mirror of https://github.com/mkerrisk/man-pages
nsswitch.conf.5: Light edits to Mark Bannister's changes
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
79e2fba2d9
commit
9aa96150d0
|
@ -18,31 +18,30 @@
|
|||
.\"
|
||||
.\" You should have received a copy of the GNU General Public
|
||||
.\" License along with this manual; if not, write to the Free
|
||||
.\" Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111,
|
||||
.\" USA.
|
||||
.\" Software Foundation, Inc., 59 Temple Place, Suite 330, Boston,
|
||||
.\" MA 02111, USA.
|
||||
.\"
|
||||
.TH NSSWITCH.CONF 5 2011-10-13 "Linux" "Linux Programmer's Manual"
|
||||
.TH NSSWITCH.CONF 5 2012-03-29 "Linux" "Linux Programmer's Manual"
|
||||
.SH NAME
|
||||
nsswitch.conf \- Name Service Switch configuration file
|
||||
.SH DESCRIPTION
|
||||
The
|
||||
.I /etc/nsswitch.conf
|
||||
file is a configuration file used by the GNU C Library to determine from
|
||||
what sources to obtain name service information in a range of categories,
|
||||
("Name Server Switch", NSS)
|
||||
file is a configuration file used by the GNU C Library to determine
|
||||
the sources from which to obtain name-service information in
|
||||
a range of categories,
|
||||
and in what order.
|
||||
Each category of information is identified by a database name.
|
||||
.LP
|
||||
The file is plain ASCII text, with columns separated by spaces or tab
|
||||
characters.
|
||||
The first column defines the database name.
|
||||
The first column specifies the database name.
|
||||
The remaining columns describe the order of sources to query and a
|
||||
limited
|
||||
set of actions that can be performed by lookup result.
|
||||
limited set of actions that can be performed by lookup result.
|
||||
.LP
|
||||
The following databases are made available by the standard
|
||||
GNU C Library:
|
||||
.RS 3
|
||||
.TP 10
|
||||
The following databases are understood by the GNU C Library:
|
||||
.TP 12
|
||||
.B aliases
|
||||
Mail aliases, used by
|
||||
.BR getaliasent (3)
|
||||
|
@ -62,8 +61,8 @@ Host names and numbers, used by
|
|||
and related functions.
|
||||
.TP
|
||||
.B netgroup
|
||||
Network wide list of hosts and users, used for access rules.
|
||||
C libraries before glibc 2.1 only supported netgroups over NIS.
|
||||
Network-wide list of hosts and users, used for access rules.
|
||||
C libraries before glibc 2.1 supported netgroups only over NIS.
|
||||
.TP
|
||||
.B networks
|
||||
Network names and numbers, used by
|
||||
|
@ -97,13 +96,12 @@ and related functions.
|
|||
Shadow user passwords, used by
|
||||
.BR getspnam (3)
|
||||
and related functions.
|
||||
.RE
|
||||
.LP
|
||||
Here is an example
|
||||
.I /etc/nsswitch.conf
|
||||
file:
|
||||
.LP
|
||||
.RS 3
|
||||
.RS 4
|
||||
.PD 0
|
||||
.TP 16
|
||||
passwd:
|
||||
|
@ -138,16 +136,13 @@ nis [NOTFOUND=return] files
|
|||
.LP
|
||||
The first column is the database name.
|
||||
The remaining columns specify:
|
||||
.RS 3
|
||||
.TP 3
|
||||
o
|
||||
One or more service specifications e.g. "files", "db", or "nis".
|
||||
The order the services appear on the line determine the order in which
|
||||
.IP * 3
|
||||
One or more service specifications e.g., "files", "db", or "nis".
|
||||
The order of the services on the line determines the order in which
|
||||
those services will be queried, in turn, until a result is found.
|
||||
.TP
|
||||
o
|
||||
.IP *
|
||||
Optional actions to perform if a particular result is obtained
|
||||
from the preceding service, e.g. "[NOTFOUND=return]".
|
||||
from the preceding service, e.g., "[NOTFOUND=return]".
|
||||
.RE
|
||||
.LP
|
||||
The service specifications supported on your system depend on the
|
||||
|
@ -158,8 +153,15 @@ will provide the named
|
|||
.IR SERVICE .
|
||||
On a standard installation, you can use
|
||||
"files", "db", "nis", and "nisplus".
|
||||
For the hosts database, you can additionally specify "dns".
|
||||
For the passwd, group, and shadow databases, you can additionally specify
|
||||
For the
|
||||
.B hosts
|
||||
database, you can additionally specify "dns".
|
||||
For the
|
||||
.BR passwd ,
|
||||
.BR group ,
|
||||
and
|
||||
.BR shadow
|
||||
databases, you can additionally specify
|
||||
"compat" (see
|
||||
.B "Compatibility mode"
|
||||
below).
|
||||
|
@ -169,28 +171,20 @@ may be 1 for glibc 2.0, or 2 for glibc 2.1 and later.
|
|||
On systems with additional libraries installed, you may have access to
|
||||
further services such as "hesiod", "ldap", "winbind" and "wins".
|
||||
.LP
|
||||
An action may also be specified following a service specification, that
|
||||
modifies behaviour following a result obtained from the preceding data
|
||||
source.
|
||||
An action may also be specified following a service specification.
|
||||
The action modifies the behaviour following a result obtained
|
||||
from the preceding data source.
