]>
Commit | Line | Data |
---|---|---|
f387a294 | 1 | .\" Copyright (C) 2006 Red Hat, Inc. All rights reserved. |
a4d10b2b | 2 | .\" Author: Ulrich Drepper <drepper@redhat.com> |
f387a294 | 3 | .\" |
ef06249a | 4 | .\" %%%LICENSE_START(GPLv2_MISC) |
f387a294 UD |
5 | .\" This copyrighted material is made available to anyone wishing to use, |
6 | .\" modify, copy, or redistribute it subject to the terms and conditions of the | |
7 | .\" GNU General Public License v.2. | |
8 | .\" | |
9 | .\" This program is distributed in the hope that it will be useful, but WITHOUT | |
10 | .\" ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or | |
11 | .\" FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for | |
12 | .\" more details. | |
13 | .\" | |
c715f741 MK |
14 | .\" You should have received a copy of the GNU General Public |
15 | .\" License along with this manual; if not, see | |
16 | .\" <http://www.gnu.org/licenses/>. | |
8ff7380d | 17 | .\" %%%LICENSE_END |
f387a294 | 18 | .\" |
366ffff4 | 19 | .TH NSS 5 2013-02-13 "Linux" "Linux Programmer's Manual" |
f387a294 UD |
20 | .SH NAME |
21 | nss \- Name Service Switch configuration file | |
f387a294 UD |
22 | .SH DESCRIPTION |
23 | Each call to a function which retrieves data from a system database | |
24 | like the password or group database is handled by the Name Service | |
b887a9d2 MK |
25 | Switch implementation in the GNU C library. |
26 | The various services | |
f387a294 UD |
27 | provided are implemented by independent modules, each of which |
28 | naturally varies widely from the other. | |
29 | .PP | |
30 | The default implementations coming with the GNU C library are by | |
b887a9d2 MK |
31 | default conservative and do not use unsafe data. |
32 | This might be very costly in some situations, especially when the databases | |
33 | are large. | |
34 | Some modules allow the system administrator to request | |
35 | taking shortcuts if these are known to be safe. | |
36 | It is then the system administrator's responsibility to ensure the assumption | |
f387a294 UD |
37 | is correct. |
38 | .PP | |
39 | There are other modules where the implementation changed over time. | |
c9978c0d | 40 | If an implementation used to sacrifice speed for memory consumption, |
f387a294 UD |
41 | it might create problems if the preference is switched. |
42 | .PP | |
b887a9d2 MK |
43 | The |
44 | .I /etc/default/nss | |
45 | file contains a number of variable assignments. | |
46 | Each variable controls the behavior of one or more | |
47 | NSS modules. | |
48 | White spaces are ignored. | |
49 | Lines beginning with \(aq#\(aq | |
f387a294 UD |
50 | are treated as comments. |
51 | .PP | |
52 | The variables currently recognized are: | |
53 | .TP | |
54 | \fBNETID_AUTHORITATIVE =\fR \fITRUE\fR|\fIFALSE\fR | |
55 | If set to TRUE, the NIS backend for the | |
56 | .BR initgroups (3) | |
57 | function will accept the information | |
b887a9d2 MK |
58 | from the |
59 | .I netid.byname | |
60 | NIS map as authoritative. | |
61 | This can speed up the function significantly if the | |
62 | .I group.byname | |
63 | map is large. | |
64 | The content of the | |
65 | .I netid.byname | |
66 | map is used \fBas is\fR. | |
67 | The system administrator has to make sure it is correctly generated. | |
f387a294 UD |
68 | .TP |
69 | \fBSERVICES_AUTHORITATIVE =\fR \fITRUE\fR|\fIFALSE\fR | |
70 | If set to TRUE, the NIS backend for the | |
71 | .BR getservbyname (3) | |
72 | and | |
73 | .BR getservbyname_r (3) | |
dd2babc1 | 74 | functions will assume that the |
b887a9d2 MK |
75 | .I services.byservicename |
76 | NIS map exists and is authoritative, particularly | |
f387a294 | 77 | that it contains both keys with /proto and without /proto for both |
b887a9d2 MK |
78 | primary service names and service aliases. |
79 | The system administrator has to make sure it is correctly generated. | |
f387a294 UD |
80 | .TP |
81 | \fBSETENT_BATCH_READ =\fR \fITRUE\fR|\fIFALSE\fR | |
82 | If set to TRUE, the NIS backend for the | |
83 | .BR setpwent (3) | |
84 | and | |
85 | .BR setgrent (3) | |
b887a9d2 MK |
86 | functions will read the entire database at once and then |
87 | hand out the requests one by one from memory with every corresponding | |
f387a294 UD |
88 | .BR getpwent (3) |
89 | or | |
90 | .BR getgrent (3) | |
b887a9d2 | 91 | call respectively. |
2b9b829d | 92 | Otherwise, each |
f387a294 UD |
93 | .BR getpwent (3) |
94 | or | |
95 | .BR getgrent (3) | |
b887a9d2 | 96 | call might result in a network communication with the server to get |
f387a294 | 97 | the next entry. |
b887a9d2 MK |
98 | .SH FILES |
99 | \fI/etc/default/nss\fR | |
f387a294 | 100 | .SH EXAMPLE |
b887a9d2 | 101 | The default configuration corresponds to the following configuration file: |
2dad4c59 | 102 | .PP |
a2b7a144 MK |
103 | .in +4n |
104 | .EX | |
f387a294 UD |
105 | NETID_AUTHORITATIVE=FALSE |
106 | SERVICES_AUTHORITATIVE=FALSE | |
107 | SETENT_BATCH_READ=FALSE | |
a2b7a144 MK |
108 | .EE |
109 | .in | |
b887a9d2 MK |
110 | .\" .SH AUTHOR |
111 | .\" Ulrich Drepper <drepper@redhat.com> | |
b072a788 | 112 | .\" |
f387a294 UD |
113 | .SH SEE ALSO |
114 | \fInsswitch.conf\fR |