System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP)

Format of the nsswitch.conf File

The nsswitch.conf file is essentially a list of 16 types of information and the sources that getXXbyYY() routines search for that information. The 16 types of information, not necessarily in this order, are the following.

The following table provides a description of the kind of sources that can be listed in the switch file for the information types above.

Table 2–1 Switch File Information Sources

Information Sources 

Description 

files

A file stored in the client's /etc directory. For example, /etc/passwd

nisplus

An NIS+ table. For example, the hosts table.

nis

An NIS map. For example, the hosts map.

compat

compat can be used for password and group information to support old-style + or - syntax in /etc/passwd, /etc/shadow, and /etc/group files.

dns

Can be used to specify that host information be obtained from DNS. 

ldap

Can be used to specify entries be obtained from the LDAP directory. 

Search Criteria

Single Source. If an information type has only one source, such as nisplus a routine using the switch searches for the information in that source only. If it finds the information, it returns a success status message. If it does not find the information, it stops searching and returns a different status message. What the routine does with the status message varies from routine to routine.

Multiple Sources. If a table has more than one source for a given information type, the switch directs the routine to start searching for the information in the first source that is listed. If it finds the information, it returns a success status message. If it does not find the information in the first source, it tries the next source. The routine will search through all of the sources until it has found the information it needs, or it is halted by encountering a return specification. If all of the listed sources are searched without finding the information, the routine stops searching and returns a non-success status message.

Switch Status Messages

If a routine finds the information, it returns a success status message. If it does not find the information for which it is looking, it returns one of three unsuccessful status messages, depending on the reason for not finding the information. Possible status messages are listed in the following table.

Table 2–2 Switch Search Status Messages

Status Message 

Meaning of Message 

SUCCESS

The requested entry was found in the specified source. 

UNAVAIL

The source is not responding or is unavailable. That is, the NIS+ table, or NIS map, or /etc file could not be found or accessed.

NOTFOUND

The source responded with "No such entry." In other words, the table, map, or file was accessed but it did not contain the needed information. 

TRYAGAIN

The source is busy; it might respond next time. In other words, the table, map, or file was found, but it could not respond to the query. 

Switch Action Options

You can instruct the switch to respond to status messages with either of these two actions shown in the following table.

Table 2–3 Responses to Switch Status Messages

Action 

Meaning 

return

Stop looking for the information. 

continue

Try the next source, if there is one. 

Default Search Criteria

The combination of nsswitch.conf file status message and action option determines what the routine does at each step. This combination of status and action is called the search criteria.

The switch's default search criteria are the same for every source. Described in terms of the status messages listed above, they are the following.

Because these are the default search criteria, they are assumed. That is, you do not have to explicitly specify them in the switch file. You can change these default search criteria by explicitly specifying some other criteria using the STATUS=action syntax show above. For example, the default action for a NOTFOUND condition is to continue the search to the next source. To specify that for a particular type of information, such as networks, the search is to halt on a NOTFOUND condition, you would edit the networks line of the switch file to read as follows.


networks: nis [NOTFOUND=return] files

The networks: nis [NOTFOUND=return] files line specifies a non-default criterion for the NOTFOUND status. Non-default criteria are delimited by square brackets.

In this example, the search routine behaves as follows

What if the Syntax is Wrong?

Client library routines contain compiled-in default entries that are used if an entry in the nsswitch.conf file is either missing or syntactically incorrect. These entries are the same as the switch file's defaults.

The name service switch assumes that the spelling of table and source names is correct. If you misspell a table or source name, the switch uses default values.

Auto_home and Auto_master

The switch search criteria for the auto_home and auto_master tables and maps is combined into one category called automount.

Timezone and the Switch File

The timezone table does not use the switch, so it is not included in the switch file's list.