diff options
Diffstat (limited to 'man5/nsswitch.conf.5')
| -rw-r--r-- | man5/nsswitch.conf.5 | 427 |
1 files changed, 0 insertions, 427 deletions
diff --git a/man5/nsswitch.conf.5 b/man5/nsswitch.conf.5 deleted file mode 100644 index 34dd7d7..0000000 --- a/man5/nsswitch.conf.5 +++ /dev/null @@ -1,427 +0,0 @@ -.\" Copyright (c) 1998, 1999 Thorsten Kukuk (kukuk@vt.uni-paderborn.de) -.\" Copyright (c) 2011, Mark R. Bannister <cambridge@users.sourceforge.net> -.\" -.\" SPDX-License-Identifier: GPL-2.0-or-later -.\" -.TH nsswitch.conf 5 2023-10-31 "Linux man-pages 6.7" -.SH NAME -nsswitch.conf \- Name Service Switch configuration file -.SH DESCRIPTION -The Name Service Switch (NSS) configuration file, -.IR /etc/nsswitch.conf , -is used by the GNU C Library and certain other applications to determine -the sources from which to obtain name-service information in -a range of categories, -and in what order. -Each category of information is identified by a database name. -.P -The file is plain ASCII text, with columns separated by spaces or tab -characters. -The first column specifies the database name. -The remaining columns describe the order of sources to query and a -limited set of actions that can be performed by lookup result. -.P -The following databases are understood by the GNU C Library: -.TP 12 -.B aliases -Mail aliases, used by -.BR getaliasent (3) -and related functions. -.TP -.B ethers -Ethernet numbers. -.TP -.B group -Groups of users, used by -.BR getgrent (3) -and related functions. -.TP -.B hosts -Host names and numbers, used by -.BR gethostbyname (3) -and related functions. -.TP -.B initgroups -Supplementary group access list, used by -.BR getgrouplist (3) -function. -.TP -.B netgroup -Network-wide list of hosts and users, used for access rules. -C libraries before glibc 2.1 supported netgroups only over NIS. -.TP -.B networks -Network names and numbers, used by -.BR getnetent (3) -and related functions. -.TP -.B passwd -User passwords, used by -.BR getpwent (3) -and related functions. -.TP -.B protocols -Network protocols, used by -.BR getprotoent (3) -and related functions. -.TP -.B publickey -Public and secret keys for Secure_RPC used by NFS and NIS+. -.TP -.B rpc -Remote procedure call names and numbers, used by -.BR getrpcbyname (3) -and related functions. -.TP -.B services -Network services, used by -.BR getservent (3) -and related functions. -.TP -.B shadow -Shadow user passwords, used by -.BR getspnam (3) -and related functions. -.P -The GNU C Library ignores databases with unknown names. -Some applications use this to implement special handling for their own -databases. -For example, -.BR sudo (8) -consults the -.B sudoers -database. -Delegation of subordinate user/group IDs -can be configured using the -.B subid -database. -Refer to -.BR subuid (5) -and -.BR subgid (5) -for more details. -.P -Here is an example -.I /etc/nsswitch.conf -file: -.P -.in +4n -.EX -passwd: compat -group: compat -shadow: compat -\& -hosts: dns [!UNAVAIL=return] files -networks: nis [NOTFOUND=return] files -ethers: nis [NOTFOUND=return] files -protocols: nis [NOTFOUND=return] files -rpc: nis [NOTFOUND=return] files -services: nis [NOTFOUND=return] files -.EE -.in -.P -The first column is the database name. -The remaining columns specify: -.IP \[bu] 3 -One or more service specifications, for example, "files", "db", or "nis". -The order of the services on the line determines the order in which -those services will be queried, in turn, until a result is found. -.IP \[bu] -Optional actions to perform if a particular result is obtained -from the preceding service, for example, "[NOTFOUND=return]". -.P -The service specifications supported on your system depend on the -presence of shared libraries, and are therefore extensible. -Libraries called -.IB /lib/libnss_SERVICE.so. X -will provide the named -.IR SERVICE . -On a standard installation, you can use -"files", "db", "nis", and "nisplus". -For the -.B hosts -database, you can additionally specify "dns". -For the -.BR passwd , -.BR group , -and -.B shadow -databases, you can additionally specify -"compat" (see -.B "Compatibility mode" -below). -The version number -.B X -may be 1 for glibc 2.0, or 2 for glibc 2.1 and later. -On systems with additional libraries installed, you may have access to -further services such as "hesiod", "ldap", "winbind", and "wins". -.P -An action may also be specified following a service specification. -The action modifies the behavior following a result obtained -from the preceding data source. -Action items take the general form: -.P -.RS 4 -.RI [ STATUS = ACTION ] -.br -.RI [! STATUS = ACTION ] -.RE -.P -where -.P -.RS 4 -.I STATUS -=> -.B success -| -.B notfound -| -.B unavail -| -.B tryagain -.br -.I ACTION -=> -.B return -| -.B continue -| -.B merge -.RE -.P -The ! negates the test, matching all possible results except the -one specified. -The case of the keywords is not significant. -.P -The -.I STATUS -value is matched against the result of the lookup function called by -the preceding service specification, and can be one of: -.RS 4 -.TP 12 -.B success -No error occurred and the requested entry is returned. -The default action for this condition is "return". -.TP -.B notfound -The lookup succeeded, but the requested entry was not found. -The default action for this condition is "continue". -.TP -.B unavail -The service is permanently unavailable. -This can mean either that the -required file cannot be read, or, for network services, that the server -is not available or does not allow queries. -The default action for this condition is "continue". -.TP -.B tryagain -The service is temporarily unavailable. -This could mean a file is -locked or a server currently cannot accept more connections. -The default action for this condition is "continue". -.RE -.P -The -.I ACTION -value can be one of: -.RS 4 -.TP 12 -.B return -Return a result now. -Do not call any further lookup functions. -However, for compatibility reasons, if this is the selected action for the -.B group -database and the -.B notfound -status, and the configuration file does not contain the -.B initgroups -line, the next lookup function is always called, -without affecting the search result. -.TP -.B continue -Call the next lookup function. -.TP -.B merge -.I [SUCCESS=merge] -is used between two database entries. -When a group is located in the first of the two group entries, -processing will continue on to the next one. -If the group is also found in the next entry (and the group name and GID -are an exact match), the member list of the second entry will be added -to the group object to be returned. -Available since glibc 2.24. -Note that merging will not be done for -.BR getgrent (3) -nor will duplicate members be pruned when they occur in both entries -being merged. -.RE -.SS Compatibility mode (compat) -The NSS "compat" service is similar to "files" except that it -additionally permits special entries in corresponding files -for granting users or members of netgroups access to the system. -The following entries are valid in this mode: -.RS 4 -.P -For -.B passwd -and -.B shadow -databases: -.RS 4 -.TP 12 -.BI + user -Include the specified -.I user -from the NIS passwd/shadow map. -.TP -.BI +@ netgroup -Include all users in the given -.IR netgroup . -.TP -.BI \- user -Exclude the specified -.I user -from the NIS passwd/shadow map. -.TP -.BI \-@ netgroup -Exclude all users in the given -.IR netgroup . -.TP -.B + -Include every user, except previously excluded ones, from the -NIS passwd/shadow map. -.RE -.P -For -.B group -database: -.RS 4 -.TP 12 -.BI + group -Include the specified -.I group -from the NIS group map. -.TP -.BI \- group -Exclude the specified -.I group -from the NIS group map. -.TP -.B + -Include every group, except previously excluded ones, from the -NIS group map. -.RE -.RE -.P -By default, the source is "nis", but this may be -overridden by specifying any NSS service except "compat" itself -as the source for the pseudo-databases -.BR passwd_compat , -.BR group_compat , -and -.BR shadow_compat . -.SH FILES -A service named -.I SERVICE -is implemented by a shared object library named -.IB libnss_SERVICE.so. X -that resides in -.IR /lib . -.RS 4 -.TP 25 -.PD 0 -.I /etc/nsswitch.conf -NSS configuration file. -.TP -.IB /lib/libnss_compat.so. X -implements "compat" source. -.TP -.IB /lib/libnss_db.so. X -implements "db" source. -.TP -.IB /lib/libnss_dns.so. X -implements "dns" source. -.TP -.IB /lib/libnss_files.so. X -implements "files" source. -.TP -.IB /lib/libnss_hesiod.so. X -implements "hesiod" source. -.TP -.IB /lib/libnss_nis.so. X -implements "nis" source. -.TP -.IB /lib/libnss_nisplus.so. X -implements "nisplus" source. -.PD -.RE -.P -The following files are read when "files" source is specified -for respective databases: -.RS 4 -.TP 12 -.PD 0 -.B aliases -.I /etc/aliases -.TP -.B ethers -.I /etc/ethers -.TP -.B group -.I /etc/group -.TP -.B hosts -.I /etc/hosts -.TP -.B initgroups -.I /etc/group -.TP -.B netgroup -.I /etc/netgroup -.TP -.B networks -.I /etc/networks -.TP -.B passwd -.I /etc/passwd -.TP -.B protocols -.I /etc/protocols -.TP -.B publickey -.I /etc/publickey -.TP -.B rpc -.I /etc/rpc -.TP -.B services -.I /etc/services -.TP -.B shadow -.I /etc/shadow -.PD -.RE -.SH NOTES -Starting with glibc 2.33, -.\" https://sourceware.org/bugzilla/show_bug.cgi?id=12459 -.B nsswitch.conf -is automatically reloaded if the file is changed. -In earlier versions, the entire file was read only once within each process. -If the file was later changed, -the process would continue using the old configuration. -.P -Traditionally, there was only a single source for service information, -often in the form of a single configuration -file (e.g., \fI/etc/passwd\fP). -However, as other name services, such as the Network Information -Service (NIS) and the Domain Name Service (DNS), became popular, -a method was needed -that would be more flexible than fixed search orders coded into -the C library. -The Name Service Switch mechanism, -which was based on the mechanism used by -Sun Microsystems in the Solaris 2 C library, -introduced a cleaner solution to the problem. -.SH SEE ALSO -.BR getent (1), -.BR nss (5) |