Re: [PATCH] caching daemon release and nsswitch patches
On Mon, 29 Aug 2005, Dan Nelson wrote: We can't ensure that, I guess. In the upcoming version (before the 1st of September), the cache would be per-user. This would solve all the security problems. In a little while, I'll implement the ability for cached to act as nscd. So you'll be able to choose the behaviour. In the last episode (Aug 29), Michael Bushkov said: There is some information in my project's description here: http://wikitest.freebsd.org/moin.cgi/NsswitchAndCachingTechnicalDetails One question that comes to mind: It looks like the end-user application is still responsible for performing nss lookups. How do you ensure that one user can't poison the cache and cause problems for other users? Could cached do all nss operations itself (making it more like nscd in other OSes)? -- Dan Nelson [EMAIL PROTECTED] With best regards, Michael Bushkov Rostov State University ___ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [PATCH] caching daemon release and nsswitch patches
Hi, Doug! I'm not sure what guidelines were given to you when you started the project, but in reviewing your work the first thing I noticed was that you are not following the guidelines in the style(9) man page. You should read that page, and spend an afternoon reformatting your code to fit what is described there. The most common error you've made is not following the 80 column rule, which hopefully should be easily fixed. While one could argue with the specific items in that page, and quite possibly be right, the idea of having a style guideline is more to have a common format that we can all work towards than to have a perfect format that we can all agree on. By reformatting your code to fit this guideline you will greatly increase the chances that it will be welcomed into the tree with open arms. The other style area that you should look at is your man pages. If you look in /usr/share/examples/mdoc you will find the FreeBSD style guidelines for man pages. The line wrapping issue comes into play here as well. We generally don't go past column 60 in man pages, since that reduces CVS repo churn for corrections down the road. Also, any time you have a full stop (period) at the end of a sentence, you should start a new line. I think that you are also using some macros that I'm not familiar with, although I'm not an mdoc expert. Thank you very much for your suggestions - I'll reformat the code and man files. I've seemed to forget about style(9) in some places :( The other area that I'm interested in is how you plan to have cached interact with DNS lookups, /etc/hosts, named, etc. If there was a project plan posted somewhere on this already and I missed it, please accept my apologies, and send along a reference. If not, I'm very interested to hear what your plans are. There is some information in my project's description here: http://wikitest.freebsd.org/moin.cgi/NsswitchAndCachingTechnicalDetails The Integrating nsswitch and caching describes the way that I use to make cached work. It can actually interact with any nsswitch database. All we need is to supply the special structure (in patches it is usually called cache_info) with 3 functions pointers (*_id_func, *_marshal_func, *_unmarshal_func). These functions are used by nsdispatch during the caching of sccessful results. id_func identifies the key - the unique identifier, which will identify the data in the cache. And marshal_func/unmarshal_func pack/unpack data into/from the (char *)buffer. So almost all data, that go through nsdispatch calls, can be cached. And struct hostent and struct addrinfo are no exceptions to this rule. I already have the patch with *_id_func, *_marshal and *_unmarshal_func implemented for the hosts nsswitch database. I'll send it to the list along with the corrected version of the cached a bit later (in about 12 hours). P.S. the patched version of nsdispatch uses the functions that are implemented in nscache.c and nscachedcli.c files (they are present in the patch). With best regards, Michael ___ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [PATCH] caching daemon release and nsswitch patches
In the last episode (Aug 29), Michael Bushkov said: There is some information in my project's description here: http://wikitest.freebsd.org/moin.cgi/NsswitchAndCachingTechnicalDetails One question that comes to mind: It looks like the end-user application is still responsible for performing nss lookups. How do you ensure that one user can't poison the cache and cause problems for other users? Could cached do all nss operations itself (making it more like nscd in other OSes)? -- Dan Nelson [EMAIL PROTECTED] ___ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [PATCH] caching daemon release and nsswitch patches
