-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 04/12/2011 04:48 PM, Simo Sorce wrote: > On Tue, 12 Apr 2011 12:54:54 -0400 > Stephen Gallagher <[email protected]> wrote: > >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> Now that gecos can come from either the 'gecos' or 'cn' attributes, >> we need to ensure that we never remove it from the cache. >> >> We were being too greedy with our removal code. It purges from the >> sysdb cache any attributes that were requested from LDAP but that we >> did not get. However, in the case of 'gecos' (if we are falling back >> to 'cn') this would mean that we were always purging the >> gecos-from-cn value. > > I am actually wondering why we are storing a duplicate here instead of > retrieving CN in the nss responder and substituting the gecos field > there, it would waste less space for a perfectly duplicate attribute > and would avoid update corner cases like this one. >
My decision to do it this way was because I want to keep the NSS responder agnostic of the backends. Just because the LDAP provider uses 'cn' as an alternate, I don't necessarily want to do the same for a NIS provider or a winbind provider. I decided that it made the most sense for the backend to conform to the expected format for the NSS responder. - -- Stephen Gallagher RHCE 804006346421761 Delivering value year after year. Red Hat ranks #1 in value among software vendors. http://www.redhat.com/promo/vendor/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk2lracACgkQeiVVYja6o6NjjACghIQzMxCQj8HXNzDuRY3ovGbh JnEAn3UGqFCZZ025WvcCjNBOJ82rCCZL =YaQP -----END PGP SIGNATURE----- _______________________________________________ sssd-devel mailing list [email protected] https://fedorahosted.org/mailman/listinfo/sssd-devel
