Working With Oracle® Solaris 11.2 Directory and Naming Services: DNS and NIS

Exit Print View

 
Updated: July 2014
 
 

Databases and Sources for the Name Service Switch

The databases that are supported by the name service switch are configured by using SMF services. To obtain a listing of these databases, use the svcfg command as shown in the following example.

# svccfg -s name-service/switch listprop config
config                      application
config/default              astring             files
config/password             astring             "files nis"
config/group                astring             "files nis"
config/host                 astring             "files nis"
config/network              astring             "nis [NOTFOUND=return] files"
config/protocol             astring             "nis [NOTFOUND=return] files"
config/rpc                  astring             "nis [NOTFOUND=return] files"
config/ether                astring             "nis [NOTFOUND=return] files"
config/netmask              astring             "files nis"
config/bootparam            astring             "nis [NOTFOUND=return] files"
config/publickey            astring             "nis [NOTFOUND=return] files"
config/netgroup             astring             nis
config/automount            astring             "files nis"
config/alias                astring             "files nis"
config/service              astring             "files nis"
config/printer              astring             "user nis"
config/auth_attr            astring             "files nis"
config/prof_attr            astring             "files nis"
config/project              astring             "files nis"

The following table explains the type of information that each database stores. From the SMF perspective, these databases are considered configurable properties of the service.

Table 2-1  Databases for the Name Service Switch
Information Database
Type of Information
alias
Email addresses and aliases
auth_attr
Authorization names and descriptions
automount
Information about remote file systems that could be mounted locally
bootparam
Boot information for diskless clients
ether
Ethernet addresses and matching host names
group
Information about groups that can be used to share access to files
host
IP address and matching host names
netgroup
Information for shared NFS file systems
netmask
Network masks used to implement IP subnets
network
Name and number for each network
password
User account information
prof_attr
Execution profile names, descriptions, and other attributes
project
Project names, unique identifiers, and associated resource allocations
protocol
Internet protocol names, numbers and any aliases
publickey
Public key information
rpc
Names and numbers of RPC programs
service
Name, port, and protocol for Internet services
tnrhdb
Security attributes for a host using the Trusted Extensions feature of Oracle Solaris
tnrhtp
Templates used by Trusted Extensions

In addition, a default property in the name service switch defines the source string for any database that is not otherwise defined. The value for this property is set to files to indicate that all the databases and their information are found locally in the /etc directory. You can set up a different configuration for the default property based on the sources listed in Table 2–2. See How to Change the Source for All Naming Databases for the procedure.

The default property enables you to configure a source that universally applies to the databases, instead of configuring each database's source.

The following table describes the kind of sources that can be listed in the name service switch for the databases listed above.

Table 2-2  Information Sources for the Name Service Switch
Information Sources
Description
ad
Identifies databases stored on an Active Directory server.
pam_list
Replaces the obsoleted compat database. It can be used for password and group information to support old-style + or - syntax in the /etc/passwd, /etc/shadow, and /etc/group files.
dns
Specifies that host information be obtained from DNS.
files
Specifies a file stored in the client's /etc directory, for example, /etc/passwd.
ldap
Specifies that entries be obtained from the LDAP directory.
mdns
Specifies hosts information by using Multicast DNS (mDNS).
nis
Specifies an NIS map, for example, the hosts map.

Source Formats for the Name Service Switch

    The following search criteria formats can be used to select one or more information sources, and to specify the order that the sources are used.

  • Single Source — If an information type has only one source, such as files, a search routine that uses the switch searches for the information in that source only. If the routine finds the information, the routine returns a success status message. If the routine does not find the information, the routine stops searching and returns a different status message. What the routine does with the status message varies from routine to routine.

  • Multiple Sources — If a database contains multiple sources for a given information type, the switch directs the search routine to search in the first listed source. If the routine finds the information, the routine returns a success status message. If the routine does not find the information in the first source, the routine tries the next source. The routine searches all sources until the routine has found the information, or until the routine is halted by a return specification. If all of the listed sources are searched without finding the information, the routine stops searching and returns a non-success status message.

By default in the Oracle Solaris 11 release, the first source is files. This configuration prevents system hangs if the next source listed is not available.

Status Messages for the Name Service Switch

If a routine finds the information, the routine returns a success status message. If the routine does not find the information, the routine returns one of three error status messages. Possible status messages are listed in the following table.

Table 2-3  Status Messages for the Name Service Switch
Status Message
Explanation
SUCCESS
The requested entry was found in the specified source.
UNAVAIL
The source is either unresponsive or unavailable. In other words, none of the database sources could be found or accessed.
NOTFOUND
The source responded with “No such entry.” In other words, the database was accessed, but the needed information was not found.
TRYAGAIN
The source is busy and might respond next time. In other words, the database was found but could not respond to the query.

Switch Action Options for the Name Service Switch

You can instruct the name service switch to respond to status messages with either of the two actions shown in the following table.

Table 2-4  Responses to Status Messages from the Name Service Switch
Action
Explanation
return
Stop looking for the information.
continue
Try the next source.

    In addition, for the TRYAGAIN status message, the following actions can be defined

  • forever – Retries the current source indefinitely

  • n – Retry the current source n more times

Default Search Criteria for the Name Service Switch

The combination of the name service switch status message and action options determine what the search routine does at each step. The combination of the status message and action options make up the search criteria.

The switch's default search criteria are the same for every source. This list includes a description of several of the search criteria.

  • SUCCESS=return. Stop looking for the information. Proceed using the information that has been found.

  • UNAVAIL=continue. Go to the next name service switch source and continue searching. If this source is the last or only source, return with a NOTFOUND status.

  • NOTFOUND=continue. Go to the next name service switch source and continue searching. If this source is the last or only source, return with a NOTFOUND status.

  • TRYAGAIN=forever. Searches the current name service switch source indefinitely.

  • TRYAGAIN=3. Searches the current source three times. After exhausting three retries, the TRYAGAIN action transitions to continue and searches the next name service switch source.

You can change the default search criteria by explicitly specifying some other criteria by using the STATUS=action syntax shown in the preceding list. For the procedure, see How to Configure a Search Criterion for a Database.

Note -  Lookups in the name service switch are performed in the order in which items are listed. However, password updates are performed in reverse order, unless otherwise specified by using the passwd –r repository command. See Name Service Switch and Password Information for more information.

What If the Syntax Is Wrong?

The client library routines contain compiled-in default entries that are used if no specific SMF property or default SMF property is defined in the name service switch, or if the property is syntactically incorrect. Typically, these compiled-in defaults are “files” only.

auto_home and auto_master

The switch search criteria for the auto_home and auto_master tables and maps is combined into one category, which is called automount.

timezone and the Name Service Switch

The timezone table does not use the name service switch, so the table is not included in the property list for the switch.

Copyright © 2002, 2014, Oracle and/or its affiliates. All rights reserved. Legal Notices
Previous
Next