nsswitch.conf(5) - phpMan

Command: man perldoc info search(apropos)  


NSSWITCH.CONF(5)                    Linux Programmer's Manual                    NSSWITCH.CONF(5)



NAME
       nsswitch.conf - Name Service Switch configuration file

DESCRIPTION
       The Name Service Switch (NSS) configuration file, /etc/nsswitch.conf, is used by the GNU C
       Library to determine the sources from which to obtain name-service information in a  range
       of  categories,  and in what order.  Each category of information is identified by a data-
       base name.

       The file is plain ASCII text, with columns separated by spaces  or  tab  characters.   The
       first  column  specifies  the  database name.  The remaining columns describe the order of
       sources to query and a limited set of actions that can be performed by lookup result.

       The following databases are understood by the GNU C Library:

       aliases     Mail aliases, used by getaliasent(3) and related functions.

       ethers      Ethernet numbers.

       group       Groups of users, used by getgrent(3) and related functions.

       hosts       Host names and numbers, used by gethostbyname(3) and related functions.

       initgroups  Supplementary group access list, used by getgrouplist(3) function.

       netgroup    Network-wide list of hosts and users, used  for  access  rules.   C  libraries
                   before glibc 2.1 supported netgroups only over NIS.

       networks    Network names and numbers, used by getnetent(3) and related functions.

       passwd      User passwords, used by getpwent(3) and related functions.

       protocols   Network protocols, used by getprotoent(3) and related functions.

       publickey   Public and secret keys for Secure_RPC used by NFS and NIS+.

       rpc         Remote  procedure  call names and numbers, used by getrpcbyname(3) and related
                   functions.

       services    Network services, used by getservent(3) and related functions.

       shadow      Shadow user passwords, used by getspnam(3) and related functions.

       Here is an example /etc/nsswitch.conf file:

           passwd:         compat
           group:          compat
           shadow:         compat

           hosts:          dns [!UNAVAIL=return] files
           networks:       nis [NOTFOUND=return] files
           ethers:         nis [NOTFOUND=return] files
           protocols:      nis [NOTFOUND=return] files
           rpc:            nis [NOTFOUND=return] files
           services:       nis [NOTFOUND=return] files

       The first column is the database name.  The remaining columns specify:

       *  One or more service specifications e.g., "files", "db", or "nis".   The  order  of  the
          services  on  the line determines the order in which those services will be queried, in
          turn, until a result is found.

       *  Optional actions to perform if a particular result is obtained from the preceding  ser-
          vice, e.g., "[NOTFOUND=return]".

       The  service  specifications  supported  on  your  system depend on the presence of shared
       libraries, and are therefore extensible.  Libraries called  /lib/libnss_SERVICE.so.X  will
       provide  the named SERVICE.  On a standard installation, you can use "files", "db", "nis",
       and "nisplus".  For the hosts database, you  can  additionally  specify  "dns".   For  the
       passwd,  group,  and shadow databases, you can additionally specify "compat" (see Compati-
       bility mode below).  The version number X may be 1 for glibc 2.0, or 2 for glibc  2.1  and
       later.   On  systems  with  additional libraries installed, you may have access to further
       services such as "hesiod", "ldap", "winbind" and "wins".

       An action may also be specified following a service specification.   The  action  modifies
       the  behavior  following  a  result obtained from the preceding data source.  Action items
       take the general form:

           [STATUS=ACTION]
           [!STATUS=ACTION]

       where

           STATUS => success | notfound | unavail | tryagain
           ACTION => return | continue

       The ! negates the test, matching all possible results except the one specified.  The  case
       of the keywords is not significant.

       The  STATUS  value is matched against the result of the lookup function called by the pre-
       ceding service specification, and can be one of:

           success     No error occurred and the requested entry is returned.  The default action
                       for this condition is "return".

           notfound    The  lookup succeeded, but the requested entry was not found.  The default
                       action for this condition is "continue".

           unavail     The service is permanently unavailable.  This can  mean  either  that  the
                       required file cannot be read, or, for network services, that the server is
                       not available or does not allow queries.  The default action for this con-
                       dition is "continue".

           tryagain    The  service is temporarily unavailable.  This could mean a file is locked
                       or a server currently cannot accept more connections.  The default  action
                       for this condition is "continue".

       The ACTION value can be one of:

           return      Return  a result now.  Do not call any further lookup functions.  However,
                       for compatibility reasons, if this is the selected action  for  the  group
                       database and the notfound status, and the configuration file does not con-
                       tain the initgroups line, the next lookup function is always called, with-
                       out affecting the search result.

           continue    Call the next lookup function.

   Compatibility mode (compat)
       The NSS "compat" service is similar to "files" except that it additionally permits special
       entries in /etc/passwd for granting users or members of netgroups access  to  the  system.
       The following entries are valid in this mode:

           +user       Include the specified user from the NIS passwd map.

           +@netgroup  Include all users in the given netgroup.

           -user       Exclude the specified user from the NIS passwd map.

           -@netgroup  Exclude all users in the given netgroup.

           +           Include  every  user, except previously excluded ones, from the NIS passwd
                       map.

       By default the source is "nis", but this may be overridden by specifying "nisplus" as  the
       source for the pseudo-databases passwd_compat, group_compat, and shadow_compat.

FILES
       A  service  named  SERVICE  is  implemented  by  a shared object library named libnss_SER-
       VICE.so.X that resides in /lib.

           /etc/nsswitch.conf       NSS configuration file.
           /lib/libnss_compat.so.X  implements "compat" source.
           /lib/libnss_db.so.X      implements "db" source.
           /lib/libnss_dns.so.X     implements "dns" source.
           /lib/libnss_files.so.X   implements "files" source.
           /lib/libnss_hesiod.so.X  implements "hesiod" source.
           /lib/libnss_nis.so.X     implements "nis" source.
           /lib/libnss_nisplus.so.X implements "nisplus" source.

NOTES
       Within each process that uses nsswitch.conf, the entire file is read only  once.   If  the
       file is later changed, the process will continue using the old configuration.

       Traditionally,  there  was only a single source for service information, often in the form
       of a single configuration file (e.g., /etc/passwd).  However, as other name services, such
       as  the  Network Information Service (NIS) and the Domain Name Service (DNS), became popu-
       lar, a method was needed that would be more flexible than fixed search orders  coded  into
       the  C  library.  The Name Service Switch mechanism, which was based on the mechanism used
       by Sun Microsystems in the Solaris 2 C library, introduced a cleaner solution to the prob-
       lem.

SEE ALSO
       getent(1), nss(5)

COLOPHON
       This  page  is  part of release 3.53 of the Linux man-pages project.  A description of the
       project,    and    information    about    reporting    bugs,    can    be    found     at
       http://www.kernel.org/doc/man-pages/.



Linux                                       2013-02-12                           NSSWITCH.CONF(5)

Generated by $Id: phpMan.php,v 4.55 2007/09/05 04:42:51 chedong Exp $ Author: Che Dong
On Apache
Under GNU General Public License
2018-05-26 08:17 @127.0.0.1 CrawledBy CCBot/2.0 (http://commoncrawl.org/faq/)
Valid XHTML 1.0!Valid CSS!