From owner-freebsd-hackers@FreeBSD.ORG Thu Oct 6 06:00:19 2011 Return-Path: Delivered-To: hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0B44C106566B for ; Thu, 6 Oct 2011 06:00:19 +0000 (UTC) (envelope-from dan@dan.emsphone.com) Received: from email2.allantgroup.com (email2.emsphone.com [199.67.51.116]) by mx1.freebsd.org (Postfix) with ESMTP id 360A98FC13 for ; Thu, 6 Oct 2011 06:00:05 +0000 (UTC) Received: from dan.emsphone.com (dan.emsphone.com [199.67.51.101]) by email2.allantgroup.com (8.14.4/8.14.4) with ESMTP id p965iBYf019079 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 6 Oct 2011 00:44:11 -0500 (CDT) (envelope-from dan@dan.emsphone.com) Received: from dan.emsphone.com (smmsp@localhost [127.0.0.1]) by dan.emsphone.com (8.14.5/8.14.5) with ESMTP id p965iBS3026934 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 6 Oct 2011 00:44:11 -0500 (CDT) (envelope-from dan@dan.emsphone.com) Received: (from dan@localhost) by dan.emsphone.com (8.14.5/8.14.5/Submit) id p965iAAg026933; Thu, 6 Oct 2011 00:44:10 -0500 (CDT) (envelope-from dan) Date: Thu, 6 Oct 2011 00:44:10 -0500 From: Dan Nelson To: Trond Endrestol Message-ID: <20111006054409.GS9801@dan.emsphone.com> References: <86sjn84wco.fsf@ds4.des.no> <86obxw4s4w.fsf@ds4.des.no> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-OS: FreeBSD 8.2-STABLE User-Agent: Mutt/1.5.21 (2010-09-15) X-Virus-Scanned: clamav-milter 0.97.2 at email2.allantgroup.com X-Virus-Status: Clean X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.6 (email2.allantgroup.com [199.67.51.78]); Thu, 06 Oct 2011 00:44:11 -0500 (CDT) X-Scanned-By: MIMEDefang 2.68 on 199.67.51.78 Cc: Dag-Erling Smorgrav , hackers@freebsd.org Subject: Re: Does anyone use nscd? X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Oct 2011 06:00:19 -0000 In the last episode (Oct 04), Trond Endrestol said: > On Tue, 4 Oct 2011 18:51+0200, Dag-Erling Smorgrav wrote: > > Trond Endrestol writes: > > > It's in daily use at Gjovik Technical College (Fagskolen i Gjovik), > > > here in Norway. Both the mail and web servers authenticates our users > > > by LDAP, and nscd certainly speeds up the lookups. > > > > OK. No trouble with clients dying of SIGPIPE? I could never reproduce > > the bug, but both users who reported problems used ldap, and I don't > > have an LDAP server to test against, so I thought it might be specific > > to LDAP. > > Not in my (somewhat limited) experience. On a tangent, I also heavily recommend using the nss-pam-ldapd port instead of nss_ldap. It includes a daemon called nslcd which is the only process that links to the ldap libary. The nss module is a tiny plug that talks to nslcd using a simple protocol. It really reduces the socket count to your ldap server, and removes the potential namespace problems caused by dlopening libldap.so in every process. -- Dan Nelson dnelson@allantgroup.com