Hesiod (name service)

Hesiod (name service)

In computing, the Hesiod name service originated in Project Athena (1983 - 1991). It uses DNS functionality to provide access to databases of information that changes infrequently. In Unix environments it often serves to distribute information kept in the /etc/passwd, /etc/group, and /etc/printcap files, among others.Frequently an LDAP server is used to distribute the same kind of information that Hesiod does. However, because Hesiod can leverage existing DNS servers, deploying it to a network is fairly easy.

In a Unix/Linux system users usually have a line in the /etc/passwd file like:

foo:x:100:10:Foo Bar:/home/foo:/bin/bash

This line tells the machine what your user id is, what group you belong to, your full name, where your home directory is, and what shell you use. This system works fine for a small number of users on a small number of machines. But when more users start using more machines having this information managed in one location becomes critical. This is where hesiod enters.

Instead of having this information stored on every machine, Hesiod stores it in records on your DNS server. Then each client can query the DNS server for this information instead of looking for it locally. In BIND the records for the above user might look something like:

foo.passwd.ns.hesiod IN TXT "foo:x:100:10:Foo Bar:/home/foo:/bin/bash" 100.passwd.ns.hesiod IN TXT "foo:x:100:10:Foo Bar:/home/foo:/bin/bash" 100.uid.ns.hesiod IN TXT "foo:x:100:10:Foo Bar:/home/foo:/bin/bash"

There are three records because the system needs to be able to access the information in different ways. The first line supports looking up the users by their login name and the second two allow it go look up information by the users uid.

On the client side some configuration also needs to happen. The /etc/hesiod.conf file for this setup might look something like:

rhs=hesiod lhs=ns

Also make sure your /etc/resolv.conf file is using the name servers that have your hesiod records in it. Once this is configured you can test your setup using the "hesinfo" program:

hesinfo foo passwd

should return

foo:x:100:10:Foo Bar:/home/foo:/bin/bash

What happens here is that the "foo" and the "passwd" are combined with the "lhs" and "rhs" values in the /etc/hesiod.conf file to create a fully qualified name of "foo.passwd.ns.hesiod". The DNS server is then queried for this entry and returns the value of that record.

See also

* Name Service Switch (NSS)
* Network Information Service (NIS)
* Lightweight Directory Access Protocol (LDAP)
* Kerberos

External links

*
* [http://www.usenix.org/events/lisa98/full_papers/grubb/grubb.pdf Single Sign-On and the System Administrator]


Wikimedia Foundation. 2010.

Игры ⚽ Нужно сделать НИР?

Look at other dictionaries:

  • Domain Name System — Pour les articles homonymes, voir DNS. Domain Name System Fonction Traduction de nom de domaine en adresse IP …   Wikipédia en Français

  • Directory service — A directory service is the software system that stores, organizes and provides access to information in a directory. In software engineering, a directory is a map between names and values. It allows the lookup of values given a name, similar to a …   Wikipedia

  • Domain Name System — The Domain Name System (DNS) is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the… …   Wikipedia

  • Berkeley Internet Name Daemon — BIND (Berkeley Internet Name Domain) Entwickler: ISC Aktuelle Version: 9.6.0 (7. Januar 2009) Betriebssystem: z. B. UNIX, NetBSD, FreeBSD, OpenBSD …   Deutsch Wikipedia

  • Berkeley Internet Name Domain — BIND (Berkeley Internet Name Domain) Entwickler: ISC Aktuelle Version: 9.6.0 (7. Januar 2009) Betriebssystem: z. B. UNIX, NetBSD, FreeBSD, OpenBSD …   Deutsch Wikipedia

  • Lightweight Directory Access Protocol — The Lightweight Directory Access Protocol (LDAP;  /ˈɛld …   Wikipedia

  • NIS+ — is a directory service developed by Sun Microsystems to replace its older NIS (Network Information Service). It is designed to eliminate the need for duplication across many computers of configuration data such as user accounts, host names and… …   Wikipedia

  • Project Athena — was a joint project of MIT, Digital Equipment Corporation, and IBM. It was launched in 1983, and research and development ran until June 30, 1991, eight years after it began. It is widely believed that the goals were to create a computing… …   Wikipedia

  • education — /ej oo kay sheuhn/, n. 1. the act or process of imparting or acquiring general knowledge, developing the powers of reasoning and judgment, and generally of preparing oneself or others intellectually for mature life. 2. the act or process of… …   Universalium

  • ancient Greek civilization — ▪ historical region, Eurasia Introduction       the period following Mycenaean civilization, which ended in about 1200 BC, to the death of Alexander the Great, in 323 BC. It was a period of political, philosophical, artistic, and scientific… …   Universalium

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”