[SATLUG] Would modifying hosts file affect DNS entries?
Bruce Dubbs
bruce.dubbs at gmail.com
Sun Sep 2 11:01:44 CDT 2007
Eric Haugen wrote:
> I am trying to keep "some" users from going to time/bandwidth wasting
> websites and I know you can add entries such as:
>
> 127.0.0.1 www.youtube.com 127.0.0.1 www.pandora.com 127.0.0.1
> www.myspace.com 127.0.0.1 www.ebay.com
>
> to the hosts file. When I told another administrator at work what I
> wanted to do he said not to because it would screw up the DNS. Is
> this true?
No.
> I couldn't see how because it would only be on the users local
> machine would query the file. Blocking these sites at the
> firewall/DNS server is not an option because there are some users
> with legitimate reasons to go to these sites.
The hosts files has nothing to do with the DNS system. The DNS server
never looks at the hosts file.
The resolver for the client (which usually uses the dns system but is
not a part of it) is located within the glibc libraries. What it does is:
Look at the "hosts:" line in nsswitch.conf
In the order specified on that line look up and return the IP address
from the first system that gives a successful answer.
Possible entries on the line are:
files -> look up from the /etc/hosts file
dns -> look up form the dns system
nis -> look up form the nis system
nisplus -> etc
ldap -> etc
This is documented in man nsswitch.conf.
-- Bruce
More information about the SATLUG
mailing list