From owner-freebsd-current@FreeBSD.ORG Thu Apr 17 07:11:36 2003 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3E8F037B401 for ; Thu, 17 Apr 2003 07:11:36 -0700 (PDT) Received: from gw.nectar.cc (gw.nectar.cc [208.42.49.153]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5B28343FAF for ; Thu, 17 Apr 2003 07:11:35 -0700 (PDT) (envelope-from nectar@celabo.org) Received: from madman.celabo.org (madman.celabo.org [10.0.1.111]) (using TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits)) (Client CN "madman.celabo.org", Issuer "celabo.org CA" (verified OK)) by gw.nectar.cc (Postfix) with ESMTP id 7CD5F51 for ; Thu, 17 Apr 2003 09:11:34 -0500 (CDT) Received: by madman.celabo.org (Postfix, from userid 1001) id AD71678C4A; Thu, 17 Apr 2003 09:11:33 -0500 (CDT) Date: Thu, 17 Apr 2003 09:11:33 -0500 From: "Jacques A. Vidrine" To: freebsd-current@FreeBSD.org Message-ID: <20030417141133.GA4155@madman.celabo.org> Mail-Followup-To: "Jacques A. Vidrine" , freebsd-current@FreeBSD.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Url: http://www.celabo.org/ User-Agent: Mutt/1.5.3i-ja.1 Subject: HEADS UP: new NSS X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Apr 2003 14:11:36 -0000 Hello Everyone, [Skip to WARNINGs below if you read nothing else.] I am about to commit a new name service switch (NSS) implementation. The new implementation preserves the nsdispatch(3) interface, and consumers of nsdispatch continue to work without modification. However, now the method_name argument (in addition to the dtab argument) is used to lookup backend implementations, which may be built-in statically or loaded via dlopen(3). Within libc, there are several consumers of nsdispatch. Each use in effect defines an interface [1]. Unfortunately, the interfaces brought in from NetBSD leave something to be desired. Most importantly, they do not allow for thread safety. Also important is that they are inconsistent in both naming conventions and semantics. Because of this, it is necessary rework each consumer a bit to (a) add thread safety and (b) provide an interface that can be utilized by NSS modules. For the moment, in addition to the NSS core, I am committing completely new implementations of the getpwent(3) and getgrent(3) family of functions. Please report any anomalies to me directly, as well as on this list. Other nsdispatch consumers will be updated once this has settled a bit. Notably, the resolver-related routines (gethostby*, getaddrinfo) still need to be updated and required quite a bit of work. I am also adding a nss_ldap Port which supports getpwent(3), getgrent(3). Similarly, I am committing a WITH_WINBIND_NSS knob to the samba Port which will build and install nss_windbind. WARNING: Please back up your pwd.db/spwd.db databases. A new (but backwards-compatible) on-disk format will be used when you next run pwd_mkdb(8) (or when vipw(8) runs it for you). The new format can be moved from one architecture to another. WARNING: The `compat' code was and is very hairy. Users who utilize NIS using the old `+::::::' entries in passwd(5) (or exclusion lists, or netgroups) should be especially wary. The new code is not bug compatible with the old code, but I believe it is correct. (By the way, I could use help from interested doc committers. Please contact me off-list.) Cheers, -- Jacques A. Vidrine http://www.celabo.org/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se [1] If you've looked at nsdispatch before, you know that it uses variable arguments. The number, type, and usage of these arguments, as well as the method_name, make up the interface. In order to facilitate adopting existing NSS modules for FreeBSD, I am attempting to track the interfaces used on Linux (e.g., in addition to the obvious arguments to getpwnam_r, the NSS interface also includes explicit handling of errno).