Subject: Re: Hesiod thoughts
To: None <greywolf@captech.com>
From: Luke Mewburn <lukem@telstra.com.au>
List: current-users
Date: 10/24/1995 11:23:30
greywolf@captech.com writes:
> I even suggested that, instead of overloading symbols at the beginning
> of a database entry, we could preserve '+' for backward combatability,
> and go forward with something like & or whatever followed by
> [NIS],[DNS],[NSP],[HES] or whatever to indicate that the appropriate
> lookup could be used at that point.
The entire problem with defining the lookups in each of the separate
files is that it's a right pain in the arse when you want to turn off
a service provider (e.g, nis) everywhere at once. Or switch a
workstation over to nis for that matter.
nsswitch allows you to change *one* file (/etc/nsswitch.conf), and in
my implmentation, requires you to run ns_mkdb to update /etc/nsswitch.db
(for dispatcher speed). When nsswitch.db changes, all programs pick up
the change at the next dispatch, which may cause some coherency
problems, but has the great advantage that you don't have to restart
*every* daemon to pick up the change (which is a niggle in the Solaris
implementation.)
As to the '+' support, it's simple. There's a service called "compat",
which is the only valid service for that database, which allows the
underlying code to do the work. For example, for the database "passwd",
the "files" implementation ignores the '+', the "nis" implementation
just looks up the passwd map, and "compat" gives you the current
functionality. If you want to lookup in files then nis without using
'+', the nsswitch.conf entry is:
passwd: files nis
If you like the current (sunos 4.x style) support, use:
passwd: compat
Rather simple really.
The underlying code doesn't hardcode any of the database names. As
mentioned above, the only enforcement is that "compat" is the only
service allowed on a line if it is used. You can then implement your
own "compat" code for any database to take advantage of this rule.
I'm going to put my money where my mouth is and release the nsswitch
code after 1.1 is released (because it makes a great 'reference
point'). If the code is suitable, it should be put in the libc source,
since it doesn't break anything that people currently want, but gives
more flexibility to those who need it.
--
Luke Mewburn <luke.mewburn@itg.telstra.com.au>
"Concealment is never as hard as people think, you must understand that. It's
action while hiding that's the hard part."
-- Coyote, in Kim Stanley Robinson's `Green Mars'