I've tested that using a very short lived (TTL of 3 seconds) of a DNS A
record. nscd only respects positive-time-to-live from /etc/nscd.conf and not
DNS TTLS as it should.
It has very nasty side effects if the record in question is (e.g.) the IP of
the ldap server :)
To reproduce the problem, have a short lived A domain (e.g. 3 seconds) change
its IP. hosts $domain will answer the correct new IP after at most 3 seconds,
whereas getent hosts $domain will always return the old IP (until the
nscd.conf positive-time-to-live expires).
nscd does respect TTL. Only for getaddrinfo but this is OK since no program
should have use gethostbyaddr*.
Given the number of pre-2001 software still around (time at which gethostby*
calls were marked obsoletes) that indeed use gethostby* (and the number of
more recent software using it too, even being obsolete) you are just knowingly
Quite interesting indeed. Btw I tested this _BUG_ doing:
$ getent hosts ttl3.madism.org
which after 3 seconds does not make a new request as it should (running nscd
in debug mode shows it quite unambiguously).
Interestingly enough, getent (from the libc you know) does that:
$ ltrace getent hosts ttl3.madism.org > /dev/null
__libc_start_main(0x402e40, 3, 0x7fffeead3c08, 0x403c40, 0x403c30
mtrace() = <void>
textdomain("libc") = "libc"
argp_parse(0x5053e0, 3, 0x7fffeead3c08, 0, 0x7fffeead3af4) = 0
strcmp("hosts", "hosts") = 0
inet_pton(10, 0x7fffeead547b, 0x7fffeead3aa0, 0x5070c0, 0x5070d0) = 0
inet_pton(2, 0x7fffeead547b, 0x7fffeead3aa0, 0, 0x7fffeead3a40) = 0
gethostbyname2(0x7fffeead547b, 10, 0x7fffeead3aa0, 116, 0) = 0
gethostbyname2(0x7fffeead547b, 2, 1, 0, 0x2ae1c05b8790) = 0x2ae1bc33cfe0
inet_ntop(2, 0x5070f8, 0x7fffeead3a40, 46, 0) = 0x7fffeead3a40
printf("%-15s %s", "127.0.0.1", "ttl3.madism.org") = 31
+++ exited (status 0) +++
So now I'm not surprised anymore I guess. You are breaking your own software.
IMHO, given how broken gethostby* are with the use of nscd, either hosts
caching should be removed, or gethostby* generate a warning at link time so
that people get to know that those are not supported at *all*.
*** Bug 260998 has been marked as a duplicate of this bug. ***
Seen from the domain http://volichat.com
Page where seen: http://volichat.com/adult-chat-rooms
Marked for reference. Resolved as fixed @bugzilla.
The gethostbyname functions are not deprecated, so there is no compelling reason not to fix this.