From patchwork Thu Dec 10 05:48:02 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Carlos O'Donell X-Patchwork-Id: 554994 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from sourceware.org (server1.sourceware.org [209.132.180.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 6AE81140BA8 for ; Thu, 10 Dec 2015 16:48:12 +1100 (AEDT) Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; secure) header.d=sourceware.org header.i=@sourceware.org header.b=Qr1pGjzt; dkim-atps=neutral DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:to:from:subject:message-id:date:mime-version :content-type:content-transfer-encoding; q=dns; s=default; b=GxT s2OhKwv+Bak8NdL9QB/f6FpBAZPhCPdpid1DOCRTglPwRpQWzVV5qPB6lZGLU2eZ pJOSvlqnY9KtJ7J0cpl+aAn7CqamrpUs/CSJKTLhzTzxIX28hso982LH3DNAkZ34 75dVDIh6U+Ojb2xNA0bekKYSsCCs9sgmU/3oqUh4= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:to:from:subject:message-id:date:mime-version :content-type:content-transfer-encoding; s=default; bh=fZmPjhMHF cXXJFJnYjAUI+KWAAU=; b=Qr1pGjzt2MoLrwltJxCcfI+PkI5tHfpQDFzUkvTZ7 bWmPY/1gzCmkKRPG5JaUkIsVtQ9P9UtGez9H/HaSMmwQ3c9LtcF3glvbhnpirtGL qbe6QwPFncrRPoQv31gdhYKwjLkfh748lNyDqzafHM1G218nRYjI6IQusTCUG9+M EU= Received: (qmail 68869 invoked by alias); 10 Dec 2015 05:48:06 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Delivered-To: mailing list libc-alpha@sourceware.org Received: (qmail 68857 invoked by uid 89); 10 Dec 2015 05:48:05 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-2.3 required=5.0 tests=AWL, BAYES_00, SPF_HELO_PASS, T_RP_MATCHES_RCVD autolearn=ham version=3.3.2 X-HELO: mx1.redhat.com To: GNU C Library From: "Carlos O'Donell" Subject: [COMMITTED] manual/nss.texi: Document NSS_STATUS_NOTFOUND + SUCCESS. X-Enigmail-Draft-Status: N1110 Message-ID: <56691212.8010701@redhat.com> Date: Thu, 10 Dec 2015 00:48:02 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0 MIME-Version: 1.0 Several userspace daemons have started adding their NSS plugins to /etc/nsswitch.conf at distribution install time. This allows the plugins to be loaded by all processes but run in a "disconnected" mode where the daemon is not actually installed or loaded, but when it is all processes are ready to immediately start using data from this source. In this case the NSS plugin must act as if the data source is empty and return NSS_STATUS_NOTFOUND and SUCCESS. There is no configuration error, and there is no communication problem with the data source. There are some versions of SSSD which would return NSS_STATUS_NOTFOUND and an error, but this causes serious problems when trying to access entries since the error is propagated back to the caller. I worked with with the SSSD developers to ensure their NSS plugin returned SUCCESS in these cases. This documents the best practice for these kinds of NSS plugins which can run in "disconnected" mode without error. 2015-12-10 Carlos O'Donell * manual/nss.texi (NSS Modules Interface): Document NSS_STATUS_NOTFOUND and SUCCESS. --- Cheers, Carlos. diff --git a/manual/nss.texi b/manual/nss.texi index bf3e69d..66dccef 100644 --- a/manual/nss.texi +++ b/manual/nss.texi @@ -448,6 +448,13 @@ The function should be called again with a larger buffer. @item @code{NSS_STATUS_NOTFOUND} @tab @code{ENOENT} @tab The requested entry is not available. + +@item +@code{NSS_STATUS_NOTFOUND} @tab + @code{SUCCESS} @tab There are no entries. +Use this to avoid returning errors for inactive services which may +be enabled at a later time. This is not the same as the service +being temporarily unavailable. @end multitable These are proposed values. There can be other error codes and the