From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-3.5 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, MAILING_LIST_MULTI,NICE_REPLY_A,RCVD_IN_DNSWL_MED,RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 26305 invoked from network); 23 Oct 2020 12:01:21 -0000 Received: from mother.openwall.net (195.42.179.200) by inbox.vuxu.org with ESMTPUTF8; 23 Oct 2020 12:01:21 -0000 Received: (qmail 9682 invoked by uid 550); 23 Oct 2020 12:01:13 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Reply-To: musl@lists.openwall.com Received: (qmail 9655 invoked from network); 23 Oct 2020 12:01:12 -0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=decentral.ch; s=rsa1; h=Content-Transfer-Encoding:Content-Type:In-Reply-To:MIME-Version:Date:Message-ID:From:References:To:Subject; bh=QLZeXug5FFhfHTYhHaU9sTKXZb47gCb0gQg80gqqsy8=; b=BJPPcDAKkyEClqQJvnbATy1WtKz/4CmZaMS8VytbkKXJREcHnK9OZYjKeB3EylNVArMBBwW1uptfpJGRFZGFZdPWYCoUeXJGxN4Yil6MKOjWbc8RPQvsgTnShVPTnii/; To: musl@lists.openwall.com References: <1924902939.18027073.1603105167534.JavaMail.zimbra@redhat.com> <805098991.18032044.1603106011330.JavaMail.zimbra@redhat.com> <20201020010855.GE17637@brightrain.aerifal.cx> <87pn59i38j.fsf@oldenburg2.str.redhat.com> From: Tim Tassonis Message-ID: <514e3157-f82b-8417-e748-16e9539ecacd@decentral.ch> Date: Fri, 23 Oct 2020 14:01:00 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 MIME-Version: 1.0 In-Reply-To: <87pn59i38j.fsf@oldenburg2.str.redhat.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Subject: Re: [musl] Plans to remove nscd in Fedora On 10/23/20 1:35 PM, Florian Weimer wrote: > * Rich Felker: > >> The only capacity in which musl uses nscd is to access custom >> user/group backends provided through it. > > And that's the only way to get this data into musl programs. > >> musl specifically does not use nss itself because it's not compatible >> with static linking and because loading arbitrary module libraries >> into the calling process's core is not safe and goes against best >> practices. I believe the glibc folks were starting to realize this >> too, so it was kinda my hope that nscd would become the main/only way >> nss modules are accessed on glibc too. > > This requirement has largely been pushed into the NSS modules > themselves. If they do more than just opening a files or sockets, they > need to offload part of the functionality (actually most of it) into a > separate daemon. This is the difference between nss_ldap and nss_ldapd. > > SSSD has largely assumed this role for the non-hosts maps. It looks > like that systemd-resolved will cover the hosts maps. So it's unclear > what's left for nscd to handle. You might not know about this, but there is actually a world beyond Redhat/Fedora/Systemd. Not that I am advocating for nscd to remain, but I'm not sure this is the right list to place advertisement for your great RedHat products. Bye Tim