Netinfo is gone as of Leopard (October 2007). Lookupd went with it. Good riddance.
Name resolution is how your system figures out the actual IP address for host.xyz.com (and vice-versa). For most Unix systems, that function is provided by "named" and the configuration files are /etc/resolv.conf, named.conf, and perhaps nsswitch.conf. While you'll find a resolv.conf and even a named.conf on Mac OS X, you won't find named in the process list. Instead, MacOSX has a neat resolver capability controlled by "lookupd".
In spite of its name, "lookupd" is much more than just name resolution. It's a general purpose tool to query NetInfo and other configuration stores, which in turn is really what controls the OS. For example, here we use lookupd to get information about a user:
bash-2.05a$ lookupd -d lookupd version 272 (root 2002.07.27 09:40:39 UTC) Enter command name, "help", or "quit" to exit > userWithName: apl Dictionary: "NI: user apl" _lookup_agent: NIAgent _lookup_validation: 0 0 _shadow_passwd: _writers_hint: apl _writers_passwd: apl _writers_picture: apl _writers_tim_password: apl authentication_authority: ;basic; gid: 20 hint: home: /Users/apl name: apl passwd: wfqgzHTjnHZdo picture: /Library/Caches/com.apple.user501pictureCache.tiff realname: Anthony Lawrence sharedDir: Public shell: /bin/bash uid: 501 + Category: user + Time to live: 43200 + Age: 0 (expires in 43200 seconds) + Negative: No + Cache hits: 0 + Retain count: 4
The most important thing here I want you to notice is the
Dictionary: "NI: user apl"
That tells us that the information was taken from the NI or NetInfo database. "Well, duh", you might say, "you said lookupd looks in NetInfo". Correct. But it doesn't have to look there.
bash-2.05a$ lookupd -d lookupd version 272 (root 2002.07.27 09:40:39 UTC) Enter command name, "help", or "quit" to exit > hostWithName: website Dictionary: "FF: host website" _lookup_agent: FFAgent _lookup_validation: /etc/hosts 1059737278 ip_address: 64.226.42.29 name: website + Category: host + Time to live: 43200 + Age: 0 (expires in 43200 seconds) + Negative: No + Cache hits: 0 + Retain count: 3 > hostWithName: www.aplawrence.com Dictionary: "DNS: host aplawrence.com" _lookup_DNS_domain: com _lookup_DNS_server: 10.0.0.2 _lookup_DNS_time_to_live: 1800 _lookup_DNS_timestamp: 1063723342 _lookup_agent: DNSAgent _lookup_info_system: DNS ip_address: 64.226.42.29 name: aplawrence.com www.aplawrence.com + Category: host + Time to live: 43200 + Age: 0 (expires in 43200 seconds) + Negative: No + Cache hits: 0 + Retain count: 4
When I asked for "website", it found that in the FF (Flat File) dictionary; in this case /etc/hosts.
You may find a note in /etc/hosts (and in some books and on-line references) that says it is not used except in single user mode. That's incorrect for current versions.
However, when I asked for www.aplawrence.com, the answer came from DNS.
Next question: where does it look first?
That's a pretty easy question to answer.
sh-2.05a$ lookupd -configuration ConfigSource: default LookupOrder: Cache NI DS MaxIdleServers: 4 MaxIdleThreads: 2 MaxThreads: 64 TimeToLive: 43200 Timeout: 30 ValidateCache: YES ValidationLatency: 15 _config_name: Global Configuration LookupOrder: Cache FF DNS NI DS _config_name: Host Configuration LookupOrder: Cache FF NI DS _config_name: Service Configuration LookupOrder: Cache FF NI DS _config_name: Protocol Configuration LookupOrder: Cache FF NI DS _config_name: Rpc Configuration TimeToLive: 60 ValidateCache: NO _config_name: Group Configuration TimeToLive: 300 ValidateCache: NO _config_name: Initgroup Configuration LookupOrder: Cache FF DNS NI DS _config_name: Network Configuration
There's a lot here; as we noted earlier, NetInfo is responsible for a lot of stuff. You might think the very last line (Network Configuration) is what we'd be zooming in on, but actually it's the Host Configuration; you can tell that by noting that both the "website" and the "www.aplawrence.com" lookups included
+ Category: host
So, according to lookupd, NetInfo will search Cache FF DNS NI DS, in that order. The meaning of those letters after the obvious Cache is:
Flat files. In this case, /etc/hosts.
