From owner-freebsd-hackers@FreeBSD.ORG Mon Apr 14 07:59:49 2003 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 336FC37B401 for ; Mon, 14 Apr 2003 07:59:49 -0700 (PDT) Received: from gw.nectar.cc (gw.nectar.cc [208.42.49.153]) by mx1.FreeBSD.org (Postfix) with ESMTP id 69E1D43F3F for ; Mon, 14 Apr 2003 07:59:48 -0700 (PDT) (envelope-from nectar@celabo.org) Received: from madman.celabo.org (madman.celabo.org [10.0.1.111]) (using TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits)) (Client CN "madman.celabo.org", Issuer "celabo.org CA" (verified OK)) by gw.nectar.cc (Postfix) with ESMTP id D4F185D; Mon, 14 Apr 2003 09:59:47 -0500 (CDT) Received: by madman.celabo.org (Postfix, from userid 1001) id 32E4078C44; Mon, 14 Apr 2003 09:59:47 -0500 (CDT) Date: Mon, 14 Apr 2003 09:59:47 -0500 From: "Jacques A. Vidrine" To: "Michael A. Bushkov" Message-ID: <20030414145947.GA56580@madman.celabo.org> Mail-Followup-To: "Jacques A. Vidrine" , "Michael A. Bushkov" , freebsd-hackers@freebsd.org, bork@rsu.ru, and@rsu.ru, os@rsu.ru References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Url: http://www.celabo.org/ User-Agent: Mutt/1.5.3i-ja.1 cc: bork@rsu.ru cc: freebsd-hackers@freebsd.org cc: os@rsu.ru cc: and@rsu.ru Subject: Re: Re: nsswitch implementation X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Apr 2003 14:59:49 -0000 On Mon, Apr 14, 2003 at 05:49:50PM +0400, Michael A. Bushkov wrote: > > > >>The daemon (level 2) should be able do dynamically open modules - we > >>can't call dlopen() directly from libc. > > > >Sure we can. You just can't if you are a statically-linked > >executable. [The implementation that will be committed shortly allows > >for building an NSS module with world so that statically-linked > >binaries are also supported.] > > Do you want to statically compile nss-modules in libc? If you do that, > you'll have to statically link a lot of stuff into libc (for example, > if we have nss_ldap module - we must compile whole ldap implementation > into libc). And if we do it that way, libc will grow and grow... > Besides, if you want to change a module code, you'll have to recompile > whole libc. > We are very interested to know your way of solving these problems... I don't solve them. I expect people who want to use 3rd party NSS modules to use a completely dynamically-linked system. You are correct, I would not want to compile PADL.COM's nss_ldap into libc. However, Samba's winbind module is not so heavy-weight and possibly not so problematic from the code-size perspective. As I said, it is already partioned into a module and a daemon. Keep in mind why one wants nsswitch: in order to use already existing NSS modules. Most existing NSS modules are written for Solaris and/or Linux. These platforms follow an in-process model. An IPC model is quite different, and would require significant porting effort for each NSS module. (There is quite some distance between existing APIs and semantics versus the APIs and semantics of an IPC model.) I think it is presumptuous to believe that NSS module writers are going to invest significant effort to develop FreeBSD-specific NSS modules. Cheers, -- Jacques A. Vidrine http://www.celabo.org/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se