Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 17 Jul 2008 09:56:38 -0500
From:      Dan Nelson <dnelson@allantgroup.com>
To:        sgmayo@mail.bloomfield.k12.mo.us
Cc:        freebsd-questions@freebsd.org
Subject:   Re: nsswitch.conf man page
Message-ID:  <20080717145638.GC19044@dan.emsphone.com>
In-Reply-To: <1672.204.184.27.217.1216304729.squirrel@mail.bloomfield.k12.mo.us>
References:  <1105.204.184.27.217.1216233869.squirrel@mail.bloomfield.k12.mo.us> <20080716195709.GA19044@dan.emsphone.com> <1672.204.184.27.217.1216304729.squirrel@mail.bloomfield.k12.mo.us>
next in thread | previous in thread | raw e-mail | index | archive | help 
In the last episode (Jul 17), sgmayo@mail.bloomfield.k12.mo.us said:
> Dan Nelson wrote:
> > In the last episode (Jul 16), sgmayo@mail.bloomfield.k12.mo.us said:
> >> I don't see anything in the man page about adding ldap into the
> >> nsswitch.conf file.  Is that something that I can do so that I can
> >> get applications to use my openldap?
> >>
> >> I would assume I could add something to the affect of:
> >>
> >> passwd files ldap
> >> group files ldap
> >>
> >> but all I see is compat, files, nis and dns for options.
> >
> > The manpage only lists the builtin sources.  If a builtin source
> > with the specified name isn't found, the code will search for an
> > nss_xxxx.so.1 shared object and load that.  So once you install the
> > nss_ldap port, then the ldap source will start working.  Also
> > consider enabling nscd and adding the "cache" source before your
> > "ldap" source. ldap group memership queries are slow :)
> 
> What about the files that it checks?  From the other post and from
> other things that I have seen, I will see this line:
> 
> shadow: files ldap

FreeBSD doesn't need a shadow file.  /etc/master.passwd does the same
job but is transparent to user apps.

> Is there a total list of things like shadow, group, passwd, etc. that I
> can see?  It does not mention but a few int he manpage.

>From looking at the source and the "nsdispatch" manpage, theoretically
any database name can be processed, as long as one of your configured
sources knows what to do.  In reality, libc is the only consumer of the
nsdispatch function.  The "nsswitch.conf" manpage lists all the
databases it uses, and which libc functions use them.

-- 
	Dan Nelson
	dnelson@allantgroup.com

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080717145638.GC19044>