"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
<!--
- This file is part of systemd.
-
- Copyright 2014 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
+ SPDX-License-Identifier: LGPL-2.1+
-->
-<refentry id="nss-mymachines" conditional='ENABLE_MACHINED'>
+<refentry id="nss-mymachines" conditional='ENABLE_NSS_MYMACHINES'>
<refentryinfo>
<title>nss-mymachines</title>
<productname>systemd</productname>
-
- <authorgroup>
- <author>
- <contrib>Developer</contrib>
- <firstname>Lennart</firstname>
- <surname>Poettering</surname>
- <email>lennart@poettering.net</email>
- </author>
- </authorgroup>
</refentryinfo>
<refmeta>
<refsect1>
<title>Description</title>
- <para><command>nss-mymachines</command> is a plugin for the GNU
- Name Service Switch (NSS) functionality of the GNU C Library
- (<command>glibc</command>), providing hostname resolution for
- container names of containers running locally that are registered
- with
- <citerefentry><refentrytitle>systemd-machined.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
- The container names are resolved to the IP addresses of the
- specific container, ordered by their scope.</para>
-
- <para>The module also resolves user IDs used by containers to user
- names indicating the container name, and back.</para>
-
- <para>To activate the NSS modules, <literal>mymachines</literal>
- has to be added to the lines starting with
- <literal>hosts:</literal>, <literal>passwd:</literal> and
- <literal>group:</literal> in
+ <para><command>nss-mymachines</command> is a plug-in module for the GNU Name Service Switch (NSS) functionality of
+ the GNU C Library (<command>glibc</command>), providing hostname resolution for the names of containers running
+ locally that are registered with
+ <citerefentry><refentrytitle>systemd-machined.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>. The
+ container names are resolved to the IP addresses of the specific container, ordered by their scope. This
+ functionality only applies to containers using network namespacing.</para>
+
+ <para>The module also resolves user and group IDs used by containers to user and group names indicating the
+ container name, and back. This functionality only applies to containers using user namespacing.</para>
+
+ <para>To activate the NSS module, add <literal>mymachines</literal> to the lines starting with
+ <literal>hosts:</literal>, <literal>passwd:</literal> and <literal>group:</literal> in
<filename>/etc/nsswitch.conf</filename>.</para>
- <para>It is recommended to place <literal>mymachines</literal>
- near the end of the <filename>nsswitch.conf</filename> lines to
- make sure that its mappings are only used as fallback, and that any
- other mappings, such as DNS or <filename>/etc/hosts</filename>
- based mappings, take precedence.</para>
+ <para>It is recommended to place <literal>mymachines</literal> after the <literal>files</literal> or
+ <literal>compat</literal> entry of the <filename>/etc/nsswitch.conf</filename> lines to make sure that its mappings
+ are preferred over other resolvers such as DNS, but so that <filename>/etc/hosts</filename>,
+ <filename>/etc/passwd</filename> and <filename>/etc/group</filename> based mappings take precedence.</para>
</refsect1>
<refsect1>
<title>Example</title>
- <para>Here's an example <filename>/etc/nsswitch.conf</filename>
- file that enables <command>mymachines</command> correctly:</para>
+ <para>Here is an example <filename>/etc/nsswitch.conf</filename> file that enables
+ <command>nss-mymachines</command> correctly:</para>
- <programlisting>passwd: compat <command>mymachines</command>
-group: compat <command>mymachines</command>
+ <programlisting>passwd: compat <command>mymachines</command> systemd
+group: compat <command>mymachines</command> systemd
shadow: compat
-hosts: files resolve <command>mymachines</command> myhostname
+hosts: files <command>mymachines</command> resolve [!UNAVAIL=return] dns myhostname
networks: files
protocols: db files
<para>
<citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-machined.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>nss-systemd</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>nss-resolve</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>nss-myhostname</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry project='man-pages'><refentrytitle>nsswitch.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
projects / thirdparty / systemd.git / blobdiff