Re: set domain name in Debian `
On 15/11/2016 15:45, Brian wrote: On Tue 15 Nov 2016 at 15:02:54 +, Joe wrote: That's fairly common, the exim4 default if enabled is to check that the HELO is resolvable at all, not that it matches anything specific. It's a few years since I last did it, but when I used telnet to talk to remote mail servers I used a well-known six character domain name as HELO to save typing, one to which I had no entitlement, and nothing ever complained. Are you sure that is the default? Not default, 'default if enabled'. HELO checking is initially turned off, if you just turn it on, it doesn't look for a specific match. There are systems which do look for a HELO which is related to the email itself, which I don't think is a good idea. -- Joe
Re: set domain name in Debian `
On Tue 15 Nov 2016 at 10:10:17 (-0500), Greg Wooledge wrote: > On Tue, Nov 15, 2016 at 02:59:14PM +, Brian wrote: > > On Tue 15 Nov 2016 at 09:18:33 -0500, Greg Wooledge wrote: > > > Second choice: > > > System mail name: > > > eeg.ccf.org > > > > Eighth choice: > > > Keep number of DNS-queries minimal? > > > No > > > > You didn't use "yes"? > > Of course not. Why would I do that? I'm not on dialup. I'm on a > corporate LAN where I run my own DNS nameservers. I hadn't appreciated that you're entirely desktop oriented. As for myself, there's no DNS service here, no dotty addresses at all as I have no domain name to call my own, here. Hence also no point in DNS-queries, but I can shut exim up by letting it make pointless lookups. I don't have a clue whether my router bothers to ask 8.8.8.8 for dotless requests. OTOH I own a domain name 3000 miles away which has no ISP-type connection with me at all; it's the destination for emails bound for me, so it's kind of important that exim rewrites that my emails come from its address. > > It would also happily send a string without dots as the HELO. > > Isn't that controlled by the "System mail name" option? As you can > see, mine is set to eeg.ccf.org. Whether this is something I typed > into exim config by hand long ago, or something that it picked up > by itself from /etc/resolv.conf, I can no longer remember. > > Either way, I would have made sure it was correct. Again, correct for me is no dots. As you can see from my headers, my email all goes out through alum (unless I'm on the road). > > Whether the remote server is happy is another matter. > > Indeed. A mail server should be properly configured, not just left as > "best guess from defaults". Well, I don't see how a smarthost can enforce a dotty address unless they issue you with a valid one. I can't put myself onto .cox.net unilaterally, so unless I use the nonce domain name that is constructed from the IP address (which could change at any time), I don't have a FQDN except alum. I assume Cox authenticate me by the physical wire I appear on. Maybe they even check the MAC of the modem, though I'm not forced to use theirs. When I'm on the road, I obviously use my own domain name for the smarthost, but then I have to use a different port and a password. Still no dotty HELO/EHLO though. Cheers, David.
Re: set domain name in Debian `
On Tue 15 Nov 2016 at 15:02:54 +, Joe wrote: > On 15/11/2016 14:10, Brian wrote: > >Exim wants to see a fqdn in the 127.0.1.1 line, written as specified in > >hosts(5): > > > > IP_address canonical_hostname [aliases...] > > > >The canonical_hostname is used for the HELO/EHLO. > > Default, can be overridden by the primary_hostname configuration, which can > be overridden again by helo_data in individual transports. > > My mail server's hostname does not exist in public DNS, like many small mail > servers it is behind NAT, not directly exposed to the Net. My public MX > hostname is not the same as the server's hostname. > > Also exim4 can handle mail for multiple domains, using a separate HELO for > each if required, and the per-transport setting allows even finer HELO > control if you have a use for that. I'm convinced it can all of these things but my needs are mostly accomodated by the setups described in the Debian documentation. > >With most large ISPs > >it is not taken much notice of but there are servers which (rightly or > >wrongly) would do a reverse lookup on wooledg and, getting a negative > >response, reject the mail. Basically, you will get away with the line > >you have when you use an understanding smarthost. I think Postfix > >could behave in the same way. > > > > That's fairly common, the exim4 default if enabled is to check that the HELO > is resolvable at all, not that it matches anything specific. It's a few > years since I last did it, but when I used telnet to talk to remote mail > servers I used a well-known six character domain name as HELO to save > typing, one to which I had no entitlement, and nothing ever complained. Are you sure that is the default? brian@desktop:~$ telnet localhost 25 Trying ::1... Connected to localhost. Escape character is '^]'. 220 desktop ESMTP Exim 4.84_2 Tue, 15 Nov 2016 15:38:31 + helo claptrap 250 desktop Hello localhost [::1] mail from:brian 501 brian: sender address must contain a domain mail from:brian@localhost 250 OK rcpt to:brian@desktop 250 Accepted -- Brian.
Re: set domain name in Debian `
On Tue 15 Nov 2016 at 10:10:17 -0500, Greg Wooledge wrote: > On Tue, Nov 15, 2016 at 02:59:14PM +, Brian wrote: > > On Tue 15 Nov 2016 at 09:18:33 -0500, Greg Wooledge wrote: > > > Second choice: > > > System mail name: > > > eeg.ccf.org > > > > Eighth choice: > > > Keep number of DNS-queries minimal? > > > No > > > > You didn't use "yes"? > > Of course not. Why would I do that? I'm not on dialup. I'm on a > corporate LAN where I run my own DNS nameservers. It was the point of David Wright's mail and wouldn't have hurt. Also, it may have indicated 'hostname -f' is not so "rubbish" after all. > > It would also happily send a string without dots as the HELO. > > Isn't that controlled by the "System mail name" option? As you can A common misconception, no. It is the domain name used to qualify mail addresses without a domain name. Mail to brian would get sent as br...@eeg.ccf.org. > see, mine is set to eeg.ccf.org. Whether this is something I typed > into exim config by hand long ago, or something that it picked up > by itself from /etc/resolv.conf, I can no longer remember. You typed it in. Unless another program had configured /etc/mailname already. /etc/resolv.conf doesn't come into it. > Either way, I would have made sure it was correct. > > > Whether the remote server is happy is another matter. > > Indeed. A mail server should be properly configured, not just left as > "best guess from defaults". A mail server which accepts an EHLO without dots in it *is* properly configured. -- Brian.
Re: set domain name in Debian `
On Tue, Nov 15, 2016 at 02:59:14PM +, Brian wrote: > On Tue 15 Nov 2016 at 09:18:33 -0500, Greg Wooledge wrote: > > Second choice: > > System mail name: > > eeg.ccf.org > > Eighth choice: > > Keep number of DNS-queries minimal? > > No > > You didn't use "yes"? Of course not. Why would I do that? I'm not on dialup. I'm on a corporate LAN where I run my own DNS nameservers. > It would also happily send a string without dots as the HELO. Isn't that controlled by the "System mail name" option? As you can see, mine is set to eeg.ccf.org. Whether this is something I typed into exim config by hand long ago, or something that it picked up by itself from /etc/resolv.conf, I can no longer remember. Either way, I would have made sure it was correct. > Whether the remote server is happy is another matter. Indeed. A mail server should be properly configured, not just left as "best guess from defaults".
Re: set domain name in Debian `
On 15/11/2016 14:10, Brian wrote: On Tue 15 Nov 2016 at 08:00:31 -0500, Greg Wooledge wrote: On Mon, Nov 14, 2016 at 04:29:35PM -0600, David Wright wrote: As your own hostname -f produces not dots, what approach do you use to shut exim up, or do you just ignore (or suppress) the message? I have (control over) a bunch of computers, and they're not all configured the same. The machine I believe you refer to is this one: wooledg@wooledg:~$ hostname wooledg wooledg@wooledg:~$ hostname -f wooledg This is a dual-boot Windows/Debian workstation on my desk at work. Here's the /etc/hosts: wooledg@wooledg:~$ cat /etc/hosts 127.0.0.1 localhost 127.0.1.1 wooledg Exim wants to see a fqdn in the 127.0.1.1 line, written as specified in hosts(5): IP_address canonical_hostname [aliases...] The canonical_hostname is used for the HELO/EHLO. Default, can be overridden by the primary_hostname configuration, which can be overridden again by helo_data in individual transports. My mail server's hostname does not exist in public DNS, like many small mail servers it is behind NAT, not directly exposed to the Net. My public MX hostname is not the same as the server's hostname. Also exim4 can handle mail for multiple domains, using a separate HELO for each if required, and the per-transport setting allows even finer HELO control if you have a use for that. With most large ISPs it is not taken much notice of but there are servers which (rightly or wrongly) would do a reverse lookup on wooledg and, getting a negative response, reject the mail. Basically, you will get away with the line you have when you use an understanding smarthost. I think Postfix could behave in the same way. That's fairly common, the exim4 default if enabled is to check that the HELO is resolvable at all, not that it matches anything specific. It's a few years since I last did it, but when I used telnet to talk to remote mail servers I used a well-known six character domain name as HELO to save typing, one to which I had no entitlement, and nothing ever complained. -- Joe
Re: set domain name in Debian `
On Tue 15 Nov 2016 at 09:18:33 -0500, Greg Wooledge wrote: > On Tue, Nov 15, 2016 at 02:10:14PM +, Brian wrote: > > With 'dpkg-reconfigure exim4-config' the message > > > > "Starting MTA:hostname --fqdn did not return a fully qualified name, > > dc_minimaldns will not work. Please fix your /etc/hosts setup." > > > > should appear if "yes" is chosen for the option. 'hostname -f' is useful > > for checking there is a sane hosts configuration for exim to use. > > Now you're scaring me. I'm afraid to run this thing to test your theory, > because it might cause my perfectly working configuration to break. > > Well, let's back up /etc/exim4 and try it Backing up update-exim4.conf.conf would have been sufficient. > wooledg@wooledg:~$ sudo tar czf /var/tmp/etc-exim4.tar.gz /etc/exim4 > [sudo] password for wooledg: > tar: Removing leading `/' from member names > wooledg@wooledg:~$ sudo dpkg-reconfigure exim4-config > [[ now it goes into dialog ]] > > First choice: > mail sent by smarthost; received via SMTP or fetchmail > > Second choice: > System mail name: > eeg.ccf.org > > Third choice: > IP-addresses to listen on...: > 127.0.0.1 ; ::1 > > Fourth choice: > Other destinations for which mail is accepted: > wooledg > > Fifth choice: > Machines to relay mail for: > (blank) > > Sixth choice: > IP address or host name of the outgoing smarthost: > gateway.eeg.ccf.org > > Seventh choice: > Hide local mail name in outgoing mail? > No > > Eighth choice: > Keep number of DNS-queries minimal? > No You didn't use "yes"? > Ninth choice: > Delivery method for local mail: > Maildir format in home directory > > Tenth choice: > Split configuration into small files? > No > > Voila. No need for hostname -f to return a string with dots. Exim > was perfectly content with what I've been doing for years. It would be if "Keep number of DNS-queries minimal?" was "No". It would also happily send a string without dots as the HELO. Whether the remote server is happy is another matter. -- This reply is the second one I've sent to your mail. The first was sent after removing canonical_hostname from /etc/hostame. 'hostname -f' said "desktop". The first mail was rejected by ldo: debian-user@lists.debian.org SMTP error from remote mail server after RCPT TO:: host bendel.debian.org [82.195.75.100]: 504 5.5.2 : Helo command rejected: need fully-qualified hostname A quick check with the useful command 'hostname -f' revealed the problem. -- Brian.
Re: set domain name in Debian `
On Tue, Nov 15, 2016 at 02:10:14PM +, Brian wrote: > With 'dpkg-reconfigure exim4-config' the message > > "Starting MTA:hostname --fqdn did not return a fully qualified name, > dc_minimaldns will not work. Please fix your /etc/hosts setup." > > should appear if "yes" is chosen for the option. 'hostname -f' is useful > for checking there is a sane hosts configuration for exim to use. Now you're scaring me. I'm afraid to run this thing to test your theory, because it might cause my perfectly working configuration to break. Well, let's back up /etc/exim4 and try it wooledg@wooledg:~$ sudo tar czf /var/tmp/etc-exim4.tar.gz /etc/exim4 [sudo] password for wooledg: tar: Removing leading `/' from member names wooledg@wooledg:~$ sudo dpkg-reconfigure exim4-config [[ now it goes into dialog ]] First choice: mail sent by smarthost; received via SMTP or fetchmail Second choice: System mail name: eeg.ccf.org Third choice: IP-addresses to listen on...: 127.0.0.1 ; ::1 Fourth choice: Other destinations for which mail is accepted: wooledg Fifth choice: Machines to relay mail for: (blank) Sixth choice: IP address or host name of the outgoing smarthost: gateway.eeg.ccf.org Seventh choice: Hide local mail name in outgoing mail? No Eighth choice: Keep number of DNS-queries minimal? No Ninth choice: Delivery method for local mail: Maildir format in home directory Tenth choice: Split configuration into small files? No Voila. No need for hostname -f to return a string with dots. Exim was perfectly content with what I've been doing for years.
Re: set domain name in Debian `
On Tue 15 Nov 2016 at 08:00:31 -0500, Greg Wooledge wrote: > On Mon, Nov 14, 2016 at 04:29:35PM -0600, David Wright wrote: > > As your own hostname -f produces not dots, what approach do you > > use to shut exim up, or do you just ignore (or suppress) the message? > > I have (control over) a bunch of computers, and they're not all configured > the same. The machine I believe you refer to is this one: > > wooledg@wooledg:~$ hostname > wooledg > wooledg@wooledg:~$ hostname -f > wooledg > > This is a dual-boot Windows/Debian workstation on my desk at work. > > Here's the /etc/hosts: > > wooledg@wooledg:~$ cat /etc/hosts > 127.0.0.1 localhost > 127.0.1.1 wooledg Exim wants to see a fqdn in the 127.0.1.1 line, written as specified in hosts(5): IP_address canonical_hostname [aliases...] The canonical_hostname is used for the HELO/EHLO. With most large ISPs it is not taken much notice of but there are servers which (rightly or wrongly) would do a reverse lookup on wooledg and, getting a negative response, reject the mail. Basically, you will get away with the line you have when you use an understanding smarthost. I think Postfix could behave in the same way. > # The following lines are desirable for IPv6 capable hosts > ::1 localhost ip6-localhost ip6-loopback > ff02::1 ip6-allnodes > ff02::2 ip6-allrouters > > The hostname is defined in DNS (originally I just let it have a dynamic > IP address and dealt with that, but later I arranged for it to have > a non-changing IP address, for reasons beyond the scope of this email; > but in all cases, DNS always had a working "A" record). > > It looks like this one is running exim: > > wooledg@wooledg:~$ ps -ef | grep exim > Debian-+ 949 1 0 Nov14 ?00:00:00 /usr/sbin/exim4 -bd -q30m > wooledg 10865 2007 0 07:53 pts/400:00:00 grep exim > > I never saw any errors like the one you showed, perhaps because exim > used my default search domain (from /etc/resolv.conf) and found a sane > DNS configuration, or perhaps because this machine is in a very simple > "send to smarthost only" mode. I don't really know exim very well. With 'dpkg-reconfigure exim4-config' the message "Starting MTA:hostname --fqdn did not return a fully qualified name, dc_minimaldns will not work. Please fix your /etc/hosts setup." should appear if "yes" is chosen for the option. 'hostname -f' is useful for checking there is a sane hosts configuration for exim to use. -- Brian.
Re: set domain name in Debian `
On Mon, Nov 14, 2016 at 04:29:35PM -0600, David Wright wrote: > As your own hostname -f produces not dots, what approach do you > use to shut exim up, or do you just ignore (or suppress) the message? I have (control over) a bunch of computers, and they're not all configured the same. The machine I believe you refer to is this one: wooledg@wooledg:~$ hostname wooledg wooledg@wooledg:~$ hostname -f wooledg This is a dual-boot Windows/Debian workstation on my desk at work. Here's the /etc/hosts: wooledg@wooledg:~$ cat /etc/hosts 127.0.0.1 localhost 127.0.1.1 wooledg # The following lines are desirable for IPv6 capable hosts ::1 localhost ip6-localhost ip6-loopback ff02::1 ip6-allnodes ff02::2 ip6-allrouters The hostname is defined in DNS (originally I just let it have a dynamic IP address and dealt with that, but later I arranged for it to have a non-changing IP address, for reasons beyond the scope of this email; but in all cases, DNS always had a working "A" record). It looks like this one is running exim: wooledg@wooledg:~$ ps -ef | grep exim Debian-+ 949 1 0 Nov14 ?00:00:00 /usr/sbin/exim4 -bd -q30m wooledg 10865 2007 0 07:53 pts/400:00:00 grep exim I never saw any errors like the one you showed, perhaps because exim used my default search domain (from /etc/resolv.conf) and found a sane DNS configuration, or perhaps because this machine is in a very simple "send to smarthost only" mode. I don't really know exim very well. I have other systems that run qmail (locally installed), and even one that runs sendmail (part of the hosting provider's original image, and I never bothered to replace it). The only major MTA with which I have absolutely no experience at all is postfix.
