Name Service Switch
Encyclopedia
The Name Service Switch is a facility in Unix-like
operating system
s that provides a variety of sources for common configuration databases and name resolution mechanisms. Such source databases include local operating system files, for example, /etc/passwd, /etc/group, and /etc/hosts, the Domain Name System
(DNS), the Network Information Service
(NIS), LDAP, and others.
A system administrator
usually configures the operating system's name services using the file /etc/nsswitch.conf. This lists databases (such as passwd
, shadow and group
) and one or more sources for obtaining that information. Examples for sources are files for local files, ldap for the Lightweight Directory Access Protocol
, nis for the Network Information Service
, nisplus for NIS+
, wins for Windows Internet Name Service).
The nsswitch.conf file has line entries for each service consisting of a database name in the first field, terminated by a colon, and a list of possible source databases mechanisms in the second field.
An example file is the following:
The order of the services listed determines in which order NSS will attempt to use those services to resolve queries on the specified database.
resolve to the appropriate NSS module. This assures that existing applications that use the NSS routines do not require any changes to operate with NSS.
, either accessed only the configuration files or had hard-coded rules for files or databases to access; Ultrix offered nearly identical functionality to the Name Service Switch, using the configuration file /etc/svc.conf.
Sun Microsystems
first developed NSS for their Solaris operating system, but subsequently programmers ported it to many other operating systems including FreeBSD
, NetBSD
, GNU/Linux, HP-UX
, IRIX
and AIX
.
Unix-like
A Unix-like operating system is one that behaves in a manner similar to a Unix system, while not necessarily conforming to or being certified to any version of the Single UNIX Specification....
operating system
Operating system
An operating system is a set of programs that manage computer hardware resources and provide common services for application software. The operating system is the most important type of system software in a computer system...
s that provides a variety of sources for common configuration databases and name resolution mechanisms. Such source databases include local operating system files, for example, /etc/passwd, /etc/group, and /etc/hosts, the Domain Name System
Domain name system
The Domain Name System is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities...
(DNS), the Network Information Service
Network Information Service
The Network Information Service, or NIS is a client–server directory service protocol for distributing system configuration data such as user and host names between computers on a computer network...
(NIS), LDAP, and others.
A system administrator
System administrator
A system administrator, IT systems administrator, systems administrator, or sysadmin is a person employed to maintain and operate a computer system and/or network...
usually configures the operating system's name services using the file /etc/nsswitch.conf. This lists databases (such as passwd
Passwd (database)
passwd is a name service database used to store user account information on Unix-like operating systems.The sources for the passwd database are configured, like other name service databases, in nsswitch.conf.-Fetching a specific user entry:For a specific user called 'joe':getent passwd joeFor a...
, shadow and group
Group (database)
group is a name service database used to store group information on Unix-like operating systems.The sources for the group database are configured, like other name service databases, in nsswitch.conf....
) and one or more sources for obtaining that information. Examples for sources are files for local files, ldap for the Lightweight Directory Access Protocol
Lightweight Directory Access Protocol
The Lightweight Directory Access Protocol is an application protocol for accessing and maintaining distributed directory information services over an Internet Protocol network...
, nis for the Network Information Service
Network Information Service
The Network Information Service, or NIS is a client–server directory service protocol for distributing system configuration data such as user and host names between computers on a computer network...
, nisplus for NIS+
Nisplus
NIS+ is a directory service developed by Sun Microsystems to replace its older 'NIS' . It is designed to eliminate the need for duplication across many computers of configuration data such as user accounts, host names and addresses, printer information and NFS disk mounts on individual systems,...
, wins for Windows Internet Name Service).
The nsswitch.conf file has line entries for each service consisting of a database name in the first field, terminated by a colon, and a list of possible source databases mechanisms in the second field.
An example file is the following:
passwd: files ldap
shadow: files
group: files ldap
hosts: dns nis files
ethers: files nis
netmasks: files nis
networks: files nis
protocols: files nis
rpc: files nis
services: files nis
automount: files
aliases: files
The order of the services listed determines in which order NSS will attempt to use those services to resolve queries on the specified database.
Implementation
The service switch facility is implemented within the C library, so that calls to functions such as getentGetent
getent is a unix command that helps a user get entries in a number of important text files called databases. This includes the passwd and group databases which store user information – hence getent is a common way to look up user details on Unix...
resolve to the appropriate NSS module. This assures that existing applications that use the NSS routines do not require any changes to operate with NSS.
History
Earlier Unix-like systems, with the notable exception of UltrixUltrix
Ultrix was the brand name of Digital Equipment Corporation's native Unix systems. While ultrix is the Latin word for avenger, the name was chosen solely for its sound.-History:...
, either accessed only the configuration files or had hard-coded rules for files or databases to access; Ultrix offered nearly identical functionality to the Name Service Switch, using the configuration file /etc/svc.conf.
Sun Microsystems
Sun Microsystems
Sun Microsystems, Inc. was a company that sold :computers, computer components, :computer software, and :information technology services. Sun was founded on February 24, 1982...
first developed NSS for their Solaris operating system, but subsequently programmers ported it to many other operating systems including FreeBSD
FreeBSD
FreeBSD is a free Unix-like operating system descended from AT&T UNIX via BSD UNIX. Although for legal reasons FreeBSD cannot be called “UNIX”, as the direct descendant of BSD UNIX , FreeBSD’s internals and system APIs are UNIX-compliant...
, NetBSD
NetBSD
NetBSD is a freely available open source version of the Berkeley Software Distribution Unix operating system. It was the second open source BSD descendant to be formally released, after 386BSD, and continues to be actively developed. The NetBSD project is primarily focused on high quality design,...
, GNU/Linux, HP-UX
HP-UX
HP-UX is Hewlett-Packard's proprietary implementation of the Unix operating system, based on UNIX System V and first released in 1984...
, IRIX
IRIX
IRIX is a computer operating system developed by Silicon Graphics, Inc. to run natively on their 32- and 64-bit MIPS architecture workstations and servers. It was based on UNIX System V with BSD extensions. IRIX was the first operating system to include the XFS file system.The last major version...
and AIX
AIX operating system
AIX AIX AIX (Advanced Interactive eXecutive, pronounced "a i ex" is a series of proprietary Unix operating systems developed and sold by IBM for several of its computer platforms...
.
See also
- Passwd (database)Passwd (database)passwd is a name service database used to store user account information on Unix-like operating systems.The sources for the passwd database are configured, like other name service databases, in nsswitch.conf.-Fetching a specific user entry:For a specific user called 'joe':getent passwd joeFor a...
- Shadow (database)
- Group (database)Group (database)group is a name service database used to store group information on Unix-like operating systems.The sources for the group database are configured, like other name service databases, in nsswitch.conf....
- Pluggable Authentication ModulesPluggable Authentication ModulesPluggable authentication modules are a mechanism to integrate multiple low-level authentication schemes into a high-level application programming interface . It allows programs that rely on authentication to be written independent of the underlying authentication scheme...
- BSD AuthenticationBSD AuthenticationBSD Authentication, otherwise known as BSD Auth, is an authentication framework and software API employed by some Unix-like operating systems, specifically OpenBSD and BSD/OS, and accompanying system and application software such as OpenSSH and Apache...
- Name serverName serverIn computing, a name server is a program or computer server that implements a name-service protocol. It maps a human-recognizable identifier to a system-internal, often numeric, identification or addressing component....