2004-11-03 13:51:07 +00:00
|
|
|
.\" Copyright (c) 1998, 1999 Thorsten Kukuk (kukuk@vt.uni-paderborn.de)
|
2012-03-28 21:47:10 +00:00
|
|
|
.\" Copyright (c) 2011, Mark R. Bannister <cambridge@users.sourceforge.net>
|
2004-11-03 13:51:07 +00:00
|
|
|
.\"
|
getent.1, _syscall.2, acct.2, adjtimex.2, bdflush.2, brk.2, cacheflush.2, getsid.2, getxattr.2, inotify_add_watch.2, inotify_init.2, inotify_rm_watch.2, ioperm.2, ipc.2, listxattr.2, mlock.2, modify_ldt.2, mremap.2, nanosleep.2, outb.2, perf_event_open.2, ptrace.2, removexattr.2, s390_runtime_instr.2, sched_get_priority_max.2, sched_rr_get_interval.2, sched_setaffinity.2, sched_setparam.2, sched_setscheduler.2, sched_yield.2, setsid.2, setxattr.2, socketcall.2, unimplemented.2, aio_cancel.3, aio_error.3, aio_fsync.3, aio_read.3, aio_return.3, aio_suspend.3, aio_write.3, cfree.3, crypt.3, dlopen.3, encrypt.3, errno.3, fenv.3, ftime.3, ftw.3, getgrent_r.3, getpass.3, getpwent_r.3, getutent.3, hsearch.3, lio_listio.3, lockf.3, login.3, longjmp.3, perror.3, printf.3, scandirat.3, setjmp.3, strfmon.3, strtoimax.3, termios.3, ttyname.3, ualarm.3, updwtmp.3, wcstoimax.3, wordexp.3, console_ioctl.4, dsp56k.4, fd.4, hd.4, intro.4, lp.4, mem.4, null.4, ram.4, rtc.4, sk98lin.4, tty.4, ttyS.4, vcs.4, filesystems.5, group.5, host.conf.5, hosts.5, intro.5, issue.5, motd.5, networks.5, nologin.5, nsswitch.conf.5, passwd.5, proc.5, protocols.5, securetty.5, shells.5, termcap.5, ttytype.5, utmp.5, intro.6, armscii-8.7, ascii.7, bootparam.7, cp1251.7, environ.7, glob.7, intro.7, iso_8859-1.7, iso_8859-10.7, iso_8859-11.7, iso_8859-13.7, iso_8859-14.7, iso_8859-15.7, iso_8859-16.7, iso_8859-2.7, iso_8859-3.7, iso_8859-4.7, iso_8859-5.7, iso_8859-6.7, iso_8859-7.7, iso_8859-8.7, iso_8859-9.7, koi8-r.7, koi8-u.7, posixoptions.7, standards.7, unicode.7, utf-8.7, intro.8: s/GPLv2+_doc_full/GPLv2+_DOC_FULL/
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2013-03-10 09:29:46 +00:00
|
|
|
.\" %%%LICENSE_START(GPLv2+_DOC_FULL)
|
2004-11-03 13:51:07 +00:00
|
|
|
.\" This is free documentation; you can redistribute it and/or
|
|
|
|
.\" modify it under the terms of the GNU General Public License as
|
|
|
|
.\" published by the Free Software Foundation; either version 2 of
|
|
|
|
.\" the License, or (at your option) any later version.
|
|
|
|
.\"
|
|
|
|
.\" The GNU General Public License's references to "object code"
|
|
|
|
.\" and "executables" are to be interpreted as the output of any
|
|
|
|
.\" document formatting or typesetting system, including
|
|
|
|
.\" intermediate and printed output.
|
|
|
|
.\"
|
|
|
|
.\" This manual is distributed in the hope that it will be useful,
|
|
|
|
.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
.\" GNU General Public License for more details.