|
||||
Action items take the general form:
|
||||
.LP
|
||||
.RS 3
|
||||
[
|
||||
.I STATUS
|
||||
=
|
||||
.I ACTION
|
||||
]
|
||||
.RS 4
|
||||
.RI [ STATUS = ACTION ]
|
||||
.br
|
||||
[ !
|
||||
.I STATUS
|
||||
=
|
||||
.I ACTION
|
||||
]
|
||||
.RI [! STATUS = ACTION ]
|
||||
.RE
|
||||
.LP
|
||||
where
|
||||
.LP
|
||||
.RS 3
|
||||
.RS 4
|
||||
.I STATUS
|
||||
=>
|
||||
.B success
|
||||
|
@ -210,14 +204,14 @@ where
|
|||
.LP
|
||||
The ! negates the test, matching all possible results except the
|
||||
one specified.
|
||||
The case of the keywords is insignificant.
|
||||
The case of the keywords is not significant.
|
||||
.LP
|
||||
The
|
||||
.I STATUS
|
||||
value is matched against the result of the lookup function called by
|
||||
the preceding service specification, and can be one of:
|
||||
.RS 3
|
||||
.TP 10
|
||||
.RS 4
|
||||
.TP 12
|
||||
.B success
|
||||
No error occurred and the requested entry is returned.
|
||||
The default action for this condition is "return".
|
||||
|
@ -228,8 +222,8 @@ The default action for this condition is "continue".
|
|||
.TP
|
||||
.B unavail
|
||||
The service is permanently unavailable.
|
||||
This can either mean the
|
||||
required file cannot be read, or, for network services, the server
|
||||
This can mean either that the
|
||||
required file cannot be read, or, for network services, that the server
|
||||
is not available or does not allow queries.
|
||||
The default action for this condition is "continue".
|
||||
.TP
|
||||
|
@ -243,8 +237,8 @@ The default action for this condition is "continue".
|
|||
The
|
||||
.I ACTION
|
||||
value can be one of:
|
||||
.RS 3
|
||||
.TP 10
|
||||
.RS 4
|
||||
.TP 12
|
||||
.B return
|
||||
Return a result now.
|
||||
Do not call any further lookup functions.
|
||||
|
@ -258,7 +252,7 @@ additionally permits special entries in
|
|||
.I /etc/passwd
|
||||
for granting users or members of netgroups access to the system.
|
||||
The following entries are valid in this mode:
|
||||
.RS 3
|
||||
.RS 4
|
||||
.TP 12
|
||||
.BI + user
|
||||
Include the specified
|
||||
|
@ -279,14 +273,14 @@ Exclude all users in the given
|
|||
.IR netgroup .
|
||||
.TP
|
||||
.B +
|
||||
Include every user, except previously excluded ones, in the
|
||||
Include every user, except previously excluded ones, from the
|
||||
NIS passwd map.
|
||||
.RE
|
||||
.LP
|
||||
By default the source is "nis", but this may be
|
||||
overridden by specifying "nisplus" as source for the pseudo-databases
|
||||
overridden by specifying "nisplus" as the source for the pseudo-databases
|
||||
.BR passwd_compat ,
|
||||
.B group_compat
|
||||
.BR group_compat ,
|
||||
and
|
||||
.BR shadow_compat .
|
||||
.SH FILES
|
||||
|
@ -296,7 +290,7 @@ is implemented by a shared object library named
|
|||
.IB libnss_SERVICE.so. X
|
||||
that resides in
|
||||
.IR /lib .
|
||||
.RS 3
|
||||
.RS 4
|
||||
.TP 25
|
||||
.PD 0
|
||||
.I /etc/nsswitch.conf
|
||||
|
@ -324,9 +318,6 @@ implements "nis" source.
|
|||
implements "nisplus" source.
|
||||
.PD
|
||||
.RE
|
||||
.SH SEE ALSO
|
||||
.BR getent (1),
|
||||
.BR nss (5).
|
||||
.SH NOTES
|
||||
Within each process that uses
|
||||
.BR nsswitch.conf ,
|
||||
|
@ -334,16 +325,17 @@ the entire file is read only once.
|
|||
If the file is later changed, the
|
||||
process will continue using the old configuration.
|
||||
.LP
|
||||
Traditionally there was only a single source for service information,
|
||||
Traditionally, there was only a single source for service information,
|
||||
often in the form of a single configuration
|
||||
file (e.g. \fI/etc/passwd\fP).
|
||||
However, as other nameservices, like the Network Information
|
||||
file (e.g., \fI/etc/passwd\fP).
|
||||
However, as other name services, such as the Network Information
|
||||
Service (NIS) and the Domain Name Service (DNS), became popular,
|
||||
a method was needed
|
||||
that would be more flexible than fixed search orders coded into
|
||||
the C library.
|
||||
.LP
|
||||
The Linux libc5 with NYS support and the GNU C Library 2.x (libc.so.6)
|
||||
introduced a cleaner solution to the problem, based on the
|
||||
.B "Name Service Switch"
|
||||
mechanism used by Sun Microsystems in the Solaris 2 C library.
|
||||
The Names Server Switch mechanism
|
||||
(based on the mechanism used by Sun Microsystems in the Solaris 2 C library)
|
||||
introduced a cleaner solution to the problem.
|
||||
.SH SEE ALSO
|
||||
.BR getent (1),
|
||||
.BR nss (5)
|
||||
|
|
Loading…
Reference in New Issue