Finally a few more hints. The NSS implementation is not completely
helpless if /etc/nsswitch.conf does not exist. For
all supported databases there is a default value so it should normally
be possible to get the system running even if the file is corrupted or
For the hosts and networks databases the default value is
dns [!UNAVAIL=return] files. I.e., the system is prepared for
the DNS service not to be available but if it is available the answer it
returns is definitive.
The passwd, group, and shadow databases are
traditionally handled in a special way. The appropriate files in the
/etc directory are read but if an entry with a name starting
with a + character is found NIS is used. This kind of lookup
remains possible by using the special lookup service compat
and the default value for the three databases above is
compat [NOTFOUND=return] files.
For all other databases the default value is
nis [NOTFOUND=return] files. This solution give the best
chance to be correct since NIS and file based lookup is used.
A second point is that the user should try to optimize the lookup
process. The different service have different response times.
A simple file look up on a local file could be fast, but if the file
is long and the needed entry is near the end of the file this may take
quite some time. In this case it might be better to use the db
service which allows fast local access to large data sets.
Often the situation is that some global information like NIS must be
used. So it is unavoidable to use service entries like nis etc.
But one should avoid slow services like this if possible.
Published under the terms of the GNU General Public License