.\" <http://www.gnu.org/licenses/>.
.\" %%%LICENSE_END
.\"
-.TH NSSWITCH.CONF 5 2013-02-12 "Linux" "Linux Programmer's Manual"
+.TH NSSWITCH.CONF 5 2016-03-15 "Linux" "Linux Programmer's Manual"
.SH NAME
nsswitch.conf \- Name Service Switch configuration file
.SH DESCRIPTION
The first column is the database name.
The remaining columns specify:
.IP * 3
-One or more service specifications e.g., "files", "db", or "nis".
+One or more service specifications, for example, "files", "db", or "nis".
The order of the services on the line determines the order in which
those services will be queried, in turn, until a result is found.
.IP *
Optional actions to perform if a particular result is obtained
-from the preceding service, e.g., "[NOTFOUND=return]".
+from the preceding service, for example, "[NOTFOUND=return]".
.LP
The service specifications supported on your system depend on the
presence of shared libraries, and are therefore extensible.
.B return
|
.B continue
+|
+.B merge
.RE
.LP
The ! negates the test, matching all possible results except the
.TP
.B continue
Call the next lookup function.
+.TP
+.B merge
+.I [SUCCESS=merge]
+is used between two database entries.
+When a group is located in the first of the two group entries,
+processing will continue on to the next one.
+If the group is also found in the next entry (and the group name and GID
+are an exact match), the member list of the second entry will be added
+to the group object to be returned.
+Available since glibc 2.24.
.RE
.SS Compatibility mode (compat)
The NSS "compat" service is similar to "files" except that it
-additionally permits special entries in
-.I /etc/passwd
+additionally permits special entries in corresponding files
for granting users or members of netgroups access to the system.
The following entries are valid in this mode:
.RS 4
+.LP
+For
+.B passwd
+and
+.B shadow
+databases:
+.RS 4
.TP 12
.BI + user
Include the specified
.I user
-from the NIS passwd map.
+from the NIS passwd/shadow map.
.TP
.BI +@ netgroup
Include all users in the given
.BI \- user
Exclude the specified
.I user
-from the NIS passwd map.
+from the NIS passwd/shadow map.
.TP
.BI \-@ netgroup
Exclude all users in the given
.TP
.B +
Include every user, except previously excluded ones, from the
-NIS passwd map.
+NIS passwd/shadow map.
+.RE
+.LP
+For
+.B group
+database:
+.RS 4
+.TP 12
+.BI + group
+Include the specified
+.I group
+from the NIS group map.
+.TP
+.BI \- group
+Exclude the specified
+.I group
+from the NIS group map.
+.TP
+.B +
+Include every group, except previously excluded ones, from the
+NIS group map.
+.RE
.RE
.LP
-By default the source is "nis", but this may be
-overridden by specifying "nisplus" as the source for the pseudo-databases
+By default, the source is "nis", but this may be
+overridden by specifying any NSS service except "compat" itself
+as the source for the pseudo-databases
.BR passwd_compat ,
.BR group_compat ,
and
implements "nisplus" source.
.PD
.RE
+.LP
+The following files are read when "files" source is specified
+for respective databases:
+.RS 4
+.TP 12
+.PD 0
+.B aliases
+.I /etc/aliases
+.TP
+.B ethers
+.I /etc/ethers
+.TP
+.B group
+.I /etc/group
+.TP
+.B hosts
+.I /etc/hosts
+.TP
+.B initgroups
+.I /etc/group
+.TP
+.B netgroup
+.I /etc/netgroup
+.TP
+.B networks
+.I /etc/networks
+.TP
+.B passwd
+.I /etc/passwd
+.TP
+.B protocols
+.I /etc/protocols
+.TP
+.B publickey
+.I /etc/publickey
+.TP
+.B rpc
+.I /etc/rpc
+.TP
+.B services
+.I /etc/services
+.TP
+.B shadow
+.I /etc/shadow
+.PD
+.RE
.SH NOTES
Within each process that uses
.BR nsswitch.conf ,