Re: set domain name in Debian `
On Mon 14 Nov 2016 at 08:27:06 (-0500), Greg Wooledge wrote: > [...] So when you do your "hostname -f" > (which I still contend is a rubbish command which serves no useful > purpose, but it's what you seem to want, so I'll roll with it), it > looks up "srv" in this file as a whole word/field, and finds this line > as the first match. > > Therefore hostname -f writes "www.slsware.dmz" to stdout. You asked earlier how we might even know about hostname -f and the obvious answer is because exim emits: "Starting MTA:hostname --fqdn did not return a fully qualified name, dc_minimaldns will not work. Please fix your /etc/hosts setup." if you have no domain name, but have dc_minimaldns='true' in /etc/exim4/update-exim4.conf.conf As your own hostname -f produces not dots, what approach do you use to shut exim up, or do you just ignore (or suppress) the message? Cheers, David.
Re: set domain name in Debian `
> On Nov 14, 2016, at 6:27 AM, Greg Wooledgewrote: > > On Sat, Nov 12, 2016 at 08:50:46AM -0700, Glenn English wrote: >>> On Nov 12, 2016, at 3:25 AM, Andy Smith wrote: >>> I am 95% confident that the reason that Glenn's system thinks the >>> FQDN is "www.slsware.dmz" is because the first instance of "srv" in >>> the /etc/hosts is: >>> > 192.168.2.203 www.slsware.dmz wsd srv Who'da thunk it -- it's looking at the aliases in hosts, and grabbing the first one where the alias matches the hostname. If it sees any. I thought it was looking at IPs. But the way I had it set up, it wouldn't have worked that way either. DNS wouldn't have worked either, if it's doing a reverse lookup. Not with this ghastly IP net I'm setting up -- there are several services on one server, so FTP and WWW both have the same IP. It would just do the first one, I suspect. I rebooted with a perfectly good and unique IP and FQDN and an alias that didn't match the hostname, and it came up with an empty domain. I put in an alias (unique) the same as the hostname, and there was the domain. I didn't even have to reboot (Jessie, if it matters). Thanks very much to all. This has been an educational experience. I guess I've been lucky with positioning for these 15 years. I'm not going to toss hosts, though. I need to be able to move around the nets when DNS is down (or misconfigured). I'm just going to be a little bit more careful... -- Glenn English
Re: set domain name in Debian `
On Sat, Nov 12, 2016 at 08:50:46AM -0700, Glenn English wrote: > > On Nov 12, 2016, at 3:25 AM, Andy Smithwrote: > > I am 95% confident that the reason that Glenn's system thinks the > > FQDN is "www.slsware.dmz" is because the first instance of "srv" in > > the /etc/hosts is: > > > >>> 192.168.2.203 www.slsware.dmz wsd srv > But that isn't the first; it's the fourth. A grep of the hosts file: Andy is correct. The line that Andy cited is the first instance of the name "srv" as a SEPARATE WORD all unto itself. > > root@srv:~# egrep srv /etc/hosts > > 127.0.0.1 srv.slsware.org Does not contain "srv" as a whole word. > > 216.17.203.66 srv.slsware.org sso Does not contain "srv" as a whole word. > > # 192.168.2.203 srv.slsware.dmz srv Is a comment. Ignored. > > 192.168.2.203 www.slsware.dmz wsd srv THIS one contains srv as a whole word. So when you do your "hostname -f" (which I still contend is a rubbish command which serves no useful purpose, but it's what you seem to want, so I'll roll with it), it looks up "srv" in this file as a whole word/field, and finds this line as the first match. Therefore hostname -f writes "www.slsware.dmz" to stdout. > > 192.168.2.203 mail.slsware.dmzmsd srv > > 192.168.2.203 ntp.slsware.dmz ntp srv > > 192.168.2.203 ns1.slsware.dmz ns1dns1 srv This is just nonsense. You've got the whole word "srv" in the file multiple times. But it can't resolve to multiple FQDNs using the "hostname -f" resolution mechanism, which only returns the first match. The "srv" on these lines is just noise. I concur with the previous advice to stop using /etc/hosts for this configuration, and move everything into DNS. Here's my entire /etc/hosts file from my Internet-facing VPS (originally imaged by the VPS provider as squeeze, which I have upgraded to wheezy): greg@remote:~$ cat /etc/hosts fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters 127.0.0.1 localhost.localdomain localhost # Auto-generated hostname. Please do not remove this comment. 199.231.184.176 remote.wooledge.org remote ::1 localhost ip6-localhost ip6-loopback This machine acts as a web server for "wooledge.org" and "mywiki.wooledge.org" and yet neither of those names appears in /etc/hosts. Why should they? They are only meaningful to the web server. They are defined in DNS.
Re: set domain name in Debian `
> On Nov 12, 2016, at 11:31 AM, Henrique de Moraes Holschuh> wrote: > > But the whole thing really doesn't need any DNS servers *as long as* > everything you need is resolved statically by some module in > /etc/nsswitch.conf... such as the default "files" module, which reads > /etc/hosts. > root@srv:~# cat /etc/nsswitch.conf > # /etc/nsswitch.conf > # > # Example configuration of GNU Name Service Switch functionality. > # If you have the `glibc-doc-reference' and `info' packages installed, try: > # `info libc "Name Service Switch"' for information about this file. > > passwd: compat > group: compat > shadow: compat > gshadow:files > > hosts:files dns > networks: files > > protocols: db files > services: db files > ethers: db files > rpc:db files > > netgroup: nis If I understand this, it looks at hosts first. With bind9 stopped, ping sso works and says it's pinging 216.17.203.66, srv.slsware.org. > At which point, it boils down to a complete enough, correct /etc/hosts > >> It does seem that /etc/hosts should work, though... > > It does work, provided that you have "files" first in the list of NSS > modules, and you have both the nodename and the FQDN in /etc/hosts for > the correct IPs and in the correct order. Otherwise, it depends. The nodename is another word for hostname, right? (I'd never heard that word before. Wikipedia said it just meant hostname.) /etc/hosts, as I said before: > root@srv:~# cat /etc/hosts > # /etc/hosts: This file describes a number of hostname-to-address > # > # This is to be sent to all hosts that need a hosts file > # (don't really know how yet...) > # > # Host Database > # localhost is used to configure the loopback interface > # sudo cp hosts /etc ; dist `pwd`/hosts /etc all hosts > # The following lines are desirable for IPv6 capable hosts > # when the system is booting. Do not change this entry. > # > ::1 ip6-localhost ip6-loopback > fe00::0 ip6-localnet > ff00::0 ip6-mcastprefix > ff02::1 ip6-allnodes > ff02::2 ip6-allrouters > ff02::3 ip6-allhosts > > 127.0.0.1 localhost localhost.localdomain lh lcl > > # pass I slsware.org -- all routable IPs; no NAT > 216.17.203.64 slsware.org > 216.17.203.65 out.slsware.org oso > 216.17.203.66 srv.slsware.org sso > 216.17.203.67 gobook.slsware.org gso gbo > 216.17.203.68 unused0.slsware.org u0so > 216.17.203.69 unused1.slsware.org u1so > 216.17.203.70 printer.slsware.org pso > 216.17.203.71 broadcast.slsware.org bso > > # misc ne'r-do-wells > 127.0.0.2 ad.doubleclick.net > 127.0.0.2 mmv.admob.com Here's the line: > 216.17.203.66 srv.slsware.org sso That's OK, right? hosts ought to work. But it doesn't -- not on this machine, not today. I've had the FQDN way down in hosts before, and hostname -f found it with no trouble. For many years, I had a CVS playpen to be sure exactly the same hosts file was on all my machines, and as far as I know, there was never a problem. Many years ago I wrote a big shell script to set up iptables (ipchains back then). It uses hostname -f to find out which machine it's on, and how the filter should be configured -- if that command fails, iptables won't be set up on the machine. It's a very important command here. If it gives the wrong answer, it'll be filter the wrong stuff. > The *installer* either asks the user for the FQDN and gets the nodename, > domain name and FQDN from that (and it *should* write them to /etc/hosts > and /etc/hostname appropriately), It always has, all of them. I use the curses netinst expert, and it's always worked flawlessly. This is the first time I've had trouble with the domain. I think I may need to do a little more investigation. Apparently, hosts is supposed to work... > or gets information from DHCP/DHCPv6 > and the DNS while autoconfiguring. I don't use DHCP or autoconfig, so that's never come up. I disabled bind, put the big hosts file (with slsware.org at the top) back, rebooted, and -f said srv.slsware.dmz. I removed all but one occurrence of 'srv' from the big hosts, rebooted, and -f was correct. I replaced the big hosts file. I retyped the srv...org line at the top if the file, rebooted, and -f said srv...dmz. I moved slsware.org to the bottom of the file, rebooted, and -f said srv...dmz. I removed the srv.slsware.dmz line, moved the slsware.org collection back to the top, rebooted, and -f said www...dmz. I give up. This is acting like I've never seen it -- there's never been a problem with hosts before. I have to have those alien FQDNs and aliases and IPs in there so I can SSH to them during the switchover. -- Glenn English
