This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
[PATCH] nss: Make nsswitch.conf more distribution friendly.
- From: Carlos O'Donell <codonell at redhat dot com>
- To: libc-alpha at sourceware dot org, Aurelien Jarno <aurelien at aurel32 dot net>, Andreas Schwab <schwab at suse dot de>
- Date: Wed, 20 Mar 2019 12:48:48 -0400
- Subject: [PATCH] nss: Make nsswitch.conf more distribution friendly.
The current default nsswitch.conf file provided by glibc is not very
distribution friendly. The file contains some minimal directives that no
real distribution uses. This update aims to provide a rich set of
comments which are useful for all distributions, and a broader set of
service defines which should work for all distributions.
Tested defaults on x86_64 and they work. The nsswitch.conf file more
closely matches what we have in Fedora now, and I'll adjust Fedora to
use this version with minor changes to enable Fedora-specific service
providers.
---
ChangeLog | 4 +++
nss/nsswitch.conf | 76 +++++++++++++++++++++++++++++++++++++----------
2 files changed, 65 insertions(+), 15 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 9889d21c85..c0ec01324e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+2019-03-20 Carlos O'Donell <carlos@redhat.com>
+
+ * nss/nsswitch.conf: Expand comments, and simplify defaults.
+
2019-03-19 Joseph Myers <joseph@codesourcery.com>
* sysdeps/unix/sysv/linux/aarch64/bits/hwcap.h (HWCAP_SB): New
diff --git a/nss/nsswitch.conf b/nss/nsswitch.conf
index 39ca88bf51..d5c62548f8 100644
--- a/nss/nsswitch.conf
+++ b/nss/nsswitch.conf
@@ -1,20 +1,66 @@
+#
# /etc/nsswitch.conf
#
-# Example configuration of GNU Name Service Switch functionality.
+# An example Name Service Switch config file. This file should be
+# sorted with the most-used services at the beginning.
#
+# Valid service provider entries include (in alphabetical order):
+#
+# compat Use /etc files plus *_compat pseudo-db
+# db Use the pre-processed /var/db files
+# dns Use DNS (Domain Name Service)
+# files Use the local files in /etc
+# hesiod Use Hesiod (DNS) for user lookups
+# nis Use NIS (NIS version 2), also called YP
+# nisplus Use NIS+ (NIS version 3)
+#
+# Commonly used alternative service providers (may need installation):
+#
+# ldap Use LDAP directory server
+# myhostname Use systemd host names
+# mymachines Use systemd machine names
+# mdns*, mdns*_minimal Use Avahi mDNS/DNS-SD
+# resolve Use systemd resolved resolver
+# sss Use System Security Services Daemon (sssd)
+# systemd Use systemd for dynamic user option
+# winbind Use SAMBA winbind support
+# wins Use SAMBA wins support
+# wrapper Use wrapper module for testing
+#
+# Notes:
+#
+# 'sssd' performs its own 'files'-based caching, so it should generally
+# come before 'files'.
+#
+# WARNING: Running nscd with a secondary caching service like sssd may
+# lead to unexpected behaviour, especially with how long
+# entries are cached.
+#
+# Installation instructions:
+#
+# To use 'db', install the appropriate package(s) (provide 'makedb' and
+# libnss_db.so.*), and place the 'db' in front of 'files' for entries
+# you want to be looked up first in the databases, like this:
+#
+# passwd: db files
+# shadow: db files
+# group: db files
-passwd: db files
-group: db files
-initgroups: db [SUCCESS=continue] files
-shadow: db files
-gshadow: files
-
-hosts: files dns
-networks: files dns
-
-protocols: db files
-services: db files
-ethers: db files
-rpc: db files
+passwd: files
+initgroups: files
+shadow: files
+gshadow: files
+group: files
+hosts: files dns
+bootparams: files
+ethers: files
+netmasks: files
+networks: files dns
+protocols: files
+rpc: files
+services: files
+netgroup: files
+publickey: files
+automount: files
+aliases: files
-netgroup: db files
--
2.20.1