-----BEGIN PGP SIGNED MESSAGE-----
On 08/13/2009 08:38 AM, Simo Sorce wrote:
On Thu, 2009-08-13 at 08:54 -0400, Stephen Gallagher wrote:
>> NOTE: this means that until the first background enumeration is
>> complete, a getent passwd or a getent group call may return incomplete
>> results. I think this is acceptable as it will really happen only at
>> startup, when the daemon caches are empty.
> I disagree. If we're going to have a startup enumeration, then we should
> simply not enable handling NSS requests until that first enumeration is
> complete. Incomplete results can be worse than no results. I assume NSS
> has a return code for temporary failure?
Internally, yes, but all it does it to return no results to the user
space. Not returning results is == returning partial results. So I see
no difference here.
I was referring to having our NSS client-side component return TRYAGAIN
or UNAVAIL instead of zero results, since the nsswitch.conf file can be
configured to handle these appropriately.
Looking to carve out IT costs?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----