Solaris 11: DNS Client Configuration Using Svccfg
In Solaris 11, alot of configurations are being moved from configuration files into the Service Management Framework. Here we will discuss this change around the DNS client.
View Existing DNS Client Configuration
# svccfg -s network/dns/client listprop config config application config/value_authorization astring solaris.smf.value.name-service.dns.client config/domain astring test.local config/nameserver net_address 10.0.0.152
Update Existing DNS Client Configuration
Here we will update our name servers. In this case we are replacing the original with two different addresses.
# svccfg -s network/dns/client setprop config/nameserver = net_address: "(10.0.0.141 10.0.0.142)"
Here we are changing the domain to b.test.local.
# svccfg -s network/dns/client setprop config/domain = astring: b.test.local
And we are defining a previously undefined setting for the search domains, we are including test.local and b.test.local.
# svccfg -s network/dns/client setprop config/search = astring: '("test.local" "b.test.local")'
Here we are defining our name resolution order.
# svccfg -s name-service/switch setprop config/ipnodes = astring: '("files dns")'
# svccfg -s name-service/switch setprop config/host = astring: '("files dns")'
Review Changed DNS Client Configuration
# svccfg -s network/dns/client listprop config config application config/value_authorization astring solaris.smf.value.name-service.dns.client config/domain astring b.test.local config/nameserver net_address 10.0.0.141 10.0.0.142 config/search astring "test.local" "b.test.local"
Review Changed Name Service Configuration
# svccfg -s name-service/switch listprop config config application config/default astring files config/value_authorization astring solaris.smf.value.name-service.switch config/printer astring "user files" config/ipnodes astring "files dns" config/host astring "files dns"
Export DNS Client Configuration
This command will build an /etc/resolv.conf based on your settings above.
# svcadm enable dns/client # nscfg export svc:/network/dns/client:default
# cat /etc/resolv.conf # # Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved. # # # _AUTOGENERATED_FROM_SMF_V1_ # # WARNING: THIS FILE GENERATED FROM SMF DATA. # DO NOT EDIT THIS FILE. EDITS WILL BE LOST. # See resolv.conf(4) for details. domain b.test.local search test.local b.test.local nameserver 10.0.0.141 nameserver 10.0.0.142
If you manually edit the /etc/resolv.conf then your changes will be lost on a restart of the network/dns/client service or a reboot, as the warning says.
Export Name Service Configurations
# svcadm refresh name-service/switch
# cat /etc/nsswitch.conf # # _AUTOGENERATED_FROM_SMF_V1_ # # WARNING: THIS FILE GENERATED FROM SMF DATA. # DO NOT EDIT THIS FILE. EDITS WILL BE LOST. # See nsswitch.conf(4) for details. passwd: files group: files hosts: files dns ipnodes: files dns networks: files protocols: files rpc: files ethers: files netmasks: files bootparams: files publickey: files netgroup: files automount: files aliases: files services: files printers: user files project: files auth_attr: files prof_attr: files tnrhtp: files tnrhdb: files sudoers: files
An Extra Trick
Now if you can’t be bothered to do things the new way they also put in an import mechanism, whereby you can take advantage of your existing knowledge and simply import your modified configuration files into the SMF to manage them going forward.
So modify up your /etc/resolv.conf and your /etc/nsswitch.conf and then import them with nscfg.
# nscfg import -f name-service/switch:default # nscfg import -f dns/client:default
UPDATE
December 30, 2012
I have modifed my commands above to account for the mistakes that noxxsan and Mikel brought forth in the comments. Sorry for the delay. I additionally added the import trick.
i dont know but to apply those DNS changes i needed to run some other commands:
svccfg
svc:/network/dns/client> select dns/client:default
svc:/network/dns/client:default> refresh
svc:/network/dns/client:default> validate
svc:/network/dns/client:default> select name-service/switch
svc:/system/name-service/switch> setprop config/host = astring: “files dns”
svc:/system/name-service/switch> select system/name-service/switch:default
svc:/system/name-service/switch:default> refresh
svc:/system/name-service/switch:default> validate
svc:/system/name-service/switch:default>
# svcadm enable dns/client
# svcadm refresh name-service/switch
http://docs.oracle.com/cd/E23824_01/html/E24456/gliyc.html#OSTELgllcu
You have two errors in the following line:
svccfg -s network/dns/client setprop config/host = astring: ‘(“files” “dns”)’
should be:
svccfg -s name-service/switch setprop config/host = astring: ‘(“files dns”)’
Has it not struck anyone how absolutely stupid and overcomplicated this is? What is the benefit?
Hi Charles,
The benefit is having the Service Management Framework manage it. The overcomplications you are seeing are relating to maintaining facilities to help people get used to the new way. The SMF is really pretty simple and elegant. That said only time will tell if having DNS client configurations in the SMF is worth it.
-matt
That all things for setting a dns clients