Making a dynamically-linked root

[Robert Watson]

On Fri, 6 Jun 2003, Matthew Dillon wrote:

>     I really like the idea of Darwin's lookupd.  I'd like to see something
>     like that not only for authentication, but for hostname lookups as well
>     (at least for standard libc calls, which currently require most of the
>     resolver's packet code to do even the simplest of operations).

I think that would be quite neat; as discussed, irs from the BIND
distribution does the DNS elements of this, although not in our current
framework.  An idea I've also been interested in looking at, now that we
have NSS to indirect many of the database operations, is how easy it would
be to indirect new configuration data through NSS.  For example, although
we can share account information via directory services such as NIS, LDAP,
etc, we cannot currently share login.conf user class data.  Some other
configuration files might also lend themselves quite well to this sort of
configuration -- perhaps even files such as inetd.conf, ftpusers,
login.access, opiekies, etc.

One of the important goals of elements like NSS is to improve our ability
to centrally manage many FreeBSD systems in a scalable manner; another is
the ability to support more reliable and more easily managed backends,
such as configuration databases originating in local SQL, etc. 
Experimenting with ways to take this a few steps further might be quite
interesting, and could have some nice payoffs.

Robert N M Watson             FreeBSD Core Team, TrustedBSD Projects
robert at fledge.watson.org      Network Associates Laboratories