|
|
|
|
.\"
|
|
|
|
.\" You should have received a copy of the GNU General Public
|
getent.1, _syscall.2, acct.2, adjtimex.2, bdflush.2, brk.2, cacheflush.2, getsid.2, getxattr.2, inotify_add_watch.2, inotify_init.2, inotify_rm_watch.2, ioperm.2, ipc.2, listxattr.2, mlock.2, modify_ldt.2, mremap.2, nanosleep.2, outb.2, ptrace.2, removexattr.2, sched_get_priority_max.2, sched_rr_get_interval.2, sched_setaffinity.2, sched_setparam.2, sched_setscheduler.2, sched_yield.2, setsid.2, setxattr.2, socketcall.2, unimplemented.2, aio_cancel.3, aio_error.3, aio_fsync.3, aio_read.3, aio_return.3, aio_suspend.3, aio_write.3, cfree.3, crypt.3, dlopen.3, errno.3, fenv.3, ftime.3, ftw.3, getgrent_r.3, getpass.3, getpwent_r.3, getutent.3, hsearch.3, lio_listio.3, login.3, longjmp.3, perror.3, printf.3, scandirat.3, setjmp.3, strfmon.3, strtoimax.3, termios.3, ttyname.3, ualarm.3, wcstoimax.3, wordexp.3, console_ioctl.4, dsp56k.4, fd.4, hd.4, intro.4, lp.4, mem.4, null.4, ram.4, rtc.4, sk98lin.4, tty.4, ttyS.4, vcs.4, charmap.5, filesystems.5, ftpusers.5, gai.conf.5, group.5, host.conf.5, hosts.5, intro.5, issue.5, locale.5, motd.5, networks.5, nologin.5, nscd.conf.5, nss.5, nsswitch.conf.5, passwd.5, proc.5, protocols.5, securetty.5, shells.5, termcap.5, ttytype.5, utmp.5, intro.6, armscii-8.7, ascii.7, bootparam.7, cp1251.7, cpuset.7, environ.7, glob.7, intro.7, iso_8859-1.7, iso_8859-10.7, iso_8859-11.7, iso_8859-13.7, iso_8859-14.7, iso_8859-15.7, iso_8859-16.7, iso_8859-2.7, iso_8859-3.7, iso_8859-4.7, iso_8859-5.7, iso_8859-6.7, iso_8859-7.7, iso_8859-8.7, iso_8859-9.7, koi8-r.7, koi8-u.7, posixoptions.7, standards.7, unicode.7, utf-8.7, intro.8, ldconfig.8, nscd.8: Global fix: Update info in source comments on where to get a copy of the GPL
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2013-03-10 09:28:43 +00:00
|
|
|
.\" License along with this manual; if not, see
|
|
|
|
.\" <http://www.gnu.org/licenses/>.
|
getent.1, _syscall.2, acct.2, adjtimex.2, bdflush.2, brk.2, cacheflush.2, getsid.2, getxattr.2, inotify_add_watch.2, inotify_init.2, inotify_rm_watch.2, ioperm.2, ipc.2, listxattr.2, mlock.2, modify_ldt.2, mremap.2, nanosleep.2, outb.2, perf_event_open.2, ptrace.2, removexattr.2, s390_runtime_instr.2, sched_get_priority_max.2, sched_rr_get_interval.2, sched_setaffinity.2, sched_setparam.2, sched_setscheduler.2, sched_yield.2, setsid.2, setxattr.2, socketcall.2, unimplemented.2, aio_cancel.3, aio_error.3, aio_fsync.3, aio_read.3, aio_return.3, aio_suspend.3, aio_write.3, cfree.3, crypt.3, dlopen.3, encrypt.3, errno.3, fenv.3, ftime.3, ftw.3, getgrent_r.3, getpass.3, getpwent_r.3, getutent.3, hsearch.3, lio_listio.3, lockf.3, login.3, longjmp.3, perror.3, printf.3, scandirat.3, setjmp.3, strfmon.3, strtoimax.3, termios.3, ttyname.3, ualarm.3, updwtmp.3, wcstoimax.3, wordexp.3, console_ioctl.4, dsp56k.4, fd.4, hd.4, intro.4, lp.4, mem.4, null.4, ram.4, rtc.4, sk98lin.4, tty.4, ttyS.4, vcs.4, filesystems.5, group.5, host.conf.5, hosts.5, intro.5, issue.5, motd.5, networks.5, nologin.5, nsswitch.conf.5, passwd.5, proc.5, protocols.5, securetty.5, shells.5, termcap.5, ttytype.5, utmp.5, intro.6, armscii-8.7, ascii.7, bootparam.7, cp1251.7, environ.7, glob.7, intro.7, iso_8859-1.7, iso_8859-10.7, iso_8859-11.7, iso_8859-13.7, iso_8859-14.7, iso_8859-15.7, iso_8859-16.7, iso_8859-2.7, iso_8859-3.7, iso_8859-4.7, iso_8859-5.7, iso_8859-6.7, iso_8859-7.7, iso_8859-8.7, iso_8859-9.7, koi8-r.7, koi8-u.7, posixoptions.7, standards.7, unicode.7, utf-8.7, intro.8: Global fix: Add LICENSE_START(GPLv2+_doc_full)
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2013-03-10 09:28:44 +00:00
|
|
|
.\" %%%LICENSE_END
|
2004-11-03 13:51:07 +00:00
|
|
|
.\"
|
_exit.2, alarm.2, chmod.2, clone.2, epoll_ctl.2, fcntl.2, fork.2, fsync.2, getdents.2, getpid.2, ioctl.2, ioctl_console.2, ioctl_list.2, ioctl_ns.2, ioctl_tty.2, ioctl_userfaultfd.2, kexec_load.2, lseek.2, mincore.2, mkdir.2, mknod.2, mmap.2, open.2, poll.2, posix_fadvise.2, prctl.2, rename.2, sched_setaffinity.2, select.2, select_tut.2, sigaction.2, signalfd.2, sigprocmask.2, sigwaitinfo.2, socketcall.2, stat.2, statx.2, syscalls.2, truncate.2, umask.2, unshare.2, userfaultfd.2, utime.2, utimensat.2, wait.2, bzero.3, cfree.3, exit.3, getentropy.3, grantpt.3, insque.3, shm_open.3, syslog.3, termios.3, ttyname.3, wcsdup.3, console_codes.4, tty.4, vcs.4, elf.5, nsswitch.conf.5, proc.5, slabinfo.5, tmpfs.5, bootparam.7, environ.7, hostname.7, inotify.7, mailaddr.7, man-pages.7, namespaces.7, pid_namespaces.7, pthreads.7, pty.7, sem_overview.7, signal.7, socket.7, tcp.7, termio.7, user_namespaces.7, xattr.7, ld.so.8, zdump.8: tstamp
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-05-03 17:27:48 +00:00
|
|
|
.TH NSSWITCH.CONF 5 2017-05-03 "Linux" "Linux Programmer's Manual"
|
2004-11-03 13:51:07 +00:00
|
|
|
.SH NAME
|
2012-03-28 21:47:10 +00:00
|
|
|
nsswitch.conf \- Name Service Switch configuration file
|
2004-11-03 13:51:07 +00:00
|
|
|
.SH DESCRIPTION
|
2012-04-13 23:36:20 +00:00
|
|
|
The Name Service Switch (NSS) configuration file,
|
|
|
|
.IR /etc/nsswitch.conf ,
|
2017-04-06 13:10:12 +00:00
|
|
|
is used by the GNU C Library and certain other applications to determine
|
2012-03-28 22:29:00 +00:00
|
|
|
the sources from which to obtain name-service information in
|
|
|
|
a range of categories,
|
2012-03-28 21:47:10 +00:00
|
|
|
and in what order.
|
|
|
|
Each category of information is identified by a database name.
|
2004-11-03 13:51:07 +00:00
|
|
|
.LP
|
2012-03-28 21:47:10 +00:00
|
|
|
The file is plain ASCII text, with columns separated by spaces or tab
|
|
|
|
characters.
|
2012-03-28 22:29:00 +00:00
|
|
|
The first column specifies the database name.
|
2012-03-28 21:47:10 +00:00
|
|
|
The remaining columns describe the order of sources to query and a
|
2012-03-28 22:29:00 +00:00
|
|
|
limited set of actions that can be performed by lookup result.
|
2012-03-28 21:47:10 +00:00
|
|
|
.LP
|
2012-03-28 22:29:00 +00:00
|
|
|
The following databases are understood by the GNU C Library:
|
|
|
|
.TP 12
|
2004-11-03 13:51:07 +00:00
|
|
|
.B aliases
|
|
|
|
Mail aliases, used by
|
2012-03-28 21:47:10 +00:00
|
|
|
.BR getaliasent (3)
|
|
|
|
and related functions.
|
2004-11-03 13:51:07 +00:00
|
|
|
.TP
|
|
|
|
.B ethers
|
|
|
|
Ethernet numbers.
|
|
|
|
.TP
|
|
|
|
.B group
|
|
|
|
Groups of users, used by
|
|
|
|
.BR getgrent (3)
|
2012-03-28 21:47:10 +00:00
|
|
|
and related functions.
