Welcome to Linux Knowledge Base and Tutorial
"The place where you learn linux"
International Rescue Committe

 Create an AccountHome | Submit News | Your Account  

Tutorial Menu
Linux Tutorial Home
Table of Contents

· Introduction to Operating Systems
· Linux Basics
· Working with the System
· Shells and Utilities
· Editing Files
· Basic Administration
· The Operating System
· The X Windowing System
· The Computer Itself
· Networking
· System Monitoring
· Solving Problems
· Security
· Installing and Upgrading
· Linux and Windows

Man Pages
Linux Topics
Test Your Knowledge

Site Menu
Site Map
Copyright Info
Terms of Use
Privacy Info
Masthead / Impressum
Your Account

Private Messages

News Archive
Submit News
User Articles
Web Links


The Web

Who's Online
There are currently, 73 guest(s) and 0 member(s) that are online.

You are an Anonymous user. You can register for free by clicking here




       Various functions in the C Library need to  be  configured
       to  work  correctly  in the local environment.  Tradition­
       ally, this was done by using files (e.g.,  `/etc/passwd'),
       but  other nameservices (like the Network Information Ser­
       vice (NIS) and the Domain Name Service (DNS)) became popu­
       lar,  and  were  hacked into the C library, usually with a
       fixed search order.

       The Linux libc5 with NYS support and the GNU C Library 2.x
       (libc.so.6)  contain  a  cleaner solution of this problem.
       It is designed after a method used by Sun Microsystems  in
       the  C library of Solaris 2. We follow their name and call
       this scheme "Name Service Switch" (NSS). The  sources  for
       the  "databases"  and  their lookup order are specified in
       the /etc/nsswitch.conf file.

       The following databases are available in the NSS:

              Mail  aliases,  used  by  sendmail(8).    Presently

       ethers Ethernet numbers.

       group  Groups of users, used by getgrent(3) functions.

       hosts  Host  names  and  numbers, used by gethostbyname(3)
              and similar functions.

              Network wide list of  hosts  and  users,  used  for
              access  rules.   C  libraries before glibc 2.1 only
              support netgroups over NIS.

              Network names and  numbers,  used  by  getnetent(3)

       passwd User passwords, used by getpwent(3) functions.

              Network  protocols,  used  by  getprotoent(3) func­

              Public and secret keys for Secure_RPC used  by  NFS
              and NIS+.

       rpc    Remote  procedure  call  names and numbers, used by
              getrpcbyname(3) and similar functions.

       hosts:          dns [!UNAVAIL=return] files
       networks:       nis [NOTFOUND=return] files
       ethers:         nis [NOTFOUND=return] files
       protocols:      nis [NOTFOUND=return] files
       rpc:            nis [NOTFOUND=return] files
       services:       nis [NOTFOUND=return] files

       The first column is the database as you can guess from the
       table above.  The rest  of  the  line  specifies  how  the
       lookup  process  works.   You can specify the way it works
       for each database individually.

       The configuration specification for each database can con­
       tain two different items:
       *  The service specification like `files', `db', or `nis'.
       *  The reaction on lookup result like `[NOTFOUND=return]'.

       For libc5 with NYS, the allowed service specifications are
       `files', `nis' and `nisplus'. For hosts, you could specify
       `dns' as extra service, for passwd and group `compat', but
       not for shadow.

       For glibc, you must have a  file  called  /lib/libnss_SER­
       VICE.so.X  for  every SERVICE you are using. On a standard
       installation, you could use `files', `db', `nis' and `nis­
       plus'.  For  hosts,  you could specify `dns' as extra ser­
       vice, for passwd, group and shadow  `compat'.  These  ser­
       vices  will  not  be  used by libc5 with NYS.  The version
       number X is 1 for glibc 2.0 and 2 for glibc 2.1.

