DHCP, Samba and Dynamic updating from /etc/hosts
Ben Engbers
When I try to browse the windows-network at my work, my Fedora 11 laptop
doesn't even see that there is a network. The only way to connect to
shares or printers is by explicitly defining them in the smb-command
(having done that, samba works perfectly).
As far as I know, this is caused by the fact that my /etc/hosts only
contains the following lines:
127.0.0.1 localhost.localdomain localhost
BEL005W.BrouwerCP.home BEL005W
::1 localhost6.localdomain6 localhost6
I know there also should be a line with the IP-number but since I often
use other networks and I receive the IP-number from DHCP-servers, this
number constantly changes.
Is there a way to update /etc/hosts dynamically with the IP-number that
is given by the DHCP-server?
Ben
Bit Twister
> Is there a way to update /etc/hosts dynamically with the IP-number that
> is given by the DHCP-server?
Should be. How to do it will depend on your dhcp client and/or your linux
distribution.
On my Mandriva Linux, /sbin/dhclient-script will run
/etc/dhclient-exit-hooks if exists and perms set execute.
It also assumes you are running dhclient as your dhcp client.
My script touches up several files. Feel free to hack it up to suit
your needs. Not much of a script programmer, you might need to look
through http://tldp.org/LDP/abs/html/index.html
----------8<----------8<--cut below this line--------8<----------8<
#*******************************************************************
#*
#* dhclient-exit-hooks - Post processing dhcp client processor
#*
#* Updates /etc/sysconfig/network GATEWAY=new gateway ip addresses
#* /etc/resolv.conf has search/domain line removed.
#* and if postix resolv.conf exits, gets new resolv.conf
#* if they differ. Also plays with my shorewall firewall files.
#*
#* This script is called from /sbin/dhclient-script.
#* The variables: exit_status, reason, interface, and new*
#* are set in /sbin/dhclient-script
#*
#*
#* NOTE:
#* You need to set GATEWAYDEV= to your's (eth0, eth1,..)
#* and HOSTNAME=FQDN in /etc/sysconfig/network
#* root gets mail on fault reasons.
#*
#*
#* Install:
#* chmod +x dhclient-exit-hooks
#* cp dhclient-exit-hooks /etc/dhclient-exit-hooks
#*
#*
#*******************************************************************
if [ 1 -eq 0 ] ; then
_tmp_fn=/tmp/dhcp_env.$reason
echo ------------------ >> $_tmp_fn
date >> $_tmp_fn
env |sort >> $_tmp_fn
fi
#******************************************************
#* set a default gateway dev and host name value then
#* load user's values from /etc/sysconfig/network
#* if exists.
#******************************************************
HOSTNAME=$(/bin/hostname)
_in_fn=/etc/sysconfig/network
if [ -e $_in_fn ] ; then
source $_in_fn
else
mail -s "dhclient-exit-hooks fault: $_in_fn does not exists" root < /dev/null
fi
if [ -z "$GATEWAYDEV" ] ; then
mail -s "dhclient-exit-hooks fault: set GATEWAYDEV in /etc/sysconfig/network" root < /dev/null
GATEWAYDEV=eth0
fi
if [ "$interface" = "$GATEWAYDEV" ] ; then
case $reason in
PREINIT|STOP)
;;
EXPIRE|FAIL|RELEASE|NBI|TIMEOUT)
env > /tmp/env.exit
chown document:document /tmp/env.exit
mail -s "dhclient-exit-hooks fault: $reason $exit_status" root < /tmp/env.exit
;;
BOUND|RENEW|REBIND|REBOOT|EXPIRE)
#******** change GATEWAY IP in /etc/sysconfig/network ******
_in_fn=/etc/sysconfig/network
_tmp_fn=/tmp/network
/bin/grep -v "GATEWAY=" $_in_fn > $_tmp_fn
/bin/echo "GATEWAY=$new_routers" >> $_tmp_fn
/usr/bin/cmp -s $_tmp_fn $_in_fn
if [ $? -ne 0 ] ; then
/bin/cp $_tmp_fn $_in_fn
fi
/bin/rm $_tmp_fn
#******** change GATEWAY IP in ifcfg-$GATEWAYDEV ******
_in_fn=/etc/sysconfig/network-scripts/ifcfg-$GATEWAYDEV
_tmp_fn=/tmp/ifcfg
_count=$(/bin/grep --count "GATEWAY=" $_in_fn )
if [ $_count -gt 0 ] ; then
/bin/grep -v "GATEWAY=" $_in_fn > $_tmp_fn
/bin/echo "GATEWAY=$new_routers" >> $_tmp_fn
/usr/bin/cmp -s $_tmp_fn $_in_fn
if [ $? -ne 0 ] ; then
/bin/cp $_tmp_fn $_in_fn
fi
/bin/rm $_tmp_fn
fi
#******** add new_ip fqdn alias to /etc/hosts ******
_host=$HOSTNAME
/bin/hostname $_host
_ifs_bkup="${IFS}"
IFS="."
