Red Hat Bugzilla – Full Text Bug Listing
|Summary:||Have NSS auto-reload nsswitch.conf|
|Product:||Red Hat Enterprise Linux 3||Reporter:||Craig Lawson <craig.lawson>|
|Component:||glibc||Assignee:||Jakub Jelinek <jakub>|
|Status:||CLOSED WONTFIX||QA Contact:||Brian Brock <bbrock>|
|Fixed In Version:||Doc Type:||Enhancement|
|Doc Text:||Story Points:||---|
|Last Closed:||2004-09-27 20:47:31 EDT||Type:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
Description Craig Lawson 2004-09-14 21:40:14 EDT
Version: glibc-2.3.2-95.27 When the NSS subsystem parses the contents of /etc/nsswitch.conf, it does so only once. While sufficient for short-lived processes, this strategy is not appropriate for daemons. If the file has changed, each daemon using the file must be either restarted, SIGHUP'ed, or who knows what else -- because man pages typically do not document how to force nsswitch.conf to reload. Apparently, /etc/nsswitch.conf was deemed constant enough that it was not worth mentioning. Yet occasionally it does change -- should the user be forced to reboot at those times? (PAM faces the same issue, and re-reads its configuration file each time.) RedHat's own authconfig handles this issue by maintaining a built-in list of daemons to restart, and when nsswitch.conf is modified, restarts them. There is no public interface for additional daemons to gain membership to this list, nor for other services which modify nsswitch.conf to access the list. The drawback to authconfig's approach is that the maintainer must be concerned about proper start- up dependencies between daemons, new daemons, and the small time interval when the daemon is off-line. The enhancement I propose is that the NSS subsystem reload its service_table if the nsswitch.conf has been modified since the last time it was read. Optimization: to avoid frequent requests for the file's last modification time, which is entirely unnecessary for short-lived processes, I suggest omitting file system checks sooner than 10 minutes since the last check. The proposed change simplifies every daemon that uses NSS, makes daemon restarts less necessary, simplifies authconfig, and simplifies the issues for every sys admin who modifies nsswitch.conf.
Comment 1 Suzanne Hillman 2004-09-15 14:38:55 EDT
Internal RFE bug #132670 entered; will be considered for future releases.
Comment 2 Ulrich Drepper 2004-09-27 20:47:31 EDT
That file will never be automatically reloaded. The file is not supposed to be changed after the initial configuration and if it does, better reboot and restart all relevant programs. I will not add any code which penalizes normal operations. All this can in general be avoided by using nscd. If nscd is used only this one program needs to be restarted for the new setting to be used. If you need to use change the nsswitch.conf setting for services other than passwd, group, and hosts then this is something else. The solution then might be to add support for these other services to nscd. So in summary, us nscd and never let programs directly use NSS services.