nss-resolve (8)

NAME

SYNOPSIS

libnss_resolve.so.2

DESCRIPTION

nss-resolve is a plug-in module for the GNU Name Service Switch (NSS) functionality of the GNU C Library (glibc) enabling it to resolve host names via the systemd-resolved(8) local network name resolution service. It replaces the nss-dns plug-in module that traditionally resolves hostnames via DNS.

To activate the NSS module, add "resolve" to the line starting with "hosts:" in /etc/nsswitch.conf.

It is recommended to place "resolve" early in /etc/nsswitch.conf' "hosts:" line (but after the "files" or "mymachines" entries), replacing the "dns" entry if it exists, to ensure DNS queries are always routed via systemd-resolved(8).

Note that nss-resolve will chain-load nss-dns if systemd-resolved.service is not running, ensuring that basic DNS resolution continues to work if the service is down.

EXAMPLE

Here is an example /etc/nsswitch.conf file that enables nss-resolve correctly:

passwd:         compat mymachines systemd
group:          compat mymachines systemd
shadow:         compat

hosts:          files mymachines resolve [!UNAVAIL=return] dns myhostname
networks:       files

protocols:      db files
services:       db files
ethers:         db files
rpc:            db files

netgroup:       nis

This keeps the dns module as a fallback for cases where the nss-resolve module is not installed.

SEE ALSO

systemd(1), systemd-resolved(8), nss-systemd(8), nss-myhostname(8), nss-mymachines(8), nsswitch.conf(5)