From 3a772d0fd481a1a1b5c0f120c0d0a4e275619a42 Mon Sep 17 00:00:00 2001 From: Florian Weimer Date: Wed, 20 Jun 2018 14:26:32 +0200 Subject: [PATCH] Modernise nsswitch.conf defaults (#1581809) --- glibc.spec | 5 ++++- nsswitch.conf | 44 +++++++++++++++++++------------------------- 2 files changed, 23 insertions(+), 26 deletions(-) diff --git a/glibc.spec b/glibc.spec index 1d60e14..ef71b34 100644 --- a/glibc.spec +++ b/glibc.spec @@ -1,6 +1,6 @@ %define glibcsrcdir glibc-2.27-63-g80c83e9114 %define glibcversion 2.27 -%define glibcrelease 18%{?dist} +%define glibcrelease 19%{?dist} # Pre-release tarballs are pulled in from git using a command that is # effectively: # @@ -1976,6 +1976,9 @@ fi %endif %changelog +* Wed Jun 20 2018 Florian Weimer - 2.27-19 +- Modernise nsswitch.conf defaults (#1581809) + * Mon Jun 18 2018 Florian Weimer - 2.27-18 - iconv: Make IBM273 equivalent to ISO-8859-1 (#1592270) diff --git a/nsswitch.conf b/nsswitch.conf index c3d3fb6..b49a3b2 100644 --- a/nsswitch.conf +++ b/nsswitch.conf @@ -15,37 +15,31 @@ # nisplus Use NIS+ (NIS version 3) # nis Use NIS (NIS version 2), also called YP # dns Use DNS (Domain Name Service) -# files Use the local files -# db Use the local database (.db) files -# compat Use NIS on compat mode -# hesiod Use Hesiod for user lookups +# files Use the local files in /etc +# db Use the pre-processed /var/db files +# compat Use /etc files plus *_compat pseudo-databases +# hesiod Use Hesiod (DNS) for user lookups +# sss Use sssd (System Security Services Daemon) # [NOTFOUND=return] Stop searching if not found so far # +# 'sssd' performs its own 'files'-based caching, so it should +# generally come before 'files'. -# To use db, put the "db" in front of "files" for entries you want to be -# looked up first in the databases +# To use 'db', install the nss_db package, and put the 'db' in front +# of 'files' for entries you want to be looked up first in the +# databases, like this: # -# Example: -#passwd: db files nisplus nis -#shadow: db files nisplus nis -#group: db files nisplus nis +# passwd: db files +# shadow: db files +# group: db files passwd: sss files shadow: files sss group: sss files -#hosts: db files nisplus nis dns -hosts: files dns +hosts: files dns myhostname -# Example - obey only what nisplus tells us... -#services: nisplus [NOTFOUND=return] files -#networks: nisplus [NOTFOUND=return] files -#protocols: nisplus [NOTFOUND=return] files -#rpc: nisplus [NOTFOUND=return] files -#ethers: nisplus [NOTFOUND=return] files -#netmasks: nisplus [NOTFOUND=return] files - -bootparams: nisplus [NOTFOUND=return] files +bootparams: files ethers: files netmasks: files @@ -54,9 +48,9 @@ protocols: files rpc: files services: files sss -netgroup: nisplus sss +netgroup: sss -publickey: nisplus +publickey: files -automount: files nisplus -aliases: files nisplus +automount: files sss +aliases: files