Re: set domain name in Debian `
> On Nov 12, 2016, at 11:17 AM, sunr...@mailbug.com wrote: > > > Hi Glenn, > > > On Sat, 12 Nov 2016 08:50:46 -0700 > Glenn Englishwrote: > > ... >>> 216.17.203.65 out.slsware.org oso >>> 216.17.203.66 srv.slsware.org sso > > This might be your problem?? ^ > I suspect the above line should be: > > 216.17.203.66 srv.slsware.org srv > > with the last field matching the hostname. Don't think so. sso stands for srv.slsware.org. I've been making aliases like that for years. The problem was fixed by futzing with DNZ and resolv.conf. But it's not a good solution if you're trying to understand how Debian really works. -- Glenn English -- Glenn English Did you just click Reply? If so, change the send address from gmail to g...@slsware.net
Re: set domain name in Debian `
Hi Glenn, On Sat, 12 Nov 2016 08:50:46 -0700 Glenn Englishwrote: ... > >It never occurred to me that something might be looking at aliases; I thought >the IP >address was the important thing. And the srv...dmz entry is commented out >because I >thought it might somehow be used. > >I'll remove all mentions of srv (and lots of others to make it shorter) and >see. > >The hosts file is now: > >> root@srv:~# cat /etc/hosts >> # /etc/hosts: This file describes a number of hostname-to-address >> # >> # This is to be sent to all hosts that need a hosts file >> #(don't really know how yet...) >> # >> # Host Database >> # localhost is used to configure the loopback interface >> # sudo cp hosts /etc ; dist `pwd`/hosts /etc all hosts >> # The following lines are desirable for IPv6 capable hosts >> # when the system is booting. Do not change this entry. >> # >> ::1 ip6-localhost ip6-loopback >> fe00::0 ip6-localnet >> ff00::0 ip6-mcastprefix >> ff02::1 ip6-allnodes >> ff02::2 ip6-allrouters >> ff02::3 ip6-allhosts >> >> 127.0.0.1localhost localhost.localdomain lh lcl >> >> # pass I slsware.org -- all routable IPs; no NAT >> 216.17.203.64slsware.org >> 216.17.203.65out.slsware.org oso >> 216.17.203.66srv.slsware.org sso This might be your problem?? ^ I suspect the above line should be: 216.17.203.66 srv.slsware.org srv with the last field matching the hostname. -Jason >> 216.17.203.67gobook.slsware.org gso gbo >> 216.17.203.68unused0.slsware.org u0so >> 216.17.203.69unused1.slsware.org u1so >> 216.17.203.70printer.slsware.org pso >> 216.17.203.71broadcast.slsware.org bso >> >> # misc ne'r-do-wells >> 127.0.0.2 ad.doubleclick.net >> 127.0.0.2 mmv.admob.com > >The *only* mention of srv is with the right domain and the right IP. > >After a reboot: > >> root@srv:~# hostname >> srv >> root@srv:~# hostname -f >> hostname: Name or service not known > >And just in case it's the IP: > >> root@srv:~# ifconfig >> eth0 Link encap:Ethernet HWaddr 00:25:90:d5:16:34 >> inet addr:216.17.203.66 Bcast:216.17.203.71 Mask:255.255.255.248 >> inet6 addr: fe80::225:90ff:fed5:1634/64 Scope:Link >> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 >> RX packets:459 errors:0 dropped:0 overruns:0 frame:0 >> TX packets:470 errors:0 dropped:0 overruns:0 carrier:0 >> collisions:0 txqueuelen:1000 >> RX bytes:47597 (46.4 KiB) TX bytes:49637 (48.4 KiB) >> Interrupt:16 Memory:fbce-fbd0 >> >> eth1 Link encap:Ethernet HWaddr 00:25:90:d5:16:35 >> inet addr:192.168.3.66 Bcast:192.168.3.255 Mask:255.255.255.0 >> UP BROADCAST MULTICAST MTU:1500 Metric:1 >> RX packets:0 errors:0 dropped:0 overruns:0 frame:0 >> TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 >> collisions:0 txqueuelen:1000 >> RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) >> Interrupt:17 Memory:fbde-fbe0 >> >> loLink encap:Local Loopback >> inet addr:127.0.0.1 Mask:255.0.0.0 >> inet6 addr: ::1/128 Scope:Host >> UP LOOPBACK RUNNING MTU:65536 Metric:1 >> RX packets:68 errors:0 dropped:0 overruns:0 frame:0 >> TX packets:68 errors:0 dropped:0 overruns:0 carrier:0 >> collisions:0 txqueuelen:0 >> RX bytes:17189 (16.7 KiB) TX bytes:17189 (16.7 KiB) > >And: > >> root@srv:~# cat /proc/sys/kernel/domainname >> (none) > >It doesn't give the www answer anymore; it must have been doing something >(odd) with >hosts. But now it claims it can't find anything. > >> "hostname" returns what is in /etc/hostname (unless changed agfter >> system startup). >> >> "hostname -f" returns the part up to the first dot from whatever is >> returned by resolving "hostname" against /etc/hosts. > >The 2 dots after resolving hostname, maybe? That does sound very reasonable, >but it >doesn't seem to be working. And how does /proc get a domainname. >
Re: set domain name in Debian `
On Sat, 12 Nov 2016, Glenn English wrote: > Thanks all. It's been quite a ride. Now everybody write it down: it > has nothing to do with what's in /etc/hosts or /etc/resolv.conf. There > has to be a live, accessible DNS server for the domain somewhere. At > least at slsware.org there does. Maybe for the install. But the whole thing really doesn't need any DNS servers *as long as* everything you need is resolved statically by some module in /etc/nsswitch.conf... such as the default "files" module, which reads /etc/hosts. At which point, it boils down to a complete enough, correct /etc/hosts > It does seem that /etc/hosts should work, though... It does work, provided that you have "files" first in the list of NSS modules, and you have both the nodename and the FQDN in /etc/hosts for the correct IPs and in the correct order. Otherwise, it depends. > No, I take it back. I don't think DNS is the whole story. It worked in > this case, but how does the installer get a domainname? The *installer* either asks the user for the FQDN and gets the nodename, domain name and FQDN from that (and it *should* write them to /etc/hosts and /etc/hostname appropriately), or gets information from DHCP/DHCPv6 and the DNS while autoconfiguring. Now, *what* the DHCP/DHCPv6 and DNS will answer, well, that's up to your local network. -- Henrique Holschuh
Re: set domain name in Debian `
> On Nov 12, 2016, at 8:46 AM, Henrique de Moraes Holschuh> wrote: > > hostname -f does this: > > 1. Asks glibc for the hostname, using gethostname(). > > 2. Does an IP lookup on the hostname, using getaddrinfo() and the > hostname it got from gethostname(), and returns the result from > getaddrinfo(). > > Since it uses glibc for the host name lookup, it is subject to the glibc > name resolver, which is configured through /etc/nsswitch.conf. > > Now, gethostname() works like this [in glibc]: it calls the uname() > syscall, and uses the node name returned. I.e. it looks up the > *hostname* the kernel was set to. > > So, glibc's gethostname() will match the output of "uname -n". This > information was set on the kernel by either systemd, or by the > initscripts. > > Initscripts use /etc/hostname to set this information. I am not well > versed on how exactly systemd persists this information, but it likely > uses /etc/hostname as well. Bingo! I had a feeling it was convoluted. > root@srv:~# host srv.slsware.org > srv.slsware.org has address 216.17.203.66 > root@srv:~# hostname > srv > root@srv:~# hostname -f > srv.slsware.org > root@srv:~# hostname -d > slsware.org I edited /etc/resolv.conf to point the nameserver at the host's IP instead of pointing at localhost (this host is the (temporary) DNS server for the .org domain). Now all is well. Except for /proc, which I'll ignore in the future. Just why the IP worked and 'localhost' didn't is another question -- I assume it has something to do with machinations in glibc. I'm not afraid of C, but things are working and I've got more interesting things to do today. Thanks all. It's been quite a ride. Now everybody write it down: it has nothing to do with what's in /etc/hosts or /etc/resolv.conf. There has to be a live, accessible DNS server for the domain somewhere. At least at slsware.org there does. What idiot designed that? It does seem that /etc/hosts should work, though... No, I take it back. I don't think DNS is the whole story. It worked in this case, but how does the installer get a domainname? -- Glenn English
