On Sat, Nov 17, 2007 at 10:48:45AM +0100, Tomas Heran wrote: > Yes, we're ware of this and we will pay even more attention to it as one > of Duckwater's goal is to move most of name services configuration to > SMF. Easy way (IMO) to avoid this kind of problems would be to keep code > in name service components interacting with svc.configd off of lookup > code paths - I believe we can do it in most if not all cases. It wasn't
Let's talk specifics, then: if you don't want retrievals from the repository in the lookup path, where are you going to do them? Logically, one might do them at initialization time, and perhaps spin off a separate thread in nscd to poll for changes (like the existing "SMF monitor"). Not great, but maybe. What about when nscd isn't running? And, does this mean you intend that backends must never query the repository (since anything a backend does can be done in the lookup path, e.g., constructors)? Clearly, it's not enough to get name service lookups out of configd's authorization path; even if that data were collected when the session starts up, it could still lead to infinite recursion (configd looks up authorization data, nss in turn opens a configd session, configd looks up authorization data, etc.). > the case with nscd and "6628289 svc.configd hangs in deadly embrace with > nscd". It's still not (after fix to 6628289 was put back), but special > care is now being taken to avoid the possible lock up in nscd. I'd like to understand the _rules_ that comprise that "special care". What block comment describes them? > I believe banning the name service components from calling into configd > would be very unfortunate, but we can certainly limit the access from NS I agree that this would be unfortunate.. > to svc.configd to places, where it's safe and identify the parts of > code, where there's potential threat and make sure we behave correctly > (as in fix for 6628289). What I'm getting out of this is that people see that this is a problem but don't actually have a specific plan for fixing it. Is that a fair assessment? -- Keith M Wesolowski "Sir, we're surrounded!" FishWorks "Excellent; we can attack in any direction!"
