1NSS(5)                     Linux Programmer's Manual                    NSS(5)
2
3
4

NAME

6       nss - Name Service Switch configuration file
7

DESCRIPTION

9       Each  call  to  a  function which retrieves data from a system database
10       like the password or group database is  handled  by  the  Name  Service
11       Switch  implementation in the GNU C library.  The various services pro‐
12       vided are implemented by independent modules, each of  which  naturally
13       varies widely from the other.
14
15       The  default  implementations  coming  with  the  GNU  C library are by
16       default conservative and do not use unsafe data.  This  might  be  very
17       costly  in  some  situations,  especially when the databases are large.
18       Some modules allow the system administrator to request taking shortcuts
19       if  these  are known to be safe.  It is then the system administrator's
20       responsibility to ensure the assumption is correct.
21
22       There are other modules where the implementation changed over time.  If
23       an  implementation  used  to sacrifice speed for memory consumption, it
24       might create problems if the preference is switched.
25
26       The /etc/default/nss file contains a number  of  variable  assignments.
27       Each  variable controls the behavior of one or more NSS modules.  White
28       spaces are ignored.  Lines beginning with '#' are treated as comments.
29
30       The variables currently recognized are:
31
32       NETID_AUTHORITATIVE = TRUE|FALSE
33              If set to TRUE, the NIS backend for the  initgroups(3)  function
34              will  accept  the  information  from the netid.byname NIS map as
35              authoritative.  This can speed up the function significantly  if
36              the  group.byname map is large.  The content of the netid.byname
37              map is used as is.  The system administrator has to make sure it
38              is correctly generated.
39
40       SERVICES_AUTHORITATIVE = TRUE|FALSE
41              If  set  to  TRUE,  the NIS backend for the getservbyname(3) and
42              getservbyname_r(3)  functions  will   assume   that   the   ser‐
43              vices.byservicename NIS map exists and is authoritative, partic‐
44              ularly that it contains both keys with /proto and without /proto
45              for  both primary service names and service aliases.  The system
46              administrator has to make sure it is correctly generated.
47
48       SETENT_BATCH_READ = TRUE|FALSE
49              If set to TRUE, the NIS backend for  the  setpwent(3)  and  set‐
50              grent(3)  functions  will  read  the entire database at once and
51              then hand out the requests one by one  from  memory  with  every
52              corresponding  getpwent(3)  or  getgrent(3)  call  respectively.
53              Otherwise, each getpwent(3) or getgrent(3) call might result  in
54              a network communication with the server to get the next entry.
55

FILES

57       /etc/default/nss
58

EXAMPLE

60       The  default  configuration  corresponds to the following configuration
61       file:
62
63           NETID_AUTHORITATIVE=FALSE
64           SERVICES_AUTHORITATIVE=FALSE
65           SETENT_BATCH_READ=FALSE
66

SEE ALSO

68       nsswitch.conf
69

COLOPHON

71       This page is part of release 4.15 of the Linux  man-pages  project.   A
72       description  of  the project, information about reporting bugs, and the
73       latest    version    of    this    page,    can     be     found     at
74       https://www.kernel.org/doc/man-pages/.
75
76
77
78Linux                             2013-02-13                            NSS(5)
Impressum