Hi, Default full install. When "authconfig" ran, I did NOT pick "NIS support". . Now I look in my /etc/nsswitch.conf. . The damn thing has "files nisplus" all over the shop. This causes lots of applications to dynamically link in libnss_nisplus and its dependency libnsl. . This is a performance concern, and generally wasteful. In my very minimal ftpd, "vsftpd", issues like this show up. . Summary by the principle of least surprise: "If I didn't pick NIS support in the installer, the generated /etc/nsswitch.conf should in no way reference NIS or NIS+"
This is actually authconfig issue (or anaconda), reassigning.
Possibly worse! "hosts" is down as "files nisplus dns" . i.e. dns is _after_ nisplus.
I always wondered why nis is referenced in nsswitch.conf at all if NIS support was not enabled, so I agree with Chris that this should be fixed. It's more convenient but as Chris stated also a performance issue (also a RAM ressource issue?). Regarding dns being after nisplus in the "hosts" lists... I'm not sure what's right here.
I think that there should be exist a way to prevent authconfig from altering certain params. E.g. I use NIS for authentication-purposes only and resolve all hosts by DNS only; trying NIS first slows down the lookup and gives no result. When setting the 'host' entry to a better value, it will be overwritten when authconfig runs the next time. At least I would expect a warning in /etc/nsswitch.conf saying that running authconfig the next time will trash all manual changes. Perhaps there could be a comment-line like "## All entries below are controlled by authconfig; when doing manual changes place them above" which gets recognized by authconfig. So user-made changes won't interfere with these of authconfig. Another issue: In my nsswitch.conf the first lines are saying "This file should be sorted with the most-used services at the beginning", but "hosts" which is certainly more used than e.g. bootparams is the last entry...
Both enabling/disabling nisplus and optional per-service configuration (with better preservation of existing tweaks) are on the list of changes to be made.
Reclassifying as an RFE: for future reference.
The default nsswitch.conf as shipped in FC doesn't have nisplus in it (at least for the main databases) anymore. Enabling/disabling nisplus would add another option to authconfig which would complicate its UI. If experienced sysadmin wants to add nisplus he can always modify nsswitch.conf by hand.