Date: Thu, 17 Apr 2008 15:40:17 GMT From: tom <zaphod@fsklaw.com> To: freebsd-gnats-submit@FreeBSD.org Subject: amd64/122858: nsswitch in 7.0 is f*cked up Message-ID: <200804171540.m3HFeHAR099642@www.freebsd.org> Resent-Message-ID: <200804171550.m3HFo1IL027762@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 122858 >Category: amd64 >Synopsis: nsswitch in 7.0 is f*cked up >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-amd64 >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Apr 17 15:50:01 UTC 2008 >Closed-Date: >Last-Modified: >Originator: tom >Release: FreeBSD 7.0 release >Organization: fsk >Environment: FreeBSD to-new.fsklaw.com 7.0-RELEASE FreeBSD 7.0-RELEASE #0: Wed Apr 16 14:22:33 PDT 2008 TMS3@to-new.fsklaw.com:/usr/obj/usr/src/sys/IPFAST amd64 >Description: Well you all seriously f'd up nsswitch huh? I've used this nsswitch.conf file for YEARS for samba/ldap/login etc. passwd: files ldap shadow: files ldap group: files ldap hosts: files dns wins ####NEW### networks: files dns automount: files ldap nisplus aliases: files ldap nisplus Use this and samba-ldap works but you can't shell in or ftp or anything. Use this: group: cache files ldap[ unavail=continue notfound=continue ] passwd: cache files ldap [ unavail=continue notfound=continue ] #group_compat: nis hosts: compat networks: files #passwd_compat: nis shells: files services: compat services_compat: nis protocols: files rpc: files And samba-ldap, ssh login and ftp login works, but the damned machine won't resolve DNS. Desperately flailing about and doing this: group: cache files ldap[ unavail=continue notfound=continue ] passwd: cache files ldap [ unavail=continue notfound=continue ] #group_compat: nis hosts: compat dns networks: files dns #passwd_compat: nis shells: files dns services: compat dns services_compat: nis dns protocols: files dns rpc: files dns does no good. Only the default nsswitch.conf file actually does DNS, and the first one I posted will actually do DNS lookups. I'd really like to be able to do all of these things with a single nsswitch.conf file. PERHAPS when you guys make such SUBSTANTIAL CHANGES to such a necessary component, you could...oh I dunno...DOCUMENT IT SOMEWHERE!!!!!!!!!!!!! I searched google for 6 hours yesterday to find something similar to the second nsswitch.conf file, which I still had to edit to make it work for samba-ldap/ssh/ftp login. This is seriously ridiculous. How the hell am I supposed to use 7.0 in a production environment? I had fewer problems with 5.1 than I'm having with 7.0. TMS III >How-To-Repeat: Hell, just use the nsswitch.conf files I posted. >Fix: Why I'm asking. >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200804171540.m3HFeHAR099642>