Date: Mon, 26 Oct 2020 13:20:23 +0100 From: Florian Weimer <fweimer@...hat.com> To: Jesse Hathaway <jesse@...ki-mvuki.org> Cc: musl@...ts.openwall.com, Rich Felker <dalias@...c.org>, Arjun Shankar <arjun@...hat.com> Subject: Re: Plans to remove nscd in Fedora * Jesse Hathaway: > On Fri, Oct 23, 2020 at 8:29 AM Carlos O'Donell <carlos@...hat.com> wrote: >> My opinion is that we want something much thinner than nscd to provide >> NSS for statically linked applications, and that such an interface >> should not provide caching. If we really wanted we could keep the nscd >> socket interface but implement an NSS daemon for this e.g. nssd that would >> just run all the time and could be depended upon by static applications. >> It would have to be well audited and very simple. >> >> The caching that nscd does has many legacy problems that are better solved >> and maintained by other daemons that implement a split NSS module approach >> (as Florian notes). > > Given the increasing prevalence of statically deployed programs from > languages such as C, Go, Rust, and even Haskell. I would love to see > continued distribution support for querying NSS from these > programs. An nscd variant without caching seems like a good approach, > but I think it would be unfortunate to remove nscd from distributions > before an alternative approach was available. But Go and Haskell are really old by now, and nscd support hasn't landed in those language run-times (and their de-facto default implementations). After ten to thrity years of waiting, is it still reasonable to expect that this might happen. Even for C, there is no push to make nscd a mandatory installation requirement once the system uses services beyond the “dns” and “files” modules. I would have expected to see a development in this direction by now there as well. It's not just that we have turned down such requests, they did not even happen. I suspect it's just that users that have large databases under /etc or require on remote integration have little interest in static linking and vice versa. An added complication is that a model involving a separate daemon does not work well for containers. Thanks, Florian -- Red Hat GmbH, https://de.redhat.com/ , Registered seat: Grasbrunn, Commercial register: Amtsgericht Muenchen, HRB 153243, Managing Directors: Charles Cachera, Brian Klemm, Laurie Krebs, Michael O'Neill
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.