diff options
author | Arian van Putten <aeroboy94@gmail.com> | 2018-12-12 14:49:19 +0100 |
---|---|---|
committer | Arian van Putten <aeroboy94@gmail.com> | 2018-12-12 15:35:40 +0100 |
commit | ef6ed03e2f7e757a46469077d8ef66cecccb919d (patch) | |
tree | 56ebc7b0d1aeda59f58edb83802121bdfd79901b /nixos | |
parent | a74619c1ae5348a5b7cd0dc3b6ca6e0166086098 (diff) |
nixos/nscd: Address doc feedback
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/doc/manual/release-notes/rl-1903.xml | 25 |
1 files changed, 12 insertions, 13 deletions
diff --git a/nixos/doc/manual/release-notes/rl-1903.xml b/nixos/doc/manual/release-notes/rl-1903.xml index 975c566411c01..9405bf063d510 100644 --- a/nixos/doc/manual/release-notes/rl-1903.xml +++ b/nixos/doc/manual/release-notes/rl-1903.xml @@ -247,22 +247,21 @@ </listitem> <listitem> <para> - The <literal>nscd</literal> now disables all caching of + The <literal>nscd</literal> service now disables all caching of <literal>passwd</literal> and <literal>group</literal> databases by default. This was interferring with the correct functioning of the <literal>libnss_systemd.so</literal> module which is used by - <literal>systemd</literal> to manage uids and usernames in the presence - of <literal>DynamicUser=</literal> in systemd services. - The was already the default behaviour in presence of - <literal>services.sssd.enable = true</literal> because nscd caching - would interfere sssd in unpredictable ways as well.Because we're using nscd - not for caching, but for convincing glibc to find NSS modules in the - nix store instead of an absolute path, we have decided to disable - caching globally now, as it's usually not the behaviour the user wants - and can lead to surprising behaviour. - Furthermore, negative caching of host lookups is also disabled now by - default. This should fix the issue of dns lookups failing in the - presence of an unreliable network. + <literal>systemd</literal> to manage uids and usernames in the presence of + <literal>DynamicUser=</literal> in systemd services. This was already the + default behaviour in presence of <literal>services.sssd.enable = + true</literal> because nscd caching would interfere with + <literal>sssd</literal> in unpredictable ways as well. Because we're + using nscd not for caching, but for convincing glibc to find NSS modules + in the nix store instead of an absolute path, we have decided to disable + caching globally now, as it's usually not the behaviour the user wants and + can lead to surprising behaviour. Furthermore, negative caching of host + lookups is also disabled now by default. This should fix the issue of dns + lookups failing in the presence of an unreliable network. </para> <para> If the old behaviour is desired, this can be restored by setting |