[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

01/03: doc: Document NSS incompatibility issues on foreign distros.

From: Ludovic Courtès
Subject: 01/03: doc: Document NSS incompatibility issues on foreign distros.
Date: Mon, 28 Nov 2016 21:59:17 +0000 (UTC)

civodul pushed a commit to branch master
in repository guix.

commit 9a5187b687e659da86000b32c951e2f55e1f74bb
Author: Ludovic Courtès <address@hidden>
Date:   Mon Nov 28 16:19:04 2016 +0100

    doc: Document NSS incompatibility issues on foreign distros.
    * doc/guix.texi (Application Setup)[Name Service Switch]: New
 doc/guix.texi |   50 ++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 50 insertions(+)

diff --git a/doc/guix.texi b/doc/guix.texi
index 5747484..ce1e5d0 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -1242,6 +1242,56 @@ data in the right format.
 This is important because the locale data format used by different libc
 versions may be incompatible.
address@hidden Name Service Switch
address@hidden name service switch, glibc
address@hidden NSS (name service switch), glibc
address@hidden nscd (name service caching daemon)
address@hidden name service caching daemon (nscd)
+When using Guix on a foreign distro, we @emph{strongly recommend} that
+the system run the GNU C library's @dfn{name service cache daemon},
address@hidden, which should be listening on the
address@hidden/var/run/nscd/socket} socket.  Failing to do that, applications
+installed with Guix may fail to look up host names or user accounts, or
+may even crash.  The next paragraphs explain why.
address@hidden @file{nsswitch.conf}
+The GNU C library implements a @dfn{name service switch} (NSS), which is
+an extensible mechanism for ``name lookups'' in general: host name
+resolution, user accounts, and more (@pxref{Name Service Switch,,, libc,
+The GNU C Library Reference Manual}).
address@hidden Network information service (NIS)
address@hidden NIS (Network information service)
+Being extensible, the NSS supports @dfn{plugins}, which provide new name
+lookup implementations: for example, the @code{nss-mdns} plugin allow
+resolution of @code{.local} host names, the @code{nis} plugin allows
+user account lookup using the Network information service (NIS), and so
+on.  These extra ``lookup services'' are configured system-wide in
address@hidden/etc/nsswitch.conf}, and all the programs running on the system
+honor those settings (@pxref{NSS Configuration File,,, libc, The GNU C
+Reference Manual}).
+When they perform a name lookup---for instance by calling the
address@hidden function in C---applications first try to connect to
+the nscd; on success, nscd performs name lookups on their behalf.  If
+the nscd is not running, then they perform the name lookup by
+themselves, by loading the name lookup services into their own address
+space and running it.  These name lookup services---the
address@hidden files---are @code{dlopen}'d, but they may come from
+the host system's C library, rather than from the C library the
+application is linked against (the C library coming from Guix).
+And this is where the problem is: if your application is linked against
+Guix's C library (say, glibc 2.24) and tries to load NSS plugins from
+another C library (say, @code{} for glibc 2.22), it will
+likely crash or have its name lookups fail unexpectedly.
+Running @command{nscd} on the system, among other advantages, eliminates
+this binary incompatibility problem because those @code{libnss_*.so}
+files are loaded in the @command{nscd} process, not in applications
 @subsection X11 Fonts
 @cindex fonts

reply via email to

[Prev in Thread] Current Thread [Next in Thread]