|
2004-11-03 13:51:07 +00:00
|
|
|
.TP
|
|
|
|
.B hosts
|
|
|
|
Host names and numbers, used by
|
|
|
|
.BR gethostbyname (3)
|
2012-03-28 21:47:10 +00:00
|
|
|
and related functions.
|
2004-11-03 13:51:07 +00:00
|
|
|
.TP
|
2013-02-12 03:26:41 +00:00
|
|
|
.B initgroups
|
|
|
|
Supplementary group access list, used by
|
|
|
|
.BR getgrouplist (3)
|
|
|
|
function.
|
|
|
|
.TP
|
2004-11-03 13:51:07 +00:00
|
|
|
.B netgroup
|
2012-03-28 22:29:00 +00:00
|
|
|
Network-wide list of hosts and users, used for access rules.
|
|
|
|
C libraries before glibc 2.1 supported netgroups only over NIS.
|
2004-11-03 13:51:07 +00:00
|
|
|
.TP
|
2005-10-04 12:51:59 +00:00
|
|
|
.B networks
|
2004-11-03 13:51:07 +00:00
|
|
|
Network names and numbers, used by
|
|
|
|
.BR getnetent (3)
|
2012-03-28 21:47:10 +00:00
|
|
|
and related functions.
|
2004-11-03 13:51:07 +00:00
|
|
|
.TP
|
|
|
|
.B passwd
|
|
|
|
User passwords, used by
|
|
|
|
.BR getpwent (3)
|
2012-03-28 21:47:10 +00:00
|
|
|
and related functions.
|
2004-11-03 13:51:07 +00:00
|
|
|
.TP
|
|
|
|
.B protocols
|
|
|
|
Network protocols, used by
|
|
|
|
.BR getprotoent (3)
|
2012-03-28 21:47:10 +00:00
|
|
|
and related functions.
|
2004-11-03 13:51:07 +00:00
|
|
|
.TP
|
|
|
|
.B publickey
|
|
|
|
Public and secret keys for Secure_RPC used by NFS and NIS+.
|
|
|
|
.TP
|
|
|
|
.B rpc
|
|
|
|
Remote procedure call names and numbers, used by
|
|
|
|
.BR getrpcbyname (3)
|
2012-03-28 21:47:10 +00:00
|
|
|
and related functions.
|
2004-11-03 13:51:07 +00:00
|
|
|
.TP
|
|
|
|
.B services
|
|
|
|
Network services, used by
|
|
|
|
.BR getservent (3)
|
2012-03-28 21:47:10 +00:00
|
|
|
and related functions.
|
2004-11-03 13:51:07 +00:00
|
|
|
.TP
|
|
|
|
.B shadow
|
|
|
|
Shadow user passwords, used by
|
2012-03-28 21:47:10 +00:00
|
|
|
.BR getspnam (3)
|
|
|
|
and related functions.
|
2004-11-03 13:51:07 +00:00
|
|
|
.LP
|
2017-04-06 13:10:12 +00:00
|
|
|
The GNU C Library ignores databases with unknown names. Some
|
|
|
|
applications use this to implement special handling for their own
|
|
|
|
databases. For example,
|
|
|
|
.BR sudo (8)
|
|
|
|
consults the
|
|
|
|
.B sudoers
|
|
|
|
database.
|
|
|
|
.LP
|
2012-03-28 21:47:10 +00:00
|
|
|
Here is an example
|
2005-11-02 13:55:25 +00:00
|
|
|
.I /etc/nsswitch.conf
|
2012-03-28 21:47:10 +00:00
|
|
|
file:
|
|
|
|
.LP
|
2012-03-28 22:29:00 +00:00
|
|
|
.RS 4
|
2004-11-03 13:51:07 +00:00
|
|
|
.PD 0
|
|
|
|
.TP 16
|
|
|
|
passwd:
|
|
|
|
compat
|
|
|
|
.TP
|
|
|
|
group:
|
|
|
|
compat
|
|
|
|
.TP
|
|
|
|
shadow:
|
|
|
|
compat
|
|
|
|
.sp 1n
|
|
|
|
.TP
|
|
|
|
hosts:
|
|
|
|
dns [!UNAVAIL=return] files
|
|
|
|
.TP
|
|
|
|
networks:
|
|
|
|
nis [NOTFOUND=return] files
|
|
|
|
.TP
|
|
|
|
ethers:
|
|
|
|
nis [NOTFOUND=return] files
|
|
|
|
.TP
|
|
|
|
protocols:
|
|
|
|
nis [NOTFOUND=return] files
|
|
|
|
.TP
|
|
|
|
rpc:
|
|
|
|
nis [NOTFOUND=return] files
|
|
|
|
.TP
|
|
|
|
services:
|
|
|
|
nis [NOTFOUND=return] files
|
|
|
|
.PD
|
2012-03-28 21:47:10 +00:00
|
|
|
.RE
|
2004-11-03 13:51:07 +00:00
|
|
|
.LP
|
2012-03-28 21:47:10 +00:00
|
|
|
The first column is the database name.
