MacOSX lookupd and NetInfo

Changing Name Resolution Order Name resolution is how your system figures out the actual IP address for host.xyz.com (and vice-versa). For most Unix systems, that function is provided by "named" and the configuration files are /etc/resolv.conf, named.conf, and perhaps nsswitch.conf. While you'll find a resolv.conf and even a named.conf on Mac OS X, you won't find named in the process list. Instead, MacOSX has a neat resolver capability controlled by "lookupd". In spite of its name, "lookupd" is much more than just name resolution. It's a general purpose tool to query NetInfo and other configuration stores, which in turn is really what controls the OS. For example, here we use lookupd to get information about a user: bash-2.05a$ lookupd -d lookupd version 272 (root 2002.07.27 09:40:39 UTC) Enter command name, "help", or "quit" to exit > userWithName: apl Dictionary: "NI: user apl" _lookup_agent: NIAgent _lookup_validation: 0 0 _shadow_passwd: _writers_hint: apl _writers_passwd: apl _writers_picture: apl _writers_tim_password: apl authentication_authority: ;basic; gid: 20 hint: home: /Users/apl name: apl passwd: wfqgzHTjnHZdo picture: /Library/Caches/com.apple.user501pictureCache.tiff realname: Anthony Lawrence sharedDir: Public shell: /bin/bash uid: 501 + Category: user + Time to live: 43200 + Age: 0 (expires in 43200 seconds) + Negative: No + Cache hits: 0 + Retain count: 4 The most important thing here I want you to notice is the Dictionary: "NI: user apl" That tells us that the information was taken from the NI or NetInfo database. "Well, duh", you might say, "you said lookupd looks in NetInfo". Correct. But it doesn't have to look there. bash-2.05a$ lookupd -d lookupd version 272 (root 2002.07.27 09:40:39 UTC) Enter command name, "help", or "quit" to exit > hostWithName: website Dictionary: "FF: host website" _lookup_agent: FFAgent _lookup_validation: /etc/hosts 1059737278 ip_address: 64.226.42.29 name: website + Category: host + Time to live: 43200 + Age: 0 (expires in 43200 seconds) + Negative: No + Cache hits: 0 + Retain count: 3 > hostWithName: www.aplawrence.com Dictionary: "DNS: host aplawrence.com" _lookup_DNS_domain: com _lookup_DNS_server: 10.0.0.2 _lookup_DNS_time_to_live: 1800 _lookup_DNS_timestamp: 1063723342 _lookup_agent: DNSAgent _lookup_info_system: DNS ip_address: 64.226.42.29 name: aplawrence.com www.aplawrence.com + Category: host + Time to live: 43200 + Age: 0 (expires in 43200 seconds) + Negative: No + Cache hits: 0 + Retain count: 4 When I asked for "website", it found that in the FF (Flat File) dictionary; in this case /etc/hosts. You may find a note in /etc/hosts (and in some books and on-line references) that says it is not used except in single user mode. That's incorrect for current versions. However, when I asked for www.aplawrence.com, the answer came from DNS. Lookup Order Next question: where does it look first? That's a pretty easy question to answer. sh-2.05a$ lookupd -configuration ConfigSource: default LookupOrder: Cache NI DS MaxIdleServers: 4 MaxIdleThreads: 2 MaxThreads: 64 TimeToLive: 43200 Timeout: 30 ValidateCache: YES ValidationLatency: 15 _config_name: Global Configuration LookupOrder: Cache FF DNS NI DS _config_name: Host Configuration LookupOrder: Cache FF NI DS _config_name: Service Configuration LookupOrder: Cache FF NI DS _config_name: Protocol Configuration LookupOrder: Cache FF NI DS _config_name: Rpc Configuration TimeToLive: 60 ValidateCache: NO _config_name: Group Configuration TimeToLive: 300 ValidateCache: NO _config_name: Initgroup Configuration LookupOrder: Cache FF DNS NI DS _config_name: Network Configuration There's a lot here; as we noted earlier, NetInfo is responsible for a lot of stuff. You might think the very last line (Network Configuration) is what we'd be zooming in on, but actually it's the Host Configuration; you can tell that by noting that both the "website" and the "www.aplawrence.com" lookups included + Category: host So, according to lookupd, NetInfo will search Cache FF DNS NI DS, in that order. The meaning of those letters after the obvious Cache is:

FF Flat files. In this case, /etc/hosts.
DNS Domain Name service. Lookup from name servers.
NI The NetInfo Database.
DS Directory Services (see http://www.macdevcenter.com/lpt/a/4075.

