From: "Ludovic Courtès" <ludovic.courtes@inria.fr>
To: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Cc: <guix-devel@gnu.org>
Subject: Re: Supporting sssd, preparing for nscd sunset
Date: Tue, 05 Mar 2024 10:55:25 +0100 [thread overview]
Message-ID: <87y1axc8aa.fsf@inria.fr> (raw)
In-Reply-To: <877citof00.fsf@gmail.com> (Maxim Cournoyer's message of "Sat, 24 Feb 2024 14:10:07 -0500")
Hi,
Maxim Cournoyer <maxim.cournoyer@gmail.com> skribis:
> Ludovic Courtès <ludovic.courtes@inria.fr> writes:
>
>> Hello Guix!
>>
>> Distros are increasingly relying on sssd, in particular Fedora and
>> derivatives, as a replacement for nscd, which is either unavailable or
>> deprecated. The documented interface of Guix binaries to the host’s
>> name service switch (NSS) is currently nscd:
>>
>> https://guix.gnu.org/manual/en/html_node/Application-Setup.html#Name-Service-Switch
>>
>> If sssd becomes dominant, we
>> might just as well arrange to have NSS always load libnss_sss.so.
>>
>> Thoughts?
>
> With nscd removed from glibc, can't we assume foreign distributions will
> rely on sssd instead? Do I understand correctly that the above
> (configuring NSS to always load libnss_sss.so) would be a fine
> replacement for our use of nscd? If so, that seems the simplest/best
> option to pursue to me.
It depends on what we mean by “configuring NSS to always load
libnss_sss.so”.
We could change the default NSS config, the one that’s used when
/etc/nsswitch.conf is missing, but that won’t help because in practice
distros do ship that file.
So what we would need to do is hack the NSS such that, when it sees
“nss_sss”, it kinda expands it to
/gnu/store/…-sssd-1.2.3/lib/libnss_sss.so.
That would complicate bootstrapping (as in: building ‘glibc-final’), but
may be worth considering.
Ludo’.
prev parent reply other threads:[~2024-03-05 9:55 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-23 8:48 Supporting sssd, preparing for nscd sunset Ludovic Courtès
2024-02-23 15:03 ` Felix Lechner via Development of GNU Guix and the GNU System distribution.
2024-02-23 21:48 ` Ricardo Wurmus
2024-02-24 8:26 ` Picnoir
2024-03-05 9:46 ` Ludovic Courtès
2024-03-05 12:34 ` Picnoir
2024-02-24 19:10 ` Maxim Cournoyer
2024-03-05 9:55 ` Ludovic Courtès [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87y1axc8aa.fsf@inria.fr \
--to=ludovic.courtes@inria.fr \
--cc=guix-devel@gnu.org \
--cc=maxim.cournoyer@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.