From owner-freebsd-arch@FreeBSD.ORG  Fri Jun  6 16:06:49 2003
Return-Path: <owner-freebsd-arch@FreeBSD.ORG>
Delivered-To: freebsd-arch@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id B77BE37B401
	for <freebsd-arch@freebsd.org>; Fri,  6 Jun 2003 16:06:49 -0700 (PDT)
Received: from fledge.watson.org (fledge.watson.org [204.156.12.50])
	by mx1.FreeBSD.org (Postfix) with ESMTP id ED68843FA3
	for <freebsd-arch@freebsd.org>; Fri,  6 Jun 2003 16:06:48 -0700 (PDT)
	(envelope-from robert@fledge.watson.org)
Received: from fledge.watson.org (localhost [127.0.0.1])
	by fledge.watson.org (8.12.9/8.12.9) with ESMTP id h56N5TOn019391;
	Fri, 6 Jun 2003 19:05:29 -0400 (EDT)
	(envelope-from robert@fledge.watson.org)
Received: from localhost (robert@localhost)h56N5SGV019388;
	Fri, 6 Jun 2003 19:05:29 -0400 (EDT)
	(envelope-from robert@fledge.watson.org)
Date: Fri, 6 Jun 2003 19:05:28 -0400 (EDT)
From: Robert Watson <rwatson@freebsd.org>
X-Sender: robert@fledge.watson.org
To: Matthew Dillon <dillon@apollo.backplane.com>
In-Reply-To: <200306062123.h56LNXev027573@apollo.backplane.com>
Message-ID: <Pine.NEB.3.96L.1030606185312.16933A-100000@fledge.watson.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
cc: Sebastian Lederer <sl@linast.de>
cc: freebsd-arch@freebsd.org
Subject: Re: Making a dynamically-linked root
X-BeenThere: freebsd-arch@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussion related to FreeBSD architecture
	<freebsd-arch.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-arch>,
	<mailto:freebsd-arch-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-arch>
List-Post: <mailto:freebsd-arch@freebsd.org>
List-Help: <mailto:freebsd-arch-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-arch>,
	<mailto:freebsd-arch-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Jun 2003 23:06:50 -0000


On Fri, 6 Jun 2003, Matthew Dillon wrote:

>     I really like the idea of Darwin's lookupd.  I'd like to see something
>     like that not only for authentication, but for hostname lookups as well
>     (at least for standard libc calls, which currently require most of the
>     resolver's packet code to do even the simplest of operations).

I think that would be quite neat; as discussed, irs from the BIND
distribution does the DNS elements of this, although not in our current
framework.  An idea I've also been interested in looking at, now that we
have NSS to indirect many of the database operations, is how easy it would
be to indirect new configuration data through NSS.  For example, although
we can share account information via directory services such as NIS, LDAP,
etc, we cannot currently share login.conf user class data.  Some other
configuration files might also lend themselves quite well to this sort of
configuration -- perhaps even files such as inetd.conf, ftpusers,
login.access, opiekies, etc.

One of the important goals of elements like NSS is to improve our ability
to centrally manage many FreeBSD systems in a scalable manner; another is
the ability to support more reliable and more easily managed backends,
such as configuration databases originating in local SQL, etc. 
Experimenting with ways to take this a few steps further might be quite
interesting, and could have some nice payoffs.

Robert N M Watson             FreeBSD Core Team, TrustedBSD Projects
robert@fledge.watson.org      Network Associates Laboratories