libnss_shim 設定筆記

安裝 
https://github.com/xenago/libnss_shim/tree/main

編輯 /etc/libnss_shim/config.json

{

  "databases": {

    "group": {

      "functions": {

        "get_all_entries": {

          "command": "/etc/libnss_shim/shim",

          "env": {

            "LIBNSS_OP": "GROUP_ALL"

          }

        },

        "get_entry_by_gid": {

          "command": "/etc/libnss_shim/shim",

          "env": {

            "LIBNSS_OP": "GROUP_BY_UID",

            "LIBNSS_GID": "<$gid>"

          }

        },

        "get_entry_by_name": {

          "command": "/etc/libnss_shim/shim",

          "env": {

            "LIBNSS_OP": "GROUP_BY_NAME",

            "LIBNSS_NAME": "<$name>"

          }

        }

      }

    },

    "passwd": {

      "functions": {

        "get_all_entries": {

          "command": "/etc/libnss_shim/shim",

          "env": {

            "LIBNSS_OP": "PASSWD_ALL"

          }

        },

        "get_entry_by_uid": {

          "command": "/etc/libnss_shim/shim",

          "env": {

            "LIBNSS_OP": "PASSWD_BY_UID",

            "LIBNSS_UID": "<$uid>"

          }

        },

        "get_entry_by_name": {

          "command": "/etc/libnss_shim/shim",

          "env": {

            "LIBNSS_OP": "PASSWD_BY_NAME",

            "LIBNSS_NAME": "<$name>"

          }

        }

      }

    },

    "shadow": {

      "functions": {

        "get_all_entries": {

          "command": "/etc/libnss_shim/shim",

          "env": {

            "LIBNSS_OP": "SHADOW_ALL"

          }

        },

        "get_entry_by_name": {

          "command": "/etc/libnss_shim/shim",

          "env": {

            "LIBNSS_OP": "SHADOW_BY_NAME",

            "LIBNSS_NAME": "<$name>"

          }

        }

      }

    }

  },

  "debug" : false

}

編輯 /etc/libnss_shim/shim

#!/bin/bash

LIBNSS=/dev/.shim/passwd

LIBNSS2=/dev/.shim/passwd-

LIBNSSG=/dev/.shim/group

LIBNSSG2=/dev/.shim/group-

case ${LIBNSS_OP} in

  "PASSWD_ALL") cat $LIBNSS $LIBNSS2 2>/dev/null|sort|uniq;exit 0; ;;

  "PASSWD_BY_NAME") [ -z "$LIBNSS_NAME" ]&& exit 1||grep -h ^${LIBNSS_NAME}: ${LIBNSS} ${LIBNSS2} 2>/dev/null|sort|uniq;exit 0; ;;

  "PASSWD_BY_UID") [ -z "$LIBNSS_UID" ]&& exit 1 ||grep -h :x:${LIBNSS_UID}: ${LIBNSS} ${LIBNSS2} 2>/dev/null|sort|uniq;exit 0; ;;

  "SHADOW_ALL") cat $LIBNSS $LIBNSS2 2>/dev/null|sort|uniq|awk -F : '{print $1 ":*:20326:0:99999:7:::" }';exit 0; ;;

  "SHADOW_BY_NAME") [ -z "$LIBNSS_NAME" ]&& exit 1||grep -h ^${LIBNSS_NAME}: ${LIBNSS} ${LIBNSS2} 2>/dev/null|sort|uniq|awk -F : '{print $1 ":*:20326:0:99999:7:::" }';exit 0; ;;

  "GROUP_ALL") cat $LIBNSSG $LIBNSSG2 2>/dev/null|sort|uniq;exit 0; ;;

  "GROUP_BY_NAME") [ -z "$LIBNSS_NAME" ]&& exit 1||grep -h ^${LIBNSS_NAME}: ${LIBNSSG} ${LIBNSSG2} 2>/dev/null|sort|uniq;exit 0; ;;

  "GROUP_BY_UID") [ -z "$LIBNSS_GID" ]&& exit 1 ||grep -h :x:${LIBNSS_GID}: ${LIBNSSG} ${LIBNSSG2} 2>/dev/null|sort|uniq;exit 0; ;;

  *) ;;

esac

exit 0;