|
|
5a015b |
From 9ad552df64b1de224e452d7d788f3b3473dbf945 Mon Sep 17 00:00:00 2001
|
|
|
5a015b |
From: =?UTF-8?q?Nikola=20Forr=C3=B3?= <nforro@redhat.com>
|
|
|
5a015b |
Date: Tue, 19 Jun 2018 14:00:17 +0200
|
|
|
5a015b |
Subject: [PATCH] host.conf.5: remove description of never-implemented spoof
|
|
|
5a015b |
options
|
|
|
5a015b |
---
|
|
|
5a015b |
man-pages/man5/host.conf.5 | 63 +-------------------------------------
|
|
|
5a015b |
1 file changed, 1 insertion(+), 62 deletions(-)
|
|
|
5a015b |
|
|
|
5a015b |
diff --git a/man-pages/man5/host.conf.5 b/man-pages/man5/host.conf.5
|
|
|
5a015b |
index c85fefe..3f24518 100644
|
|
|
5a015b |
--- a/man-pages/man5/host.conf.5
|
|
|
5a015b |
+++ b/man-pages/man5/host.conf.5
|
|
|
5a015b |
@@ -33,7 +33,7 @@ contains configuration information specific to the resolver library.
|
|
|
5a015b |
It should contain one configuration keyword per line, followed by
|
|
|
5a015b |
appropriate configuration information.
|
|
|
5a015b |
The keywords recognized are
|
|
|
5a015b |
-.IR trim ", " multi ", " nospoof ", " spoof ", and " reorder .
|
|
|
5a015b |
+.IR trim ", " multi ", and " reorder .
|
|
|
5a015b |
These keywords are described below.
|
|
|
5a015b |
.TP
|
|
|
5a015b |
.I trim
|
|
|
5a015b |
@@ -68,52 +68,6 @@ This is
|
|
|
5a015b |
by default, as it may cause a substantial performance loss at sites
|
|
|
5a015b |
with large hosts files.
|
|
|
5a015b |
.TP
|
|
|
5a015b |
-.I nospoof
|
|
|
5a015b |
-Valid values are
|
|
|
5a015b |
-.IR on " and " off .
|
|
|
5a015b |
-If set to
|
|
|
5a015b |
-.IR on ,
|
|
|
5a015b |
-the resolv+ library will attempt to prevent hostname spoofing to
|
|
|
5a015b |
-enhance the security of
|
|
|
5a015b |
-.BR rlogin " and " rsh .
|
|
|
5a015b |
-It works as follows: after performing a host address lookup, resolv+
|
|
|
5a015b |
-will perform a hostname lookup for that address.
|
|
|
5a015b |
-If the two hostnames
|
|
|
5a015b |
-do not match, the query will fail.
|
|
|
5a015b |
-The default value is
|
|
|
5a015b |
-.IR off .
|
|
|
5a015b |
-.TP
|
|
|
5a015b |
-.I spoofalert
|
|
|
5a015b |
-Valid values are
|
|
|
5a015b |
-.IR on " and " off .
|
|
|
5a015b |
-If this option is set to
|
|
|
5a015b |
-.I on
|
|
|
5a015b |
-and the
|
|
|
5a015b |
-.I nospoof
|
|
|
5a015b |
-option is also set, resolv+ will log a warning of the error via the
|
|
|
5a015b |
-syslog facility.
|
|
|
5a015b |
-The default value is
|
|
|
5a015b |
-.IR off .
|
|
|
5a015b |
-.TP
|
|
|
5a015b |
-.I spoof
|
|
|
5a015b |
-Valid values are
|
|
|
5a015b |
-.IR off ", " nowarn " and " warn .
|
|
|
5a015b |
-If this option is set to
|
|
|
5a015b |
-.IR off ,
|
|
|
5a015b |
-spoofed addresses are permitted and no warnings will be emitted
|
|
|
5a015b |
-via the syslog facility.
|
|
|
5a015b |
-If this option is set to
|
|
|
5a015b |
-.IR warn ,
|
|
|
5a015b |
-resolv+ will attempt to prevent hostname spoofing to
|
|
|
5a015b |
-enhance the security and log a warning of the error via the syslog
|
|
|
5a015b |
-facility.
|
|
|
5a015b |
-If this option is set to
|
|
|
5a015b |
-.IR nowarn ,
|
|
|
5a015b |
-the resolv+ library will attempt to prevent hostname spoofing to
|
|
|
5a015b |
-enhance the security but not emit warnings via the syslog facility.
|
|
|
5a015b |
-Setting this option to anything else is equal to setting it to
|
|
|
5a015b |
-.IR nowarn .
|
|
|
5a015b |
-.TP
|
|
|
5a015b |
.I reorder
|
|
|
5a015b |
Valid values are
|
|
|
5a015b |
.IR on " and " off .
|
|
|
5a015b |
@@ -135,15 +89,6 @@ override the behavior which is configured in
|
|
|
5a015b |
If set this variable points to a file that should be read instead of
|
|
|
5a015b |
.IR /etc/host.conf .
|
|
|
5a015b |
.TP
|
|
|
5a015b |
-.B RESOLV_SPOOF_CHECK
|
|
|
5a015b |
-Overrides the
|
|
|
5a015b |
-.IR nospoof ", " spoofalert " and " spoof
|
|
|
5a015b |
-commands in the same way as the
|
|
|
5a015b |
-.I spoof
|
|
|
5a015b |
-command is parsed.
|
|
|
5a015b |
-Valid values are
|
|
|
5a015b |
-.IR off ", " nowarn " and " warn .
|
|
|
5a015b |
-.TP
|
|
|
5a015b |
.B RESOLV_MULTI
|
|
|
5a015b |
Overrides the
|
|
|
5a015b |
.I multi
|
|
|
5a015b |
@@ -178,12 +123,6 @@ Resolver configuration file
|
|
|
5a015b |
Local hosts database
|
|
|
5a015b |
.SH NOTES
|
|
|
5a015b |
The following differences exist compared to the original implementation.
|
|
|
5a015b |
-A new command
|
|
|
5a015b |
-.I spoof
|
|
|
5a015b |
-and a new environment variable
|
|
|
5a015b |
-.B RESOLV_SPOOF_CHECK
|
|
|
5a015b |
-can take arguments like
|
|
|
5a015b |
-.IR off ", " nowarn " and " warn .
|
|
|
5a015b |
Line comments can appear anywhere and not only at the beginning of a line.
|
|
|
5a015b |
.SH SEE ALSO
|
|
|
5a015b |
.BR gethostbyname (3),
|
|
|
5a015b |
--
|
|
|
5a015b |
2.17.1
|
|
|
5a015b |
|