sun.com   |  docs.sun.com
How To Buy  |  My Sun  |  Worldwide Sites
         
 
Sun Microsystems Logo
 Products and Services
 		 Support and Training
 
 
System Administration Guide: Naming and Directory Services (FNS and NIS+) >> 1.  The Name Service Switch >> About the Name Service Switch >> Format of the nsswitch.conf File 

Previous Previous     Contents     Index     Next Next

Switch Action Options

You can instruct the switch to respond to status messages with either of these two actions shown in the following table.

Table 1-3 Responses to Switch Status Messages

Action

Meaning

return

Stop looking for the information.

continue

Try the next source, if there is one.

Default Search Criteria

The combination of nsswitch.conf file status message and action option determines what the routine does at each step. This combination of status and action is called the search criteria.

The switch's default search criteria are the same for every source. Described in terms of the status messages listed above, they are:

  • SUCCESS=return. Stop looking for the information and proceed using the information that has been found.

  • UNAVAIL=continue. Go to the next nsswitch.conf file source and continue searching. If this is the last (or only) source, return with a NOTFOUND status.

  • NOTFOUND=continue. Go to the next nsswitch.conf file source and continue searching. If this is the last (or only) source, return with a NOTFOUND status.

  • TRYAGAIN=continue. Go to the next nsswitch.conf file source and continue searching. If this is the last (or only) source, return with a NOTFOUND status.

Because these are the default search criteria, they are assumed. That is, you do not have to explicitly specify them in the switch file. You can change these default search criteria by explicitly specifying some other criteria using the STATUS=action syntax show above. For example, the default action for a NOTFOUND condition is to continue the search to the next source. To specify that for a particular type of information, such as networks, the search is to halt on a NOTFOUND condition, you would edit the networks line of the switch file to read: 

networks: nis [NOTFOUND=return] files

The networks: nis [NOTFOUND=return] files line specifies a non-default criterion for the NOTFOUND status. Non-default criteria are delimited by square brackets.

In this example, the search routine behaves as follows:

  • If the networks map is available and contains the needed information, the routine returns with a SUCCESS status message.

  • If the networks map is not available, the routine returns with an UNAVAIL status message and by default continues on to search the appropriate /etc file.

  • If the networks map is available and found, but it does not contain the needed information, the routine returns with a NOTFOUND message. But, instead of continuing on to search the appropriate /etc file, which would be the default behavior, the routine stops searching.

  • If the networks map is busy, the routine returns with an TRYAGAIN status message and by default continues on to search the appropriate /etc file.

What if the Syntax is Wrong?

Client library routines contain compiled-in default entries that are used if an entry in the nsswitch.conf file is either missing or syntactically incorrect. These entries are the same as the switch file's defaults.

The name service switch assumes that the spelling of table and source names is correct. If you misspell a table or source name, the switch uses default values.

Auto_home and Auto_master

The switch search criteria for the auto_home and auto_master tables and maps is combined into one category called automount.

Timezone and the Switch File

The timezone table does not use the switch, so it is not included in the switch file's list.

Comments in nsswitch.conf Files

Any nsswitch.conf file line beginning with a comment character (#) is interpreted as a comment line and is ignored by routines that search the file.

When a comment character (#) is included in the middle of the line, characters preceding the comment mark are interpreted by routines that search the nsswitch.conf file. Characters to the right of the comment mark are interpreted as comments and ignored.

Table 1-4 Switch File Comment Examples

Type of Line

Example

Comment line (not interpreted).

# hosts: nisplus [NOTFOUND=return] files

Fully interpreted line.

hosts: nisplus [NOTFOUND=return] file

Partially interpreted line (the files element not interpreted)

hosts: nisplus [NOTFOUND=return] # files

Keyserver and publickey Entry in the Switch File

Caution! Caution - You must restart the keyserver after you make a change to nsswitch.conf

The keyserver reads the publickey entry in the name service switch configuration file only when the keyserver is started. As a result, if you change the switch configuration file, the keyserver does not become aware of changes to the publickey entry until it is restarted.

The nsswitch.conf Template Files

Four nsswitch.conf template files are provided with the Solaris operating environment to accommodate different naming services. Each of them provides a different default set of primary and subsequent information sources.

The four template files are:

  • NIS+ template file. The nsswitch.nisplus configuration file specifies NIS+ as the primary source for all information except passwd, group, automount, and aliases. For those four files, the primary source is local /etc files and the secondary source is an NIS+ table. The [NOTFOUND=return] search criterion instructs the switch to stop searching the NIS+ tables if it receives a "No such entry" message from them. It searches through local files only if the NIS+ server is unavailable.

  • NIS template file. The nsswitch.nis configuration file is almost identical to the NIS+ configuration file, except that it specifies NIS maps in place of NIS+ tables. Because the search order for passwd and group is files nis, you don't need to place the + entry in the /etc/passwd and /etc/group files.

  • Files template file. The nsswitch.files configuration file specifies local /etc files as the only source of information for the machine. There is no "files" source for netgroup, so the client will not use that entry in the switch file.

Copy the template file that most closely meets your requirements to thensswitch.conf configuration file and then modify the file as needed.

For example, to use the LDAP template file, you would type the following command:

mymachine# cp nsswitch.ldap nsswitch.conf

The Default Switch Template Files

Here are the four switch files supplied with Solaris operating environment:

Example 1-1 NIS+ Switch File Template (nsswitch.nisplus)

#
#
# /etc/nsswitch.nisplus:
#
#
# An example file that could be copied over to /etc/nsswitch.conf;
# it uses NIS+ (NIS Version 3) in conjunction with files.
#
# "hosts:" and "services:" in this file are used only if the
# /etc/netconfig file has a "-" for nametoaddr_libs of "inet"
# transports.
 
# the following two lines obviate the "+" entry in /etc/passwd 
# and /etc/group.
passwd: files nisplus
group: files nisplus
# consult /etc "files" only if nisplus is down. 
hosts: nisplus [NOTFOUND=return] files
# Uncomment the following line, and comment out the above, to use 
# both DNS and NIS+. You must also set up the /etc/resolv.conf 
# file for DNS name server lookup. See resolv.conf(4).
# hosts: nisplus dns [NOTFOUND=return] files
services: nisplus [NOTFOUND=return] files
networks: nisplus [NOTFOUND=return] files
protocols: nisplus [NOTFOUND=return] files
rpc: nisplus [NOTFOUND=return] files
ethers: nisplus [NOTFOUND=return] files
netmasks: nisplus [NOTFOUND=return] files	
bootparams: nisplus [NOTFOUND=return] files
publickey: nisplus
netgroup: nisplus
automount: files nisplus
aliases: files nisplus
sendmailvars: files nisplus

Previous Previous     Contents     Index     Next Next
 
Copyright 1994-2002 Sun Microsystems