Date: Fri, 18 Apr 2003 02:50:43 +0200 From: Philip Paeps <philip@paeps.cx> To: freebsd-current@FreeBSD.org Cc: "Jacques A. Vidrine" <nectar@FreeBSD.org> Subject: Re: HEADS UP: new NSS Message-ID: <20030418005043.GA657@juno.home.paeps.cx> In-Reply-To: <20030417141133.GA4155@madman.celabo.org> References: <20030417141133.GA4155@madman.celabo.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2003-04-17 09:11:33 (-0500), Jacques A. Vidrine <nectar@FreeBSD.org> wrote: > [Skip to WARNINGs below if you read nothing else.] I read the rest too :-) > For the moment, in addition to the NSS core, I am committing completely new > implementations of the getpwent(3) and getgrent(3) family of functions. > Please report any anomalies to me directly, as well as on this list. Just checking: are the new implementations (supposed to be) completely compatible with the old ones, or should I be expecting 'anomalies'? > WARNING: The `compat' code was and is very hairy. Users who utilize NIS > using the old `+::::::' entries in passwd(5) (or exclusion lists, or > netgroups) should be especially wary. The new code is not bug compatible > with the old code, but I believe it is correct. It appears as though this is not completely backward-compatible with the previous state of affairs. Having no nsswitch.conf and '+:::::::::' in passwd(5) doesn't allow one to log in, and causes uids not to be turned into names and vice versa. Perhaps a default nsswitch.conf should be provided to ensure that people don't end up not being able to log into their machines :-) Something like the 'example' from nsswitch.conf(5) seems like a suitable default, except perhaps without the [notfound=return] bit so that local entries which aren't necessarily in a NIS map still work (users like sshd, whose absence causes all sorts of painful reactions from a priviledge sepparated sshd). - Philip -- Philip Paeps Please don't CC me, I am philip@paeps.cx subscribed to the list. There is always more dirty laundry then clean laundry.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030418005043.GA657>