nss(5) File Formats Manual nss(5)
NAME
nss - Name Service Switch configuration file
DESCRIPTION
Each call to a function which retrieves data from a system database like
the password or group database is handled by the Name Service Switch im-
plementation in the GNU C library. The various services provided are
implemented by independent modules, each of which naturally varies
widely from the other.
The default implementations coming with the GNU C library are by default
conservative and do not use unsafe data. This might be very costly in
some situations, especially when the databases are large. Some modules
allow the system administrator to request taking shortcuts if these are
known to be safe. It is then the system administrator's responsibility
to ensure the assumption is correct.
There are other modules where the implementation changed over time. If
an implementation used to sacrifice speed for memory consumption, it
might create problems if the preference is switched.
The /etc/default/nss file contains a number of variable assignments.
Each variable controls the behavior of one or more NSS modules. White
spaces are ignored. Lines beginning with '#' are treated as comments.
The variables currently recognized are:
NETID_AUTHORITATIVE = TRUE|FALSE
If set to TRUE, the NIS backend for the initgroups(3) function
will accept the information from the netid.byname NIS map as au-
thoritative. This can speed up the function significantly if the
group.byname map is large. The content of the netid.byname map
is used as is. The system administrator has to make sure it is
correctly generated.
SERVICES_AUTHORITATIVE = TRUE|FALSE
If set to TRUE, the NIS backend for the getservbyname(3) and get-
servbyname_r(3) functions will assume that the services.byservi-
cename NIS map exists and is authoritative, particularly that it
contains both keys with /proto and without /proto for both pri-
mary service names and service aliases. The system administrator
has to make sure it is correctly generated.
SETENT_BATCH_READ = TRUE|FALSE
If set to TRUE, the NIS backend for the setpwent(3) and set-
grent(3) functions will read the entire database at once and then
hand out the requests one by one from memory with every corre-
sponding getpwent(3) or getgrent(3) call respectively. Other-
wise, each getpwent(3) or getgrent(3) call might result in a net-
work communication with the server to get the next entry.
FILES
/etc/default/nss
EXAMPLES
The default configuration corresponds to the following configuration
file:
NETID_AUTHORITATIVE=FALSE
SERVICES_AUTHORITATIVE=FALSE
SETENT_BATCH_READ=FALSE
SEE ALSO
nsswitch.conf
Linux man-pages 6.9.1 2024-05-02 nss(5)
Generated by dwww version 1.16 on Tue Dec 16 04:54:51 CET 2025.