Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 885903

Summary: sys-auth/nss-mdns: clarify how to append mdns* to hosts: line in /etc/nsswitch.conf
Product: Gentoo Linux Reporter: Pacho Ramos <pacho>
Component: Current packagesAssignee: Amy Liffey <amynka>
Status: RESOLVED FIXED    
Severity: normal CC: mgorny
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://wiki.archlinux.org/title/avahi#Hostname_resolution
Whiteboard:
Package list:
Runtime testing required: ---

Description Pacho Ramos gentoo-dev 2022-12-14 13:30:46 UTC 
Hello

Each time I get an updated to /etc/nsswitch.conf with glibc updates I wonder about how to re-add the mdns lines to the file, as with the updates, nsswitch.conf deviates more and more from the example shown by the ewarn messages.

When I look into the example line:
hosts:   files mdns4_minimal [NOTFOUND=return] dns mdns4

I wonder about:
- Should mdns* be placed in an exact order? Reading the header in the file, it seems the order is important but, Which order is desired? 

- What does the [NOTFOUND=return] do? Is that needed just after mdns4_minimal? 
For example, the line I need to touch has this by default (on a systemd setup):
hosts:      mymachines resolve [!UNAVAIL=return] files myhostname dns

That uses [!UNAVAIL=return] for resolve (if I understand it correctly)

Since I guess it is too difficult to make this more automatic (without an eselect module), I think it would be interesting to at least clarify a bit more the ewarn messages to ensure administrators are doing what they expect. Specially taking into account that nsswitch.conf can change and, then, it is important to understand how to modify if properly as they will need to do it "often". 

Thanks
Comment 1 Enne Eziarc 2022-12-15 03:00:50 UTC 
Hi. Having already spent a while researching this, I can offer what I know:

The example line comes from nss-mdns' README. It's explained in the surrounding text there, but not very clearly so here's the details - "mdns4_minimal" returns authoritative DNS results for all queries to .local (either A or NXDOMAIN) and soft failures otherwise. The "[NOTFOUND=return]" is explained in the nsswitch.conf(5) manpage; it causes nxdomain answers (within .local) to be returned to the caller immediately instead of falling through. Putting both parts before "dns" here matters as otherwise it'd be leaking .local queries to the remote DNS server.

Finally mdns4 tries mDNS lookups for *any* domain as a last resort, which seems ill-advised (it adds latency to failed lookups, potentially leaks failed DNS queries on the LAN when the DNS server's unreachable, and lets anyone who receives them forge responses). It's only ever useful if you use a deliberately weird network setup, imho the ebuild messages should just leave that part out.


As for systemd... I don't use it myself, but anyone who does can ignore nss-mdns entirely, it has its own mDNS support and there's a config setting for it in resolved.conf. Having both things enabled won't break anything per se, but is pretty useless.

Hope that clears things up.
Comment 2 Pacho Ramos gentoo-dev 2022-12-19 09:51:52 UTC 
Thanks a lot for the info 

I use systemd and I was having both ;)
Comment 3 Pacho Ramos gentoo-dev 2023-01-07 17:16:28 UTC 
(In reply to Pacho Ramos from comment #2)
> Thanks a lot for the info 
> 
> I use systemd and I was having both ;)

For systemd is still needed for .local printers to work. For now I see it is ok with appending mdns4_minimal [NOTFOUND=return] just before "resolve" 

All the other options I have tried seems to lead to printers not really working (they are discovered but, later, they don't print as cups cannot find them)
Comment 4 Larry the Git Cow gentoo-dev 2023-07-19 13:06:08 UTC 
The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8b7a3346b9f5a821d05d51f7ee878aeeac1d7d1d

commit 8b7a3346b9f5a821d05d51f7ee878aeeac1d7d1d
Author:     Pacho Ramos <pacho@gentoo.org>
AuthorDate: 2023-07-19 13:04:54 +0000
Commit:     Pacho Ramos <pacho@gentoo.org>
CommitDate: 2023-07-19 13:05:58 +0000

    sys-auth/nss-mdns: clarify how to append mdns to hosts line in nsswitch.conf
    
    Closes: https://bugs.gentoo.org/885903
    Signed-off-by: Pacho Ramos <pacho@gentoo.org>

 sys-auth/nss-mdns/nss-mdns-0.15.1.ebuild | 8 ++++----
 sys-auth/nss-mdns/nss-mdns-9999.ebuild   | 8 ++++----
 2 files changed, 8 insertions(+), 8 deletions(-)