On 01/25/2016 03:23 PM, Lennart Poettering wrote: > On Mon, 25.01.16 09:08, Florian Weimer (fweimer@xxxxxxxxxx) wrote: > >>> It is intended as a convenient fallback mechanism, and is only supposed >>> to have an effect if 'gateway' is not defined in the local DNS (the >>> 'domain' or 'search' zones). Would it help if those limitations were >>> more explicit, e.g. documented in nss-myhostname(8)? >> >> I understand that the goal is that nss_myhostname will not override >> existing names, due to the way the NSS is configured. >> >> What I do not understand is how the the “gateway” name can be >> useful. > > Here's a very obvious, trivial example: wherever I am I can now simply > type "ping gateway" to know whether connectivity to my local router > works. But that's not actually true, isn't it? If nss_myhostname doesn't override “gateway”, the outcome depends on the network you are on. With a captive portal, you are likely pinging the portal server, not the default gateway. And if you are on one of Microsoft's corporate networks, you might end up at gateway.microsoft.com (whatever this is). Because it's so unreliable, we cannot put this trick into documentation, and we shouldn't train users to rely on this functionality. >> As I tried to explain above, I'm not really worried about nss_myhostname >> overriding name resolution, but that software relies on the specific >> functionality of the “gateway” name provided by nss_myhostname, but >> *this* name is overridden by DNS (with a suitable search path) or >> nss_files, so that it no longer resolves to the expected address. > > Search lists are local configuration. Software which relies on > specific search paths to be configured will already break pretty much > everywhere... Right. If software (or documentation) uses “gateway” to mean “address of the default gateway”, it will break, depending on search path configuration and other network properties. I don't think this is what Fedora wants (and what you intended). Florian -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx http://lists.fedoraproject.org/admin/lists/devel@xxxxxxxxxxxxxxxxxxxxxxx
