In various shell scripts I often see two approaches for getting information from databases supported by Name Service Switch libraries like /etc/group, /etc/hosts or /etc/services. One is getent utility and other is grep or some other text processing tool. For example:
<a href="https://getridbug.com/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="4e3c21213a0e2839633a2b3d3a">[email protected]</a>:~# getent passwd root root:x:0:0:root:/root:/bin/bash <a href="https://getridbug.com/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="56243939221630217b22332522">[email protected]</a>:~# <a href="https://getridbug.com/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="d9abb6b6ad99bfaef4adbcaaad">[email protected]</a>:~# grep root /etc/passwd root:x:0:0:root:/root:/bin/bash <a href="https://getridbug.com/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="fe8c91918abe9889d38a9b8d8a">[email protected]</a>:~#
..or:
<a href="https://getridbug.com/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="7b0914140f3b1d0c560f1e080f">[email protected]</a>:~# getent hosts www.blah.com 189.113.174.199 www.blah.com <a href="https://getridbug.com/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="91e3fefee5d1f7e6bce5f4e2e5">[email protected]</a>:~# <a href="https://getridbug.com/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="d3a1bcbca793b5a4fea7b6a0a7">[email protected]</a>:~# host www.blah.com www.blah.com has address 189.113.174.199 <a href="https://getridbug.com/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="91e3fefee5d1f7e6bce5f4e2e5">[email protected]</a>:~#
Which of those two approaches above should be used in scripts? I mean is one of the solutions more elegant or standard than the other?
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
A lot of this will come down to factors stemming from the specific environment you’re in, but I prefer the getent method because it looks up external users as well as local users. Specifically, it will look up the LDAP users in my environment from the LDAP server, whereas a cat /etc/passwd or similar has no idea my LDAP server even exists, much less has valid users on it. If all your users are always local, getent doesn’t really buy you much aside from “no need to rewrite if we add an LDAP server in 10 years”.
Method 2
The getent approach would be more compatible and preferable. Those files (/etc/group, /etc/hosts, /etc/services, /etc/passwd, …) are not always in /etc they could also be, depending on the operating system you’re on, in other places. getent would anyway find the entries (if it’s on the system).
Also as @John stated, getent searches trough all configured nsswitch databases. Even if you have (multiple) external sources connected, where your users are authenticated with or name resolutions via DNS-servers and so on. getent therefore is slower, because every lookup must go trough all databases.
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0