Michael Bushkov wrote: Hi! I'm working on nsswitch improvement (during the Google Summer of Code program. First off, let me say that this is very exciting stuff! I'm particularly excited about caching for the services stuff, as it will finally allow us to bring in a more complete version of the services file. I do have some comments for you, and I hope that you understand that they are in no way critical of your work, just suggestions for improvements, and ways that you can better fit into the FreeBSD code base. I'm not sure what guidelines were given to you when you started the project, but in reviewing your work the first thing I noticed was that you are not following the guidelines in the style(9) man page. You should read that page, and spend an afternoon reformatting your code to fit what is described there. The most common error you've made is not following the 80 column rule, which hopefully should be easily fixed. While one could argue with the specific items in that page, and quite possibly be right, the idea of having a style guideline is more to have a common format that we can all work towards than to have a perfect format that we can all agree on. By reformatting your code to fit this guideline you will greatly increase the chances that it will be welcomed into the tree with open arms. The other style area that you should look at is your man pages. If you look in /usr/share/examples/mdoc you will find the FreeBSD style guidelines for man pages. The line wrapping issue comes into play here as well. We generally don't go past column 60 in man pages, since that reduces CVS repo churn for corrections down the road. Also, any time you have a full stop (period) at the end of a sentence, you should start a new line. I think that you are also using some macros that I'm not familiar with, although I'm not an mdoc expert. The other area that I'm interested in is how you plan to have cached interact with DNS lookups, /etc/hosts, named, etc. If there was a project plan posted somewhere on this already and I missed it, please accept my apologies, and send along a reference. If not, I'm very interested to hear what your plans are. Regards, Doug -- This .signature sanitized for your protection ___ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to [EMAIL PROTECTED]
[PATCH] caching daemon release and nsswitch patches
Hi! I'm working on nsswitch improvement (during the Google Summer of Code program. And, as the deadline is close, I'd like to make some kind of release. Actually there would be 2 releases, this is the first. This release includes 3 patches. They could be found in the Perforce repository: http://perforce.freebsd.org/fileDownLoad.cgi?FSPC=//depot/projects/soc2005/nsswitch%5fcached/patches/include.diffREV=1 http://perforce.freebsd.org/fileDownLoad.cgi?FSPC=//depot/projects/soc2005/nsswitch%5fcached/patches/libc.diffREV=1 http://perforce.freebsd.org/fileDownLoad.cgi?FSPC=//depot/projects/soc2005/nsswitch%5fcached/patches/usr.sbin.diffREV=1 or on my mirror: http://www.rsu.ru/~bushman/cached/downloads/patchset1/include.diff http://www.rsu.ru/~bushman/cached/downloads/patchset1/libc.diff http://www.rsu.ru/~bushman/cached/downloads/patchset1/usr.sbin.diff Some words on how to use and what it gives: include.diff and libc.diff should be applied like that: from usr/src: patch -p0 include.diff, from usr/src/lib: patch -p0 libc.diff Features, which would be added by these patches: - services-related functions (getserv*) will use nsswitch - rpc-related functions (getrpc*) will use nsswitch - protocols-related functions (getproto*) will use nsswitch - services, rpc and protocols sources would be available in nsswitch.conf file One of my major tasks was to add caching ability to the nsswitch. So, these patches also would do it for the following nsswitch sources: - passwd - group - services - rpc - protocols To make caching work, you'll require the caching daemon. It is in the usr.sbin patch (should be applied from usr/src: patch -p0 usr.sbin.diff). The caching daemon will be in /usr/sbin folder, its configuration and startup files will be in /etc folder. cached(8) and cached.conf(5) man pages would be availabe. To enable caching, just add cache source to the appropriate nsswitch.conf line (the cache source should be the first source for the database and it can't be used with the compat source). Please try the patches and send me your feedback. I also hope that there are no reasons not to merge changes, which were made to libc (they are in include.diff and libc.diff) into the CURRENT. As for the caching daemon (usr.sbin.diff patch) - I also think that it could be merged into the CURRENT. In the second release (will happen in 1-2 days - it needs additional testing) i'll add caching support for other nsswitch databases (the most important is the host database support, I believe). With best regards, Michael Bushkov Rostov State University ___ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [PATCH] caching daemon release and nsswitch patches
In the last episode (Aug 27), Michael Bushkov said: Please try the patches and send me your feedback. I also hope that there are no reasons not to merge changes, which were made to libc (they are in include.diff and libc.diff) into the CURRENT. As for the caching daemon (usr.sbin.diff patch) - I also think that it could be merged into the CURRENT. I applied the patches to 5-stable (only minor conflicts) and I'm getting an assertion failure in cached running id as root: Assertion failed: (key_var != NULL), function ht_item_hash_func, file /usr/src/usr.sbin/cached/cachelib/cachelib.c, line 34. You should probably convert cached's argument processing to use getopt, btw. -- Dan Nelson [EMAIL PROTECTED] ___ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to [EMAIL PROTECTED]
