nsscache: open source named services system release
By Jamie
Wilkinson and V Hoffman, Systems AdministratorsRemember
remember the fifth of november, especially if you have to manage unix Named Services (NSS) on
a lot of workstations! We're releasing a small python utility, called
nsscache, that is used to cache remote
NSS maps locally on a given host. Combined with cron, it provides a simple and effective way
to remove a critical network dependency from your hosts and potentially speed things up a
bit.
You'd be surprised how upset a system can get with a slow,
unresponsive, or missing NSS.
This initial release supports pulling
passwd, shadow, and group maps from an RFC 2307 LDAP schema and storing them in either nssdb
or flat text files. In a wee bit, we'll also release support for netgroup and automount maps
as well. The utility is fairly plug and play; our hope is that folks who use it with other
data sources (sql databases, soap, etc) and possibly other data stores will extend our
codebase and share their extensions with the rest of the open source community.
Why you may be interested?As soon
as you have more than one machine in your network, you want to share usernames between those
systems. Linux administrators have been brought up on the convention of LDAP or NIS as a
directory service, and /etc/nsswitch.conf, nss_ldap.so, and nscd to manage their nameservice
lookups.
Even small networks will have experienced intermittent name
lookup failures, such as a mail receiver sometimes returning "User not found" on a mailbox
destination because of a slow socket over a congested network, or erratic cache behaviour by
nscd. To combat this problem, we have separated the network from the NSS lookup codepath,
instead using an asynchronous cron job and a glorified script, improving the speed and
reliability of NSS lookups.
We'll be giving a small presentation about
our motivations and experiences at the upcoming
linux.conf.au event in Melbourne Australia, if you
happen to be down under in February!