set $_host
_alias=$1
IFS="${_ifs_bkup}"
_in_fn=/etc/hosts
_tmp_fn=/tmp/hosts
/bin/echo -e "127.0.0.1\tlocalhost.localdomain localhost " > $_tmp_fn
/bin/echo -e "$new_ip_address\t$_host\t$_alias" >> $_tmp_fn
/bin/grep -v "$_host" $_in_fn | grep -v 127.0.0.1 \
| /bin/grep -v $new_ip_address >> $_tmp_fn
/usr/bin/cmp -s $_tmp_fn $_in_fn
if [ $? -ne 0 ] ; then
/bin/cp $_tmp_fn $_in_fn
fi
/bin/rm $_tmp_fn
#******** strip out search/domain line in /etc/resolv.conf ******
#******************************************************
#* remove search, domain lines and append a public dns server
#******************************************************
/bin/grep -iv search /etc/resolv.conf \
| /bin/grep -iv domain > /tmp/resolv.conf
/usr/bin/cmp -s /tmp/resolv.conf /etc/resolv.conf
if [ $? -ne 0 ] ; then
/bin/cp /tmp/resolv.conf /etc/resolv.conf
fi
/bin/rm /tmp/resolv.conf
#********* update postfix with new conf files ****************
_chg_flg=0
if [ -e /var/spool/postfix/etc/resolv.conf ] ; then
/usr/bin/cmp -s /etc/resolv.conf /var/spool/postfix/etc/resolv.conf
if [ $? -ne 0 ] ; then
_chg_flg=1
/bin/cp /etc/resolv.conf /var/spool/postfix/etc/resolv.conf
fi
/usr/bin/cmp -s /etc/hosts /var/spool/postfix/etc/hosts
if [ $? -ne 0 ] ; then
_chg_flg=1
/bin/cp /etc/hosts /var/spool/postfix/etc/hosts
fi
if [ $_chg_flg -eq 1 ] ; then
service postfix restart
fi
fi
#********* update shorewall pram file ****************
#******************************************************
#* Strip PATH from dhcp.env, swap any space for comma
#******************************************************
env | sort | grep -v "bin" | sed "s/ /,/g" > /tmp/dhcp.env
chmod 755 /tmp/dhcp.env
/local/bin/update_shorewall $interface
;;
*)
mail -s "dhclient-exit-hooks fault: unknown reason $reason" root < /dev/null
;;
esac
fi
/bin/true
#************* end /etc/dhclient-exit-hooks **************************
Ben Engbers
> On Fri, 13 Nov 2009 00:56:42 +0100, Ben Engbers wrote:
>
>> Is there a way to update /etc/hosts dynamically with the IP-number that
>> is given by the DHCP-server?
>
> Should be. How to do it will depend on your dhcp client and/or your linux
> distribution.
>
> On my Mandriva Linux, /sbin/dhclient-script will run
> /etc/dhclient-exit-hooks if exists and perms set execute.
> It also assumes you are running dhclient as your dhcp client.
>
> My script touches up several files. Feel free to hack it up to suit
> your needs. Not much of a script programmer, you might need to look
> through http://tldp.org/LDP/abs/html/index.html
I have never had the need to dive into scripting before but one has to
be the first.
Ben
Chris Davies
> When I try to browse the windows-network at my work, my Fedora 11 laptop
> doesn't even see that there is a network. The only way to connect to
> shares or printers is by explicitly defining them in the smb-command
> (having done that, samba works perfectly).
> Is there a way to update /etc/hosts dynamically with the IP-number that
> is given by the DHCP-server?
Actually, I think you should be looking at two things:
1. DHCP should be updating your resolv.conf and smb.conf files
automatically, so that names can be resolved "correctly" [*] and the
Windows network made visible to your laptop
2. If you're in an Active Directory environment you might want to consider
joining your laptop to the domain. It's fiddly but IMO helps tremendously
with integration into the Windows world of network shares.