Re: set domain name in Debian `
> On Nov 12, 2016, at 3:25 AM, Andy Smithwrote: > > The system thinks Glenn's domain name is "slsware.dmz". Glenn wants it > to be "slsware.org" (I think). Correct. > Glenn has set the host name to be "srv". Correct. > I am 95% confident that the reason that Glenn's system thinks the > FQDN is "www.slsware.dmz" is because the first instance of "srv" in > the /etc/hosts is: > >>> 192.168.2.203 www.slsware.dmz wsd srv But that isn't the first; it's the fourth. A grep of the hosts file: > root@srv:~# egrep srv /etc/hosts > 127.0.0.1 srv.slsware.org > 216.17.203.66 srv.slsware.org sso > # 192.168.2.203 srv.slsware.dmz srv > 192.168.2.203 www.slsware.dmz wsd srv > 192.168.2.203 mail.slsware.dmzmsd srv > 192.168.2.203 ntp.slsware.dmz ntp srv > 192.168.2.203 ns1.slsware.dmz ns1dns1 srv > 216.17.134.203srv.slsware.net ssn The first mentions of srv are at the top, both with IPs that could have been used to grab the correct domain. It never occurred to me that something might be looking at aliases; I thought the IP address was the important thing. And the srv...dmz entry is commented out because I thought it might somehow be used. I'll remove all mentions of srv (and lots of others to make it shorter) and see. The hosts file is now: > root@srv:~# cat /etc/hosts > # /etc/hosts: This file describes a number of hostname-to-address > # > # This is to be sent to all hosts that need a hosts file > # (don't really know how yet...) > # > # Host Database > # localhost is used to configure the loopback interface > # sudo cp hosts /etc ; dist `pwd`/hosts /etc all hosts > # The following lines are desirable for IPv6 capable hosts > # when the system is booting. Do not change this entry. > # > ::1 ip6-localhost ip6-loopback > fe00::0 ip6-localnet > ff00::0 ip6-mcastprefix > ff02::1 ip6-allnodes > ff02::2 ip6-allrouters > ff02::3 ip6-allhosts > > 127.0.0.1 localhost localhost.localdomain lh lcl > > # pass I slsware.org -- all routable IPs; no NAT > 216.17.203.64 slsware.org > 216.17.203.65 out.slsware.org oso > 216.17.203.66 srv.slsware.org sso > 216.17.203.67 gobook.slsware.org gso gbo > 216.17.203.68 unused0.slsware.org u0so > 216.17.203.69 unused1.slsware.org u1so > 216.17.203.70 printer.slsware.org pso > 216.17.203.71 broadcast.slsware.org bso > > # misc ne'r-do-wells > 127.0.0.2 ad.doubleclick.net > 127.0.0.2 mmv.admob.com The *only* mention of srv is with the right domain and the right IP. After a reboot: > root@srv:~# hostname > srv > root@srv:~# hostname -f > hostname: Name or service not known And just in case it's the IP: > root@srv:~# ifconfig > eth0 Link encap:Ethernet HWaddr 00:25:90:d5:16:34 > inet addr:216.17.203.66 Bcast:216.17.203.71 Mask:255.255.255.248 > inet6 addr: fe80::225:90ff:fed5:1634/64 Scope:Link > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > RX packets:459 errors:0 dropped:0 overruns:0 frame:0 > TX packets:470 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:1000 > RX bytes:47597 (46.4 KiB) TX bytes:49637 (48.4 KiB) > Interrupt:16 Memory:fbce-fbd0 > > eth1 Link encap:Ethernet HWaddr 00:25:90:d5:16:35 > inet addr:192.168.3.66 Bcast:192.168.3.255 Mask:255.255.255.0 > UP BROADCAST MULTICAST MTU:1500 Metric:1 > RX packets:0 errors:0 dropped:0 overruns:0 frame:0 > TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:1000 > RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) > Interrupt:17 Memory:fbde-fbe0 > > loLink encap:Local Loopback > inet addr:127.0.0.1 Mask:255.0.0.0 > inet6 addr: ::1/128 Scope:Host > UP LOOPBACK RUNNING MTU:65536 Metric:1 > RX packets:68 errors:0 dropped:0 overruns:0 frame:0 > TX packets:68 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:0 > RX bytes:17189 (16.7 KiB) TX bytes:17189 (16.7 KiB) And: > root@srv:~# cat /proc/sys/kernel/domainname > (none) It doesn't give the www answer anymore; it must have been doing something (odd) with hosts. But now it claims it can't find anything. > "hostname" returns what is in /etc/hostname (unless changed agfter > system startup). > > "hostname -f" returns the part up to the first dot from whatever is > returned by resolving "hostname" against /etc/hosts. The 2 dots after resolving hostname, maybe? That does sound very reasonable, but it doesn't seem to be working. And how does /proc get a domainname. -- Glenn English -- Glenn English Did you just click Reply? If so, change the send address from gmail to
Re: set domain name in Debian `
On Fri, 11 Nov 2016, Glenn English wrote: > /proc/sys/domainname says "(none)". hostname -f gives the old domain /proc/sys/domainname is the kernel's idea of a domain name, which is only used by some network filesystems (kernel-based NFS, I think), AFAIK. Nothing else needs it. And if you set up such a filesystem, the userspace utilities should set the kernel domainname properly by themselves. Note that the kernel also needs to know the node name (host name without a domain)... and _this_ is used everywhere. > name (where does it get it). grep -ir doesn't find the old name string > anywhere in /etc or in /lib. hostname -f does this: 1. Asks glibc for the hostname, using gethostname(). 2. Does an IP lookup on the hostname, using getaddrinfo() and the hostname it got from gethostname(), and returns the result from getaddrinfo(). Since it uses glibc for the host name lookup, it is subject to the glibc name resolver, which is configured through /etc/nsswitch.conf. Now, gethostname() works like this [in glibc]: it calls the uname() syscall, and uses the node name returned. I.e. it looks up the *hostname* the kernel was set to. So, glibc's gethostname() will match the output of "uname -n". This information was set on the kernel by either systemd, or by the initscripts. Initscripts use /etc/hostname to set this information. I am not well versed on how exactly systemd persists this information, but it likely uses /etc/hostname as well. > I know it must be simple to do -- the installer does it without > downloading a C library, but it must be in a secret place I don't know > about... 1. Set /etc/hostname to the *node name* (i.e. just the host name, without the domain) 2. Ensure the *node name* _locally_ resolves to an IPv4/IPv6. Usually this is done by adding it to /etc/hosts, so that things will not break when the network is down. Do it like this in /etc/hosts: For example: /etc/hostname: examplehost /etc/hosts: 192.0.2.42 examplehost.example.com examplehost Refer to the item (3) below for the reasoning. Full answer: anything that is resolvable locally when piped by glibc through the "hosts" nss module pipeline configured in /etc/nsswitch.conf will do. /etc/hosts is a configuration file processed for the "files" nss module typically used in /etc/nsswitch.conf. 3. Ensure the IPv4/IPv6 you used for the *node name* resolves to the full host name (FQDN). Now, there is a trick to doing this when using /etc/hosts. You *must* list the FQDN first in /etc/hosts, as it will return just the first match when doing a "reverse lookup". The complete answer is: ensure the "hosts" nss module pipeline configured in /etc/nsswitch.conf will return as the *first* match, for the *node name*'s IPv4/IPv6, the FQDN of the host. There, this is a bit harder to understand than other answers you got, but it should get the details right and might be helpful in more convoluted scenarios. "man nsswitch.conf" for mode details about /etc/nsswitch.conf. "man hosts" for more details about /etc/hosts and each libc function I mentioned also has its own manpage. -- Henrique Holschuh
Re: set domain name in Debian `
On Sat 12 Nov 2016 at 10:25:16 +, Andy Smith wrote: > Glenn has set the host name to be "srv". > > I am 95% confident that the reason that Glenn's system thinks the > FQDN is "www.slsware.dmz" is because the first instance of "srv" in > the /etc/hosts is: > > > > 192.168.2.203 www.slsware.dmz wsd srv Do you fancy adding 5% to that figure? > "hostname" returns what is in /etc/hostname (unless changed agfter > system startup). > > "hostname -f" returns the part up to the first dot from whatever is > returned by resolving "hostname" against /etc/hosts. > > "hostname -d" returns the part after the first dot from whatever is > returned by resolving "hostname" against /etc/hosts. > > I think that if Glenn placed a line higher up that read: > > 192.168.2.203 srv.slsware.org srv > > then the desired result would be achieved. I'd use 127.0.0.1 localhost 127.0.1.1 srv.slsware.org srv -- Brian.
