Name Service Switch

From Wikipedia, the free encyclopedia

The Name Service Switch (NSS) allows replacement of many Unix configuration files (e.g. /etc/passwd, /etc/group, /etc/hosts) with a centralized database or databases, with the mechanisms used to access those databases being configurable. (Earlier Unix systems, with the notable exception of Ultrix which offered nearly identical functionality in /etc/svc.conf, either accessed only the configuration files or had the rules for which files or databases to access hardcoded.) It was first developed by Sun Microsystems for their Solaris operating system, but has been subsequently ported to many other operating systems including FreeBSD, NetBSD, Linux, HP-UX, IRIX and AIX.

Contents 1 nsswitch.conf 2 NSS and the C library 3 See also 4 External links

[edit] nsswitch.conf

NSS is usually configured using the file /etc/nsswitch.conf. This lists databases (e.g. group, passwd) and one or more sources for obtaining that information (e.g files for local files, nis for the Network Information Service, or ldap for the Lightweight Directory Access Protocol. For example:

passwd: files nis
group: files nis
hosts: files dns

The order of the services listed determines in which order NSS will attempt to use those service to resolve queries on the specified database.

[edit] NSS and the C library

NSS requires modifications to the C library so that calls to functions such as getpwent or getgrent will call into the appropriate NSS module. This means that existing applications that use these routines for identity information will not require any changes to work with NSS.

[edit] See also

• Pluggable authentication module (PAM)
• BSD Authentication
• Name server

[edit] External links

• Name Service Switch implementation in the GNU C Library
• NSS module supporting LDAP
• Commercial product including an NSS module for Active Directory
• NetBSD: nsswitch.conf(5) manpage