On Wed, Mar 10, 2021 at 9:44 AM Grant Taylor < gtaylor@gentoo.tnetconsulting.net> wrote: > > On 3/10/21 6:27 AM, Mark Knecht wrote: > > Caveat - not an expert, just my meager understanding: > > > > 1) The name 'localhost' is historically for developers who want to > > access their own machine _without_ using DNS. > > Eh.... > > Using the /name/ "localhost" still uses name resolution. It could use > DNS or it may not. It /typically/ means the /etc/hosts file. But it > could mean DNS or NIS(+) or LDAP or something more esoteric. > OK, agreed, completely. localhost must be turned into an IP address. I guess what I was thinking was DNS means Server. If it's a Service then that's different. I think we're in agreement that if it can find the name in /etc/hosts, either actively or cached somewhere in memory, then it doesn't have to send anything over a cable to get the answer. And cable is too generic as I understand that DNS might be on this machine. Point taken. > IMHO what's special about the "localhost" name in particular is that > it's an agnostic / anycast method to say the local host that a given > program is running on without regard to what the actual host name is. > Agreed but I suspect if I don't have it in /etc/hosts then I'm unlikely to get results that make sense in real time, but that's case buy case. Again, completely agreed. > > 2) By general practice sometime in the deep, dark times 127.0.0.1 was > > accepted for this purpose. There's nothing special about the address. > > Deep, dark times? It's still used every single day across multiple > platforms, Linux, Unix, Windows, z/OS, i/OS, you name it. > I'm approaching my 66th birthday. Deep dark times for me are almost certainly more recent dates than for you. ;-) > > 3) I read the original quoted comment in the Kerberos Guide as a warning > > - 'to make matters worse, __SOME__" > > What did the warning mean to you? Because I took it as "be careful, > your $OS /may/ do this incorrectly". Where "this" is putting the FQDN > on the same line as 127.0.0.1 and / or ::1. > I took it as simply a Kerberos setup/config warning. Whoever wrote that had an opinion, experience or both and wanted you to know that. I didn't read anything more into it. The author cannot change what "some distros" do but wants to give you a fighting chance to get Kerberos working in case you're using one. Makes no sense to mention a specific distro because the list probably changes over time. Basically "You'd be wise to look at your /etc/hosts file and fix this silly configuration error that some distros do before trying to setup Kerberos" > I'm grateful for corroboration, but unfortunately that doesn't speak to > why the Gentoo handbook suggests what it does. I'm not a sys admin nor a Gentoo developer or documenter so I cannot comment on the manual specifically. As I no longer run Gentoo - I haven't for about 3 years other than one remaining VM seldom used and seldom updated - I'm way out of touch with the actual manual but interested in the subject. Over and out. - Mark