Provided by: manpages_4.16-1_all bug

NAME

       nss - Name Service Switch configuration file

DESCRIPTION

       Each  call  to a function which retrieves data from a system database like the password or
       group database is handled by the Name Service Switch implementation in the GNU C  library.
       The  various  services  provided  are  implemented  by  independent modules, each of which
       naturally varies widely from the other.

       The default implementations coming with the GNU C library are by default conservative  and
       do not use unsafe data.  This might be very costly in some situations, especially when the
       databases are large.  Some modules  allow  the  system  administrator  to  request  taking
       shortcuts  if  these  are  known  to  be  safe.   It  is  then  the system administrator's
       responsibility to ensure the assumption is correct.

       There are other modules where the implementation changed over time.  If an  implementation
       used to sacrifice speed for memory consumption, it might create problems if the preference
       is switched.

       The /etc/default/nss file contains  a  number  of  variable  assignments.   Each  variable
       controls  the  behavior  of  one  or  more  NSS modules.  White spaces are ignored.  Lines
       beginning with '#' are treated as comments.

       The variables currently recognized are:

       NETID_AUTHORITATIVE = TRUE|FALSE
              If set to TRUE, the NIS backend for the  initgroups(3)  function  will  accept  the
              information  from the netid.byname NIS map as authoritative.  This can speed up the
              function significantly if the group.byname  map  is  large.   The  content  of  the
              netid.byname  map  is  used as is.  The system administrator has to make sure it is
              correctly generated.

       SERVICES_AUTHORITATIVE = TRUE|FALSE
              If set to TRUE, the NIS backend for  the  getservbyname(3)  and  getservbyname_r(3)
              functions  will  assume  that  the  services.byservicename  NIS  map  exists and is
              authoritative, particularly that it contains both  keys  with  /proto  and  without
              /proto   for   both   primary  service  names  and  service  aliases.   The  system
              administrator has to make sure it is correctly generated.

       SETENT_BATCH_READ = TRUE|FALSE
              If set to TRUE, the NIS backend for the setpwent(3) and setgrent(3) functions  will
              read  the  entire  database  at once and then hand out the requests one by one from
              memory with every  corresponding  getpwent(3)  or  getgrent(3)  call  respectively.
              Otherwise,  each  getpwent(3)  or  getgrent(3)  call  might  result  in  a  network
              communication with the server to get the next entry.

FILES

       /etc/default/nss

EXAMPLE

       The default configuration corresponds to the following configuration file:

           NETID_AUTHORITATIVE=FALSE
           SERVICES_AUTHORITATIVE=FALSE
           SETENT_BATCH_READ=FALSE

SEE ALSO

       nsswitch.conf

COLOPHON

       This page is part of release 4.16 of the Linux man-pages project.  A  description  of  the
       project,  information  about  reporting  bugs, and the latest version of this page, can be
       found at https://www.kernel.org/doc/man-pages/.