Re: [Freeipa-devel] Design discussion: autofs integration
On Fri, 2011-12-09 at 09:48 +0100, Jakub Hrozek wrote: > On Fri, Dec 09, 2011 at 08:01:44AM +0800, Ian Kent wrote: > > On Thu, 2011-12-08 at 17:52 +0100, Jakub Hrozek wrote: > > > Hi, > > > > > > I have created a wiki page summarizing my design proposal on integrating > > > SSSD with automounter: > > > https://fedorahosted.org/sssd/wiki/DesignDocs/AutofsIntegration > > > > > > Feedback is much appreciated - a reply to this email would probably work > > > best. The target of this work is 1.8 > > > > Thanks for writing this summary, it's excellent. > > There's not much I have to say about it because it is already quite > > thorough. > > > > One thing I dislike about the discussion, and while I let it pass in > > bugs and mailing list discussions, I think it is wrong to put it in > > public design documents. The statement "autofs abuses the nsswitch.conf > > configuration file" I find a little offensive. autofs uses that > > configuration file and parses only the "automount" entry using the same > > semantic behavior as nss, so the word "abuse" is wrong and a little rude > > IMHO. > > I'm sorry -- I didn't mean to offend you and perhaps abuse was a strong > word. I've changed the design docs. None taken, the word is simply to strong for the message that is being conveyed. > > That said, I'm still not convinced that it is a good idea to use another > application's config file. > > My main concern is that users often mistakenly think that there is a > standard glibc interface defined. Also, when the shared config file > changes (not that it's likely that nsswitch would change drastically), > you're in trouble -- for instance, sudo suffered recently when Fedora > changed from using ldap.conf to nslcd.conf It's hard to argue this point since that is my own opinion as well. But, in this case, it was so much more sensible to take the risk (the longevity of this configuration file counted in the decision) and use this particular configuration. During the initial autofs version 5 development I spent a sufficient amount of time (quite a bit actually) trying to use the glibc nss interface for the autofs ldap lookup module (including writing the glibc backend since there were no nss "automount" modules at all) to work out that using it was going to be very painful for me, not to mention that I would have had to write "all" needed source modules myself, including their backend component and hope they would be accepted into glibc within a time frame that met my tight schedule. So, the decision was made to break my own rule and re-use large portions of existing autofs code, and yes, I would have rather used a published interface, but for better or for worse, that is the way it was done which happens some times, unfortunately. Ian ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] Design discussion: autofs integration
On Fri, 2011-12-09 at 09:48 +0100, Jakub Hrozek wrote: > > > > One thing I dislike about the discussion, and while I let it pass in > > bugs and mailing list discussions, I think it is wrong to put it in > > public design documents. The statement "autofs abuses the nsswitch.conf > > configuration file" I find a little offensive. autofs uses that > > configuration file and parses only the "automount" entry using the same > > semantic behavior as nss, so the word "abuse" is wrong and a little rude > > IMHO. > > I'm sorry -- I didn't mean to offend you and perhaps abuse was a strong > word. I've changed the design docs. Please don't get me wrong, I'm happy for people to say what they think within mailing list discussions and, to a lesser extent, within bug discussions, but in a web presented design document a little more care really should be taken IMHO. Ian ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] Design discussion: autofs integration
On Thu, 2011-12-08 at 17:52 +0100, Jakub Hrozek wrote: > Hi, > > I have created a wiki page summarizing my design proposal on integrating > SSSD with automounter: > https://fedorahosted.org/sssd/wiki/DesignDocs/AutofsIntegration > > Feedback is much appreciated - a reply to this email would probably work > best. The target of this work is 1.8 Thanks for writing this summary, it's excellent. There's not much I have to say about it because it is already quite thorough. One thing I dislike about the discussion, and while I let it pass in bugs and mailing list discussions, I think it is wrong to put it in public design documents. The statement "autofs abuses the nsswitch.conf configuration file" I find a little offensive. autofs uses that configuration file and parses only the "automount" entry using the same semantic behavior as nss, so the word "abuse" is wrong and a little rude IMHO. In the section "The LDAP schema used by autofs" which talks about schema it is probably worth mentioning the difficulty with the cn attribute being case insensitive. That introduces problems because key names (essentially directory names) are case sensitive and I believe that is the main reason RFC2307bis (as it relates to autofs) was adopted. Ian ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] Design discussion: autofs integration
On Fri, Dec 09, 2011 at 08:01:44AM +0800, Ian Kent wrote: > On Thu, 2011-12-08 at 17:52 +0100, Jakub Hrozek wrote: > > Hi, > > > > I have created a wiki page summarizing my design proposal on integrating > > SSSD with automounter: > > https://fedorahosted.org/sssd/wiki/DesignDocs/AutofsIntegration > > > > Feedback is much appreciated - a reply to this email would probably work > > best. The target of this work is 1.8 > > Thanks for writing this summary, it's excellent. > There's not much I have to say about it because it is already quite > thorough. > > One thing I dislike about the discussion, and while I let it pass in > bugs and mailing list discussions, I think it is wrong to put it in > public design documents. The statement "autofs abuses the nsswitch.conf > configuration file" I find a little offensive. autofs uses that > configuration file and parses only the "automount" entry using the same > semantic behavior as nss, so the word "abuse" is wrong and a little rude > IMHO. I'm sorry -- I didn't mean to offend you and perhaps abuse was a strong word. I've changed the design docs. That said, I'm still not convinced that it is a good idea to use another application's config file. My main concern is that users often mistakenly think that there is a standard glibc interface defined. Also, when the shared config file changes (not that it's likely that nsswitch would change drastically), you're in trouble -- for instance, sudo suffered recently when Fedora changed from using ldap.conf to nslcd.conf > > In the section "The LDAP schema used by autofs" which talks about schema > it is probably worth mentioning the difficulty with the cn attribute > being case insensitive. That introduces problems because key names > (essentially directory names) are case sensitive and I believe that is > the main reason RFC2307bis (as it relates to autofs) was adopted. > Good point, I've included that in the design page. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