Re: set domain name in Debian `
Hi, On Sat, Nov 12, 2016 at 02:00:11AM -0700, Glenn English wrote: > (Resend. Accidentally sent to a human instead of to the list...) I responded off-list to Glenn since that one arrived first and I wasn't sure if Glenn intended the contents of their /etc/hosts to be private. Later I saw this copy on-list. > > On Nov 11, 2016, at 11:45 PM, Andy Smithwrote: > > > > Okay. So I think we should focus on why "hostname -f" returns the > > wrong/outdated info. I'm not sure yet. > > > > Out of interest what does "hostname -d" return? > > slsware.dmz The system thinks Glenn's domain name is "slsware.dmz". Glenn wants it to be "slsware.org" (I think). > cat /etc/hostname: srv Glenn has set the host name to be "srv". I am 95% confident that the reason that Glenn's system thinks the FQDN is "www.slsware.dmz" is because the first instance of "srv" in the /etc/hosts is: > > 192.168.2.203 www.slsware.dmz wsd srv "hostname" returns what is in /etc/hostname (unless changed agfter system startup). "hostname -f" returns the part up to the first dot from whatever is returned by resolving "hostname" against /etc/hosts. "hostname -d" returns the part after the first dot from whatever is returned by resolving "hostname" against /etc/hosts. I think that if Glenn placed a line higher up that read: 192.168.2.203 srv.slsware.org srv then the desired result would be achieved. I would also add that this is a fairly large hosts file which is ripe for causing confusion. I would generally recommend keeping hosts files small, containing only enough information as needed for bootstrapping, and using DNS for everything else. The rest of the systems on the Internet (and maybe intranet) will be using DNS, and it is desirable for there to be one source of truth. Cheers, Andy -- https://bitfolk.com/ -- No-nonsense VPS hosting
Re: set domain name in Debian `
(Resend. Accidentally sent to a human instead of to the list...) > On Nov 11, 2016, at 11:45 PM, Andy Smithwrote: > > Okay. So I think we should focus on why "hostname -f" returns the > wrong/outdated info. I'm not sure yet. > > Out of interest what does "hostname -d" return? slsware.dmz (Wrong) > Should be just the > domain name part It is. Of the wrong FQDN. > And what is the contents of /etc/hostname and /etc/hosts? cat /etc/hostname: srv (Right) This is what plain hostname returns, and this is the CLI prompt, too. But hostname -f claims the hostname is 'www'. Must be coming from different places. /etc/hosts, see below. > I'm assuming you have actually rebooted at least once after changing > /etc/hostname and /etc/hosts, yes? At least once. But I didn't change /etc/hostname -- nothing wrong with it. -- Glenn English > # Host Database > # localhost is used to configure the loopback interface > # sudo cp hosts /etc ; dist `pwd`/hosts /etc all hosts > # The following lines are desirable for IPv6 capable hosts > # when the system is booting. Do not change this entry. > # > ::1 ip6-localhost ip6-loopback > fe00::0 ip6-localnet > ff00::0 ip6-mcastprefix > ff02::1 ip6-allnodes > ff02::2 ip6-allrouters > ff02::3 ip6-allhosts > > 127.0.0.1 localhost localhost.localdomain lh lcl > > # misc ne'r-do-wells > 127.0.0.2 ad.doubleclick.net > 127.0.0.2 mmv.admob.com > > # Pasadena > 206.135.251.11rrserv.richeyrentals.comrrrc rrc rrserv > > $ an indra IP > 209.169.0.5 indra.net indra inc > > # a FRII IP > 216.17.135.75 www.frii.netfrii > > > # pass I slsware.org -- all routable IPs; no NAT > 216.17.203.64 slsware.org > 216.17.203.65 out.slsware.org oso > 216.17.203.66 srv.slsware.org sso > 216.17.203.67 gobook.slsware.org gso gbo > 216.17.203.68 unused0.slsware.org u0so > 216.17.203.69 unused1.slsware.org u1so > 216.17.203.70 printer.slsware.org pso > 216.17.203.71 broadcast.slsware.org bso > > > # around the router > 192.168.0.5 brouterloopback.slsware.per brouterloopback blsp blo > 192.168.0.9 brouter2.slsware.perbrouter2 b2sp > > # perimeter boxen > 192.168.1.1 brouter.slsware.per brouter bsp > 192.168.1.2 firewall.slsware.perfsp pixp > > 192.168.1.3 1721.slsware.perlrsp lsp > 192.168.1.4 gobook.slsware.per gsp > > # .net DMZ > 192.168.2.1 firewall.slsware.dmzfsd pixd > > 192.168.2.150 rpd0.slsware.dmzrpd0 > 192.168.2.151 rpd1.slsware.dmzrpd1 > 192.168.2.152 rpd2.slsware.dmzrpd2 > 192.168.2.153 rpd3.slsware.dmzrpd3 > > 192.168.2.201 outgoing.slsware.dmzosd > 192.168.2.202 ns2.slsware.dmz ns2 > # 192.168.2.203 srv.slsware.dmz srv > 192.168.2.203 www.slsware.dmz wsd srv > 192.168.2.203 mail.slsware.dmzmsd srv > 192.168.2.203 ntp.slsware.dmz ntp srv > 192.168.2.203 ns1.slsware.dmz ns1dns1 srv > # 192.168.2.204 server.slsware.dmz ssd > 192.168.2.205 log.slsware.dmz lsd > 192.168.2.205 ns0.slsware.dmz ns0 lsd > > 192.168.2.9 gobook.slsware.dmz gsd > > # virtuals > 192.168.2.203 www.bouldermedicaladvocate.com bma > > # LAN > 192.168.3.1 firewall.slsware.lanfsl pixl > > # DMZ on the LAN 192.168.3.150..55 > # the unused rpi mark3B > 192.168.3.150 rpl0.slsware.lanrpl0 > # the piPile -- .151 is 1 3B, the others are 2Bs > 192.168.3.151 rpl1.slsware.lanrpl1 > 192.168.3.152 rpl2.slsware.lanrpl2 > 192.168.3.153 rpl3.slsware.lanrpl3 > # the HP/3.5" screen > 192.168.3.154 rpl4.slsware.lanrpl4 > # the main sls server > 192.168.3.155 supermicro.slsware.lan sml sm5 > > 192.168.3.2 timecapsule.slsware.lan tsl > 192.168.3.3 lanserver.slsware.lan lsl > 192.168.3.4 > 192.168.3.5 4240n.slsware.lan 4240 printer > 192.168.3.6 maxi.slsware.lanmaxi msl > 192.168.3.7 > 192.168.3.8 > 192.168.3.9 gobook.slsware.lan gbl > # 192.168.3.10gobook wifi (below) > 192.168.3.11 > 192.168.3.12 sbox.slsware.lansbox ssl > 192.168.3.13 > 192.168.3.14 lmaxi.slsware.lan lmaxi lmsl > 192.168.3.15 > 192.168.3.16 air.slsware.lan air asl > 192.168.3.17 mini.slsware.lanminisl > ; > 192.168.3.22 se30.slsware.lansesl > 192.168.3.25 tv.slsware.lan tvsl > 192.168.3.26 bd.slsware.lan bdsl > > # Juniper firewall - WAN > > # Juniper firewall - DMZ > > # Juniper firewall - LAN 192.168.3.50..59 >
Re: set domain name in Debian `
Hi Glenn, On Fri, Nov 11, 2016 at 11:13:02PM -0700, Glenn English wrote: > > On Nov 11, 2016, at 9:58 PM, Andy Smithwrote: > > After you have done that, what command are you using which shows you > > the old/incorrect values? > > Mostly hostname - f. That's what I've used in a number if shell > scripts, and it's always worked (on systems who've been labeled by > the installer). Okay. So I think we should focus on why "hostname -f" returns the wrong/outdated info. I'm not sure yet. Out of interest what does "hostname -d" return? Should be just the domain name part, so I expect it to say the wrong thing here. And what is the contents of /etc/hostname and /etc/hosts? I'm assuming you have actually rebooted at least once after changing /etc/hostname and /etc/hosts, yes? Cheers, Andy -- https://bitfolk.com/ -- No-nonsense VPS hosting
Re: set domain name in Debian `
> On Nov 11, 2016, at 9:58 PM, Andy Smithwrote: > > I normally put the short name in /etc/hostname and then the: > > > > in /etc/hosts. That works for me both for setting initial host name > and FQDN, and for changing it later. Yeah, that's what I hear, and exactly that's in there. IIRC, I've had some success with that in the past. But it doesn't work for me today. Debian needs a domainname command like hostname. Or maybe a man page explaining what looks up what and where the string is. A file in /etc called domainname wouldn't be too much to ask, IMHO. > After you have done that, what command are you using which shows you > the old/incorrect values? Mostly hostname - f. That's what I've used in a number if shell scripts, and it's always worked (on systems who've been labeled by the installer). hosts and DNS can both find the IP, given the FQDN, but hostname -f is wrong. hostname returns 'srv' like it should. But hostnane -f returns 'www.slsware.dmz' -- way wrong. I've grep'ed for that www string and haven't been able to find it. > Note that the domain part comes from name resolution, so will > involve /etc/hosts and potentially DNS or other name services you > have configured in /etc/nsswitch.conf. I haven't done nsswitch.conf yet. I'll try it in the morning... I got curious. nsswitch.conf on the old host (working hostname -f): > passwd: compat > group: compat > shadow: compat > > hosts:files dns > networks: files > > protocols: db files > services: db files > ethers: db files > rpc:db files > > netgroup: nis On the new one (bent hostname -f): > passwd: compat > group: compat > shadow: compat > gshadow:files > > hosts:files dns > networks: files > > protocols: db files > services: db files > ethers: db files > rpc:db files > > netgroup: nis See anything interesting? I don't. Except the mention of gshadow on the bad one, and I have no idea what that makes happen. Is it possible one of those files has bad data in it? If so, what are their names and where are they? -- Glenn English
