{"id":34197777,"url":"https://github.com/netauth/nsscache","last_synced_at":"2026-03-10T16:02:08.865Z","repository":{"id":90917852,"uuid":"138948063","full_name":"netauth/nsscache","owner":"netauth","description":"Tool to create nsscache maps from NetAuth","archived":false,"fork":false,"pushed_at":"2021-03-21T06:53:30.000Z","size":61,"stargazers_count":0,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-12-18T19:35:37.373Z","etag":null,"topics":["authorization","identity","netauth","nss"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/netauth.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-06-28T00:49:08.000Z","updated_at":"2021-03-21T06:53:23.000Z","dependencies_parsed_at":"2024-06-20T07:16:36.958Z","dependency_job_id":null,"html_url":"https://github.com/netauth/nsscache","commit_stats":null,"previous_names":[],"tags_count":11,"template":false,"template_full_name":null,"purl":"pkg:github/netauth/nsscache","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/netauth%2Fnsscache","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/netauth%2Fnsscache/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/netauth%2Fnsscache/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/netauth%2Fnsscache/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/netauth","download_url":"https://codeload.github.com/netauth/nsscache/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/netauth%2Fnsscache/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30341625,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-10T15:55:29.454Z","status":"ssl_error","status_checked_at":"2026-03-10T15:54:58.440Z","response_time":106,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authorization","identity","netauth","nss"],"created_at":"2025-12-15T17:47:54.748Z","updated_at":"2026-03-10T16:02:08.842Z","avatar_url":"https://github.com/netauth.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"nsscache\n========\n\nThe nsscache binary provides an interface to NetAuth that generates\nfiles suitable for consumption by\n[libnss-cache](https://github.com/google/libnss-cache).  This is the\ncanonical way to pull network accounts to UNIX derived systems and\nwill insulate against NSS failures due to transient network\npartitions.\n\nThis binary must be run as root since it will need to write files as\nroot and set permissions such that only root can read.  Fortunately\nthe amount of code in this program is minimal.\n\nRunning the binary as root will do the right thing, assuming that you\nhave your certificate located at `/etc/netauth.cert` and your\nconfiguration file at `/etc/netauth.toml`.\n\nImportant options from the help output:\n\n```\n  -homedir string\nHome directory to provide if none is available from NetAuth (default \"/tmp/{UID}\")\n  -shell string\nDefault shell to use if none is provided in the directory (default \"/bin/nologin\")\n  -indirects\nInclude indirect relationships in the group map (default true)\n  -min-gid int\nMinimum GID number to accept (default 2000)\n  -min-uid int\nMinimum UID number to accept (default 2000)\n  -passwd-file string\nPasswd cache to write to (default \"/etc/passwd.cache\")\n  -group-file string\nGroup cache to write to (default \"/etc/group.cache\")\n  -shadow-file string\nShadow cache to write to (default \"/etc/shadow.cache\")\n```\n\nOf these, the following are important to understand:\n\n  * `--homedir`: The home directory to provide in the passwd map.\n    This will perform a string substitution on the string `{UID}`\n    which maps to the NetAuth concept of an entity ID.  This can be\n    useful for specifying where to mount the home directory into.\n  * `--shell`: If the shell is not provided by the directory, or if\n    the shell provided by the directory does not exist on this system,\n    this shell will be provided to the passwd map instead.  Choose\n    carefully between default security and user friendliness here.\n    The secure option is the default, the friendly one is usually\n    /bin/bash.\n  * `--indirects`: Include indirect memberships in the group map.  For\n    systems of highly secure nature, you may wish to disable this and\n    only include groups that an entity is directly a member of.\n  * `--min-gid` and `--min-uid`: These values control the minimum\n    numeric group ID and user ID values to map.  Values below these\n    are dropped from the maps.  The defaults should generally be safe,\n    but ensure that you don't inadvertently cause a collision with\n    local users and groups.\n  * `--passwd-file`, `--group-file`, and `--shadow-file`: These files\n    point to non default locations for the map files.  In general you\n    should not modify these unless you have a good reason to do so.\n\nnsscache provides single shot updates to the files.  You must run\nnsscache on some sort of job controller if you want to update and pick\nup new values.  Choose the update frequency that is right for you.  A\ngood default choice if you have no idea what to set here is 15\nminutes.  This will be slightly annoying to users that have just been\ncreated in the system, but won't otherwise hammer the NetAuth server.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnetauth%2Fnsscache","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnetauth%2Fnsscache","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnetauth%2Fnsscache/lists"}