return in nsswitch.conf not working

[William Edwards]

Dear reader,

This is the line for hosts in my nsswitch.conf:

hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4

Both 'files' and 'mdns4_minimal' return NOTFOUND for a lookup:

root@http-lyr01:~# getent -s hosts:files hosts williamedwards.nl
root@http-lyr01:~# echo $?
2
root@http-lyr01:~# getent -s hosts:mdns4_minimal hosts
williamedwards.nl
root@http-lyr01:~# echo $?
2

Quoting the 'exit status' section in getent(1):

2 One or more supplied key could not be found in the database.

However, the 'dns' database (which comes *after* the return statement)
is also used, as my lookup succeeds with the result that the 'dns'
database returns.

Could anyone explain why that is? I would expect the lookup to fail
because of the 'NOTFOUND=return'.

--
With kind regards,

William Edwards

[David Wright]

I've not found it easy to answer this question from any
documentation normally installed, though the answer might be
implied by what's there. AIUI from what I've read, mdns4_minimal
only considers resolving .local and 169.254.x.x addresses,
and is designed to prevent such address queries being sent to
the Internet nameservers. Any other addresses, like those
you used, bypass mdns4_minimal [NOTFOUND=return] entirely.
You can demonstrate this to yourself by typing:

18:21:14 ~ $ :
18:21:29 ~ $ getent -s hosts:mdns4_minimal hosts foo
2 18:21:31 ~ $ :
18:21:33 ~ $ getent -s hosts:mdns4_minimal hosts foo.local
2 18:21:41 ~ $

where you can see the non-lookup of an unknown host takes no time at
all, whereas adding .local causes a five second timeout before the
real lookup fails. (My prompt includes the return code.)

Cheers,
David.