Domain Name service. Lookup from name servers.
The NetInfo Database.
Directory Services (see http://www.macdevcenter.com/lpt/a/4075.
Lookupd calls these "agents"; you can see that in the various output examples here. There are other agents: Ldap and NIS can also be used. See the lookupd man page for details.
I added "www.aplawrence.com" to /etc/hosts, and then:
bash-2.05a$ lookupd -d lookupd version 272 (root 2002.07.27 09:40:39 UTC) Enter command name, "help", or "quit" to exit > hostWithName: www.aplawrence.com Dictionary: "FF: host website" _lookup_agent: FFAgent _lookup_validation: /etc/hosts 1063725658 ip_address: 64.226.42.29 name: website www.aplawrence.com + Category: host + Time to live: 43200 + Age: 0 (expires in 43200 seconds) + Negative: No + Cache hits: 0 + Retain count: 4
Great. It does in fact look in /etc/hosts first. But what if you want to change the order? You'd think that would be easy. It's fairly easy with resolv.conf on other Unixes, and even nsswitch.conf, while a little more complicated, isn't all that difficult.
Mac OS X, unfortunately, makes this into a Major Production. Worse, there's a lot of conflicting information out there on the internet. That's probably due to changes as Mac OS X has evolved, the common core of Darwin, and also that there's often more than one way to do anything. With that in mind, keep anything you find well flavored with salt: it MIGHT be the right advice for whatever OS X is when you read it, but things also may have changed. For reference, I tested on Mac OS X 10.2.6 build 6L60.
To reorder my lookups, I did this:
sudo mkdir /etc/lookupd sudo echo LookupOrder Cache NI DNS FF DS > /etc/lookupd/hosts sudo kill -1 `cat /var/run/lookupd.pid`
After this change, lookupd resolved from DNS first, as shown both by "lookupd -configuration" and by an actual lookup:
bash-2.05a$ lookupd -d lookupd version 272 (root 2002.07.27 09:40:39 UTC) Enter command name, "help", or "quit" to exit > hostWithName: www.aplawrence.com Dictionary: "DNS: host aplawrence.com" _lookup_DNS_domain: com _lookup_DNS_server: 10.0.0.2 _lookup_DNS_time_to_live: 1156 _lookup_DNS_timestamp: 1063734909 _lookup_agent: DNSAgent _lookup_info_system: DNS ip_address: 64.226.42.29 name: aplawrence.com www.aplawrence.com + Category: host + Time to live: 43200 + Age: 0 (expires in 43200 seconds) + Negative: No + Cache hits: 0 + Retain count: 4
To put my original lookup order back, I simply did:
rm -r /etc/lookupd sudo kill -1 `cat /var/run/lookupd.pid`
The /etc/loookupd directory did NOT previously exist on my machine! If it had, you'd definitely want to make a safe copy of it prior to doing any of this, and you wouldn't remove it to reinstate your original configuration.
More Articles by Tony Lawrence - Find me on Google+ 2003-09-01
Have you tried Searching this site?
Unix/Linux/Mac OS X support by phone, email or on-site: Support Rates
This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more. We appreciate comments and article submissions.
Many of the products and books I review are things I purchased for my own use. Some were given to me specifically for the purpose of reviewing them. I resell or can earn commissions from the sale of some of these items. Links within these pages may be affiliate links that pay me for referring you to them. That's mostly insignificant amounts of money; whenever it is not I have made my relationship plain. I also may own stock in companies mentioned here. If you have any question, please do feel free to contact me.
I am a Kerio reseller. Articles here related to Kerio products reflect my honest opinion, but I do have an obvious interest in selling those products also.
Specific links that take you to pages that allow you to purchase the item I reviewed are very likely to pay me a commission. Many of the books I review were given to me by the publishers specifically for the purpose of writing a review. These gifts and referral fees do not affect my opinions; I often give bad reviews anyway.
We use Google third-party advertising companies to serve ads when you visit our website. These companies may use information (not including your name, address, email address, or telephone number) about your visits to this and other websites in order to provide advertisements about goods and services of interest to you. If you would like more information about this practice and to know your choices about not having this information used by these companies, click here.
Click here to add your comments - no registration needed!
Don't miss responses! Subscribe to Comments by RSS or by Email
Click here to add your comments
If you want a picture to show with your comment, go get a Gravatar