On Fri, 2007-09-28 at 11:05 -0600, Lamont Peterson wrote:
-----BEGIN PGP SIGNED MESSAGE-----
On Fri, 28 Sep 2007 05:47:58 -0400
Jesse Keating <jkeating(a)redhat.com> wrote:
> On Fri, 28 Sep 2007 15:43:42 +0200
> "Alexander Boström" <abo(a)kth.se> wrote:
> > While I do believe Kerberos protocols, libs or apps should be
> > smarter about these things sometimes and I'm not sure what really
> > happens here (though I've seen this happen a few times) I really do
> > think Kerberos is in its right to complain when it's fed lies. If
> > you put the hostname on the 127.0.0.1 line, doesn't that override
> > everything DNS says?
> Almost every single location I take my laptop there is no dns entry
> for my hostname. Relying upon every hostname to be DNS resolvable is
> extremely dated thinking.
We use Kerberos here. I have the notebooks hostname on the 127.0.0.1 line in my
/etc/hosts file. Kerberos doesn't complain
Try to do that on the KDC, the KDC
does not listen on 127.0.0.1 for some
IMNSHO, the /etc/hosts file is only for making sure that the box can
resolve itself regardless of what's going on with whatever network(s) it's plugged
into at the moment. Period. There are plenty of daemons that will grumble if you use
names in the configuration and it can't resolve them (like MTAs, for example, in some
parts of their configs).
Sure, if we can make dhclient or the network configuration tools put in
the right name-ip pair in /etc/hosts I have no problems.