Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: How to remove services from nsswitch file?
Top Forums UNIX for Dummies Questions & Answers How to remove services from nsswitch file? Post 302461379 by pinga123 on Monday 11th of October 2010 01:28:17 AM
Old 10-11-2010
How to remove services from nsswitch file?
According to security manual only DNS, files, or LDAP should be allowed in nsswitch file however it seems like i have many other services configured in nsswitch files.

below are the content from nsswitch file.
What services can be removed considering the system stability.

Code:
passwd:     files
shadow:     files
group:      files
hosts:      files dns
bootparams: nisplus [NOTFOUND=return] files
ethers:     files
netmasks:   files
networks:   files
protocols:  files
rpc:        files
services:   files
netgroup:   nisplus
publickey:  nisplus
automount:  files nisplus
aliases:    files nisplus

We are using dns server instead of NIS should we follow what the following link says.

http://www.faqs.org/docs/securing/chap6sec71.html
Last edited by pinga123; 10-11-2010 at 03:28 AM..
 

10 More Discussions You Might Find Interesting

1. SuSE

Run Level Services file

Hello, I recently updated a test system from Suse 8 to 9.3. Now our runlevel services program doesn't work, but works fine on our other 9.3 boxes. We have a file in /etc/init.d/rc3.d called S99fooprog(not actual name ofcourse). It just has a command to start a program daemon up. Anyways... (3 Replies)
Discussion started by: benefactr
3 Replies

2. Solaris

/etc/nsswitch.conf hosts ldap dns

Hi all Is there any reason to have "hosts ldap dns" as line in /etc/nsswitch.conf ? My understanding is that ldap does not contain any host information..(?) Best regards...Ludwig (1 Reply)
Discussion started by: ludwig
1 Replies

3. Solaris

Sendmail does not accord to the hosts order in Solaris nsswitch.conf

Dear Friend, It is strange that my sendmail does not accord to the hosts order in solaris nsswitch.conf. Please let me elaborate in details. Thank you. Setting: solaris 9 /etc/nsswitch.conf hosts: file ldap dns sendmail 8.13.4 /etc/mail/sendmail.cf O... (4 Replies)
Discussion started by: jackyyjwu
4 Replies

4. Linux

Services File

Hi all, I am fairly new to Unix/Linux, have been working on installattion for Tivoli Directory Services.The installation has a conflict with ports which is a known issue with the Directory Service. As per IBM the properties files can be changed to manually, for the Webadmin(Websphere) protal... (0 Replies)
Discussion started by: abdulhaindade
0 Replies

5. UNIX and Linux Applications

Unix Services File

Hi all, I am fairly new to Unix/Linux, have been working on installattion for Tivoli Directory Services.The installation has a conflict with ports which is a known issue with the Directory Service. As per IBM the properties files can be changed to manually, for the Webadmin(Websphere) protal... (1 Reply)
Discussion started by: abdulhaindade
1 Replies

6. Red Hat

Question about nsswitch.conf

Hi, I was told to add the "nis" in front of "files" for below lines in /etc/nsswitch.conf was not in a good practise. I tried to search in google and man page for nsswitch.conf and can't find the answer. could someone please help me? passwd: nis files shadow: nis files group: nis files... (2 Replies)
Discussion started by: beeloo
2 Replies

7. Red Hat

Restart of services if port no is changed in /etc/services in RHEL

I had a doubt if any services need to be restarted if port no in /etc/services in an RHEL setup is changed. For eg, the port no of 443 for SSL may need to be changed. I hope my query is clear whether any services need to be restarted if port no in /etc/services is changed. Please revert with... (10 Replies)
Discussion started by: RHCE
10 Replies

8. Shell Programming and Scripting

Script to Start services based on dependent services on other AIX machine

Hi, I just started working on a script. After my research, i found a command which can help me: AIM: To build a script which starts the services (Services 1) on server 1 automatically whenever its down. And it has a dependency on other service (Service 2) on Server 2. So my script has to... (4 Replies)
Discussion started by: draghun9
4 Replies

9. HP-UX

HPUX nsswitch.conf issue

Hi all, There wasn't nsswitch.conf file in my HPUX server. So I copied /etc/nsswitch.files to /etc/nsswitch.conf and changed the content like below. passwd: compat group: compat hosts: files dns nis ipnodes: dns files services: nis files networks: nis... (2 Replies)
Discussion started by: sembii
2 Replies

10. Solaris

Configure resolv.conf and nsswitch.conf

Hi, I've installed Solaris 11.3(live media) and configured DNS. Everytime I reboot the server, resolv.conf got deleted and it created a new nsswitch.conf. I used below to configure both settings: # svccfg -s dns/client svc:/network/dns/client> setprop config/nameserver = (xx.xx.xx.aa... (1 Reply)
Discussion started by: flexihopper18
1 Replies

LEARN ABOUT MINIX

nss-systemd

NSS-SYSTEMD(8)							    nss-systemd 						    NSS-SYSTEMD(8)

NAME

       nss-systemd, libnss_systemd.so.2 - Provide UNIX user and group name resolution for dynamic users and groups.

SYNOPSIS

       libnss_systemd.so.2

DESCRIPTION

       nss-systemd is a plug-in module for the GNU Name Service Switch (NSS) functionality of the GNU C Library (glibc), providing UNIX user and
       group name resolution for dynamic users and groups allocated through the DynamicUser= option in systemd unit files. See systemd.exec(5) for
       details on this option.

       This module also ensures that the root and nobody users and groups (i.e. the users/groups with the UIDs/GIDs 0 and 65534) remain resolvable
       at all times, even if they aren't listed in /etc/passwd or /etc/group, or if these files are missing.

       To activate the NSS module, add "systemd" to the lines starting with "passwd:" and "group:" in /etc/nsswitch.conf.

       It is recommended to place "systemd" after the "files" or "compat" entry of the /etc/nsswitch.conf lines so that /etc/passwd and /etc/group
       based mappings take precedence.

EXAMPLE

       Here is an example /etc/nsswitch.conf file that enables nss-systemd correctly:

	   passwd:	   compat mymachines systemd
	   group:	   compat mymachines systemd
	   shadow:	   compat

	   hosts:	   files mymachines resolve [!UNAVAIL=return] dns myhostname
	   networks:	   files

	   protocols:	   db files
	   services:	   db files
	   ethers:	   db files
	   rpc: 	   db files

	   netgroup:	   nis

SEE ALSO

       systemd(1), systemd.exec(5), nss-resolve(8), nss-myhostname(8), nss-mymachines(8), nsswitch.conf(5), getent(1)

systemd 237															    NSS-SYSTEMD(8)
All times are GMT -4. The time now is 06:00 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy