1 .\" $NetBSD: nsswitch.conf.5,v 1.14 1999/03/17 20:19:47 garbled Exp $
4 .\" Copyright (c) 1997, 1998, 1999 The NetBSD Foundation, Inc.
5 .\" All rights reserved.
7 .\" This code is derived from software contributed to The NetBSD Foundation
10 .\" Redistribution and use in source and binary forms, with or without
11 .\" modification, are permitted provided that the following conditions
13 .\" 1. Redistributions of source code must retain the above copyright
14 .\" notice, this list of conditions and the following disclaimer.
15 .\" 2. Redistributions in binary form must reproduce the above copyright
16 .\" notice, this list of conditions and the following disclaimer in the
17 .\" documentation and/or other materials provided with the distribution.
18 .\" 3. All advertising materials mentioning features or use of this software
19 .\" must display the following acknowledgement:
20 .\" This product includes software developed by Luke Mewburn.
21 .\" 4. The name of the author may not be used to endorse or promote products
22 .\" derived from this software without specific prior written permission.
24 .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
25 .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
26 .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
27 .\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
28 .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
29 .\" BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
30 .\" OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
31 .\" ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
32 .\" TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
33 .\" USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
40 .Nd name-service switch configuration file
44 file specifies how the
46 (name-service switch dispatcher) routines in the C library should operate.
48 The configuration file controls how a process looks up various databases
49 containing information regarding hosts, users (passwords), groups, etc.
50 Each database comes from a source (such as local files, DNS, and
52 and the order to look up the sources is specified in
57 consists of a database name, and a space separated list of sources.
58 Each source can have an optional trailing criterion that determines
59 whether the next listed source is used, or the search terminates at
61 Each criterion consists of one or more status codes, and actions to
62 take if that status code occurs.
64 The following sources are implemented:
66 .Bl -tag -width Source -compact
75 Internet Domain Name System.
81 class entries, all other databases use
83 class (Hesiod) entries.
94 If this is present, it must be the only source for that entry.
97 The following databases are used by the following C library functions:
99 .Bl -tag -width networks -compact
114 The following status codes are available:
116 .Bl -tag -width tryagain -compact
120 The requested entry was found.
122 The entry is not present at this source.
124 The source is busy, and may respond to retries.
126 The source is not responding, or entry is corrupt.
129 For each of the status codes, one of two actions is possible:
131 .Bl -tag -width continue -compact
137 Return with the current result
142 description of the syntax of
146 .Bl -tag -width <criterion> -compact
149 <database> ":" [<source> [<criteria>]]*
155 <status> "=" <action>
158 "success" | "notfound" | "unavail" | "tryagain"
161 "return" | "continue"
164 Each entry starts on a new line in the file.
167 delimits a comment to end of line.
168 Blank lines are ignored.
171 at the end of a line escapes the newline, and causes the next line to
172 be a continuation of the current line.
173 All entries are case-insensitive.
175 The default criteria is to return on
177 and continue on anything else (i.e,
178 .Li "[success=return notfound=continue unavail=continue tryagain=continue]" ) .
179 .Ss Compat mode: +/- syntax
180 In historical multi-source implementations, the
184 characters are used to specify the importing of user password and
185 group information from
189 provides alternative methods of accessing distributed sources such as
191 specifying a sole source of
193 will provide the historical behaviour.
195 An alternative source for the information accessed via
197 can be used by specifying
198 .Dq passwd_compat: source .
204 any other source except for
209 Historically, many of the databases had enumeration functions, often of
212 These made sense when the databases were in local files, but don't make
213 sense or have lesser relevance when there are possibly multiple sources,
214 each of an unknown size.
215 The interfaces are still provided for compatibility, but the source
216 may not be able to provide complete entries, or duplicate entries may
217 be retrieved if multiple sources that contain similar information are
220 To ensure compatibility with previous and current implementations, the
222 source must appear alone for a given database.
223 .Ss Default source lists
226 doesn't exist, or it has missing or corrupt entries,
228 will default to an entry of
230 for the requested database.
233 .Bl -tag -width passwd_compat -compact
235 .Sy "Default source list"
248 .Bl -tag -width /etc/nsswitch.conf -compact
249 .It Pa /etc/nsswitch.conf
258 and then from the DNS, and lookup user information from
262 .Bl -tag -width passwd: -compact
266 nis [notfound=return] files
268 nis [notfound=return] files
272 .Dq [notfound=return]
273 sets a policy of "if the user is notfound in nis, don't try files."
274 This treats nis as the authoritative source of information, except
275 when the server is down.
284 file format first appeared in
286 It was imported from the
288 Project, where it appeared first in
293 wrote this freely distributable name-service switch implementation,