On Wed, 2015-10-14 at 07:56 +0000, Mike Gabriel wrote: > The Debian Edu team heavily relies on NIS netgroups coming from > LDAP. So any help with this in Debian jessie is highly appreciated!!! The last time I looked at nscd code I was not very happy ;) Also, nscd has a long history of instability and returning incorrect results. I think there are a few options: - Backport the fixes mentioned in #800523 and hope that they fix the issues seen and don't introduce many new regressions. Not sure this is suitable for stable (you'd have to ask the release team). This needs extensive testing in any case. - Disable netgroup caching in nscd. While this is the safest option it is sub-optimal because it causes a performance hit. Then again, I don't think the number of netgroup calls are huge: some mount ACLs, .rhosts logins (does anybody use those any more) and some special handing using the compat provider for /etc/passwd and /etc/group. - Switching to unscd is probably equivalent to disabling netgroup caching because I don't think it has netgroup support. Btw, if anyone thinks this is something that libnss-ldapd does wrong, please let me know. Not all NSS interfaces are consistent in terms of memory management, return codes, etc. so there could be something wrong. I've been playing a bit with the sid version (2.19-22) but I havent found an easy way to trigger the original crash I reported in #737079. Thanks, -- -- arthur - adejong@debian.org - http://people.debian.org/~adejong --
Attachment:
signature.asc
Description: This is a digitally signed message part