| 1 |
On Wed, Mar 10, 2021 at 9:44 AM Grant Taylor < |
| 2 |
gtaylor@×××××××××××××××××××××.net> wrote: |
| 3 |
> |
| 4 |
> On 3/10/21 6:27 AM, Mark Knecht wrote: |
| 5 |
> > Caveat - not an expert, just my meager understanding: |
| 6 |
> > |
| 7 |
> > 1) The name 'localhost' is historically for developers who want to |
| 8 |
> > access their own machine _without_ using DNS. |
| 9 |
> |
| 10 |
> Eh.... |
| 11 |
> |
| 12 |
> Using the /name/ "localhost" still uses name resolution. It could use |
| 13 |
> DNS or it may not. It /typically/ means the /etc/hosts file. But it |
| 14 |
> could mean DNS or NIS(+) or LDAP or something more esoteric. |
| 15 |
> |
| 16 |
|
| 17 |
OK, agreed, completely. localhost must be turned into an IP address. |
| 18 |
|
| 19 |
I guess what I was thinking was DNS means Server. If it's a Service |
| 20 |
then that's different. I think we're in agreement that if it can find the |
| 21 |
name in /etc/hosts, either actively or cached somewhere in memory, |
| 22 |
then it doesn't have to send anything over a cable to get the answer. |
| 23 |
|
| 24 |
And cable is too generic as I understand that DNS might be on this |
| 25 |
machine. |
| 26 |
|
| 27 |
Point taken. |
| 28 |
|
| 29 |
> IMHO what's special about the "localhost" name in particular is that |
| 30 |
> it's an agnostic / anycast method to say the local host that a given |
| 31 |
> program is running on without regard to what the actual host name is. |
| 32 |
> |
| 33 |
|
| 34 |
Agreed but I suspect if I don't have it in /etc/hosts then I'm unlikely |
| 35 |
to get results that make sense in real time, but that's case buy case. |
| 36 |
|
| 37 |
Again, completely agreed. |
| 38 |
|
| 39 |
> > 2) By general practice sometime in the deep, dark times 127.0.0.1 was |
| 40 |
> > accepted for this purpose. There's nothing special about the address. |
| 41 |
> |
| 42 |
> Deep, dark times? It's still used every single day across multiple |
| 43 |
> platforms, Linux, Unix, Windows, z/OS, i/OS, you name it. |
| 44 |
> |
| 45 |
|
| 46 |
<LOL> I'm approaching my 66th birthday. Deep dark times for me are |
| 47 |
almost certainly more recent dates than for you. ;-) |
| 48 |
|
| 49 |
> > 3) I read the original quoted comment in the Kerberos Guide as a warning |
| 50 |
> > - 'to make matters worse, __SOME__" |
| 51 |
> |
| 52 |
> What did the warning mean to you? Because I took it as "be careful, |
| 53 |
> your $OS /may/ do this incorrectly". Where "this" is putting the FQDN |
| 54 |
> on the same line as 127.0.0.1 and / or ::1. |
| 55 |
> |
| 56 |
|
| 57 |
I took it as simply a Kerberos setup/config warning. Whoever wrote that |
| 58 |
had an opinion, experience or both and wanted you to know that. I |
| 59 |
didn't read anything more into it. The author cannot change what |
| 60 |
"some distros" do but wants to give you a fighting chance to get |
| 61 |
Kerberos working in case you're using one. Makes no sense to mention |
| 62 |
a specific distro because the list probably changes over time. |
| 63 |
|
| 64 |
Basically "You'd be wise to look at your /etc/hosts file and fix this |
| 65 |
silly configuration error that some distros do before trying to |
| 66 |
setup Kerberos" |
| 67 |
|
| 68 |
<SNIP> |
| 69 |
|
| 70 |
> I'm grateful for corroboration, but unfortunately that doesn't speak to |
| 71 |
> why the Gentoo handbook suggests what it does. |
| 72 |
|
| 73 |
I'm not a sys admin nor a Gentoo developer or documenter so I cannot |
| 74 |
comment on the manual specifically. |
| 75 |
|
| 76 |
As I no longer run Gentoo - I haven't for about 3 years other than one |
| 77 |
remaining VM seldom used and seldom updated - I'm way out of |
| 78 |
touch with the actual manual but interested in the subject. |
| 79 |
|
| 80 |
Over and out. |
| 81 |
|
| 82 |
- Mark |
Archives