Chris
[*] For some definitions of "correctly", of course
Ben Engbers
> Ben Engbers<Ben.E...@be-logical.nl> wrote:
>>
>
>> Is there a way to update /etc/hosts dynamically with the IP-number that
>> is given by the DHCP-server?
>
> Actually, I think you should be looking at two things:
>
> 1. DHCP should be updating your resolv.conf and smb.conf files
> automatically, so that names can be resolved "correctly" [*] and the
> Windows network made visible to your laptop
>
> 2. If you're in an Active Directory environment you might want to consider
> joining your laptop to the domain. It's fiddly but IMO helps tremendously
> with integration into the Windows world of network shares.
Can you give any hints on how I should do this?
Untill now, it was officially forbidden to plug in Linux desktops on our
network but as long as I was very careful and reported everything that
was unusual to the system-administrators, they even helped me by giving
information that I needed.
Now I have been allowed to experiment with the Linux Desktop so probably
they'll give me the extra information that I need to join the domain.
Ben
Günther Schwarz
> Op 13-11-09 14:21, Chris Davies schreef:
>> Ben Engbers<Ben.E...@be-logical.nl> wrote:
>> 2. If you're in an Active Directory environment you might want to
>> consider joining your laptop to the domain. It's fiddly but IMO helps
>> tremendously with integration into the Windows world of network shares.
>
> Can you give any hints on how I should do this?
From your email address it seems that you are from the Netherlands. So
there might be a little German available. German iX magazine recently had
an instructive step by step tutorial on how to join linux clients to an
AD domain (10/2008, p 134).
Günther
Chris Davies
>> automatically, so that names can be resolved "correctly" [*] and the
>> Windows network made visible to your laptop
>>
>> 2. If you're in an Active Directory environment you might want to consider
>> joining your laptop to the domain. It's fiddly but IMO helps tremendously
>> with integration into the Windows world of network shares.
Ben Engbers <Ben.E...@be-logical.nl> wrote:
> Can you give any hints on how I should do this?
Which, #1 or #2?
Item (1) should just happen automatically. Item (2) is trick but on my
Debian box it was a case of installing krb5-bin, samba, and winbind and
then fixing up the krb5.conf, smb.conf, and nsswitch.conf files to match
recommendations on the 'web.
krb5.conf
[libdefaults]
default_realm = WINDOWS.DOM.AIN
...
[realms]
WINDOWS.DOM.AIN = {
kdc = dc.windows.dom.ain
admin_server = dc.windows.dom.ain
}
smb.conf
[global]
workgroup = WINDOWS-DOMAIN
include = /etc/samba/dhcp.conf
netbios name = YOUR_PC_NAME
winbind separator = /
idmap backend = tdb
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind cache time = 3600
winbind enum users = no # maybe yes
winbind enum groups = no # maybe yes
winbind nested groups = yes
winbind normalize names = no
security = ADS
encrypt passwords = true
realm = WINDOWS.DOM.AIN
password server = *
preferred master = no
map to guest = bad uid
client signing = yes
client ntlmv2 auth = yes
client lanman auth = no
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
nsswitch.conf
passwd: compat ldap winbind
group: compat ldap winbind
shadow: compat
hosts: files dns
...
If you intend to export a share that has access rights managed by group
membership or user identification, you'll need to set the corresponding
winbind enum value to yes.
Then you can do this:
kinit win_...@WINDOWS.DOM.AIN # Someone with rights to join PCs to the domain
net ads join -U win_user
net ads testjoin
> Now I have been allowed to experiment with the Linux Desktop so probably
> they'll give me the extra information that I need to join the domain.
If they won't give you the information then perhaps one of them will
come and join your system to the Domain for you. (That's how it initially
worked for me.)
Chris
Ben Engbers
>> Op 13-11-09 14:21, Chris Davies schreef:
>>> 1. DHCP should be updating your resolv.conf and smb.conf files
>>> automatically, so that names can be resolved "correctly" [*] and the
>>> Windows network made visible to your laptop
>>>
>>> 2. If you're in an Active Directory environment you might want to consider
>>> joining your laptop to the domain. It's fiddly but IMO helps tremendously
>>> with integration into the Windows world of network shares.
>
> Ben Engbers<Ben.E...@be-logical.nl> wrote:
>> Can you give any hints on how I should do this?
>
> Which, #1 or #2?
>
> Item (1) should just happen automatically.
configuring Samba or browsing then network.
