man-pages/nss.5

.\" A man page for /etc/default/nss. -*- nroff -*-
.\"
.\" Copyright (C) 2006 Red Hat, Inc. All rights reserved.
.\"
.\" This copyrighted material is made available to anyone wishing to use,
.\" modify, copy, or redistribute it subject to the terms and conditions of the
.\" GNU General Public License v.2.
.\"
.\" This program is distributed in the hope that it will be useful, but WITHOUT
.\" ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
.\" FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
.\" more details.
.\"
.\" You should have received a copy of the GNU General Public License along
.\" with this program; if not, write to the Free Software Foundation, Inc.,
.\" 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
.\"
.\" Author: Ulrich Drepper <drepper@redhat.com>
.TH nss 5 "May 2006" nss

.SH NAME
nss \- Name Service Switch configuration file

.SH DESCRIPTION
Each call to a function which retrieves data from a system database
like the password or group database is handled by the Name Service
Switch implementation in the GNU C library.  The various services
provided are implemented by independent modules, each of which
naturally varies widely from the other.
.PP
The default implementations coming with the GNU C library are by
default conservative and do not use unsafe data.  This might be
very costly in some situations, especially when the databases
are large.  Some modules allow the system administrator to request
taking shortcuts if these are known to be safe.  It is then the
system administrator's responsibility to ensure the assumption
is correct.
.PP
There are other modules where the implementation changed over time.
If an implementation used to sacrifize speed for memory consumption
it might create problems if the preference is switched.
.PP
The \fI/etc/default/nss\fR file contains a number of variable
assignments.  Each variable controls the behavior of one or more
NSS modules.  White spaces are ignored.  Lines beginning with `#'
are treated as comments.
.PP
The variables currently recognized are:
.TP
\fBNETID_AUTHORITATIVE =\fR \fITRUE\fR|\fIFALSE\fR
If set to TRUE, the NIS backend for the
.BR initgroups (3)
function will accept the information
from the netid.byname NIS map as authoritative.  This can speed up the
function significantly if the group.byname map is large.  The content
of the netid.byname map is used \fBas is\fR.  The system administrator has
to make sure it is correctly generated.

.TP
\fBSERVICES_AUTHORITATIVE =\fR \fITRUE\fR|\fIFALSE\fR
If set to TRUE, the NIS backend for the
.BR getservbyname (3)
and
.BR getservbyname_r (3)
function will assume
services.byservicename NIS map exists and is authoritative, particularly
that it contains both keys with /proto and without /proto for both
primary service names and service aliases.  The system administrator
has to make sure it is correctly generated.

.TP
\fBSETENT_BATCH_READ =\fR \fITRUE\fR|\fIFALSE\fR
If set to TRUE, the NIS backend for the
.BR setpwent (3)
and
.BR setgrent (3)
functions will read the entire
database at once and then hand out the requests one by one from
memory with every corresponding
.BR getpwent (3)
or
.BR getgrent (3)
call respectively.  Otherwise each
.BR getpwent (3)
or
.BR getgrent (3)
call might result into a network communication with the server to get
the next entry.


.SH EXAMPLE

The default configuration corresponds to the
following configuration file:

