Clockwork

res_host(5)

NAME

res_host - Clockwork Resource Type for /etc/hosts entries

DESCRIPTION

The /etc/hosts file associates IP addresses to hostnames, without the use of external systems like NIS, LDAP or DNS. Through the host resource, a Clockwork policy can modify individual entries in /etc/hosts, without having to specify a complete map.

ATTRIBUTES

hostname

The hostname that the entry should map its IP address to.

ip

The IPv4 or IPv6 address for this entry.

alias
aliases

One or more hostname aliases. If multiple aliases are specified, they must be separated by a single space.

EXAMPLES

Basic Usage

Map 10.0.0.21 to the hostname 'testhost1':

host "testhost1" {
    ip: "10.0.0.21"
}

Alias Usage

Map 10.0.0.21 to 'testhost1', but make 'test-1' and 'lab1' aliases:

host "testhost1" {
    ip:    "10.0.0.21"
    alias: "test-1"
    alias: "lab1"
}

Same as above, but specify both aliases in a single directive:

host "testhost1" {
    ip:      "10.0.0.21"
    aliases: "test-1 lab1"
}

CAVEATS

Clockwork tries to be predictable and not clever. As such, it does not attempt to deal with certain edge cases that crop up when managing hosts file entries. Namely:

1. Consolidating Hosts

If /etc/hosts contains the following:

172.16.0.45   hosta
172.16.0.46   hostb
172.16.0.47   hostc

And the policy manifest only specifies these host resources:

host "hostb" { ip: "172.16.0.45" }
host "hostc" { ip: "172.16.0.47" }

Clockwork will not remove the entry for hosta. It won't even modify the entry for hostb, but will instead append a fourth:

172.16.0.45   hosta
172.16.0.46   hostb
172.16.0.47   hostc
172.16.0.45   hostb

2. Overlapping Canonical and Alias Hostnames

Clockwork does not try to reconciliate overlap between canonical hostnames and aliases. If you are experiencing issues in this space, please contact the developers so that we can understand your needs.

DEPENDENCIES

None.

BUGS

There is currently no way to remove a host entry.

There really should be an implicit dependency on /etc/hosts, if defined in the policy. That way, host resources take precedence over file resources, and administrators can push out a base /etc/hosts via res_file(5), and then tweak it with res_host.

Caveat #1 (see CAVEATS) could be side-stepped if a new attribute was introduced to: exclusive. This attribute could be set to "ip" or "hostname" and would instruct the fixup routines to kill off all other entries matching either the IP or the hostname (but not necessarily both).

AUTHOR

Clockwork was designed and written by James Hunt.

The Clockwork website is licensed under the Creative Commons Attribution-NoDerivs 3.0 United States License