[thirdparty/systemd.git] / man / nss-systemd.xml

<?xml version='1.0'?> <!--*-nxml-*-->
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
  "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">

<!--
  This file is part of systemd.

  Copyright 2016 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
-->

<refentry id="nss-systemd">

  <refentryinfo>
    <title>nss-systemd</title>
    <productname>systemd</productname>

    <authorgroup>
      <author>
        <contrib>Developer</contrib>
        <firstname>Lennart</firstname>
        <surname>Poettering</surname>
        <email>lennart@poettering.net</email>
      </author>
    </authorgroup>
  </refentryinfo>

  <refmeta>
    <refentrytitle>nss-systemd</refentrytitle>
    <manvolnum>8</manvolnum>
  </refmeta>

  <refnamediv>
    <refname>nss-systemd</refname>
    <refname>libnss_systemd.so.2</refname>
    <refpurpose>Provide UNIX user and group name resolution for dynamic users and groups.</refpurpose>
  </refnamediv>

  <refsynopsisdiv>
    <para><filename>libnss_systemd.so.2</filename></para>
  </refsynopsisdiv>

  <refsect1>
    <title>Description</title>

    <para><command>nss-systemd</command> is a plug-in module for the GNU Name Service Switch (NSS) functionality of the
    GNU C Library (<command>glibc</command>), providing UNIX user and group name resolution for dynamic users and
    groups allocated through the <varname>DynamicUser=</varname> option in systemd unit files. See
    <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry> for details on
    this option.</para>

    <para>This module also ensures that the root and nobody users and groups (i.e. the users/groups with the UIDs/GIDs
    0 and 65534) remain resolvable at all times, even if they aren't listed in <filename>/etc/passwd</filename> or
    <filename>/etc/group</filename>, or if these files are missing.</para>

    <para>To activate the NSS module, add <literal>systemd</literal> to the lines starting with
    <literal>passwd:</literal> and <literal>group:</literal> in <filename>/etc/nsswitch.conf</filename>.</para>

    <para>It is recommended to place <literal>systemd</literal> after the <literal>files</literal> or
    <literal>compat</literal> entry of the <filename>/etc/nsswitch.conf</filename> lines so that
    <filename>/etc/passwd</filename> and <filename>/etc/group</filename> based mappings take precedence.</para>
  </refsect1>

  <refsect1>
    <title>Example</title>

    <para>Here is an example <filename>/etc/nsswitch.conf</filename> file that enables
    <command>nss-systemd</command> correctly:</para>

    <programlisting>passwd:         compat mymachines <command>systemd</command>
group:          compat mymachines <command>systemd</command>
shadow:         compat

hosts:          files mymachines resolve [!UNAVAIL=return] dns myhostname
networks:       files

protocols:      db files
services:       db files
ethers:         db files
rpc:            db files

netgroup:       nis</programlisting>

  </refsect1>

  <refsect1>
    <title>See Also</title>
    <para>
      <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
      <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
      <citerefentry><refentrytitle>nss-resolve</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
      <citerefentry><refentrytitle>nss-myhostname</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
      <citerefentry><refentrytitle>nss-mymachines</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
      <citerefentry project='man-pages'><refentrytitle>nsswitch.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
      <citerefentry project='man-pages'><refentrytitle>getent</refentrytitle><manvolnum>1</manvolnum></citerefentry>
    </para>
  </refsect1>

