nsswitch.conf.4 (2010 09)

ManualsBrandsHP ManualsSoftwareHP-UX Manpages

nsswitch.conf(4) nsswitch.conf(4)

NAME

nsswitch.conf - conﬁguration ﬁle for the name-service switch

SYNOPSIS

/etc/nsswitch.conf

DESCRIPTION

The operating system uses a number of "databases" of information about hosts, users (

passwd

), groups

and so forth. Data for these can come from a variety of sources: host-names and -addresses, for example,

may be found in

/etc/hosts, NIS, LDAP, or DNS. One or more sources may be used for each data-

base; the sources and their lookup order are speciﬁed in the

/etc/nsswitch.conf

ﬁle.

The following databases use the switch:

Database Used by

aliases sendmail

automount automount

group getgrnam()

hosts gethostbyname()

ipnodes getipnodebyname()

netgroup innetgr()

networks getnetbyname()

passwd getpwnam(), getspnam()

protocols getprotobyname()

publickey getpublickey(),

secure_rpc()

rpc getrpcbyname()

sendmailvars

sendmail

services getservbyname()

The following sources may be used:

Source Uses

files /etc/hosts, /etc/passwd, and so forth

nis NIS (YP)

ldap LDAP Directory Server

dns Valid only for hosts, ipnodes; uses the Internet Domain Name Service.

compat Valid only for passwd and group; implements + and -.

(See Interaction with +/- syntax below)

There is an entry in

/etc/nsswitch.conf

for each database. Typically these entries will be simple,

protocols: files or networks: files nis. However, when multiple sources are speciﬁed

it is sometimes necessary to deﬁne precisely the circumstances under which each source will be tried. A

source can return one of the following codes:

Status Meaning

SUCCESS Requested database entry was found

UNAVAIL Source is not responding or corrupted

NOTFOUND Source responded "no such entry"

TRYAGAIN Source is busy, might respond to retries

For each status code, two actions are possible:

Action Meaning

continue Try the next source in the list

return Return now

The complete syntax of an entry is

<criteria> ::= "[" <criterion>+ "]"

<status> ::= "success" | "notfound" | "unavail" | "tryagain"

<action> ::= "return" | "continue"

Each entry occupies a single line in the ﬁle. Lines that are blank, or that start with white space charac-

ter are ignored. Everything on a line following a

# character is also ignored; the # character can begin

anywhere in a line, to be used to begin comments. The database and source names are case-sensitive, but

HP-UX 11i Version 3: September 2010 − 1 − Hewlett-Packard Company 1

Summary of content (4 pages)

PAGE 1
nsswitch.conf(4) nsswitch.conf(4) NAME nsswitch.conf - configuration file for the name-service switch SYNOPSIS /etc/nsswitch.conf DESCRIPTION The operating system uses a number of "databases" of information about hosts, users (passwd), groups and so forth. Data for these can come from a variety of sources: host-names and -addresses, for example, may be found in /etc/hosts, NIS, LDAP, or DNS.
PAGE 2
nsswitch.conf(4) nsswitch.conf(4) action and status names are case-insensitive. The default criteria are to continue on anything except SUCCESS; in other words, [SUCCESS=return NOTFOUND=continue UNAVAIL=continue TRYAGAIN=continue]. The default, or explicitly specified, criteria are meaningless following the last source in an entry; and are ignored since the action is always to return to the caller irrespective of the status code the source returns.
PAGE 3
nsswitch.conf(4) passwd: group: nsswitch.conf(4) compat compat To get information from the Internet Domain Name Service for hosts that are not listed in the enterprise level name-service, NIS, use the following configuration and set up the file /etc/resolv.conf. See resolver (4) for more details. hosts: ipnodes: nis dns [NOTFOUND=return] files nis dns [NOTFOUND=return] files The file /etc/nsswitch.ldap contains an example configuration that can be copied to /etc/nsswitch.conf to set an LDAP policy.
PAGE 4
nsswitch.conf(4) nsswitch.conf(4) For the default system behavior: hosts: dns [NOTFOUND=continue TRYAGAIN=continue] files NIS+ is obsoleted on HP-UX 11i Version 3 and is no longer supported. LDAP is the recommended replacement for NIS+. HP fully supports the industry standard naming services based on LDAP. Obsolescence The ipnodes directive may not be supported in future HP-UX releases.