.nf
NETID_AUTHORITATIVE=FALSE
SERVICES_AUTHORITATIVE=FALSE
SETENT_BATCH_READ=FALSE


.SH FILES
\fI/etc/default/nss\fR

.SH AUTHOR
Ulrich Drepper <drepper@redhat.com>

.SH SEE ALSO
\fInsswitch.conf\fR
- add nss.5 man page (#192142) - add the man-pages directories (#192998) 2006-05-26 11:18:32 +00:00			`.\" A man page for /etc/default/nss. -- nroff --`
			`.\"`
			`.\" Copyright (C) 2006 Red Hat, Inc. All rights reserved.`
			`.\"`
			`.\" This copyrighted material is made available to anyone wishing to use,`
			`.\" modify, copy, or redistribute it subject to the terms and conditions of the`
			`.\" GNU General Public License v.2.`
			`.\"`
			`.\" This program is distributed in the hope that it will be useful, but WITHOUT`
			`.\" ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or`
			`.\" FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for`
			`.\" more details.`
			`.\"`
			`.\" You should have received a copy of the GNU General Public License along`
			`.\" with this program; if not, write to the Free Software Foundation, Inc.,`
			`.\" 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.`
			`.\"`
			`.\" Author: Ulrich Drepper <drepper@redhat.com>`
			`.TH nss 5 "May 2006" nss`

			`.SH NAME`
			`nss \- Name Service Switch configuration file`

			`.SH DESCRIPTION`
			`Each call to a function which retrieves data from a system database`
			`like the password or group database is handled by the Name Service`
			`Switch implementation in the GNU C library. The various services`
			`provided are implemented by independent modules, each of which`
			`naturally varies widely from the other.`
			`.PP`
			`The default implementations coming with the GNU C library are by`
			`default conservative and do not use unsafe data. This might be`
			`very costly in some situations, especially when the databases`
			`are large. Some modules allow the system administrator to request`
			`taking shortcuts if these are known to be safe. It is then the`
			`system administrator's responsibility to ensure the assumption`
			`is correct.`
			`.PP`
			`There are other modules where the implementation changed over time.`
			`If an implementation used to sacrifize speed for memory consumption`
			`it might create problems if the preference is switched.`
			`.PP`
			`The \fI/etc/default/nss\fR file contains a number of variable`
			`assignments. Each variable controls the behavior of one or more`
			NSS modules. White spaces are ignored. Lines beginning with `#'
			`are treated as comments.`
			`.PP`
			`The variables currently recognized are:`
			`.TP`
			`\fBNETID_AUTHORITATIVE =\fR \fITRUE\fR\|\fIFALSE\fR`
			`If set to TRUE, the NIS backend for the`
			`.BR initgroups (3)`
			`function will accept the information`
			`from the netid.byname NIS map as authoritative. This can speed up the`
			`function significantly if the group.byname map is large. The content`
			`of the netid.byname map is used \fBas is\fR. The system administrator has`
			`to make sure it is correctly generated.`

			`.TP`
			`\fBSERVICES_AUTHORITATIVE =\fR \fITRUE\fR\|\fIFALSE\fR`
			`If set to TRUE, the NIS backend for the`
			`.BR getservbyname (3)`
			`and`
			`.BR getservbyname_r (3)`
			`function will assume`
			`services.byservicename NIS map exists and is authoritative, particularly`
			`that it contains both keys with /proto and without /proto for both`
			`primary service names and service aliases. The system administrator`
			`has to make sure it is correctly generated.`

			`.TP`
			`\fBSETENT_BATCH_READ =\fR \fITRUE\fR\|\fIFALSE\fR`
			`If set to TRUE, the NIS backend for the`
			`.BR setpwent (3)`
			`and`
			`.BR setgrent (3)`
			`functions will read the entire`
			`database at once and then hand out the requests one by one from`
			`memory with every corresponding`
			`.BR getpwent (3)`
			`or`
			`.BR getgrent (3)`
			`call respectively. Otherwise each`
			`.BR getpwent (3)`
			`or`
			`.BR getgrent (3)`
			`call might result into a network communication with the server to get`
			`the next entry.`


			`.SH EXAMPLE`

			`The default configuration corresponds to the`
			`following configuration file:`

			`.nf`
			`NETID_AUTHORITATIVE=FALSE`
			`SERVICES_AUTHORITATIVE=FALSE`
			`SETENT_BATCH_READ=FALSE`


			`.SH FILES`
			`\fI/etc/default/nss\fR`

			`.SH AUTHOR`
			`Ulrich Drepper <drepper@redhat.com>`

			`.SH SEE ALSO`
			`\fInsswitch.conf\fR`