|
|
|
|
The remaining columns specify:
|
2012-03-28 22:29:00 +00:00
|
|
|
.IP * 3
|
2014-01-01 03:23:27 +00:00
|
|
|
One or more service specifications, for example, "files", "db", or "nis".
|
2012-03-28 22:29:00 +00:00
|
|
|
The order of the services on the line determines the order in which
|
2012-03-28 21:47:10 +00:00
|
|
|
those services will be queried, in turn, until a result is found.
|
2012-03-28 22:29:00 +00:00
|
|
|
.IP *
|
2012-03-28 21:47:10 +00:00
|
|
|
Optional actions to perform if a particular result is obtained
|
2014-01-01 03:23:27 +00:00
|
|
|
from the preceding service, for example, "[NOTFOUND=return]".
|
2004-11-03 13:51:07 +00:00
|
|
|
.LP
|
2012-03-28 21:47:10 +00:00
|
|
|
The service specifications supported on your system depend on the
|
|
|
|
presence of shared libraries, and are therefore extensible.
|
|
|
|
Libraries called
|
|
|
|
.IB /lib/libnss_SERVICE.so. X
|
|
|
|
will provide the named
|
|
|
|
.IR SERVICE .
|
|
|
|
On a standard installation, you can use
|
|
|
|
"files", "db", "nis", and "nisplus".
|
2012-03-28 22:29:00 +00:00
|
|
|
For the
|
|
|
|
.B hosts
|
|
|
|
database, you can additionally specify "dns".
|
|
|
|
For the
|
|
|
|
.BR passwd ,
|
|
|
|
.BR group ,
|
|
|
|
and
|
|
|
|
.BR shadow
|
|
|
|
databases, you can additionally specify
|
2012-03-28 21:47:10 +00:00
|
|
|
"compat" (see
|
|
|
|
.B "Compatibility mode"
|
|
|
|
below).
|
2004-11-03 13:51:07 +00:00
|
|
|
The version number
|
2012-03-28 21:47:10 +00:00
|
|
|
.B X
|
|
|
|
may be 1 for glibc 2.0, or 2 for glibc 2.1 and later.
|
|
|
|
On systems with additional libraries installed, you may have access to
|
|
|
|
further services such as "hesiod", "ldap", "winbind" and "wins".
|
2004-11-03 13:51:07 +00:00
|
|
|
.LP
|
2012-03-28 22:29:00 +00:00
|
|
|
An action may also be specified following a service specification.
|
2012-04-13 23:36:20 +00:00
|
|
|
The action modifies the behavior following a result obtained
|
2012-03-28 22:29:00 +00:00
|
|
|
from the preceding data source.
|
2012-03-28 21:47:10 +00:00
|
|
|
Action items take the general form:
|
2004-11-03 13:51:07 +00:00
|
|
|
.LP
|
2012-03-28 22:29:00 +00:00
|
|
|
.RS 4
|
|
|
|
.RI [ STATUS = ACTION ]
|
2012-03-28 21:47:10 +00:00
|
|
|
.br
|
2012-03-28 22:29:00 +00:00
|
|
|
.RI [! STATUS = ACTION ]
|
2012-03-28 21:47:10 +00:00
|
|
|
.RE
|
2004-11-03 13:51:07 +00:00
|
|
|
.LP
|
|
|
|
where
|
|
|
|
.LP
|
2012-03-28 22:29:00 +00:00
|
|
|
.RS 4
|
2012-03-28 21:47:10 +00:00
|
|
|
.I STATUS
|
|
|
|
=>
|
|
|
|
.B success
|
|
|
|
|
|
|
|
|
.B notfound
|
|
|
|
|
|
|
|
|
.B unavail
|
|
|
|
|
|
|
|
|
.B tryagain
|
|
|
|
.br
|
|
|
|
.I ACTION
|
|
|
|
=>
|
|
|
|
.B return
|
|
|
|
|
|
|
|
|
.B continue
|
2016-05-02 11:03:59 +00:00
|
|
|
|
|
|
|
|
.B merge
|
2012-03-28 21:47:10 +00:00
|
|
|
.RE
|
|
|
|
.LP
|
|
|
|
The ! negates the test, matching all possible results except the
|
|
|
|
one specified.
