[Bug 491767] Review Request: nss-ldapd - An nsswitch module which uses directory servers
bugzilla at redhat.com
bugzilla at redhat.com
Tue Apr 21 16:36:29 UTC 2009
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=491767
--- Comment #19 from Jason Tibbitts <tibbs at math.uh.edu> 2009-04-21 12:36:28 EDT ---
I'm running whatever's in rawhide currently:
selinux-policy-3.6.12-4.fc11.noarch
selinux-policy-targeted-3.6.12-4.fc11.noarch
Well, at least I've found that the caching works across reboots. After logging
in with setenforce 0, I can reboot the machine (which resets selinux to
enforcing) and still log in. But I can't resolve any other users.
And indeed, stopping nscd does get things working, but of course nscd caches
more than uid/gid lookups.
BTW, do you know if this will cache autofs lookups as well?
Finally, to packaging issues: You fixed the minor issues I had; personally I
dont' care one way or the other about the /lib64/security/pam_ldap.so
dependency. However, one issue concerns me:
/lib64/libnss_ldap.so.2
/usr/lib64/libnss_ldap-264.so
/usr/lib64/libnss_ldap.so
/usr/lib64/libnss_ldap.so.2
This brings up a couple of issues:
Does the library really need to live in the root directory? Generally we try
not to install things there unless they're absolutely required that early in
the boot process (or for recovery). I know it conveniently avoids a conflict
in this case, but I'm wondering if it's just done that way because of the
conflict or if there's another reason.
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the Fedora-package-review
mailing list