Red Hat Bugzilla – Bug 9952
/etc/nsswitch.conf should not use nis or nisplus by default
Last modified: 2016-11-24 10:21:02 EST
The default /etc/nsswitch.conf should not use nis or (worse) nisplus by
default. I think that these days these services are used by only a minority
of Red Hat customers. While not necessarily a security issue, everyone
else's systems really shouldn't be configured to be looking.
This is going to become a serious performance issue under the 2.4 kernels.
Check out this bit on LWN http://lwn.net/2000/0224/kernel.phtml for more
Solaris provides /etc/nsswitch.files, /etc/nsswitch.nis, and
/etc/nsswitch.nisplus example files by default -- that seems like a nice
way to go.
It'd be nice to seperate /etc/nsswitch.conf from the glibc package -- this
might make it easier to deal with.
Another random suggestion -- perhaps the /etc/nsswitch.nis file could be
automagically put in place by the nis/yp init scripts if nis is turned on
and the /etc/nsswitch.conf hasn't already been modified from the default
assign to jakub
This is an RFE for probably extra functionality in the redhat-config-network
tool. It might be better to open this as a new bug as the 'time-cruft' has
gotten it covered in cobwebs
RHL9 does not add nisplus (or nis) ro nsswitch.conf by default.