Of OSX and hosts files


So, just how do you override DNS for a hosts file under OS X? This was the question I was asked yesterday when trying to debug a problem for some friends, and I had to go do some research, because I wasn't sure of the answer.

The root of the problem is that I was familiar with OS X 10.1's habit of ignoring all text files and "knew" that that wouldn't work. Unfortunately for me, but fortunately for all OS X users, that isn't the case under OS X 10.2 (Jaguar).

Under Jaguar, lookupd (the software that handles all of the Unix-like calls to find out information for networking) has quite a few options and is quite a bit more intelligent.

lookupd acts as a "directory service information daemon", brokering requests from programs through the various methods that OS X can use to obtain the information. It also provides a cache (pronounced "cash", not "cash-eh", that is something completely different) that makes lookups faster and can lead to great confusion when trying to modify the behavior of the system.

Among the varied sources of the information are:

  • Apple's NetInfo system
  • Industry-standard DNS
  • Sun Microsystems' NIS (formerly Yellow Pages, now deprecated)
  • Industry-standard LDAP
  • Unix-standard flat files

For those familiar with other unix systems, the standard flat files (all located in the /etc/ directory and named hosts, groups, passwd, services, protocols, and networks). If you choose to use these, they should work "out of the box" without any changes, but be careful of the cache. To nuke the cache, you need to execute the following command lookupd -flushcache. This will eliminate all entries from the cache and apply whatever changes you have made to the system.

For those familiar with the NetInfo system, good for you. I'm still trying to find my way around its various names for things. However, if you are using a network-wide configuration, this is the way that Apple wants you to go.

By default, lookupd searches for host information (name to IP mappings primarily) using the following order: cache, flat file, DNS, NetInfo, and LDAP. This can be changed in a number of ways (look at the extensive information in "man lookupd"), but the most common is to set the parameters using NetInfo.

If you decide you want to change the order of search, or add additional parameters to the configuration, don't forget to "kill -HUP" the running version of lookupd so that it will trash the cache and restart the daemon.