Re: set domain name in Debian `
Hi Glenn, On Fri, Nov 11, 2016 at 01:27:28PM -0700, Glenn English wrote: > I have to change the domain name of a Jessie server I'm working on. How do > you do it? (Aside from putting the FQDN in /etc/hostname, which kinda works.) I normally put the short name in /etc/hostname and then the: in /etc/hosts. That works for me both for setting initial host name and FQDN, and for changing it later. After you have done that, what command are you using which shows you the old/incorrect values? Note that the domain part comes from name resolution, so will involve /etc/hosts and potentially DNS or other name services you have configured in /etc/nsswitch.conf. Cheers, Andy -- https://bitfolk.com/ -- No-nonsense VPS hosting
Re: set domain name in Debian `
> On Nov 11, 2016, at 3:31 PM, Greg Wooledgewrote: > > On Fri, Nov 11, 2016 at 02:47:48PM -0700, Glenn English wrote: >>> On Nov 11, 2016, at 1:52 PM, Greg Wooledge wrote: >>> >>> So... what are you actually trying to do? Be very specific. >> >> Well, I'd like the domain name to be the same everywhere. hostname -f > > hostname -f is totally useless. Why do people even KNOW about it, let > alone use it? :( > > wooledg@wooledg:~$ hostname > wooledg > wooledg@wooledg:~$ hostname -f > wooledg I claim you've got the same problem I do :-) I looked at bit at hostname -f. It goes through a few levels (of .sh, it looks like) and finally asks something in a C library. So if hostname -f is giving bad data, the shell just doesn't have the right info. > Including a domain name in that output is ridiculous if all of your > systems are used within the same organization. Maybe. But mine aren't. They've been in slsware.net, .dmz, and .lan. > This is a DNS registrat thing. It has nothing to do with Debian OK. Then it's not what I'm looking for. I'm pretty sure what I need very much has to do with Debian. > If your computer has a preferred fully qualified domain name, then you > can put it in there. Debian puts the computer's own hostname (with or > without an attached domain name) on the IP 127.0.1.1, thus: > > 127.0.0.1 localhost > 127.0.1.1 wooledg Just did that. Didn't work. Is a reboot required? (This thing takes a long time to reboot.) > host(1) is indeed one of the many commands that can look up a name in > DNS. host www.slsware.org gets the right IP. (localhost; there's no DNS info on the 'Net about this server yet.) From an alien domain, running that command, specifying my DNS with an IP, works too. > As I said before, if you don't specify a fully qualifed domain > name, then the "search" line(s) in /etc/resolv.conf will tell the > resolver which domain names to slap onto the end of the hostname before > looking it up. > > wooledg@wooledg:~$ cat /etc/resolv.conf > search eeg.ccf.org > nameserver 10.76.142.103 > nameserver 10.76.142.42 > nameserver 172.28.254.24 > > wooledg@wooledg:~$ host wooledg > wooledg.eeg.ccf.org has address 10.76.172.109 Says 'Host slsware not found' here. (Still no reboot.) > Thus, you need to be looking at your DNS setup with your domain registrar. Don't need to. I do my own. > That should be your top priority. I read that and ran and configured DNS. Nobody cares, AFAICT. > All that matters is what's in DNS. I hear you. But it's a nagging piece of config that the kernel doesn't know its name. It exists for a reason, and it's built in to the kernel for something. It may well be something hanging over from 1975 -- if so, I'd like to know for sure, one way or the other. > Set the local hostname to something that will help you remember which > machine you're logged into. That's all. That's already done. Setting the host's name is easy. It's the domain that's making me crazy. -- Glenn English Did you just click Reply? If so, change the send address from gmail to g...@slsware.net
Re: set domain name in Debian `
> On Nov 11, 2016, at 3:45 PM, Joewrote: > > I think we still do not have the terms of reference straight. > > First of all, it's a server. Who is it serving? People within the local > network only, people out on the Net, or both? Both. It's on the 'Net, but it's also where the email comes in. And do you guys need to know it's a /29 namespace with fixed IPs on a T1 connection? > You're replacing an older server. If you are serving to the Net, are > you on a new ISP connection or still the one which has worked until > now? I.e., has the public IP address and any external DNS changed? Same ISP, new piece of wire, new IPs, new domain name (I have slsware.com/net/org -- I'm moving from .net to the unused .org.) At the old place, I NAT'ed the globals to 1918 IPs on a DMZ and a LAN. > Are there DNS servers out on the Net which hold information for this > domain? Not yet. I haven't told the registrar about the new nameserver IPs. I just configured DNS. BIND says there are no errors. But there are; I deleted the SFP records from all the virtual domains to make it shut up. I haven't yet tried to figure out why BIND was unhappy with the SFPs. Nor have I tested it significantly. But DNS is there. > If so, using a local DNS server with records for other local > hostnames on the same domain becomes problematic, I've done that for years with no problems. They're sometimes even the same host/IP, with different names. If you ask for a function, you get the IP. If you ask for a reverse on an IP, I don't know what you get. I have a feeling that I should go the CNAME route (and I have more recently), but I've never really needed to. > and the question of > what IP address is returned if you ask for the usual hostname of your > public IP address may be dependent on the behaviour of your router. No. The router has nothing to do with it, in my experience. I don't do DHCP, not at the server anyway, and the router has no DMS table(s). > To sum up, we need to know who sees this domain, and from where, and > for what services. Everybody, internal (LAN, DMZ) and external (WAN). Same: internal and external. For your standard 'Net services (HTTP, SMTP, SSH, FTP, IMAP, POP3, etc.) -- Glenn English
Re: set domain name in Debian `
On Fri, 11 Nov 2016 14:47:48 -0700 Glenn Englishwrote: > > On Nov 11, 2016, at 1:52 PM, Greg Wooledge > > wrote: > > > > So... what are you actually trying to do? Be very specific. > > Well, I'd like the domain name to be the same everywhere. hostname -f > and whois (that currently returns the ISP's info) and /etc/hosts > and host and a DNS lookup and everything else I can't think of > right now should all report the same thing: the name of the domain > I'm trying to set up this server for. > > As yet, I'm looking at hostname -f (plain hostname gets the host > right), and ping'ing and SSH'ing using /etc/hosts (that works). I've > set my local DNS to look first at hosts, then at DNS. > > The DNS server isn't set up yet. mailname is just the host. postfix > is the SMTP server -- editing its config doesn't seem to do anything. > > I've moved to a new domain, and I copied lots of data from the old > server. The domain name I see is that of the old server. > I think we still do not have the terms of reference straight. First of all, it's a server. Who is it serving? People within the local network only, people out on the Net, or both? You're replacing an older server. If you are serving to the Net, are you on a new ISP connection or still the one which has worked until now? I.e., has the public IP address and any external DNS changed? Are there DNS servers out on the Net which hold information for this domain? If so, using a local DNS server with records for other local hostnames on the same domain becomes problematic, and the question of what IP address is returned if you ask for the usual hostname of your public IP address may be dependent on the behaviour of your router. To sum up, we need to know who sees this domain, and from where, and for what services. Internet email, for example, needs your mail server to know the domain, and for a public DNS MX record for that domain to point to a hostname which resolves to your public IP address, and not much more. A server can host many email domains, none of which need to be related to the domain in which the server lives, if any. A public web server might need to know the domain name, and again may serve multiple domains, but for simple sites, it will not need to know. A computer in a private network, even when providing public Internet services, does not inherently belong to any domain, but it may be administratively convenient if it is assigned one. It may well have a hostname completely different to any hostname which resolves to it from the Net. -- Joe
