HP-UX Reference (11i v1 05/09) - 4 File Formats (vol 8)
n
nsswitch.conf(4) nsswitch.conf(4)
The default criteria are to continue on anything except
SUCCESS; in other words, [SUCCESS=return
NOTFOUND=continue UNAVAIL=continue TRYAGAIN=continue]
.
The default, or explicitly specified, criteria are meaningless following the last source in an entry; and are
ignored since the action is always to return to the caller irrespective of the status code the source returns.
Interaction with netconfig
In order to ensure that they all return consistent results based on the
inet family of entries, gethost-
byname()
, getservbyname()
, and netdir_getbyname()
functions are all implemented in terms
of the same internal switch library functions. These functions obtain the system-wide source lookup policy
for
hosts and services based on the inet
family entries in netconfig() .Forservices and
hosts only the "-" in the last column, which represents nametoaddr libraries, is supported.
Interaction with NIS+ YP-compatibility Mode
The NIS+ server can be run in "YP-compatibility mode", where it handles NIS (YP) requests as well as
NIS+ requests. In this case, the clients get much the same results from the "nis" source as from "nisplus";
however, "nisplus" is recommended instead of "nis".
Interaction with NIS (YP) server in DNS-forwarding Mode
The NIS (YP) server can be run in "DNS-forwarding mode", where it forwards lookup requests to DNS for
host-names and -addresses that do not exist in its database. In this case, specifying "nis" as a source for
"hosts" is sufficient to get DNS lookups; "dns" need not be specified explicitly as a source.
The NIS+ server in "YP-compatibility mode" can also be run in "DNS-forwarding mode" (see rpc.nisd(1M)).
Forwarding is effective only for requests originating from its YP clients; "hosts" policy on these clients
should be configured appropriately.
Interaction with +/- syntax
Releases prior to HP-UX 10.30 did not have the name-service switch support for passwd and group but did
allow the user some policy control. In
/etc/passwd one could have entries of the form +user (include
the specified user from NIS passwd.byname), -user (exclude the specified user) and + (include everything,
except excluded users, from NIS passwd.byname). The desired behavior was often "everything in the file
followed by everything in NIS", expressed by a solitary + at the end of
/etc/passwd . The switch pro-
vides an alternative for this case ("passwd: files nis") that does not require + entries in
/etc/passwd
If this is not sufficient, the "compat" source provides full +/- semantics. It reads
/etc/passwd for
getpwnam() functions and, if it finds +/- entries, invokes an appropriate source. By default the source is
"nis", but this may be overridden by specifying "nisplus" as the source for the pseudo-database
passwd_compat.
The compat source also provides full +/- semantics for group; the relevant pseudo-database is
group_compat .
The library functions contain compiled-in default entries that are used if the appropriate entry in
nsswitch.conf is absent or syntactically incorrect. The entries are as follows:
passwd: files nis
group: files nis
hosts: dns [NOTFOUND=return] nis [NOTFOUND=return] files
networks: nis [NOTFOUND=return] files
protocols: nis [NOTFOUND=return] files
rpc: nis [NOTFOUND=return] files
publickey: nis [NOTFOUND=return] files
netgroup: nis [NOTFOUND=return] files
automount: files nis
aliases: files nis
services: nis [NOTFOUND=return] files
ipnodes: dns [NOTFOUND=return] nis [NOTFOUND=return] files
Useful Configurations
The compiled-in default entries for all databases use NIS (YP) as the enterprise level name-service and are
identical to those in the default configuration of this file:
passwd: files nis
group: files nis
HP-UX 11i Version 1: September 2005 − 2 − Hewlett-Packard Company Section 4−−191