Jump to content

Hesiod (name service)

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by CmdrObot (talk | contribs) at 21:40, 3 August 2006 (sp: an network→a network). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

In computing, the Hesiod name service originated in Project Athena (1983 - 1991). It uses DNS functionality to provide access to databases of information that changes infrequently. In Unix environments it often serves to distribute information kept in the /etc/passwd, /etc/group, and /etc/printcap files, among others. Frequently an LDAP server is used to distribute the same kind of information that Hesiod does. However, because Hesiod can leverage existing DNS servers deploying it to a network is fairly easy.

In a Unix/Linux system users usually have a line in the /etc/passwd file like:

foo:x:100:10:Foo Bar:/home/foo:/bin/bash  

This line tells the machine what your user id is, what group you belong to, your full name, where your home directory is at and what shell you use. This system works fine for a small number of users on a small number of machines. But when more users start using more machines having this information managed in one location becomes critical. This is where hesiod enters.

Instead of having this information stored on every machine, Hesiod stores it in records on your DNS server. Then each client can query the DNS server for this information instead of looking for it locally. In BIND the records for the above user might look something like:

foo.passwd.ns.hesiod  IN  TXT  "foo:x:100:10:Foo Bar:/home/foo:/bin/bash"
100.passwd.ns.hesiod  IN  TXT  "foo:x:100:10:Foo Bar:/home/foo:/bin/bash"
100.uid.ns.hesiod     IN  TXT  "foo:x:100:10:Foo Bar:/home/foo:/bin/bash"

There are three records because the system needs to be able to access the information in different ways. The first line supports looking up the users by their login name and the second two allow it go look up information by the users uid.

On the client side some configuration also needs to happen. The /etc/hesiod.conf file for this setup might look something like:

rhs=hesiod
lhs=ns

Also make sure your /etc/resolv.conf file is using the name servers that have your hesiod records in it. Once this is configured you can test your setup using the hesinfo program:

hesinfo foo passwd

should return

foo:x:100:10:Foo Bar:/home/foo:/bin/bash

What happens here is that the foo and the passwd are combined with the lhs and rhs values in the /etc/hesiod.conf file to create a fully qualified name of foo.passwd.ns.hesiod. The DNS server is then queried for this entry and returns the value of that record.

See also