HP-UX Reference (11i v1 00/12) - 4 File Formats (vol 8)
__________________________________________________________________________________________________________________________________________________________________________________________________
__________________________________________________________________________________________________________________________________________________________________________________________________
STANDARD Printed by: Nora Chuang [nchuang] STANDARD
/build/1111/BRICK/man4/!!!intro.4
________________________________________________________________
___ ___
n
nsswitch.conf(4) nsswitch.conf(4)
If compatibility with the +/- syntax for passwd and group is required, simply modify the entries for
passwd and group to:
passwd: compat
group: compat
If NIS+ is the enterprise level name-service, the default configuration should be modified to use nisplus
instead of nis for every database on client machines. The file /etc/nsswitch.nisplus contains a
sample configuration that can be copied to /etc/nsswitch.conf to set this policy.
If the use of +/- syntax is desired in conjunction with nisplus, use the following four entries:
passwd: compat
passwd_compat: nisplus
group: compat
group_compat: nisplus
In order to get information from the Internet Domain Name Service for hosts that are not listed in the
enterprise level name-service, NIS+, use the following configuration and set up the
/etc/resolv.conf file (see resolver(4) for more details):
hosts: nisplus dns [NOTFOUND=return] files
Enumeration -- getXXXent()
Many of the databases have enumeration functions: passwd has getpwent() , hosts has gethos-
tent()
, and so on. These were reasonable when the only source was files but often make little sense
for hierarchically structured sources that contain large numbers of entries, much less for multiple sources.
The interfaces are still provided and the implementations strive to provide reasonable results, but the data
returned may be incomplete (enumeration for
hosts is simply not supported by the dns source), incon-
sistent (if multiple sources are used), formatted in an unexpected fashion (for a host with a canonical name
and three aliases, the
nisplus source will return four hostents, and they may not be consecutive), or
very expensive (enumerating a passwd database of 5000 users is probably a bad idea). Furthermore,
multiple threads in the same process using the same reentrant enumeration function (getXXXent_r()
are supported) share the same enumeration position; if they interleave calls, they will enumerate disjoint
subsets of the same database.
In general the use of the enumeration functions is deprecated. In the case of passwd, and group
, it may
sometimes be appropriate to use
fgetgrent() , fgetpwent() , and fgetspent() (see getgrent(3C),
and getpwent(3C), respectively), which use only the
files source.
WARNINGS
Within each process that uses
nsswitch.conf()
, the entire file is read only once. If the file is later
changed, the process will continue using the old configuration.
Programs that use the
getXXbyYY() functions cannot be linked statically since the implementation of
these functions requires dynamic linker functionality to access the shared objects
/usr/lib/nss_SSS.sl.1 at run time.
The use of both nis and nisplus as sources for the same database is strongly discouraged since both
the name-services are expected to store similar information and the lookups on the database may yield
different results depending on which name-service is operational at the time of the request.
Misspelled names of sources and databases will be treated as legitimate names of (most likely nonexistent)
sources and databases.
The following functions do not use the switch: fgetgrent() , fgetpwent() , fgetspent(),
getpw(), and putpwent().
Applications linked with libc.1 will display different default actions for NOTFOUND and TRYAGAIN.
Applications linked with libc.1 will have the switch search terminate if the Name Service returns a result of
NOTFOUND or TRYAGAIN.
This will be an issue for exisiting nsswitch.conf files that specify name service lookup criteria that contains
no <criterion> between <source> entries.
Example: hosts: dns files
For applications linked with libc.1, the fallback to files will only occur if
DNS returns UNAVAIL. For all
other applications, the fallback to files will occur unless
DNS returns SUCCESS.
HP-UX Release 11i: December 2000 − 3 − Section 4−−193
___
___