Bug#485282: nscd: Change default cache setting to work better with roaming laptops

[Petter Reinholdtsen <pere@hungry.com>]

Great to have more feedback on this issue. :) I hope someone with
knowledge and experience on offline operation of a networked laptop
can share their view. :)

[Marco d'Itri]
> And what about the increased memory usage on large systems?

What increased memory usage?  I got nscd running on a laptop connected
to the university of Oslo with ~60000 users and ~6000 groups, and do
not see large memory usage by nscd.

> I am not persuaded at all that this change is appropriate for the
> default configuration.  I'd even say that supporting offline nscd
> lookups is a corner case that does not justify the possible negative
> effects for everybody else.

Well, at least here at the university, laptops are becoming the normal
setup, and having offline authentication and operation work is
becoming a vital requirement. :) If bugs #485282, #566718 and #568577
are solved, it would be a simple matter of installing nscd and
libpam-ccreds to get it in Debian. :)

> What about deleted user? Deleted users still existing for 30 days
> could be a nasty security issue.

You seem to be arguing only against the increased positive time to
live.  Is that the case?

For offline operation, I suspect the "reload-count unlimited" setting
is the most important one.

If increased timeout is left out from the default configuration,
please implement support for sourcing /etc/default/nscd and allow a
policy compliant mechanism to replace the configuration file used by
nscd.

Happy hacking,
-- 
Petter Reinholdtsen