APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed
RSS Feeds RSS Feeds











(OLDER) <- More Stuff -> (NEWER) (NEWEST)
Printer Friendly Version
->
-> MacOSX lookupd and NetInfo


MacOSX lookupd and NetInfo





Netinfo is gone as of Leopard (October 2007). Lookupd went with it. Good riddance.


Changing Name Resolution Order

Name resolution is how your system figures out the actual IP address for host.xyz.com (and vice-versa). For most Unix systems, that function is provided by "named" and the configuration files are /etc/resolv.conf, named.conf, and perhaps nsswitch.conf. While you'll find a resolv.conf and even a named.conf on Mac OS X, you won't find named in the process list. Instead, MacOSX has a neat resolver capability controlled by "lookupd".

In spite of its name, "lookupd" is much more than just name resolution. It's a general purpose tool to query NetInfo and other configuration stores, which in turn is really what controls the OS. For example, here we use lookupd to get information about a user:


bash-2.05a$ lookupd -d
lookupd version 272 (root 2002.07.27 09:40:39 UTC)
Enter command name, "help", or "quit" to exit
> userWithName: apl
Dictionary: "NI: user apl"
_lookup_agent: NIAgent
_lookup_validation: 0 0
_shadow_passwd: 
_writers_hint: apl
_writers_passwd: apl
_writers_picture: apl
_writers_tim_password: apl
authentication_authority: ;basic;
gid: 20
hint: 
home: /Users/apl
name: apl
passwd: wfqgzHTjnHZdo
picture: /Library/Caches/com.apple.user501pictureCache.tiff
realname: Anthony Lawrence
sharedDir: Public
shell: /bin/bash
uid: 501
+ Category: user
+ Time to live: 43200
+ Age: 0 (expires in 43200 seconds)
+ Negative: No
+ Cache hits: 0
+ Retain count: 4
 

The most important thing here I want you to notice is the

Dictionary: "NI: user apl"
 

That tells us that the information was taken from the NI or NetInfo database. "Well, duh", you might say, "you said lookupd looks in NetInfo". Correct. But it doesn't have to look there.

bash-2.05a$ lookupd -d
lookupd version 272 (root 2002.07.27 09:40:39 UTC)
Enter command name, "help", or "quit" to exit
> hostWithName: website
Dictionary: "FF: host website"
_lookup_agent: FFAgent
_lookup_validation: /etc/hosts 1059737278
ip_address: 64.226.42.29
name: website
+ Category: host
+ Time to live: 43200
+ Age: 0 (expires in 43200 seconds)
+ Negative: No
+ Cache hits: 0
+ Retain count: 3


> hostWithName: www.aplawrence.com
Dictionary: "DNS: host aplawrence.com"
_lookup_DNS_domain: com
_lookup_DNS_server: 10.0.0.2
_lookup_DNS_time_to_live: 1800
_lookup_DNS_timestamp: 1063723342
_lookup_agent: DNSAgent
_lookup_info_system: DNS
ip_address: 64.226.42.29
name: aplawrence.com www.aplawrence.com
+ Category: host
+ Time to live: 43200
+ Age: 0 (expires in 43200 seconds)
+ Negative: No
+ Cache hits: 0
+ Retain count: 4

When I asked for "website", it found that in the FF (Flat File) dictionary; in this case /etc/hosts.

You may find a note in /etc/hosts (and in some books and on-line references) that says it is not used except in single user mode. That's incorrect for current versions.

However, when I asked for www.aplawrence.com, the answer came from DNS.

Lookup Order

Next question: where does it look first?

That's a pretty easy question to answer.

sh-2.05a$ lookupd -configuration

ConfigSource: default
LookupOrder: Cache NI DS
MaxIdleServers: 4
MaxIdleThreads: 2
MaxThreads: 64
TimeToLive: 43200
Timeout: 30
ValidateCache: YES
ValidationLatency: 15
_config_name: Global Configuration

LookupOrder: Cache FF DNS NI DS
_config_name: Host Configuration

LookupOrder: Cache FF NI DS
_config_name: Service Configuration

LookupOrder: Cache FF NI DS
_config_name: Protocol Configuration

LookupOrder: Cache FF NI DS
_config_name: Rpc Configuration

TimeToLive: 60
ValidateCache: NO
_config_name: Group Configuration

TimeToLive: 300
ValidateCache: NO
_config_name: Initgroup Configuration

LookupOrder: Cache FF DNS NI DS
_config_name: Network Configuration
 

There's a lot here; as we noted earlier, NetInfo is responsible for a lot of stuff. You might think the very last line (Network Configuration) is what we'd be zooming in on, but actually it's the Host Configuration; you can tell that by noting that both the "website" and the "www.aplawrence.com" lookups included

+ Category: host
 

So, according to lookupd, NetInfo will search Cache FF DNS NI DS, in that order. The meaning of those letters after the obvious Cache is:


Lookupd calls these "agents"; you can see that in the various output examples here. There are other agents: Ldap and NIS can also be used. See the lookupd man page for details.

