tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: CVS commit: src/bin/hostname

On Thu, Jul 25, 2013 at 08:23:26AM +0100, David Laight wrote:

> So we now get down to things like the name in the security report emails.
> Purely local significance.
> What have I missed??

Kerberos uses the hostname to determine to which Kerberos principal a
server is willing to accept a connexion in many circumstances.  Kerberos
also in certain circumstances may use the local hostname to determine
the local realm which has implications as to what remote counterparties
are authorised to access services on the box.

People write configuration generation scripts that use the hostname
to determine the role of the host and hence the servers started
and general behaviour of the box.  And, in fact, it is not an
uncommon model to have one configuration file with hostname sections
which are conditionally parsed based on the box's hostname.  An
example of this is pkg_chk(8) which can determine which packages
to build or install based on the hostname.  And so on.

Backup software will frequently use the local hostname to determine
the name of the backup volume to try to backup to.

ssh uses the hostname when generating keys and for a few other
purposes (just from nm(1)).  Maybe there's some security significance
in there.

IIRC, X11 uses the hostname at various points.

(Postfix at least doesn't try to canonicalise the hostname but
rather simply uses it unless you are using an OS such as debian
which has patched Postfix to do a forward/reverse lookup to determine
the hostname.  This patch has not been accepted back upstream as
it was deemed to be a suboptimal idea.)

    Roland Dowdeswell                      http://Imrryr.ORG/~elric/

Home | Main Index | Thread Index | Old Index