aboutsummaryrefslogtreecommitdiff
path: root/gnu/services
diff options
context:
space:
mode:
authorLudovic Courtès <ludovic.courtes@inria.fr>2024-05-16 22:50:22 +0200
committerLudovic Courtès <ludo@gnu.org>2024-06-03 23:00:10 +0200
commit85ac164c41fc4c93d3cb2a5d3321c63598c2855f (patch)
tree4b0971b4b8e4623d9c168992bcb33ef64be9162d /gnu/services
parent53db1ed94e13ab38c44862c062343f8f347ffc4b (diff)
downloadguix-85ac164c41fc4c93d3cb2a5d3321c63598c2855f.tar
guix-85ac164c41fc4c93d3cb2a5d3321c63598c2855f.tar.gz
services: nscd: Enable ‘passwd’ and ‘group’ caches by default.
This allows users to specify NSS plugins such as LDAP via the ‘name-services’ field of <nscd-configuration>. Failing that, user code will dlopen whatever passwd/group plugins are listed in /etc/nsswitch.conf, which is likely to fail, typically because those are not in $LD_LIBRARY_PATH. * gnu/services/base.scm (%nscd-default-caches): Add ‘passwd’ and ‘group’ caches. Change-Id: I9c03346a1de2710685f7801eccd2e08007427f5d
Diffstat (limited to 'gnu/services')
-rw-r--r--gnu/services/base.scm17
1 files changed, 16 insertions, 1 deletions
diff --git a/gnu/services/base.scm b/gnu/services/base.scm
index 984670cd32..5f69b68f79 100644
--- a/gnu/services/base.scm
+++ b/gnu/services/base.scm
@@ -1340,7 +1340,22 @@ the tty to run, among other things."
(positive-time-to-live (* 3600 24))
(negative-time-to-live 3600)
(check-files? #t) ;check /etc/services changes
- (persistent? #t))))
+ (persistent? #t))
+
+ ;; Enable minimal caching of the user databases, not so much for
+ ;; caching but rather to allow that uses of NSS plugins like LDAP
+ ;; don't lead user processes to dlopen them (which is likely to fail
+ ;; due to them not being found in $LD_LIBRARY_PATH).
+ (nscd-cache (database 'passwd)
+ (positive-time-to-live 600)
+ (negative-time-to-live 20)
+ (check-files? #t) ;check /etc/passwd changes
+ (persistent? #f))
+ (nscd-cache (database 'group)
+ (positive-time-to-live 600)
+ (negative-time-to-live 20)
+ (check-files? #t) ;check /etc/group changes
+ (persistent? #f))))
(define-deprecated %nscd-default-configuration
#f