Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 10 Jun 2001 12:50:44 -0500
From:      "Jacques A. Vidrine" <n@nectar.com>
To:        Gyori Sandor <gyori@szit.bme.hu>
Cc:        freebsd-hackers@FreeBSD.ORG
Subject:   Re: nsswitch dynamically loadable modules
Message-ID:  <20010610125044.A60711@hellblazer.nectar.com>
In-Reply-To: <20010610175233.J83779-100000@fourier.szit.bme.hu>; from gyori@szit.bme.hu on Sun, Jun 10, 2001 at 06:24:58PM %2B0200
References:  <Pine.BSF.4.21.0106092126030.46154-100000@sasami.jurai.net> <20010610175233.J83779-100000@fourier.szit.bme.hu>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Sun, Jun 10, 2001 at 06:24:58PM +0200, Gyori Sandor wrote:
> 1. I don't understand exactly why, but even into -CURRENT there was
> implemented only the statical part of nsswitch. 

Please search the archives for  full information.  Here is the history
in summary:

  = I ported NetBSD's nsswitch  implementation to FreeBSD-CURRENT.  It
    only  implements files,  NIS,  and Hesiod.   It  does not  support
    dynamically loaded sources.

  = I  extended  the  implementation  to  support  dynamically  loaded
    sources, and ported nss_ldap to use the invented interface.  These
    are the patches you referred to.   This was a prototype to help me
    understand the issues.   They will never be  committed, and should
    not be used in production.

  = I  re-did  the implementation  using  a  design  that I  am  happy
    with, and  interfaces which are agreed-upon-in-principal  with the
    NetBSD nsswitch author.   In addition to new  interfaces, this new
    implementation is reentrant (although YP and our resolver is not).
    A major design goal was to enable the creation of modules that are
    stubs  which talk  to a  long-running  daemon that  does the  hard
    work.  PADL.COM's  nss_ldap is (IMHO) completely  unsuitable for a
    production environment, particularly if you use SSL.

  = Eventually I will finish  the implementation just described.  Left
    to do  is updating some resolver-oriented  stuff like getaddrinfo,
    and (importantly) creating an nsswitch-ldap daemon.

If someone wants  to work on this  stuff, I would be happy  to hand it
off after  we had sufficient  discussion so  that I was  confident the
design was understood.  Otherwise, please wait.  I wish I had finished
it sooner, but that's how it goes.

Cheers,
-- 
Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010610125044.A60711>