|
2012-03-28 22:29:00 +00:00
|
|
|
The case of the keywords is not significant.
|
2012-03-28 21:47:10 +00:00
|
|
|
.LP
|
|
|
|
The
|
|
|
|
.I STATUS
|
|
|
|
value is matched against the result of the lookup function called by
|
|
|
|
the preceding service specification, and can be one of:
|
2012-03-28 22:29:00 +00:00
|
|
|
.RS 4
|
|
|
|
.TP 12
|
2004-11-03 13:51:07 +00:00
|
|
|
.B success
|
2012-03-28 21:47:10 +00:00
|
|
|
No error occurred and the requested entry is returned.
|
|
|
|
The default action for this condition is "return".
|
2004-11-03 13:51:07 +00:00
|
|
|
.TP
|
|
|
|
.B notfound
|
2012-03-28 21:47:10 +00:00
|
|
|
The lookup succeeded, but the requested entry was not found.
|
|
|
|
The default action for this condition is "continue".
|
2004-11-03 13:51:07 +00:00
|
|
|
.TP
|
|
|
|
.B unavail
|
2007-04-12 22:42:49 +00:00
|
|
|
The service is permanently unavailable.
|
2012-03-28 22:29:00 +00:00
|
|
|
This can mean either that the
|
|
|
|
required file cannot be read, or, for network services, that the server
|
2012-03-28 21:47:10 +00:00
|
|
|
is not available or does not allow queries.
|
|
|
|
The default action for this condition is "continue".
|
2004-11-03 13:51:07 +00:00
|
|
|
.TP
|
|
|
|
.B tryagain
|
2007-04-12 22:42:49 +00:00
|
|
|
The service is temporarily unavailable.
|
|
|
|
This could mean a file is
|
|
|
|
locked or a server currently cannot accept more connections.
|
2012-03-28 21:47:10 +00:00
|
|
|
The default action for this condition is "continue".
|
|
|
|
.RE
|
|
|
|
.LP
|
|
|
|
The
|
|
|
|
.I ACTION
|
|
|
|
value can be one of:
|
2012-03-28 22:29:00 +00:00
|
|
|
.RS 4
|
|
|
|
.TP 12
|
2012-03-28 21:47:10 +00:00
|
|
|
.B return
|
|
|
|
Return a result now.
|
|
|
|
Do not call any further lookup functions.
|
2013-02-12 03:29:46 +00:00
|
|
|
However, for compatibility reasons, if this is the selected action for the
|
|
|
|
.B group
|
|
|
|
database and the
|
|
|
|
.B notfound
|
|
|
|
status, and the configuration file does not contain the
|
|
|
|
.B initgroups
|
|
|
|
line, the next lookup function is always called,
|
|
|
|
without affecting the search result.
|
2012-03-28 21:47:10 +00:00
|
|
|
.TP
|
|
|
|
.B continue
|
|
|
|
Call the next lookup function.
|
2016-05-02 11:03:59 +00:00
|
|
|
.TP
|
|
|
|
.B merge
|
|
|
|
.I [SUCCESS=merge]
|
|
|
|
is used between two database entries.
|
|
|
|
When a group is located in the first of the two group entries,
|
|
|
|
processing will continue on to the next one.
|
|
|
|
If the group is also found in the next entry (and the group name and GID
|
|
|
|
are an exact match), the member list of the second entry will be added
|
|
|
|
to the group object to be returned.
|
|
|
|
Available since glibc 2.24.
|
2012-03-28 21:47:10 +00:00
|
|
|
.RE
|
|
|
|
.SS Compatibility mode (compat)
|
|
|
|
The NSS "compat" service is similar to "files" except that it
|
2016-01-15 13:12:33 +00:00
|
|
|
additionally permits special entries in corresponding files
|
2012-03-28 21:47:10 +00:00
|
|
|
for granting users or members of netgroups access to the system.
