From owner-freebsd-current@FreeBSD.ORG Thu Apr 17 17:50:55 2003 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 96DD437B404; Thu, 17 Apr 2003 17:50:55 -0700 (PDT) Received: from horkos.telenet-ops.be (horkos.telenet-ops.be [195.130.132.45]) by mx1.FreeBSD.org (Postfix) with ESMTP id 422E443FB1; Thu, 17 Apr 2003 17:50:54 -0700 (PDT) (envelope-from philip@paeps.cx) Received: from localhost (localhost.localdomain [127.0.0.1]) by horkos.telenet-ops.be (Postfix) with SMTP id AF17B83BF7; Fri, 18 Apr 2003 02:50:52 +0200 (CEST) Received: from fortuna.home.paeps.cx (D5768746.kabel.telenet.be [213.118.135.70]) by horkos.telenet-ops.be (Postfix) with ESMTP id A12C083BF5; Fri, 18 Apr 2003 02:50:52 +0200 (CEST) Received: from juno.home.paeps.cx (juno.home.paeps.cx [2001:ab8:2007:0:240:f4ff:fe31:3090]) by fortuna.home.paeps.cx (Postfix) with ESMTP id 424C7216F; Fri, 18 Apr 2003 02:50:37 +0200 (CEST) Received: by juno.home.paeps.cx (Postfix, from userid 1001) id B72502136; Fri, 18 Apr 2003 02:50:44 +0200 (CEST) Date: Fri, 18 Apr 2003 02:50:43 +0200 From: Philip Paeps To: freebsd-current@FreeBSD.org Message-ID: <20030418005043.GA657@juno.home.paeps.cx> Mail-Followup-To: freebsd-current@FreeBSD.org, "Jacques A. Vidrine" References: <20030417141133.GA4155@madman.celabo.org> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-15 Content-Disposition: inline In-Reply-To: <20030417141133.GA4155@madman.celabo.org> X-Date-in-Rome: ante diem XIV Kalendas Maias MMDCCLVI ab Urbe Condida X-PGP-Fingerprint: FA74 3C27 91A6 79D5 F6D3 FC53 BF4B D0E6 049D B879 X-Message-Flag: Get a proper mailclient! Mutt: User-Agent: Mutt/1.5.4i cc: "Jacques A. Vidrine" Subject: Re: HEADS UP: new NSS X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Apr 2003 00:50:56 -0000 On 2003-04-17 09:11:33 (-0500), Jacques A. Vidrine wrote: > [Skip to WARNINGs below if you read nothing else.] I read the rest too :-) > For the moment, in addition to the NSS core, I am committing completely new > implementations of the getpwent(3) and getgrent(3) family of functions. > Please report any anomalies to me directly, as well as on this list. Just checking: are the new implementations (supposed to be) completely compatible with the old ones, or should I be expecting 'anomalies'? > WARNING: The `compat' code was and is very hairy. Users who utilize NIS > using the old `+::::::' entries in passwd(5) (or exclusion lists, or > netgroups) should be especially wary. The new code is not bug compatible > with the old code, but I believe it is correct. It appears as though this is not completely backward-compatible with the previous state of affairs. Having no nsswitch.conf and '+:::::::::' in passwd(5) doesn't allow one to log in, and causes uids not to be turned into names and vice versa. Perhaps a default nsswitch.conf should be provided to ensure that people don't end up not being able to log into their machines :-) Something like the 'example' from nsswitch.conf(5) seems like a suitable default, except perhaps without the [notfound=return] bit so that local entries which aren't necessarily in a NIS map still work (users like sshd, whose absence causes all sorts of painful reactions from a priviledge sepparated sshd). - Philip -- Philip Paeps Please don't CC me, I am philip@paeps.cx subscribed to the list. There is always more dirty laundry then clean laundry.