Since then, I'm still puzzling why things won't work as I want to...
Nonetheless thanks for your instructions.
Ben
Chris Davies
> Before I changed from fixed IP to DHCP, I never had any problems
> configuring Samba or browsing then network.
> Since then, I'm still puzzling why things won't work as I want to...
Let me get this clear: you're using DHCP and you can't browse the
(Windows) network?
(a) Your /etc/resolv.conf should be updated with the DNS resolvers
provided through DHCP. Check the date/time stamp on that file - it should
match the date/time you last got an IP address
(b) You need to get the samba subsystem to obtain its WINS servers as
part of the DHCP process. On my Debian box, that's taken care of with
the line,
include = /etc/samba/dhcp.conf
This is updated through /etc/dhcp3/dhclient-enter-hooks.d/samba, which
is triggered as part of the DHCP acquisition process.
Chris
Joe Pfeiffer
> Ben Engbers <Ben.E...@be-logical.nl> wrote:
>> Before I changed from fixed IP to DHCP, I never had any problems
>> configuring Samba or browsing then network.
>> Since then, I'm still puzzling why things won't work as I want to...
>
> Let me get this clear: you're using DHCP and you can't browse the
> (Windows) network?
>
> (a) Your /etc/resolv.conf should be updated with the DNS resolvers
> provided through DHCP. Check the date/time stamp on that file - it should
> match the date/time you last got an IP address
>
> (b) You need to get the samba subsystem to obtain its WINS servers as
> part of the DHCP process. On my Debian box, that's taken care of with
> the line,
>
> include = /etc/samba/dhcp.conf
What configuration file should this be in?
> This is updated through /etc/dhcp3/dhclient-enter-hooks.d/samba, which
> is triggered as part of the DHCP acquisition process.
>
> Chris
--
As we enjoy great advantages from the inventions of others, we should
be glad of an opportunity to serve others by any invention of ours;
and this we should do freely and generously. (Benjamin Franklin)
Ben Engbers
> Chris Davies<chris-...@roaima.co.uk> writes:
>
>> Let me get this clear: you're using DHCP and you can't browse the
>> (Windows) network?
I can't browse ANY of the networks I'm using, neither my network at home
nor the network at my office.
I am using Fedora 11. I did a clean install and during the installation
procedure, I said that the IP-address would come from a DHCP-server.
As far as I can remember, I only had to provide the IP from the gateway.
I can't remember having changed anything in the smb.conf.
I never had any problem accessing the internet or my printers but the
only way to access shares, was by explicitly mounting them with smbclient.
Before using Fedora 11, I have used nearly all distributions from RedHat
5.1 to Fedora 7 and I never had any problems finding shares. I don't
know what has changed from 7 to 11.
>> (a) Your /etc/resolv.conf should be updated with the DNS resolvers
>> provided through DHCP. Check the date/time stamp on that file - it should
>> match the date/time you last got an IP address
This is my resolv.conf:
[root@BEL005W etc]# cat resolv.conf
# Generated by NetworkManager
nameserver 192.168.0.1
[root@BEL005W etc]# ls -al res*
-rw-r--r--. 1 root root 53 nov 22 12:55 resolv.conf
Tomorrow I'll check if it is also updated with the nameserver from work.
>> (b) You need to get the samba subsystem to obtain its WINS servers as
>> part of the DHCP process. On my Debian box, that's taken care of with
>> the line,
>>
>> include = /etc/samba/dhcp.conf
>
> What configuration file should this be in?
>
>> This is updated through /etc/dhcp3/dhclient-enter-hooks.d/samba, which
>> is triggered as part of the DHCP acquisition process.
>>
>> Chris
I don't have neither a dhcp.conf nor dhclient-enter-hooks.
Ben
PS.
While searching for dhcp.conf, I found that there exists a
/sbin/dhclient-script and it looks as if this script is meant to handle
my problem.
I wonder why it doesn't do that???
Chris Davies
> [root@BEL005W etc]# cat resolv.conf
> # Generated by NetworkManager
> nameserver 192.168.0.1
All bets are off. I remove Network Manager (and the avahi daemon) from
all my boxes.
Chris
Ben Engbers
> Tomorrow I'll check if it is also updated with the nameserver from work.
>
The resolv.conf is updated when I connect to another domain so I know
that at least one file is updated.
I guess this leaves nothing else then really start digging into the
documentation for DHCP, Samba and who knows what else will cross my path ;-(
Ben