|
|
|
|
The following entries are valid in this mode:
|
2012-03-28 22:29:00 +00:00
|
|
|
.RS 4
|
2016-01-15 13:12:33 +00:00
|
|
|
.LP
|
|
|
|
For
|
|
|
|
.B passwd
|
|
|
|
and
|
|
|
|
.B shadow
|
|
|
|
databases:
|
|
|
|
.RS 4
|
2012-03-28 21:47:10 +00:00
|
|
|
.TP 12
|
|
|
|
.BI + user
|
|
|
|
Include the specified
|
|
|
|
.I user
|
2016-01-15 13:12:33 +00:00
|
|
|
from the NIS passwd/shadow map.
|
2012-03-28 21:47:10 +00:00
|
|
|
.TP
|
|
|
|
.BI +@ netgroup
|
|
|
|
Include all users in the given
|
|
|
|
.IR netgroup .
|
|
|
|
.TP
|
|
|
|
.BI \- user
|
|
|
|
Exclude the specified
|
|
|
|
.I user
|
2016-01-15 13:12:33 +00:00
|
|
|
from the NIS passwd/shadow map.
|
2012-03-28 21:47:10 +00:00
|
|
|
.TP
|
|
|
|
.BI \-@ netgroup
|
|
|
|
Exclude all users in the given
|
|
|
|
.IR netgroup .
|
|
|
|
.TP
|
|
|
|
.B +
|
2012-03-28 22:29:00 +00:00
|
|
|
Include every user, except previously excluded ones, from the
|
2016-01-15 13:12:33 +00:00
|
|
|
NIS passwd/shadow map.
|
|
|
|
.RE
|
|
|
|
.LP
|
|
|
|
For
|
|
|
|
.B group
|
|
|
|
database:
|
|
|
|
.RS 4
|
|
|
|
.TP 12
|
|
|
|
.BI + group
|
|
|
|
Include the specified
|
|
|
|
.I group
|
|
|
|
from the NIS group map.
|
|
|
|
.TP
|
|
|
|
.BI \- group
|
|
|
|
Exclude the specified
|
|
|
|
.I group
|
|
|
|
from the NIS group map.
|
|
|
|
.TP
|
|
|
|
.B +
|
|
|
|
Include every group, except previously excluded ones, from the
|
|
|
|
NIS group map.
|
|
|
|
.RE
|
2012-03-28 21:47:10 +00:00
|
|
|
.RE
|
|
|
|
.LP
|
2015-03-27 11:21:34 +00:00
|
|
|
By default, the source is "nis", but this may be
|
2016-01-15 13:12:33 +00:00
|
|
|
overridden by specifying any NSS service except "compat" itself
|
|
|
|
as the source for the pseudo-databases
|
2005-07-19 15:36:19 +00:00
|
|
|
.BR passwd_compat ,
|
2012-03-28 22:29:00 +00:00
|
|
|
.BR group_compat ,
|
2004-11-03 13:51:07 +00:00
|
|
|
and
|
2005-07-19 15:36:19 +00:00
|
|
|
.BR shadow_compat .
|
2004-11-03 13:51:07 +00:00
|
|
|
.SH FILES
|
2012-03-28 21:47:10 +00:00
|
|
|
A service named
|
|
|
|
.I SERVICE
|
|
|
|
is implemented by a shared object library named
|
|
|
|
.IB libnss_SERVICE.so. X
|
2004-11-03 13:51:07 +00:00
|
|
|
that resides in
|
|
|
|
.IR /lib .
|
2012-03-28 22:29:00 +00:00
|
|
|
.RS 4
|
2004-11-03 13:51:07 +00:00
|
|
|
.TP 25
|
|
|
|
.PD 0
|
2005-11-02 13:55:25 +00:00
|
|
|
.I /etc/nsswitch.conf
|
2012-03-28 21:47:10 +00:00
|
|
|
NSS configuration file.
|
2004-11-03 13:51:07 +00:00
|
|
|
.TP
|
2012-03-28 21:47:10 +00:00
|
|
|
.IB /lib/libnss_compat.so. X
|
|
|
|
implements "compat" source.
|
2004-11-03 13:51:07 +00:00
|
|
|
.TP
|
2012-03-28 21:47:10 +00:00
|
|
|
.IB /lib/libnss_db.so. X
|
|
|
|
implements "db" source.
|
2004-11-03 13:51:07 +00:00
|
|
|
.TP
|
2012-03-28 21:47:10 +00:00
|
|
|
.IB /lib/libnss_dns.so. X
|
|
|
|
implements "dns" source.
