Vincent McIntyre wrote:
> *** Please type your report below this line ***
> Hi
>
> The nsswitch.conf(5) manpage does not explain how to override some fields in
> /etc/passwd, with the "compat" option. In fact I could not easily find any
> reference to the "full +/- semantics" mentioned in the page.
>
> The patch below may improve the situation. Please consider applying it,
> or something like it. I would be grateful if you could add a pointer
> to the documentation for the full +/- semantics.
>
> ---------------------------------- snip
> ----------------------------------------
> --- nsswitch.conf.5.orig 2005-10-14 17:44:48.097267000 +1000
> +++ nsswitch.conf.5 2005-10-14 18:16:14.582098000 +1000
> @@ -207,7 +207,25 @@
> (include the specified user from the NIS passwd map),
> -user or [EMAIL PROTECTED] (exclude the specified user),
> and + (include every user, except the excluded ones, from the NIS
> -passwd map). Since most people only put a + at the end of
> +passwd map).
> +.LP
> +The +/- syntax has a nice property: it is possible to selectively
> +override certain fields in /etc/passwd, while taking the rest of the
> +information from the NIS passwd map. For example you may have a user
> +who should get a home directory local to the machine, rather than
> +an NFS-automounted directory. In such a case you could put the line
> +.sp
> +.RS
> +.nf
> ++fred:::::/local/fred:
> +.fi
> +.RE
> +.PP
> +in
> +.B /etc/passwd, which will allow user 'fred' to login using their
> +NIS password, but which will set their home directory to /local/fred.
> +.LP
> +Since most people only put a + at the end of
> .B /etc/passwd
> to include everything from NIS, the switch provides a faster
> alternative for this case (`passwd: files nis') which doesn't
> @@ -217,13 +235,14 @@
> and
> .BR /etc/shadow .
> If this is not sufficient, the NSS `compat' service provides full
> -+/- semantics. By default, the source is `nis', but this may be
> ++/- semantics (such as selective replacement of passwd entry elements).
> +By default, the source is `nis', but this may be
> overriden by specifying `nisplus' as source for the pseudo-databases
> .BR passwd_compat,
> .B group_compat
> and
> .BR shadow_compat.
> -This pseudo-databases are only available in GNU C Library.
> +These pseudo-databases are only available in the GNU C Library.
> .SH FILES
> A service named SERVICE is implemented by a shared object library named
> .BI libnss_SERVICE.so. X
I'll add:
You can override certain passwd fields for a particular user from the
NIS passwd map by using the extended form of +user:::::: in
/etc/passwd. Non-empty fields override information in the NIS passwd
map.
Regards,
Joey
--
Life is too short to run proprietary software. -- Bdale Garbee
Please always Cc to me when replying to me on the lists.
Index: man5/nsswitch.conf.5
===================================================================
RCS file: /var/cvs/debian/manpages/man5/nsswitch.conf.5,v
retrieving revision 1.18
diff -u -p -r1.18 nsswitch.conf.5
--- man5/nsswitch.conf.5 28 Jan 2008 16:24:09 -0000 1.18
+++ man5/nsswitch.conf.5 30 Jan 2008 16:21:56 -0000
@@ -223,6 +223,12 @@ you could have entries of the form +user
\-user or [EMAIL PROTECTED] (exclude the specified user),
and + (include every user, except the excluded ones, from the NIS
passwd map).
+
+You can override certain passwd fields for a particular user from the
+NIS passwd map by using the extended form of +user:::::: in
+.IR /etc/passwd .
+Non-empty fields override information in the NIS passwd map.
+
Since most people only put a + at the end of
.I /etc/passwd
to include everything from NIS, the switch provides a faster
@@ -240,7 +246,7 @@ overridden by specifying `nisplus' as so
.B group_compat
and
.BR shadow_compat .
-This pseudo-databases are only available in GNU C Library.
+These pseudo-databases are only available in GNU C Library.
.SH FILES
A service named SERVICE is implemented by a shared object library named
.BI libnss_SERVICE.so. X