Re: set domain name in Debian `
On Fri, Nov 11, 2016 at 02:47:48PM -0700, Glenn English wrote: > > On Nov 11, 2016, at 1:52 PM, Greg Wooledgewrote: > > > > So... what are you actually trying to do? Be very specific. > > Well, I'd like the domain name to be the same everywhere. hostname -f hostname -f is totally useless. Why do people even KNOW about it, let alone use it? :( wooledg@wooledg:~$ hostname wooledg wooledg@wooledg:~$ hostname -f wooledg The output of hostname is largely irrelevant. The only purpose it serves is to help you, the sysadmin or competent user, remember which system you're currently logged into. Including a domain name in that output is ridiculous if all of your systems are used within the same organization. > and whois (that currently returns the ISP's info) This is a DNS registrat thing. It has nothing to do with Debian, or anything that you do on your own computer. You need to contact the hosting provider, or ISP, or whoever owns this block of IP addresses and have them set it up. It's incredibly cosmetic. > and /etc/hosts This is used only by the local processes on the computer, and it's used mostly to find OTHER computers that aren't in DNS. Either because your organization is so small that you don't even bother to use DNS (say, half a dozen computers or less), or because your network was set up by less than competent admins back in the 1990s. If your computer has a preferred fully qualified domain name, then you can put it in there. Debian puts the computer's own hostname (with or without an attached domain name) on the IP 127.0.1.1, thus: 127.0.0.1 localhost 127.0.1.1 wooledg If I cared about writing out really long domain names in /etc/hosts then I might change the second line to: 127.0.1.1 wooledg.eeg.ccf.org wooledg This is largely pointless. > and host and a DNS lookup host(1) is indeed one of the many commands that can look up a name in DNS. As I said before, if you don't specify a fully qualifed domain name, then the "search" line(s) in /etc/resolv.conf will tell the resolver which domain names to slap onto the end of the hostname before looking it up. wooledg@wooledg:~$ cat /etc/resolv.conf search eeg.ccf.org nameserver 10.76.142.103 nameserver 10.76.142.42 nameserver 172.28.254.24 wooledg@wooledg:~$ host wooledg wooledg.eeg.ccf.org has address 10.76.172.109 As you can see here, host told the resolver to look up "wooledg", and the resolver looked in /etc/resolv.conf and found the default search domain, and appended that, and then did a DNS lookup of "wooledg.eeg.ccf.org". The default search domain doesn't even have to be one of the domain names by which your machine is known to others. It can be whatever you want for your own convenience. USUALLY your machine's default search domain and "self-idenfies as" domain name will be the same. > and everything else I can't think of right now What your server calls itself doesn't really matter. What matters is how OTHER COMPUTERS reach you. Thus, you need to be looking at your DNS setup with your domain registrar. > The DNS server isn't set up yet. That should be your top priority. > mailname is just the host. postfix is the SMTP server Configuring mail without having working DNS is just an exercise in frustration. Get DNS correct first, and then get mail working. Since you've "changed" your "domain" (which I interpret to mean "I have a server on the Internet, and it used to receive mail sent to u...@example1.com and now I want it to receive mail sent to u...@example2.com") you probably really want your mail server to continue to receive email for BOTH of these domains, at least for a transitional period during which people might still be sending to the original domain name. Once you've got DNS set up correctly, you'll want to tell your mail server "accept mail for example1.com and example2.com". I don't know how to do that with Postfix specifically. Also, while you're in there, tell Postfix that you would like outgoing mail to appear as coming from "example2.com". Again, I don't know how to do this with Postfix, but it should be relatively straightforward once you find the documentation. After a year or so, then you might choose to stop accepting mail sent to example1.com, but that's up to you. For a server on the public Internet, the output of hostname is completely irrelevant. All that matters is what's in DNS. Example: I have a VPS on the public Internet. It processes web requests sent to the hostnames "wooledge.org" and "mywiki.wooledge.org". Neither of these names is present in the output of "hostname". The web server simply does not care what "hostname" is set to. It only cares about the hostname used in the HTTP requests that are sent to it. Set the local hostname to something that will help you remember which machine you're logged into. That's all.
Re: set domain name in Debian `
> On Nov 11, 2016, at 1:52 PM, Greg Wooledgewrote: > > So... what are you actually trying to do? Be very specific. Well, I'd like the domain name to be the same everywhere. hostname -f and whois (that currently returns the ISP's info) and /etc/hosts and host and a DNS lookup and everything else I can't think of right now should all report the same thing: the name of the domain I'm trying to set up this server for. As yet, I'm looking at hostname -f (plain hostname gets the host right), and ping'ing and SSH'ing using /etc/hosts (that works). I've set my local DNS to look first at hosts, then at DNS. The DNS server isn't set up yet. mailname is just the host. postfix is the SMTP server -- editing its config doesn't seem to do anything. I've moved to a new domain, and I copied lots of data from the old server. The domain name I see is that of the old server. -- Glenn English
Re: set domain name in Debian `
On Fri, Nov 11, 2016 at 01:27:28PM -0700, Glenn English wrote: > This seems to be a common question -- it's all over the 'Net. > > I have to change the domain name of a Jessie server I'm working on. How do > you do it? (Aside from putting the FQDN in /etc/hostname, which kinda works.) That depends on what you mean. Normally the only time a domain name is used is when you look up a hostname in DNS but you don't specify the fully qualified name. Like, if you're on your corporate LAN and you type "ping server7", your system is probably configured so that it knows to look up "server7.example.com" or whatever is appropriate for your organization. That usage of the concept of "domain name" is defined by the "search" lines in /etc/resolv.conf. If your corporate environment is set up for it, then you probably get these lines added to your resolv.conf by DHCP and you don't have to do anything at all. If your resolv.conf doesn't get the default search domain that you want, then you can edit /etc/dhcp/dhclient.conf to fix things. Now, on the other hand, you might mean something like "I am setting up a web server on the Internet and I want people to be able to get to it under such-and-such a name." Then it's an ENTIRELY different question and it has nothing at all to do with your /etc/hosts or /etc/resolv.conf files. It has to do with domain name registrars and DNS configuration, and then (probably) with web server virtual host configuration. What you see when you type "hostname" is COMPLETELY IRRELEVANT. There's another variant of this question that involves email server configuration, but I consider this the least likely interpretation. Then, there's a concept of domain names in NIS, and probably in Kerberos, and probably in LDAP, though of those things I only know NIS. So... what are you actually trying to do? Be very specific.
set domain name in Debian `
This seems to be a common question -- it's all over the 'Net. I have to change the domain name of a Jessie server I'm working on. How do you do it? (Aside from putting the FQDN in /etc/hostname, which kinda works.) I've seen several posts on the subject, all contradicting each other, and none of them work. The answer must be in this list's archive, but I can't find it. The most common answer has to do with /etc/hosts, but the data is already in there (at the top, with the correct IP), and the system isn't impressed (rebooting makes no difference). Man is no help. Editing /etc/resolv.conf has no effect. Books on Debian and Linux don't help, although it seems to be trivial on RedHat. /proc/sys/domainname says "(none)". hostname -f gives the old domain name (where does it get it). grep -ir doesn't find the old name string anywhere in /etc or in /lib. I know it must be simple to do -- the installer does it without downloading a C library, but it must be in a secret place I don't know about... -- Glenn English