</refentry>
Commit	Line	Data
409093fe LP	1	<?xml version='1.0'?> <!---nxml--->
	2	<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
	3	"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
	4
	5	<!--
	6	This file is part of systemd.
	7
	8	Copyright 2016 Lennart Poettering
	9
	10	systemd is free software; you can redistribute it and/or modify it
	11	under the terms of the GNU Lesser General Public License as published by
	12	the Free Software Foundation; either version 2.1 of the License, or
	13	(at your option) any later version.
	14
	15	systemd is distributed in the hope that it will be useful, but
	16	WITHOUT ANY WARRANTY; without even the implied warranty of
	17	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	18	Lesser General Public License for more details.
	19
	20	You should have received a copy of the GNU Lesser General Public License
	21	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	22	-->
	23
	24	<refentry id="nss-systemd">
	25
	26	<refentryinfo>
	27	<title>nss-systemd</title>
	28	<productname>systemd</productname>
	29
	30	<authorgroup>
	31	<author>
	32	<contrib>Developer</contrib>
	33	<firstname>Lennart</firstname>
	34	<surname>Poettering</surname>
	35	<email>lennart@poettering.net</email>
	36	</author>
	37	</authorgroup>
	38	</refentryinfo>
	39
	40	<refmeta>
	41	<refentrytitle>nss-systemd</refentrytitle>
	42	<manvolnum>8</manvolnum>
	43	</refmeta>
	44
	45	<refnamediv>
	46	<refname>nss-systemd</refname>
	47	<refname>libnss_systemd.so.2</refname>
	48	<refpurpose>Provide UNIX user and group name resolution for dynamic users and groups.</refpurpose>
	49	</refnamediv>
	50
	51	<refsynopsisdiv>
	52	<para><filename>libnss_systemd.so.2</filename></para>
	53	</refsynopsisdiv>
	54
	55	<refsect1>
	56	<title>Description</title>
	57
	58	<para><command>nss-systemd</command> is a plug-in module for the GNU Name Service Switch (NSS) functionality of the
	59	GNU C Library (<command>glibc</command>), providing UNIX user and group name resolution for dynamic users and
	60	groups allocated through the <varname>DynamicUser=</varname> option in systemd unit files. See
	61	<citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry> for details on
	62	this option.</para>
	63
2129011e LP	64	<para>This module also ensures that the root and nobody users and groups (i.e. the users/groups with the UIDs/GIDs
	65	0 and 65534) remain resolvable at all times, even if they aren't listed in <filename>/etc/passwd</filename> or
	66	<filename>/etc/group</filename>, or if these files are missing.</para>
	67
409093fe LP	68	<para>To activate the NSS module, add <literal>systemd</literal> to the lines starting with
	69	<literal>passwd:</literal> and <literal>group:</literal> in <filename>/etc/nsswitch.conf</filename>.</para>
	70
	71	<para>It is recommended to place <literal>systemd</literal> after the <literal>files</literal> or
	72	<literal>compat</literal> entry of the <filename>/etc/nsswitch.conf</filename> lines so that
	73	<filename>/etc/passwd</filename> and <filename>/etc/group</filename> based mappings take precedence.</para>
	74	</refsect1>
	75
	76	<refsect1>
	77	<title>Example</title>
	78
	79	<para>Here is an example <filename>/etc/nsswitch.conf</filename> file that enables
	80	<command>nss-systemd</command> correctly:</para>
	81
	82	<programlisting>passwd: compat mymachines <command>systemd</command>
	83	group: compat mymachines <command>systemd</command>
	84	shadow: compat
	85
75555c28	86	hosts: files mymachines resolve [!UNAVAIL=return] dns myhostname
409093fe LP	87	networks: files
	88
	89	protocols: db files
	90	services: db files
	91	ethers: db files
	92	rpc: db files
	93
	94	netgroup: nis</programlisting>
	95
	96	</refsect1>
	97
	98	<refsect1>
	99	<title>See Also</title>
	100	<para>
	101	<citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
	102	<citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
	103	<citerefentry><refentrytitle>nss-resolve</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
	104	<citerefentry><refentrytitle>nss-myhostname</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
	105	<citerefentry><refentrytitle>nss-mymachines</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
	106	<citerefentry project='man-pages'><refentrytitle>nsswitch.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
	107	<citerefentry project='man-pages'><refentrytitle>getent</refentrytitle><manvolnum>1</manvolnum></citerefentry>
	108	</para>
	109	</refsect1>
	110
	111	</refentry>