HOME

TheInfoList



Click Here for Items Related To - Hesiod (name Service)
OR:
Hesiod (name Service) on:   [Wikipedia]   [Google]   [Amazon]

In computing, the Hesiod name service originated in Project Athena (1983–1991). It uses
DNS The Domain Name System (DNS) is a hierarchical and distributed naming system for computers, services, and other resources in the Internet or other Internet Protocol (IP) networks. It associates various information with domain names assigned to ...
functionality to provide access to databases of information that change infrequently. In Unix environments it often serves to distribute information kept in the , , and files, among others. Frequently an LDAP server is used to distribute the same kind of information that Hesiod does. However, because Hesiod can leverage existing DNS servers, deploying it to a network is fairly easy. In a Unix-like system users usually have a line in the file for each local user like: foo:x:100:10:Foo Bar:/home/foo:/bin/sh This line is composed of seven colon-separated fields which hold the following data: # user login name (string); # password hash or "x" if
shadow password passwd is a command on Unix, Plan 9, Inferno, and most Unix-like operating systems used to change a user's password. The password entered by the user is run through a key derivation function to create a hashed version of the new password, w ...
file is in use (string); # user id (unsigned integer); # user's primary group id (unsigned integer); #
Gecos field The gecos field, or GECOS field is a field in each record in the /etc/passwd file on Unix and similar operating systems. On UNIX, it is the 5th of 7 fields in a record. It is typically used to record general information about the account or its u ...
(four comma separated fields, string); # user home directory (string); # user login shell (string). This system works fine for a small number of users on a small number of machines. But when more users start using more machines having this information managed in one location becomes critical. This is where Hesiod enters. Instead of having this information stored on every machine, Hesiod stores it in records on your DNS server. Then each client can query the DNS server for this information instead of looking for it locally. In
BIND BIND () is a suite of software for interacting with the Domain Name System (DNS). Its most prominent component, named (pronounced ''name-dee'': , short for ''name daemon''), performs both of the main DNS server roles, acting as an authoritative n ...
the records for the above user might look something like: foo.passwd.ns.example.net HS TXT "foo:x:100:10:Foo Bar:/home/foo:/bin/sh" 100.passwd.ns.example.net HS TXT "foo:x:100:10:Foo Bar:/home/foo:/bin/sh" 100.uid.ns.example.net HS TXT "foo:x:100:10:Foo Bar:/home/foo:/bin/sh" There are three records because the system needs to be able to access the information in different ways. The first line supports looking up the user by their login name and the second two allow it to look up information by the user's uid. Note the use of the ''HS'' class instead of ''IN'' as might be expected. The Domain Name System has a special
class of service Class of service (COS or CoS) is a parameter used in data and voice protocols to differentiate the types of payloads contained in the packet being transmitted. The objective of such differentiation is generally associated with assigning prioritie ...
for Hesiod's purpose. On the client side some configuration also needs to happen. The /etc/hesiod.conf file for this setup might look something like: rhs=.example.net lhs=.ns classes=HS,IN The /etc/resolv.conf file uses the name servers that have the Hesiod records. Then $ hesinfo foo passwd foo:x:100:10:Foo Bar:/home/foo:/bin/sh What happens here is that the ''foo'' and the ''passwd'' are combined with the ''lhs'' and ''rhs'' values in the /etc/hesiod.conf file to create a fully qualified name of ''foo.passwd.ns.example.net''. The DNS server is then queried for this entry and returns the value of that record.


See also

*
Name Service Switch The Name Service Switch (NSS) connects the computer with a variety of sources of common configuration databases and name resolution mechanisms. These sources include local operating system files (such as , , and ), the Domain Name System (DNS), th ...
(NSS) *
Network Information Service The Network Information Service, or NIS (originally called Yellow Pages or YP), is a client–server directory service protocol for distributing system configuration data such as user and host names between computers on a computer network. Sun ...
(NIS) * Lightweight Directory Access Protocol (LDAP) * Kerberos


References


External links

* {{man, 5, hesiod.conf, NetBSD
Single Sign-On and the System Administrator
Directory services Domain Name System Massachusetts Institute of Technology software