2013-02-09 22:07:52 +00:00
|
|
|
.\" Copyright (C) 2006 Red Hat, Inc. All rights reserved.
|
2013-03-12 10:43:08 +00:00
|
|
|
.\" Author: Ulrich Drepper <drepper@redhat.com>
|
2013-02-09 22:07:52 +00:00
|
|
|
.\"
|
2013-03-10 09:29:21 +00:00
|
|
|
.\" %%%LICENSE_START(GPLv2_MISC)
|
2013-02-09 22:07:52 +00:00
|
|
|
.\" This copyrighted material is made available to anyone wishing to use,
|
|
|
|
.\" modify, copy, or redistribute it subject to the terms and conditions of the
|
|
|
|
.\" GNU General Public License v.2.
|
|
|
|
.\"
|
|
|
|
.\" This program is distributed in the hope that it will be useful, but WITHOUT
|
|
|
|
.\" ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
|
|
|
|
.\" FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
|
|
|
|
.\" more details.
|
|
|
|
.\"
|
getent.1, _syscall.2, acct.2, adjtimex.2, bdflush.2, brk.2, cacheflush.2, getsid.2, getxattr.2, inotify_add_watch.2, inotify_init.2, inotify_rm_watch.2, ioperm.2, ipc.2, listxattr.2, mlock.2, modify_ldt.2, mremap.2, nanosleep.2, outb.2, ptrace.2, removexattr.2, sched_get_priority_max.2, sched_rr_get_interval.2, sched_setaffinity.2, sched_setparam.2, sched_setscheduler.2, sched_yield.2, setsid.2, setxattr.2, socketcall.2, unimplemented.2, aio_cancel.3, aio_error.3, aio_fsync.3, aio_read.3, aio_return.3, aio_suspend.3, aio_write.3, cfree.3, crypt.3, dlopen.3, errno.3, fenv.3, ftime.3, ftw.3, getgrent_r.3, getpass.3, getpwent_r.3, getutent.3, hsearch.3, lio_listio.3, login.3, longjmp.3, perror.3, printf.3, scandirat.3, setjmp.3, strfmon.3, strtoimax.3, termios.3, ttyname.3, ualarm.3, wcstoimax.3, wordexp.3, console_ioctl.4, dsp56k.4, fd.4, hd.4, intro.4, lp.4, mem.4, null.4, ram.4, rtc.4, sk98lin.4, tty.4, ttyS.4, vcs.4, charmap.5, filesystems.5, ftpusers.5, gai.conf.5, group.5, host.conf.5, hosts.5, intro.5, issue.5, locale.5, motd.5, networks.5, nologin.5, nscd.conf.5, nss.5, nsswitch.conf.5, passwd.5, proc.5, protocols.5, securetty.5, shells.5, termcap.5, ttytype.5, utmp.5, intro.6, armscii-8.7, ascii.7, bootparam.7, cp1251.7, cpuset.7, environ.7, glob.7, intro.7, iso_8859-1.7, iso_8859-10.7, iso_8859-11.7, iso_8859-13.7, iso_8859-14.7, iso_8859-15.7, iso_8859-16.7, iso_8859-2.7, iso_8859-3.7, iso_8859-4.7, iso_8859-5.7, iso_8859-6.7, iso_8859-7.7, iso_8859-8.7, iso_8859-9.7, koi8-r.7, koi8-u.7, posixoptions.7, standards.7, unicode.7, utf-8.7, intro.8, ldconfig.8, nscd.8: Global fix: Update info in source comments on where to get a copy of the GPL
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2013-03-10 09:28:43 +00:00
|
|
|
.\" You should have received a copy of the GNU General Public
|
|
|
|
.\" License along with this manual; if not, see
|
|
|
|
.\" <http://www.gnu.org/licenses/>.
