1 |
On Wed, Mar 10, 2021 at 9:44 AM Grant Taylor < |
2 |
gtaylor@×××××××××××××××××××××.net> wrote: |
3 |
> |
4 |
> On 3/10/21 6:27 AM, Mark Knecht wrote: |
5 |
> > Caveat - not an expert, just my meager understanding: |
6 |
> > |
7 |
> > 1) The name 'localhost' is historically for developers who want to |
8 |
> > access their own machine _without_ using DNS. |
9 |
> |
10 |
> Eh.... |
11 |
> |
12 |
> Using the /name/ "localhost" still uses name resolution. It could use |
13 |
> DNS or it may not. It /typically/ means the /etc/hosts file. But it |
14 |
> could mean DNS or NIS(+) or LDAP or something more esoteric. |
15 |
> |
16 |
|
17 |
OK, agreed, completely. localhost must be turned into an IP address. |
18 |
|
19 |
I guess what I was thinking was DNS means Server. If it's a Service |
20 |
then that's different. I think we're in agreement that if it can find the |
21 |
name in /etc/hosts, either actively or cached somewhere in memory, |
22 |
then it doesn't have to send anything over a cable to get the answer. |
23 |
|
24 |
And cable is too generic as I understand that DNS might be on this |
25 |
machine. |
26 |
|
27 |
Point taken. |
28 |
|
29 |
> IMHO what's special about the "localhost" name in particular is that |
30 |
> it's an agnostic / anycast method to say the local host that a given |
31 |
> program is running on without regard to what the actual host name is. |
32 |
> |
33 |
|
34 |
Agreed but I suspect if I don't have it in /etc/hosts then I'm unlikely |
35 |
to get results that make sense in real time, but that's case buy case. |
36 |
|
37 |
Again, completely agreed. |
38 |
|
39 |
> > 2) By general practice sometime in the deep, dark times 127.0.0.1 was |
40 |
> > accepted for this purpose. There's nothing special about the address. |
41 |
> |
42 |
> Deep, dark times? It's still used every single day across multiple |
43 |
> platforms, Linux, Unix, Windows, z/OS, i/OS, you name it. |
44 |
> |
45 |
|
46 |
<LOL> I'm approaching my 66th birthday. Deep dark times for me are |
47 |
almost certainly more recent dates than for you. ;-) |
48 |
|
49 |
> > 3) I read the original quoted comment in the Kerberos Guide as a warning |
50 |
> > - 'to make matters worse, __SOME__" |
51 |
> |
52 |
> What did the warning mean to you? Because I took it as "be careful, |
53 |
> your $OS /may/ do this incorrectly". Where "this" is putting the FQDN |
54 |
> on the same line as 127.0.0.1 and / or ::1. |
55 |
> |
56 |
|
57 |
I took it as simply a Kerberos setup/config warning. Whoever wrote that |
58 |
had an opinion, experience or both and wanted you to know that. I |
59 |
didn't read anything more into it. The author cannot change what |
60 |
"some distros" do but wants to give you a fighting chance to get |
61 |
Kerberos working in case you're using one. Makes no sense to mention |
62 |
a specific distro because the list probably changes over time. |
63 |
|
64 |
Basically "You'd be wise to look at your /etc/hosts file and fix this |
65 |
silly configuration error that some distros do before trying to |
66 |
setup Kerberos" |
67 |
|
68 |
<SNIP> |
69 |
|
70 |
> I'm grateful for corroboration, but unfortunately that doesn't speak to |
71 |
> why the Gentoo handbook suggests what it does. |
72 |
|
73 |
I'm not a sys admin nor a Gentoo developer or documenter so I cannot |
74 |
comment on the manual specifically. |
75 |
|
76 |
As I no longer run Gentoo - I haven't for about 3 years other than one |
77 |
remaining VM seldom used and seldom updated - I'm way out of |
78 |
touch with the actual manual but interested in the subject. |
79 |
|
80 |
Over and out. |
81 |
|
82 |
- Mark |