before any other services such as nis.

Note You need to log in before you can comment on or make changes to this bug.