|
epoll_create.2, epoll_ctl.2, epoll_wait.2, eventfd.2, fallocate.2, futex.2, getcpu.2, getitimer.2, ioctl_list.2, ioprio_set.2, migrate_pages.2, move_pages.2, pciconfig_read.2, sendfile.2, setns.2, signalfd.2, spu_create.2, spu_run.2, sysinfo.2, timerfd_create.2, backtrace.3, cmsg.3, error.3, getpt.3, getrpcent.3, getrpcport.3, getsubopt.3, offsetof.3, program_invocation_name.3, rpc.3, rpmatch.3, rtnetlink.3, xdr.3, cciss.4, hpsa.4, pts.4, charmap.5, dir_colors.5, elf.5, gai.conf.5, locale.5, nscd.conf.5, nss.5, resolv.conf.5, rpc.5, arp.7, cpuset.7, ddp.7, epoll.7, fifo.7, futex.7, icmp.7, ip.7, ipv6.7, mailaddr.7, netdevice.7, packet.7, raw.7, regex.7, rtnetlink.7, socket.7, spufs.7, tcp.7, udp.7, unix.7, x25.7, ldconfig.8, nscd.8: Global fix: s/END_LICENSE/LICENSE_END/
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2013-03-12 09:26:07 +00:00
|
|
|
.\" %%%LICENSE_END
|
2013-02-09 22:07:52 +00:00
|
|
|
.\"
|
2013-02-18 12:06:38 +00:00
|
|
|
.TH NSS 5 2013-02-13 "Linux" "Linux Programmer's Manual"
|
2013-02-09 22:07:52 +00:00
|
|
|
.SH NAME
|
|
|
|
nss \- Name Service Switch configuration file
|
|
|
|
.SH DESCRIPTION
|
|
|
|
Each call to a function which retrieves data from a system database
|
|
|
|
like the password or group database is handled by the Name Service
|
2013-02-09 22:19:27 +00:00
|
|
|
Switch implementation in the GNU C library.
|
|
|
|
The various services
|
2013-02-09 22:07:52 +00:00
|
|
|
provided are implemented by independent modules, each of which
|
|
|
|
naturally varies widely from the other.
|
|
|
|
.PP
|
|
|
|
The default implementations coming with the GNU C library are by
|
2013-02-09 22:19:27 +00:00
|
|
|
default conservative and do not use unsafe data.
|
|
|
|
This might be very costly in some situations, especially when the databases
|
|
|
|
are large.
|
|
|
|
Some modules allow the system administrator to request
|
|
|
|
taking shortcuts if these are known to be safe.
|
|
|
|
It is then the system administrator's responsibility to ensure the assumption
|
2013-02-09 22:07:52 +00:00
|
|
|
is correct.
|
|
|
|
.PP
|
|
|
|
There are other modules where the implementation changed over time.
|
2014-03-26 04:57:55 +00:00
|
|
|
If an implementation used to sacrifice speed for memory consumption,
|
2013-02-09 22:07:52 +00:00
|
|
|
it might create problems if the preference is switched.
|
|
|
|
.PP
|
2013-02-09 22:19:27 +00:00
|
|
|
The
|
|
|
|
.I /etc/default/nss
|
|
|
|
file contains a number of variable assignments.
|
|
|
|
Each variable controls the behavior of one or more
|
|
|
|
NSS modules.
|
|
|
|
White spaces are ignored.
|
|
|
|
Lines beginning with \(aq#\(aq
|
2013-02-09 22:07:52 +00:00
|
|
|
are treated as comments.
|
|
|
|
.PP
|
|
|
|
The variables currently recognized are:
|
|
|
|
.TP
|
|
|
|
\fBNETID_AUTHORITATIVE =\fR \fITRUE\fR|\fIFALSE\fR
|
|
|
|
If set to TRUE, the NIS backend for the
|
|
|
|
.BR initgroups (3)
|
|
|
|
function will accept the information
|
2013-02-09 22:19:27 +00:00
|
|
|
from the
|
|
|
|
.I netid.byname
|
|
|
|
NIS map as authoritative.
|
|
|
|
This can speed up the function significantly if the
|
|
|
|
.I group.byname
|
|
|
|
map is large.
|
|
|
|
The content of the
|
|
|
|
.I netid.byname
|
|
|
|
map is used \fBas is\fR.
