In /etc/hosts for the format is IP FQDN Alias... Which would means "1.1.1.1 aserver.google.com aserver aserver-le0" I have seen a lot of sysadmins do the following: "1.1.1.1 aserver aserver.google.com" which means the host file (or NIS) does not match DNS
As the first entry is FQDN it is then "name" return when an application looks up an IP address. In the first example 1.1.1.1 belongs to aserver.google.com (FQDN) and access lists need to match this (e.g. .rhost/nfs shares) e.g. dig -x 1.1.1.1 | egrep PTR And it will return FQDN for example aserver.google.com (assuming a standard DNS setup) These days I am a fan for forward check access lists, because any one who owns a DNS server can say that for IPAddressX returns aserver.google.com. They can not set the forward lookup outside of their domain but they can setup a reverse lookup. The other advantage is forword looking access lists is you can use DNS Alias in access lists as well. e.g. NFS share should do a DNS lookup on aserver.google.com get an IP Address or multiple IP Address and then check to see if the client has the same IP address rather than a string match. PS I read in the doco that as of Solaris 10 hostname should be set to FQDN if you wish to use Kerb5. e.g. hostname command should return "aserver.google.com.au" not "aserver" if you wish to use Kerb5 Sol10. -- This message posted from opensolaris.org _______________________________________________ zfs-discuss mailing list zfs-discuss@opensolaris.org http://mail.opensolaris.org/mailman/listinfo/zfs-discuss