I added "www.aplawrence.com" to /etc/hosts, and then:

bash-2.05a$ lookupd -d 
lookupd version 272 (root 2002.07.27 09:40:39 UTC)
Enter command name, "help", or "quit" to exit
> hostWithName: www.aplawrence.com
Dictionary: "FF: host website"
_lookup_agent: FFAgent
_lookup_validation: /etc/hosts 1063725658
ip_address: 64.226.42.29
name: website www.aplawrence.com
+ Category: host
+ Time to live: 43200
+ Age: 0 (expires in 43200 seconds)
+ Negative: No
+ Cache hits: 0
+ Retain count: 4
 

Great. It does in fact look in /etc/hosts first. But what if you want to change the order? You'd think that would be easy. It's fairly easy with resolv.conf on other Unixes, and even nsswitch.conf, while a little more complicated, isn't all that difficult.

Mac OS X, unfortunately, makes this into a Major Production. Worse, there's a lot of conflicting information out there on the internet. That's probably due to changes as Mac OS X has evolved, the common core of Darwin, and also that there's often more than one way to do anything. With that in mind, keep anything you find well flavored with salt: it MIGHT be the right advice for whatever OS X is when you read it, but things also may have changed. For reference, I tested on Mac OS X 10.2.6 build 6L60.

To reorder my lookups, I did this:

sudo mkdir /etc/lookupd
sudo echo LookupOrder Cache NI DNS FF DS  > /etc/lookupd/hosts
sudo kill -1 `cat /var/run/lookupd.pid`
 

After this change, lookupd resolved from DNS first, as shown both by "lookupd -configuration" and by an actual lookup:

bash-2.05a$ lookupd -d
lookupd version 272 (root 2002.07.27 09:40:39 UTC)
Enter command name, "help", or "quit" to exit
> hostWithName: www.aplawrence.com
Dictionary: "DNS: host aplawrence.com"
_lookup_DNS_domain: com
_lookup_DNS_server: 10.0.0.2
_lookup_DNS_time_to_live: 1156
_lookup_DNS_timestamp: 1063734909
_lookup_agent: DNSAgent
_lookup_info_system: DNS
ip_address: 64.226.42.29
name: aplawrence.com www.aplawrence.com
+ Category: host
+ Time to live: 43200
+ Age: 0 (expires in 43200 seconds)
+ Negative: No
+ Cache hits: 0
+ Retain count: 4
 

To put my original lookup order back, I simply did:

rm -r /etc/lookupd
sudo kill -1 `cat /var/run/lookupd.pid`
 

The /etc/loookupd directory did NOT previously exist on my machine! If it had, you'd definitely want to make a safe copy of it prior to doing any of this, and you wouldn't remove it to reinstate your original configuration.




If this page was useful to you, please help others find it:  





Comments?




More Articles by - Find me on Google+



Click here to add your comments
- no registration needed!


Don't miss responses! Subscribe to Comments by RSS or by Email

Click here to add your comments


If you want a picture to show with your comment, go get a Gravatar

Kerio Samepage


Have you tried Searching this site?

Unix/Linux/Mac OS X support by phone, email or on-site: Support Rates

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more. We appreciate comments and article submissions.

Publishing your articles here

Jump to Comments



Many of the products and books I review are things I purchased for my own use. Some were given to me specifically for the purpose of reviewing them. I resell or can earn commissions from the sale of some of these items. Links within these pages may be affiliate links that pay me for referring you to them. That's mostly insignificant amounts of money; whenever it is not I have made my relationship plain. I also may own stock in companies mentioned here. If you have any question, please do feel free to contact me.

I am a Kerio reseller. Articles here related to Kerio products reflect my honest opinion, but I do have an obvious interest in selling those products also.

Specific links that take you to pages that allow you to purchase the item I reviewed are very likely to pay me a commission. Many of the books I review were given to me by the publishers specifically for the purpose of writing a review. These gifts and referral fees do not affect my opinions; I often give bad reviews anyway.

We use Google third-party advertising companies to serve ads when you visit our website. These companies may use information (not including your name, address, email address, or telephone number) about your visits to this and other websites in order to provide advertisements about goods and services of interest to you. If you would like more information about this practice and to know your choices about not having this information used by these companies, click here.

pavatar.jpg

This post tagged:

       - Administration
       - Backup
       - MacOSX
       - Networking















My Troubleshooting E-Book will show you how to solve tough problems on Linux and Unix systems!


book graphic unix and linux troubleshooting guide



Buy Kerio from a dealer
who knows tech:
I sell and support

Kerio Connect Mail server, Control, Workspace and Operator licenses and subscription renewals



Click and enter your name and phone number to call me about Kerio® products right now (Flash required)