From owner-freebsd-arch@FreeBSD.ORG Fri Jun 6 16:06:49 2003 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B77BE37B401 for ; Fri, 6 Jun 2003 16:06:49 -0700 (PDT) Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id ED68843FA3 for ; Fri, 6 Jun 2003 16:06:48 -0700 (PDT) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (localhost [127.0.0.1]) by fledge.watson.org (8.12.9/8.12.9) with ESMTP id h56N5TOn019391; Fri, 6 Jun 2003 19:05:29 -0400 (EDT) (envelope-from robert@fledge.watson.org) Received: from localhost (robert@localhost)h56N5SGV019388; Fri, 6 Jun 2003 19:05:29 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Fri, 6 Jun 2003 19:05:28 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Matthew Dillon In-Reply-To: <200306062123.h56LNXev027573@apollo.backplane.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: Sebastian Lederer cc: freebsd-arch@freebsd.org Subject: Re: Making a dynamically-linked root X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Jun 2003 23:06:50 -0000 On Fri, 6 Jun 2003, Matthew Dillon wrote: > I really like the idea of Darwin's lookupd. I'd like to see something > like that not only for authentication, but for hostname lookups as well > (at least for standard libc calls, which currently require most of the > resolver's packet code to do even the simplest of operations). I think that would be quite neat; as discussed, irs from the BIND distribution does the DNS elements of this, although not in our current framework. An idea I've also been interested in looking at, now that we have NSS to indirect many of the database operations, is how easy it would be to indirect new configuration data through NSS. For example, although we can share account information via directory services such as NIS, LDAP, etc, we cannot currently share login.conf user class data. Some other configuration files might also lend themselves quite well to this sort of configuration -- perhaps even files such as inetd.conf, ftpusers, login.access, opiekies, etc. One of the important goals of elements like NSS is to improve our ability to centrally manage many FreeBSD systems in a scalable manner; another is the ability to support more reliable and more easily managed backends, such as configuration databases originating in local SQL, etc. Experimenting with ways to take this a few steps further might be quite interesting, and could have some nice payoffs. Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Network Associates Laboratories