Bug 32571 - Add enabling/disabling NIS+ to authconfig
Summary: Add enabling/disabling NIS+ to authconfig
Alias: None
Product: Fedora
Classification: Fedora
Component: authconfig   
(Show other bugs)
Version: rawhide
Hardware: i386 Linux
Target Milestone: ---
Assignee: Tomas Mraz
QA Contact: Aaron Brown
Keywords: FutureFeature
Depends On:
TreeView+ depends on / blocked
Reported: 2001-03-21 20:46 UTC by Chris Evans
Modified: 2007-11-30 22:10 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-09-08 13:05:06 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description Chris Evans 2001-03-21 20:46:27 UTC
Default full install.
When "authconfig" ran, I did NOT pick "NIS support".
Now I look in my /etc/nsswitch.conf.
The damn thing has "files nisplus" all over the shop. This causes
lots of applications to dynamically link in libnss_nisplus and its
dependency libnsl.
This is a performance concern, and generally wasteful. In my
very minimal ftpd, "vsftpd", issues like this show up.
Summary by the principle of least surprise:
"If I didn't pick NIS support in the installer, the generated
/etc/nsswitch.conf should in no way reference NIS or

Comment 1 Jakub Jelinek 2001-03-21 21:05:06 UTC
This is actually authconfig issue (or anaconda), reassigning.

Comment 2 Chris Evans 2001-03-22 01:24:55 UTC
Possibly worse!
"hosts" is down as "files nisplus dns"
i.e. dns is _after_ nisplus.

Comment 3 Daniel Roesen 2001-03-22 16:11:26 UTC
I always wondered why nis is referenced in nsswitch.conf at all if NIS support
was not enabled, so I agree with Chris that this should be fixed. It's more
convenient but as Chris stated also a performance issue (also a RAM ressource

Regarding dns being after nisplus in the "hosts" lists... I'm not sure what's
right here.

Comment 4 Enrico Scholz 2001-04-03 14:35:30 UTC
I think that there should be exist a way to prevent authconfig from altering
certain params. E.g. I use NIS for authentication-purposes only and resolve all
hosts by DNS only; trying NIS first slows down the lookup and gives no result.
When setting the 'host' entry to a better value, it will be overwritten when
authconfig runs the next time.

At least I would expect a warning in /etc/nsswitch.conf saying that running
authconfig the next time will trash all manual changes.

Perhaps there could be a comment-line like "## All entries below are controlled
by authconfig; when doing manual changes place them above" which gets recognized
by authconfig. So user-made changes won't interfere with these of authconfig.

Another issue: In my nsswitch.conf the first lines are saying "This file should
be sorted with the most-used services at the beginning", but "hosts" which is
certainly more used than e.g. bootparams is the last entry...

Comment 5 Nalin Dahyabhai 2001-04-03 19:43:01 UTC
Both enabling/disabling nisplus and optional per-service configuration (with
better preservation of existing tweaks) are on the list of changes to be made.

Comment 6 Nalin Dahyabhai 2001-06-26 06:10:01 UTC
Reclassifying as an RFE: for future reference.

Comment 7 Tomas Mraz 2005-09-08 13:05:06 UTC
The default nsswitch.conf as shipped in FC doesn't have nisplus in it (at least
for the main databases) anymore. Enabling/disabling nisplus would add another
option to authconfig which would complicate its UI. If experienced sysadmin
wants to add nisplus he can always modify nsswitch.conf by hand.

Note You need to log in before you can comment on or make changes to this bug.