|
|
|
|
The system administrator has to make sure it is correctly generated.
|
2013-02-09 22:07:52 +00:00
|
|
|
.TP
|
|
|
|
\fBSERVICES_AUTHORITATIVE =\fR \fITRUE\fR|\fIFALSE\fR
|
|
|
|
If set to TRUE, the NIS backend for the
|
|
|
|
.BR getservbyname (3)
|
|
|
|
and
|
|
|
|
.BR getservbyname_r (3)
|
2013-03-04 10:24:16 +00:00
|
|
|
functions will assume that the
|
2013-02-09 22:19:27 +00:00
|
|
|
.I services.byservicename
|
|
|
|
NIS map exists and is authoritative, particularly
|
2013-02-09 22:07:52 +00:00
|
|
|
that it contains both keys with /proto and without /proto for both
|
2013-02-09 22:19:27 +00:00
|
|
|
primary service names and service aliases.
|
|
|
|
The system administrator has to make sure it is correctly generated.
|
2013-02-09 22:07:52 +00:00
|
|
|
.TP
|
|
|
|
\fBSETENT_BATCH_READ =\fR \fITRUE\fR|\fIFALSE\fR
|
|
|
|
If set to TRUE, the NIS backend for the
|
|
|
|
.BR setpwent (3)
|
|
|
|
and
|
|
|
|
.BR setgrent (3)
|
2013-02-09 22:19:27 +00:00
|
|
|
functions will read the entire database at once and then
|
|
|
|
hand out the requests one by one from memory with every corresponding
|
2013-02-09 22:07:52 +00:00
|
|
|
.BR getpwent (3)
|
|
|
|
or
|
|
|
|
.BR getgrent (3)
|
2013-02-09 22:19:27 +00:00
|
|
|
call respectively.
|
time.1, get_kernel_syms.2, getitimer.2, open.2, perf_event_open.2, wait.2, alloca.3, bcmp.3, catopen.3, fputwc.3, iconv.3, iswalnum.3, iswalpha.3, iswblank.3, iswcntrl.3, iswctype.3, iswdigit.3, iswgraph.3, iswlower.3, iswprint.3, iswpunct.3, iswspace.3, iswupper.3, iswxdigit.3, mbsinit.3, putwchar.3, rcmd.3, rexec.3, sigqueue.3, strverscmp.3, wctrans.3, wctype.3, wcwidth.3, console_codes.4, initrd.4, st.4, elf.5, nss.5, ip.7, netdevice.7, path_resolution.7, socket.7, udp.7, ld.so.8: grfix: s/Otherwise /Otherwise, /
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-04-28 08:15:47 +00:00
|
|
|
Otherwise, each
|
2013-02-09 22:07:52 +00:00
|
|
|
.BR getpwent (3)
|
|
|
|
or
|
|
|
|
.BR getgrent (3)
|
2013-02-09 22:19:27 +00:00
|
|
|
call might result in a network communication with the server to get
|
2013-02-09 22:07:52 +00:00
|
|
|
the next entry.
|
2013-02-09 22:19:27 +00:00
|
|
|
.SH FILES
|
|
|
|
\fI/etc/default/nss\fR
|
2013-02-09 22:07:52 +00:00
|
|
|
.SH EXAMPLE
|
2013-02-09 22:19:27 +00:00
|
|
|
The default configuration corresponds to the following configuration file:
|
2013-02-09 22:07:52 +00:00
|
|
|
|
|
|
|
.nf
|
|
|
|
NETID_AUTHORITATIVE=FALSE
|
|
|
|
SERVICES_AUTHORITATIVE=FALSE
|
|
|
|
SETENT_BATCH_READ=FALSE
|
2013-02-09 22:19:27 +00:00
|
|
|
.\" .SH AUTHOR
|
|
|
|
.\" Ulrich Drepper <drepper@redhat.com>
|
2013-03-05 17:22:04 +00:00
|
|
|
.\"
|
2013-02-09 22:07:52 +00:00
|
|
|
.SH SEE ALSO
|
|
|
|
\fInsswitch.conf\fR
|