[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: How to use Guix with sssd, not nscd, on a foreign distro?
|
From: |
Ludovic Courtès |
|
Subject: |
Re: How to use Guix with sssd, not nscd, on a foreign distro? |
|
Date: |
Mon, 28 Feb 2022 14:42:56 +0100 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux) |
Hello,
Chris Marusich <cmmarusich@gmail.com> skribis:
> The Guix manual recommends running nscd:
>
> https://guix.gnu.org/manual/en/html_node/Application-Setup.html
>
> However, Fedora intends to remove it:
>
> https://fedoraproject.org/wiki/Changes/RemoveNSCD
D’oh! This is bad. It might suggest that nscd will vanish from glibc
as well, given it’s partly developed by the same group of people.
AFAIK, nscd is the only way to allow glibc’s name service switch (NSS)
to be used on a system where multiple glibc versions might coexist.
This is a problem Fedora doesn’t have: there’s always a single glibc
package installed.
[...]
> The Fedora document explains that at least the hosts cache will be
> handled by systemd-resolved. Can I expect Guix-built programs to "try
> to use systemd" when resolving host names, or is additional
> configuration likely to be required?
I suppose there’s a systemd-resolved NSS module, and /etc/nsswitch.conf
points to it.
> Regarding sssd specifically, how can I arrange for a Guix-built program
> to "try to use sssd" first?
The relevant glibc functions always check nsswitch.conf and use the
methods prescribed there. When nscd is not running, they might end up
trying to dlopen libnss_sssd.so, which will usually fail.
One way to work around it is described here:
https://lists.gnu.org/archive/html/guix-devel/2020-08/msg00168.html
But this is pretty much a last resort and not something we’d recommend
for general use.
HTH!
Ludo’.