Last NSS commit is very dangerous

Andrey Chernov ache at
Thu Apr 1 10:53:32 PST 2004

On Thu, Apr 01, 2004 at 10:32:58AM -0600, Jacques A. Vidrine wrote:
> > But previous NSS variant can handle this unreadable
> > /etc/nsswitch.conf nicely, probably using defaults.
> I believe you are mistaken.  Are you 100% certain that revision 1.10 of
> nsdispatch.c falls back to defaults if /etc/nsswitch.conf exists but is

In new version you add
+               result = errno;
if file can't be opened. I think this makes difference.

> ``unreadable /etc/nsswitch.conf'' is a different situation than ``no
> /etc/nsswitch.conf''.  The latter means ``gimme the defaults''.  The
> former means ``disable NSS''.

You are probably right, I have no strong preferences here. It depends on
other system's historic nsswitch.conf behaviour and it will be better, if
unreadable case will be documented in nsswitch.conf(5). Currently we have:

"If, for any reason, nsswitch.conf doesn't exist, or it has missing or
corrupt entries, nsdispatch(3) will default to an entry of ``files'' 
for the requested database."

Which not covers "unreadable" case.

Andrey Chernov |

More information about the freebsd-current mailing list