|
2004-11-03 13:51:07 +00:00
|
|
|
.TP
|
2012-03-28 21:47:10 +00:00
|
|
|
.IB /lib/libnss_files.so. X
|
|
|
|
implements "files" source.
|
2004-11-03 13:51:07 +00:00
|
|
|
.TP
|
2012-03-28 21:47:10 +00:00
|
|
|
.IB /lib/libnss_hesiod.so. X
|
|
|
|
implements "hesiod" source.
|
2004-11-03 13:51:07 +00:00
|
|
|
.TP
|
2012-03-28 21:47:10 +00:00
|
|
|
.IB /lib/libnss_nis.so. X
|
|
|
|
implements "nis" source.
|
2004-11-03 13:51:07 +00:00
|
|
|
.TP
|
2012-03-28 21:47:10 +00:00
|
|
|
.IB /lib/libnss_nisplus.so. X
|
|
|
|
implements "nisplus" source.
|
2008-03-05 11:34:16 +00:00
|
|
|
.PD
|
2012-03-28 21:47:10 +00:00
|
|
|
.RE
|
2015-11-13 13:14:32 +00:00
|
|
|
.LP
|
|
|
|
The following files are read when "files" source is specified
|
|
|
|
for respective databases:
|
|
|
|
.RS 4
|
|
|
|
.TP 12
|
|
|
|
.PD 0
|
|
|
|
.B aliases
|
|
|
|
.I /etc/aliases
|
|
|
|
.TP
|
|
|
|
.B ethers
|
|
|
|
.I /etc/ethers
|
|
|
|
.TP
|
|
|
|
.B group
|
|
|
|
.I /etc/group
|
|
|
|
.TP
|
|
|
|
.B hosts
|
|
|
|
.I /etc/hosts
|
|
|
|
.TP
|
|
|
|
.B initgroups
|
|
|
|
.I /etc/group
|
|
|
|
.TP
|
|
|
|
.B netgroup
|
|
|
|
.I /etc/netgroup
|
|
|
|
.TP
|
|
|
|
.B networks
|
|
|
|
.I /etc/networks
|
|
|
|
.TP
|
|
|
|
.B passwd
|
|
|
|
.I /etc/passwd
|
|
|
|
.TP
|
|
|
|
.B protocols
|
|
|
|
.I /etc/protocols
|
|
|
|
.TP
|
|
|
|
.B publickey
|
|
|
|
.I /etc/publickey
|
|
|
|
.TP
|
|
|
|
.B rpc
|
|
|
|
.I /etc/rpc
|
|
|
|
.TP
|
|
|
|
.B services
|
|
|
|
.I /etc/services
|
|
|
|
.TP
|
|
|
|
.B shadow
|
|
|
|
.I /etc/shadow
|
|
|
|
.PD
|
|
|
|
.RE
|
2004-11-03 13:51:07 +00:00
|
|
|
.SH NOTES
|
|
|
|
Within each process that uses
|
|
|
|
.BR nsswitch.conf ,
|
2012-03-28 21:47:10 +00:00
|
|
|
the entire file is read only once.
|
|
|
|
If the file is later changed, the
|
2004-11-03 13:51:07 +00:00
|
|
|
process will continue using the old configuration.
|
|
|
|
.LP
|
2012-03-28 22:29:00 +00:00
|
|
|
Traditionally, there was only a single source for service information,
|
2012-03-28 21:47:10 +00:00
|
|
|
often in the form of a single configuration
|
2012-03-28 22:29:00 +00:00
|
|
|
file (e.g., \fI/etc/passwd\fP).
|
|
|
|
However, as other name services, such as the Network Information
|
2012-03-28 21:47:10 +00:00
|
|
|
Service (NIS) and the Domain Name Service (DNS), became popular,
|
|
|
|
a method was needed
|
|
|
|
that would be more flexible than fixed search orders coded into
|
|
|
|
the C library.
|
2012-04-13 23:36:20 +00:00
|
|
|
The Name Service Switch mechanism,
|
|
|
|
which was based on the mechanism used by
|
|
|
|
Sun Microsystems in the Solaris 2 C library,
|
2012-03-28 22:29:00 +00:00
|
|
|
introduced a cleaner solution to the problem.
|
|
|
|
.SH SEE ALSO
|
|
|
|
.BR getent (1),
|
|
|
|
.BR nss (5)
|