Proposed F19 Feature: Fedora Upgrade - using yum
Simo Sorce
simo at redhat.com
Fri Jan 25 02:15:14 UTC 2013
On Fri, 2013-01-25 at 00:12 +0100, Lennart Poettering wrote:
> I mean, here's an example: let's say openssl is updated, which is
> pulled
> in by a ton of other things, for example the libc NSS LDAP module. The
> libc NSS is used by at least half of all processes running on your
> system,
> and they all dlopen() the NSS module. So how do you now figure out
> which
> ones that are and how do you then figure out what the heck you need to
> do to get them restarted?
>
A) there is no 'libc NSS LDAP module', nss_ldap is not part of libc and
is also deprecated on its own in favor of nss_ldapd and others.
B) Luckily we solved this case with SSSD, and this is exactly one of the
use cases we wanted to solve with it. The sssd client side that gets
loaded in processes has been made extremely simple and the protocol
fixed in stone exactly so that you can upgrade SSSD and it's
dependencies and even change sssd's configuration w/o having to restart
applications.
So I would remove the nsswitch problem, for the most part (we still have
some nsswitch things sssd does not handle like hostname resolution, but
we may take that over as well if really necessary.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the devel
mailing list