Lookupd calls these "agents"; you can see that in the various output examples here. There are other agents: Ldap and NIS can also be used. See the lookupd man page for details. I added "www.aplawrence.com" to /etc/hosts, and then:

bash-2.05a$ lookupd -d 
lookupd version 272 (root 2002.07.27 09:40:39 UTC)
Enter command name, "help", or "quit" to exit
> hostWithName: www.aplawrence.com
Dictionary: "FF: host website"
_lookup_agent: FFAgent
_lookup_validation: /etc/hosts 1063725658
ip_address: 64.226.42.29
name: website www.aplawrence.com
+ Category: host
+ Time to live: 43200
+ Age: 0 (expires in 43200 seconds)
+ Negative: No
+ Cache hits: 0
+ Retain count: 4

Great. It does in fact look in /etc/hosts first. But what if you want to change the order? You'd think that would be easy. It's fairly easy with resolv.conf on other Unixes, qnd even nsswitch.conf, while a little more complicated, isn't all that difficult. Mac OS X, unfortunately, makes this into a Major Production. Worse, there's a lot of conflicting information out there on the internet. That's probably due to changes as Mac OS X has evolved, the common core of Darwin, and also that there's often more than one way to do anything. With that in mind, keep anything you find well flavored with salt: it MIGHT be the right advice for whatever OS X is when you read it, but things also may have changed. For reference, I tested on Mac OS X 10.2.6 build 6L60. To reorder my lookups, I did this:

sudo mkdir /etc/lookupd
sudo echo LookupOrder Cache NI DNS FF DS  > /etc/lookupd/hosts
sudo kill -1 `cat /var/run/lookupd.pid`

After this change, lookupd resolved from DNS first, as shown both by "lookupd -configuration" and by an actual lookup:

bash-2.05a$ lookupd -d
lookupd version 272 (root 2002.07.27 09:40:39 UTC)
Enter command name, "help", or "quit" to exit
> hostWithName: www.aplawrence.com
Dictionary: "DNS: host aplawrence.com"
_lookup_DNS_domain: com
_lookup_DNS_server: 10.0.0.2
_lookup_DNS_time_to_live: 1156
_lookup_DNS_timestamp: 1063734909
_lookup_agent: DNSAgent
_lookup_info_system: DNS
ip_address: 64.226.42.29
name: aplawrence.com www.aplawrence.com
+ Category: host
+ Time to live: 43200
+ Age: 0 (expires in 43200 seconds)
+ Negative: No
+ Cache hits: 0
+ Retain count: 4

To put my original lookup order back, I simply did:

rm -r /etc/lookupd
sudo kill -1 `cat /var/run/lookupd.pid`

The /etc/loookupd directory did NOT previously exist on my machine! If it had, you'd definitely want to make a safe copy of it prior to doing any of this, and you wouldn't remove it to reinstate your original configuration. September 2003 Tony Lawrence All rights reserved A.P. Lawrence provides SCO Unix and Linux consulting services http://www.pcunix.com

MacOSX lookupd and NetInfo

Suggest a Correction

Comments (0)

Latest News

AI Tools for Poetry Composition and Literary Analysis: A Practical Guide

Using AI to Overcome Writer's Block and Spark Creativity

Introduction to the Concept and Current State

Introduction to AI-Powered Editing and Revision Tools for Writers

Introduction to Using AI for Collaborative Writing Projects

Search

Popular Posts

The Power of AI in Maintaining Writing Consistency Across Long Projects

How to Positively Navigate Errors and Mistakes

Golden Globes Moments: Stars Shout Out, K-Pop Takes Stage

How to Effectively Engage Your Website Visitors: 10 Crucial Tips

Introduction to Consistent Writing with AI