Hesiod (name service)
Encyclopedia
In computing
, the Hesiod name service originated in Project Athena
(1983 - 1991). It uses DNS
functionality to provide access to database
s of information
that change infrequently. In Unix
environments it often serves to distribute information kept in the /etc/passwd, /etc/group, and /etc/printcap files, among others.
Frequently an LDAP
server is used to distribute the same kind of information that Hesiod does. However, because Hesiod can leverage existing DNS servers, deploying it to a network is fairly easy.
In a Unix-like
system users usually have a line in the /etc/passwd file like:
foo:x:100:10:Foo Bar:/home/foo:/bin/sh
This line tells the machine what your user id is, what group you belong to, your full name, where your home directory is, and what shell you use. This system works fine for a small number of users on a small number of machines. But when more users start using more machines having this information managed in one location becomes critical. This is where hesiod enters.
Instead of having this information stored on every machine, Hesiod stores it in records on your DNS server. Then each client can query the DNS server for this information instead of looking for it locally. In BIND
the records for the above user might look something like:
foo.passwd.ns.example.net IN TXT "foo:x:100:10:Foo Bar:/home/foo:/bin/sh"
100.passwd.ns.example.net IN TXT "foo:x:100:10:Foo Bar:/home/foo:/bin/sh"
100.uid.ns.example.net IN TXT "foo:x:100:10:Foo Bar:/home/foo:/bin/sh"
There are three records because the system needs to be able to access the information in different ways. The first line supports looking up the users by their login name and the second two allow it go look up information by the users uid.
On the client side some configuration also needs to happen. The /etc/hesiod.conf file for this setup might look something like:
rhs=.example.net
lhs=.ns
classes=IN,HS
Also make sure your /etc/resolv.conf file is using the name servers that have your hesiod records in it. Once this is configured you can test your setup using the hesinfo program:
hesinfo foo passwd
should return
foo:x:100:10:Foo Bar:/home/foo:/bin/sh
What happens here is that the foo and the passwd are combined with the lhs and rhs values in the /etc/hesiod.conf file to create a fully qualified name of foo.passwd.ns.hesiod. The DNS server is then queried for this entry and returns the value of that record.
Computing
Computing is usually defined as the activity of using and improving computer hardware and software. It is the computer-specific part of information technology...
, the Hesiod name service originated in Project Athena
Project Athena
Project Athena was a joint project of MIT, Digital Equipment Corporation, and IBM to produce a campus-wide distributed computing environment for educational use. It was launched in 1983, and research and development ran until June 30, 1991, eight years after it began...
(1983 - 1991). It uses DNS
Domain name system
The Domain Name System is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities...
functionality to provide access to database
Database
A database is an organized collection of data for one or more purposes, usually in digital form. The data are typically organized to model relevant aspects of reality , in a way that supports processes requiring this information...
s of information
Information
Information in its most restricted technical sense is a message or collection of messages that consists of an ordered sequence of symbols, or it is the meaning that can be interpreted from such a message or collection of messages. Information can be recorded or transmitted. It can be recorded as...
that change infrequently. In Unix
Unix
Unix is a multitasking, multi-user computer operating system originally developed in 1969 by a group of AT&T employees at Bell Labs, including Ken Thompson, Dennis Ritchie, Brian Kernighan, Douglas McIlroy, and Joe Ossanna...
environments it often serves to distribute information kept in the /etc/passwd, /etc/group, and /etc/printcap files, among others.
Frequently an LDAP
Lightweight Directory Access Protocol
The Lightweight Directory Access Protocol is an application protocol for accessing and maintaining distributed directory information services over an Internet Protocol network...
server is used to distribute the same kind of information that Hesiod does. However, because Hesiod can leverage existing DNS servers, deploying it to a network is fairly easy.
In a Unix-like
Unix-like
A Unix-like operating system is one that behaves in a manner similar to a Unix system, while not necessarily conforming to or being certified to any version of the Single UNIX Specification....
system users usually have a line in the /etc/passwd file like:
foo:x:100:10:Foo Bar:/home/foo:/bin/sh
This line tells the machine what your user id is, what group you belong to, your full name, where your home directory is, and what shell you use. This system works fine for a small number of users on a small number of machines. But when more users start using more machines having this information managed in one location becomes critical. This is where hesiod enters.
Instead of having this information stored on every machine, Hesiod stores it in records on your DNS server. Then each client can query the DNS server for this information instead of looking for it locally. In BIND
BIND
BIND , or named , is the most widely used DNS software on the Internet.On Unix-like operating systems it is the de facto standard.Originally written by four graduate students at the Computer Systems Research Group at the University of California, Berkeley , the name originates as an acronym from...
the records for the above user might look something like:
foo.passwd.ns.example.net IN TXT "foo:x:100:10:Foo Bar:/home/foo:/bin/sh"
100.passwd.ns.example.net IN TXT "foo:x:100:10:Foo Bar:/home/foo:/bin/sh"
100.uid.ns.example.net IN TXT "foo:x:100:10:Foo Bar:/home/foo:/bin/sh"
There are three records because the system needs to be able to access the information in different ways. The first line supports looking up the users by their login name and the second two allow it go look up information by the users uid.
On the client side some configuration also needs to happen. The /etc/hesiod.conf file for this setup might look something like:
rhs=.example.net
lhs=.ns
classes=IN,HS
Also make sure your /etc/resolv.conf file is using the name servers that have your hesiod records in it. Once this is configured you can test your setup using the hesinfo program:
hesinfo foo passwd
should return
foo:x:100:10:Foo Bar:/home/foo:/bin/sh
What happens here is that the foo and the passwd are combined with the lhs and rhs values in the /etc/hesiod.conf file to create a fully qualified name of foo.passwd.ns.hesiod. The DNS server is then queried for this entry and returns the value of that record.
See also
- Name Service SwitchName Service SwitchThe Name Service Switch is a facility in Unix-like operating systems that provides a variety of sources for common configuration databases and name resolution mechanisms...
(NSS) - Network Information ServiceNetwork Information ServiceThe Network Information Service, or NIS is a client–server directory service protocol for distributing system configuration data such as user and host names between computers on a computer network...
(NIS) - Lightweight Directory Access ProtocolLightweight Directory Access ProtocolThe Lightweight Directory Access Protocol is an application protocol for accessing and maintaining distributed directory information services over an Internet Protocol network...
(LDAP) - Kerberos