Commit 61653dfb81 added support for
compilers predefining _FORTIFY_SOURCE by adding -U_FORTIFY_SOURCE to
CPPFLAGS for these compilers, but that change doesn't work quite well in
case of nscd: its Makefile sets _FORTIFY_SOURCE using CFLAGS instead of
CPPFLAGS and, thanks to compilation rules defined in Makerules, CPPFLAGS
are passed to compiler after CFLAGS, resulting to a build with
_FORTIFY_SOURCE turned off.
This change implements a more safe method of passing preprocessor and
compiler flags so that no nscd modules could be accidentally forgotten.
2012-05-09 Andreas Jaeger <aj@suse.de>
* nscd/nscd.c (run_modes): Make named enum, reorder so that
default is first entry.
(run_mode): Set type.
(main): Remove informal message about syslog.
(options): Fix typo.
For a better integration of nscd with systemd, we should run nscd not as
daemon but in the foreground. A new --foreground option should be added.
2012-05-09 Alexandre Oliva <aoliva@redhat.com>
Andreas Jaeger <aj@suse.de>
* nscd/nscd.c (go_background): Replaced with...
(run_mode): ... this.
(RUN_FOREGROUND, RUN_DAEMONIZE, RUN_DEBUG): Add.
(options): Add -F --foreground.
(main): Implement it.
(parse_opt): Parse it.
Whenever getaddrinfo needed network interface information it used the
netlink interface to read the information every single time. The
problem is that this information can change at any time.
The patch implements monitoring of the network interfaces through
nscd. If no change is detected the previously read information can
be reused (which is the norm). This timestamp information is also
made available to other processes using the shared memory segment
between nscd and those processes.
nscd can clear caches when certain files change. The list of files
was hardcoded so far and worked for nss_files and nss_dns and those
modules which need no monitoring. nss_db, for instance, has its
own set of files to monitor. Now the NSS modules themselves can
request that certain files are monitored.
When readding entries to the group and services cache and the lookup
is unsuccesful, we tried to write the notfound record. Just don't
do it in this case.
