Bug#485282: nscd: Change default cache setting to work better with roaming laptops
Great to have more feedback on this issue. :) I hope someone with
knowledge and experience on offline operation of a networked laptop
can share their view. :)
[Marco d'Itri]
> And what about the increased memory usage on large systems?
What increased memory usage? I got nscd running on a laptop connected
to the university of Oslo with ~60000 users and ~6000 groups, and do
not see large memory usage by nscd.
> I am not persuaded at all that this change is appropriate for the
> default configuration. I'd even say that supporting offline nscd
> lookups is a corner case that does not justify the possible negative
> effects for everybody else.
Well, at least here at the university, laptops are becoming the normal
setup, and having offline authentication and operation work is
becoming a vital requirement. :) If bugs #485282, #566718 and #568577
are solved, it would be a simple matter of installing nscd and
libpam-ccreds to get it in Debian. :)
> What about deleted user? Deleted users still existing for 30 days
> could be a nasty security issue.
You seem to be arguing only against the increased positive time to
live. Is that the case?
For offline operation, I suspect the "reload-count unlimited" setting
is the most important one.
If increased timeout is left out from the default configuration,
please implement support for sourcing /etc/default/nscd and allow a
policy compliant mechanism to replace the configuration file used by
nscd.
Happy hacking,
--
Petter Reinholdtsen
Reply to: