Network Administration: Linux nsswitch.conf File

The Linux nsswitch.conf configuration file controls how name resolution works when looking up various types of objects, such as host addresses and passwords. The below listing shows the sample nsswitch.conf file that comes with Fedora Linux. As you can see, this file is loaded with comments that explain what the various settings do.

You can use the files, db, and dns keywords to specify how objects should be retrieved. files specifies that the local file should be used, db specifies a database lookup, and dns specifies that a DNS server should be consulted.

The order in which you list these keywords determines the order in which the data sources are searched. Thus, if you want host names to be resolved first by the local Hosts file and then by DNS, you should include the following line in nsswitch:

hosts:  files dns

A Sample /etc/nsswitch.conf File

#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry ‘[NOTFOUND=return]’ means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Legal entries are:
#
#     nisplus or nis+    Use NIS+ (NIS version 3)
#     nis or yp          Use NIS (NIS version 2), also called YP
#     dns                Use DNS (Domain Name Service)
#     files              Use the local files
#     db                 Use the local database (.db) files
#     compat             Use NIS on compat mode
#     hesiod             Use Hesiod for user lookups
#     [NOTFOUND=return]  Stop searching if not found so far
#
# To use db, put the "db" in front of "files" for entries you want to be
# looked up first in the databases
#
# Example:
#passwd:    db files nisplus nis
#shadow:    db files nisplus nis
#group:     db files nisplus nis
passwd:     files
shadow:     files
group:      files
#hosts:     db files nisplus nis dns
hosts:      files dns
# Example - obey only what nisplus tells us...
#services:   nisplus [NOTFOUND=return] files
#networks:   nisplus [NOTFOUND=return] files
#protocols:  nisplus [NOTFOUND=return] files
#rpc:        nisplus [NOTFOUND=return] files
#ethers:     nisplus [NOTFOUND=return] files
#netmasks:   nisplus [NOTFOUND=return] files     
bootparams: nisplus [NOTFOUND=return] files
ethers:     files
netmasks:   files
networks:   files
protocols:  files
rpc:        files
services:   files
netgroup:   files
publickey:  nisplus
automount:  files
aliases:    files nisplus