Web lists-archives.com

Re: [Samba] DNS issue with clean install of samba 4.5.12-Debian




Hai Mike, 

I post it to the list so everybody can learn from it. 

> Why you use "hostname -i" ?
man hostname wil tell.. But i'll try to explain it a bit. 
Read the Description, its also about how the hostnames are resolved within the systemfuntions.
Like gethostname and gethostbyname 

> root@ad51:~# hostname -i
> 127.0.0.1
> root@ad51:~# hostname -I
> 172.16.214.151 

Hostname -i , works only if the hostname can be resolved. 
Hostname -I , Displays all network addresses of the host. ( but not 127.0.0.1 ) 
Now remembering that. 

Imo, hostname -i and hostname -I should imo not resolve to localhost/127.0.0.1/::1
If thats the case then your resolving might be faulty. 

What is localhost. 
localhost = 127.0.0.1
localhost = ::1 
Localhost.localdomain = 127.0.0.1
ip6-localhost ip6-loopback = ::1 

Last, but this one should be in the DNS zone. 
localhost.primary.domain.tld = 127.0.0.1

The following. 
/etc/hostname contains name of the machine, as known to applications that run locally. 

/etc/hosts and DNS associate names with IP?addresses. 
And myname may be mapped to whichever IP?address the machine can access itself, but mapping it to 127.0.0.1 is unæsthetic.
Not /etc/hosts, but /bin/hostname serves another function with -f because /etc/hosts can override the common sense. 


Now per example. 

A good /etc/hosts = (empty)  but then you must have a dns server running. 
A minimal /etc/hosts only has :
127.0.0.1       localhost
::1		    localhost ip6-localhost ip6-loopback

And as extra with dhcp (optional) 
127.0.1.1       hostname hostname.localdomain 
Or 
127.0.0.1       localhost hostname hostname.localdomain ( not recommended ) 

Or bit more. 
192.168.0.1		computername.internal.domain.tld
1.2.3.4		computername.domain.tld

Basicly any FQDN must be resolvable where it is used.

Now a practical use, like a webserver. 
Lets say you have this in /etc/hosts 
127.0.0.1       localhost
::1		    localhost ip6-localhost ip6-loopback
192.168.0.1		computername.internal.domain.tld
1.2.3.4		computername.domain.tld

In this case i setup a minimal of 4 ! Virtual hosts. 
vhost1: localhost with the ipv6 aliases and ip numbers. 
Vhost2: computername.internal.domain.tld and no alias to ipnumbers, optional alias to hostname, but the resolv.conf must me correct also with the primary domain. 
Vhost3: computername.domain.tld and no alias to ipnumbers. 
Vhost4: 1.2.3.4 as catch all for scriptkiddies that scan ipnumbers, with a page saying use hostnames. 
Optional
Vhost5: 192.168.0.1 as catch all for in lan side or add the ip to vhost2. 

With such a setup you can split everything there you want to access it, and you can setup you server much more secure with some basic steps. 
But thats how i see it, there might be better ways, but this works very good for me. 

I hope this helps a bit. 

Greetz, 

Louis



> -----Oorspronkelijk bericht-----
> Van: Mike Lykov [mailto:combr@xxxxxxxxx] 
> Verzonden: vrijdag 15 december 2017 8:47
> Aan: L.P.H. van Belle
> Onderwerp: Re: [Samba] DNS issue with clean install of samba 
> 4.5.12-Debian
> 
> 11.12.2017 20:03, L.P.H. van Belle via samba ??????????:
> > Hai James,
> > 
> > Can you try this one for me. I corrected and uploaded my 
> latest version.
> > 
> > 
> https://raw.githubusercontent.com/thctlo/samba4/master/samba-s
etup-checkup.sh
> > 
> > You can wget this one directly.
> > You should see ( my sample output )
> 
> Why you use "hostname -i" ?
> 
> " Display the network address(es) of the host name. Note that 
> this works 
> only if the host name can be resolved. Avoid using this option; use 
> hostname -I instead. "
> 
>      HOST_IP1="$(hostname -i)"
>      HOST_IP2="$(hostname -I)"
>      if [ $HOST_IP1 = $HOST_IP2 ]; then
> ....
> 
> With one interface  (+default lo interface) It is writing about
> 	echo "TODO, not finished"
>          echo "Detected multiple ipnumbers"
> 
> beacuse
> 
> root@ad51:~# hostname -i
> 127.0.0.1
> root@ad51:~# hostname -I
> 172.16.214.151
> 
> -- 
> Administrator
> 
> 


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba