2016-07-14 20:19:49 +03:00
<?xml version='1.0'?> <!-- * - nxml - * -->
2019-03-14 16:40:58 +03:00
< !DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
2016-07-14 20:19:49 +03:00
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
2019-03-14 16:29:37 +03:00
<!-- SPDX - License - Identifier: LGPL - 2.1+ -->
2016-07-14 20:19:49 +03:00
2017-06-24 20:30:26 +03:00
<refentry id= "nss-systemd" conditional= 'ENABLE_NSS_SYSTEMD' >
2016-07-14 20:19:49 +03:00
<refentryinfo >
<title > nss-systemd</title>
<productname > systemd</productname>
</refentryinfo>
<refmeta >
<refentrytitle > nss-systemd</refentrytitle>
<manvolnum > 8</manvolnum>
</refmeta>
<refnamediv >
<refname > nss-systemd</refname>
<refname > libnss_systemd.so.2</refname>
2019-11-19 18:51:27 +03:00
<refpurpose > Provide UNIX user and group name resolution for user/group lookup via Varlink</refpurpose>
2016-07-14 20:19:49 +03:00
</refnamediv>
<refsynopsisdiv >
<para > <filename > libnss_systemd.so.2</filename> </para>
</refsynopsisdiv>
<refsect1 >
<title > Description</title>
2019-11-19 18:51:27 +03:00
<para > <command > nss-systemd</command> is a plug-in module for the GNU Name Service Switch (NSS)
functionality of the GNU C Library (<command > glibc</command> ), providing UNIX user and group name
resolution for services implementing the <ulink url= "https://systemd.io/USER_GROUP_API" > User/Group Record
Lookup API via Varlink</ulink> , such as the system and service manager
<citerefentry > <refentrytitle > systemd</refentrytitle> <manvolnum > 1</manvolnum> </citerefentry> (for its
<varname > DynamicUser=</varname> feature, see
<citerefentry > <refentrytitle > systemd.exec</refentrytitle> <manvolnum > 5</manvolnum> </citerefentry> for
details) or
<citerefentry > <refentrytitle > systemd-homed.service</refentrytitle> <manvolnum > 8</manvolnum> </citerefentry> .</para>
2016-07-14 20:19:49 +03:00
2016-07-27 14:14:01 +03:00
<para > This module also ensures that the root and nobody users and groups (i.e. the users/groups with the UIDs/GIDs
0 and 65534) remain resolvable at all times, even if they aren't listed in <filename > /etc/passwd</filename> or
<filename > /etc/group</filename> , or if these files are missing.</para>
2019-11-19 18:51:27 +03:00
<para > This module preferably utilizes
<citerefentry > <refentrytitle > systemd-userdbd.service</refentrytitle> <manvolnum > 8</manvolnum> </citerefentry>
for resolving users and groups, but also works without the service running.</para>
2016-07-14 20:19:49 +03:00
<para > To activate the NSS module, add <literal > systemd</literal> to the lines starting with
<literal > passwd:</literal> and <literal > group:</literal> in <filename > /etc/nsswitch.conf</filename> .</para>
<para > It is recommended to place <literal > systemd</literal> after the <literal > files</literal> or
<literal > compat</literal> entry of the <filename > /etc/nsswitch.conf</filename> lines so that
<filename > /etc/passwd</filename> and <filename > /etc/group</filename> based mappings take precedence.</para>
</refsect1>
<refsect1 >
<title > Example</title>
<para > Here is an example <filename > /etc/nsswitch.conf</filename> file that enables
<command > nss-systemd</command> correctly:</para>
2018-11-27 19:02:20 +03:00
<!-- synchronize with other nss - * man pages and factory/etc/nsswitch.conf -->
2016-07-14 20:19:49 +03:00
<programlisting > passwd: compat mymachines <command > systemd</command>
2019-11-19 18:51:27 +03:00
group: compat [SUCCESS=merge] mymachines [SUCCESS=merge] <command > systemd</command>
2016-07-14 20:19:49 +03:00
shadow: compat
2020-04-15 19:15:51 +03:00
hosts: mymachines resolve [!UNAVAIL=return] myhostname files dns
2016-07-14 20:19:49 +03:00
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis</programlisting>
</refsect1>
<refsect1 >
<title > See Also</title>
<para >
<citerefentry > <refentrytitle > systemd</refentrytitle> <manvolnum > 1</manvolnum> </citerefentry> ,
<citerefentry > <refentrytitle > systemd.exec</refentrytitle> <manvolnum > 5</manvolnum> </citerefentry> ,
<citerefentry > <refentrytitle > nss-resolve</refentrytitle> <manvolnum > 8</manvolnum> </citerefentry> ,
<citerefentry > <refentrytitle > nss-myhostname</refentrytitle> <manvolnum > 8</manvolnum> </citerefentry> ,
<citerefentry > <refentrytitle > nss-mymachines</refentrytitle> <manvolnum > 8</manvolnum> </citerefentry> ,
<citerefentry project= 'man-pages' > <refentrytitle > nsswitch.conf</refentrytitle> <manvolnum > 5</manvolnum> </citerefentry> ,
<citerefentry project= 'man-pages' > <refentrytitle > getent</refentrytitle> <manvolnum > 1</manvolnum> </citerefentry>
</para>
</refsect1>
</refentry>