Date: Fri, 23 Oct 2020 12:58:03 -0400 From: Rich Felker <dalias@...c.org> To: Jesse Hathaway <jesse@...ki-mvuki.org> Cc: musl@...ts.openwall.com, Arjun Shankar <arjun@...hat.com>, Florian Weimer <fweimer@...hat.com>, Carlos O'Donell <carlos@...hat.com> Subject: Re: Plans to remove nscd in Fedora On Fri, Oct 23, 2020 at 09:14:01AM -0500, Jesse Hathaway wrote: > On Fri, Oct 23, 2020 at 8:29 AM Carlos O'Donell <carlos@...hat.com> wrote: > > My opinion is that we want something much thinner than nscd to provide > > NSS for statically linked applications, and that such an interface > > should not provide caching. If we really wanted we could keep the nscd > > socket interface but implement an NSS daemon for this e.g. nssd that would > > just run all the time and could be depended upon by static applications. > > It would have to be well audited and very simple. > > > > The caching that nscd does has many legacy problems that are better solved > > and maintained by other daemons that implement a split NSS module approach > > (as Florian notes). > > Given the increasing prevalence of statically deployed programs from languages > such as C, Go, Rust, and even Haskell. I would love to see continued > distribution support for querying NSS from these programs. An nscd variant > without caching seems like a good approach, but I think it would be unfortunate > to remove nscd from distributions before an alternative approach was available. Yes! As Laurent also noted, the real value here is maintaining the continuity of having a common, widely-deployed protocol and interface to perform NSS queries over. This doesn't necessitate keeping nscd permanently but does mean it should be removed only at the same time a replacement is deployed. Rich
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.