World Library  
Flag as Inappropriate
Email this Article

Hesiod (name service)

Article Id: WHEBN0003112367
Reproduction Date:

Title: Hesiod (name service)  
Author: World Heritage Encyclopedia
Language: English
Subject: Directory services, Lightweight Directory Access Protocol, Domain Name System
Collection: Directory Services, Domain Name System
Publisher: World Heritage Encyclopedia
Publication
Date:
 

Hesiod (name service)

In computing, the Hesiod name service originated in Project Athena (1983–1991). It uses DNS functionality to provide access to databases of information that change infrequently. In Unix environments it often serves to distribute information kept in the /etc/passwd, /etc/group, and /etc/printcap files, among others. Frequently an LDAP server is used to distribute the same kind of information that Hesiod does. However, because Hesiod can leverage existing DNS servers, deploying it to a network is fairly easy.

In a Unix-like system users usually have a line in the /etc/passwd file for each local user like:

foo:x:100:10:Foo Bar:/home/foo:/bin/sh

This line is composed of seven colon-separated fields which hold the following data:

  1. user login name (string);
  2. password hash or "x" if shadow password file is in use (string);
  3. user id (unsigned integer);
  4. user's primary group id (unsigned integer);
  5. Gecos field (four comma separated fields, string);
  6. user home directory (string);
  7. user login shell (string).

This system works fine for a small number of users on a small number of machines. But when more users start using more machines having this information managed in one location becomes critical. This is where Hesiod enters.

Instead of having this information stored on every machine, Hesiod stores it in records on your DNS server. Then each client can query the DNS server for this information instead of looking for it locally. In BIND the records for the above user might look something like:

foo.passwd.ns.example.net  HS  TXT  "foo:x:100:10:Foo Bar:/home/foo:/bin/sh"
100.passwd.ns.example.net  HS  TXT  "foo:x:100:10:Foo Bar:/home/foo:/bin/sh"
100.uid.ns.example.net     HS  TXT  "foo:x:100:10:Foo Bar:/home/foo:/bin/sh"

There are three records because the system needs to be able to access the information in different ways. The first line supports looking up the user by their login name and the second two allow it to look up information by the user's uid. Note the use of the HS class instead of IN as might be expected. The Domain Name System has a special class of service for Hesiod's purpose.

On the client side some configuration also needs to happen. The /etc/hesiod.conf file for this setup might look something like:

rhs=.example.net
lhs=.ns
classes=HS,IN

Also make sure the /etc/resolv.conf file is using the name servers that have the Hesiod records. Once this is configured one can test the setup using the hesinfo program:

hesinfo foo passwd

should return

foo:x:100:10:Foo Bar:/home/foo:/bin/sh

What happens here is that the foo and the passwd are combined with the lhs and rhs values in the /etc/hesiod.conf file to create a fully qualified name of foo.passwd.ns.hesiod. The DNS server is then queried for this entry and returns the value of that record.

See also

External links

  • Single Sign-On and the System Administrator
This article was sourced from Creative Commons Attribution-ShareAlike License; additional terms may apply. World Heritage Encyclopedia content is assembled from numerous content providers, Open Access Publishing, and in compliance with The Fair Access to Science and Technology Research Act (FASTR), Wikimedia Foundation, Inc., Public Library of Science, The Encyclopedia of Life, Open Book Publishers (OBP), PubMed, U.S. National Library of Medicine, National Center for Biotechnology Information, U.S. National Library of Medicine, National Institutes of Health (NIH), U.S. Department of Health & Human Services, and USA.gov, which sources content from all federal, state, local, tribal, and territorial government publication portals (.gov, .mil, .edu). Funding for USA.gov and content contributors is made possible from the U.S. Congress, E-Government Act of 2002.
 
Crowd sourced content that is contributed to World Heritage Encyclopedia is peer reviewed and edited by our editorial staff to ensure quality scholarly research articles.
 
By using this site, you agree to the Terms of Use and Privacy Policy. World Heritage Encyclopedia™ is a registered trademark of the World Public Library Association, a non-profit organization.
 


Copyright © World Library Foundation. All rights reserved. eBooks from Project Gutenberg are sponsored by the World Library Foundation,
a 501c(4) Member's Support Non-Profit Organization, and is NOT affiliated with any governmental agency or department.