       The second item in the specification gives the  user  much
       finer  control  on  the  lookup process.  Action items are
       placed between two service names and  are  written  within
       brackets.  The general form is

       `[' ( `!'? STATUS `=' ACTION )+ `]'


       STATUS => success | notfound | unavail | tryagain
       ACTION => return | continue

       The case of the keywords is insignificant. The STATUS val­
       ues are the results of a call to a lookup  function  of  a
       specific service.  They mean:

              No error occurred and the wanted entry is returned.
              The default action for this is `return'.

              The lookup process works ok but  the  needed  value

   Interaction with +/- syntax (compat mode)
       Linux  libc5  without  NYS  does  not has the name service
       switch but does allow the user  some  policy  control.  In
       /etc/passwd  you  could  have entries of the form +user or
       +@netgroup (include the specified user from the NIS passwd
       map), -user or -@netgroup (exclude the specified user) and
       + (include every user, except the excluded ones, from  the
       NIS passwd map). Since most people only put a + at the end
       of /etc/passwd to include everything from NIS, the  switch
       provides  a  faster  alternative  for  this case (`passwd:
       files nis') which doesn't require the single  +  entry  in
       /etc/passwd,  /etc/group  and /etc/shadow.  If this is not
       sufficient, the NSS `compat'  service  provides  full  +/-
       semantics.  By  default, the source is `nis', but this may
       be overriden by specifying `nisplus'  as  source  for  the
       pseudo-databases     passwd_compat,    group_compat    and
       shadow_compat.  This pseudo-databases are  only  available
       in GNU C Library.


       A  service named SERVICE is implemented by a shared object
       library named libnss_SERVICE.so.X that resides in /lib.

       /etc/nsswitch.conf       configuration file
       /lib/libnss_compat.so.X  implements  `compat'  source  for
       /lib/libnss_db.so.X      implements `db' source for glibc2
       /lib/libnss_dns.so.X     implements   `dns'   source   for
       /lib/libnss_files.so.X   implements   `files'  source  for
       /lib/libnss_hesoid.so.X  implements  `hesoid'  source  for
       /lib/libnss_nis.so.X     implements   `nis'   source   for
       /lib/libnss_nisplus.so.2 implements `nisplus'  source  for
                                glibc 2.1


       Within  each  process  that uses nsswitch.conf, the entire
       file is read only once; if the file is later changed,  the
       process will continue using the old configuration.
       With Solaris, it isn't possible to link programs using the
       NSS Service statically. With Linux, this is no problem.

Linux                    17 January 1999         NSSWITCH.CONF(5)
Show your Support for the Linux Tutorial

Purchase one of the products from our new online shop. For each product you purchase, the Linux Tutorial gets a portion of the proceeds to help keep us going.



Security Code
Security Code
Type Security Code

Don't have an account yet? You can create one. As a registered user you have some advantages like theme manager, comments configuration and post comments with your name.

Help if you can!

Amazon Wish List

Did You Know?
The Linux Tutorial can use your help.


Tell a Friend About Us

Bookmark and Share

Web site powered by PHP-Nuke

Is this information useful? At the very least you can help by spreading the word to your favorite newsgroups, mailing lists and forums.
All logos and trademarks in this site are property of their respective owner. The comments are property of their posters. Articles are the property of their respective owners. Unless otherwise stated in the body of the article, article content (C) 1994-2013 by James Mohr. All rights reserved. The stylized page/paper, as well as the terms "The Linux Tutorial", "The Linux Server Tutorial", "The Linux Knowledge Base and Tutorial" and "The place where you learn Linux" are service marks of James Mohr. All rights reserved.
The Linux Knowledge Base and Tutorial may contain links to sites on the Internet, which are owned and operated by third parties. The Linux Tutorial is not responsible for the content of any such third-party site. By viewing/utilizing this web site, you have agreed to our disclaimer, terms of use and privacy policy. Use of automated download software ("harvesters") such as wget, httrack, etc. causes the site to quickly exceed its bandwidth limitation and are therefore expressly prohibited. For more details on this, take a look here

PHP-Nuke Copyright © 2004 by Francisco Burzi. This is free software, and you may redistribute it under the GPL. PHP-Nuke comes with absolutely no warranty, for details, see the license.
Page Generation: 0.11 Seconds