1NSS(5)                     Linux Programmer's Manual                    NSS(5)
2
3
4

NAME

6       nss - Name Service Switch configuration file
7

DESCRIPTION

9       Each  call  to  a  function which retrieves data from a system database
10       like the password or group database is  handled  by  the  Name  Service
11       Switch  implementation in the GNU C library.  The various services pro‐
12       vided are implemented by independent modules, each of  which  naturally
13       varies widely from the other.
14
15       The  default  implementations  coming with the GNU C library are by de‐
16       fault conservative and do not use unsafe  data.   This  might  be  very
17       costly  in  some  situations,  especially when the databases are large.
18       Some modules allow the system administrator to request taking shortcuts
19       if  these  are known to be safe.  It is then the system administrator's
20       responsibility to ensure the assumption is correct.
21
22       There are other modules where the implementation changed over time.  If
23       an  implementation  used  to sacrifice speed for memory consumption, it
24       might create problems if the preference is switched.
25
26       The /etc/default/nss file contains a number  of  variable  assignments.
27       Each  variable controls the behavior of one or more NSS modules.  White
28       spaces are ignored.  Lines beginning with '#' are treated as comments.
29
30       The variables currently recognized are:
31
32       NETID_AUTHORITATIVE = TRUE|FALSE
33              If set to TRUE, the NIS backend for the  initgroups(3)  function
34              will accept the information from the netid.byname NIS map as au‐
35              thoritative.  This can speed up the  function  significantly  if
36              the  group.byname map is large.  The content of the netid.byname
37              map is used as is.  The system administrator has to make sure it
38              is correctly generated.
39
40       SERVICES_AUTHORITATIVE = TRUE|FALSE
41              If  set  to  TRUE,  the NIS backend for the getservbyname(3) and
42              getservbyname_r(3) functions will assume that  the  services.by‐
43              servicename  NIS  map  exists and is authoritative, particularly
44              that it contains both keys with /proto and  without  /proto  for
45              both  primary service names and service aliases.  The system ad‐
46              ministrator has to make sure it is correctly generated.
47
48       SETENT_BATCH_READ = TRUE|FALSE
49              If set to TRUE, the NIS backend for  the  setpwent(3)  and  set‐
50              grent(3)  functions  will  read  the entire database at once and
51              then hand out the requests one by one  from  memory  with  every
52              corresponding  getpwent(3)  or  getgrent(3)  call  respectively.
53              Otherwise, each getpwent(3) or getgrent(3) call might result  in
54              a network communication with the server to get the next entry.
55

FILES

57       /etc/default/nss
58

EXAMPLES

60       The  default  configuration  corresponds to the following configuration
61       file:
62
63           NETID_AUTHORITATIVE=FALSE
64           SERVICES_AUTHORITATIVE=FALSE
65           SETENT_BATCH_READ=FALSE
66

SEE ALSO

68       nsswitch.conf
69

COLOPHON

71       This page is part of release 5.12 of the Linux  man-pages  project.   A
72       description  of  the project, information about reporting bugs, and the
73       latest    version    of    this    page,    can     be     found     at
74       https://www.kernel.org/doc/man-pages/.
75
76
77
78Linux                             2020-06-09                            NSS(5)