ypserv, groups and ndbm
Rick Stevens
rstevens at vitalstream.com
Wed May 18 23:07:19 UTC 2005
Waldher, Travis R wrote:
>
>>-----Original Message-----
>>From: Rick Stevens [mailto:rstevens at vitalstream.com]
>>Sent: Wednesday, May 18, 2005 1:15 PM
>>To: Getting started with Red Hat Linux
>>Subject: Re: ypserv, groups and ndbm
>>
>>Waldher, Travis R wrote:
>>
>>>>-----Original Message-----
>>>>From: Rick Stevens [mailto:rstevens at vitalstream.com]
>>>>Sent: Wednesday, May 18, 2005 10:46 AM
>>>>To: Getting started with Red Hat Linux
>>>>Subject: Re: ypserv, groups and ndbm
>>>>
>>>>Waldher, Travis R wrote:
>>>>
>>>>
>>>>>Ok, we hit a line limitation with NIS, 1024 characters. This
>>>
>>>problem
>>>
>>>
>>>>>first surface with netgroups, then recently with groups. I've been
>>>>>searching, discovered this:
>>>>>
>>>>>http://supportforum.sun.com/network/index.php?t=msg&goto=484&rid=0
>>>>>
>>>>>Is there any way to increase the hash table size to something more
>>>
>>>than
>>>
>>>
>>>>>1024?
>>>>
>>>>Not really. That's the internals of ndbm. If you were to recode
>
> NIS
>
>>>>to use a different database backend, then you could.
>>>>
>>>>You might be able to get around it by using makedbm with the
>>>>"--no-limit-check" option to create the database file first. I
>
> won't
>
>>>>swear to that working, but hey, it's possible.
>>>>
>>>>BTW, this is one of the reasons LDAP was created with the RFC2307
>>>>fields.
>>>
>>>
>>>If I were able to build the database files using that option.
>>
>>Edit /var/yp/Makefile and change the "DBLOAD=" assignment to include
>>that option, then make the databases as normal.
>>
>>
>>>For all intensive purposes the clients should have no problem
>
> reading
>
>>>them? Or do the clients also use the ndbm database to read the
>
> files
>
>>>in?
>>
>>I think you mean "intents and purposes". ;-) Anyway, the clients
>
> talk
>
>>to the server (ypserv) and the server pulls the stuff out of ndbm, so
>>that's where ndbm gets involved.
>>
>>
>>>LDAP is an option... and I will begin looking at converting NIS to
>
> LDAP.
>
>>>But I will hopefully be out of this pit of a place and group and
>
> working
>
>>>somewhere better before the opportunity to convert would arise.
>>
>>As I said, I don't know if the makedbm option will do the trick. I've
>>never had so many netgroups that the 1024 limit slapped me. This just
>>looks like a place to start.
>>
>
> Ok.. redhat to redhat everything works fine. I'm going to check some of
> out other systems to confirm... just to be safe. But I'll assume they
> will be ok as well at this point.
>
> The last question remains... with the --no-limit-check option enabled,
> what bad can come from that? A hash overflow in ndbm or something of
> that nature?
I don't think so. As I said, I have very little experience with it.
The man page says:
--no-limit-check
Don’t check for NIS key and data limit.
As to its ramifications, there probably aren't any. I suspect that,
because Linux' ndbm implementation is layered on top of gdbm, the 1K
limit really doesn't exist and makedbm, by default, tries to emulate
Sun's behavior. YMMV, caveat emptor, etc. Remember:
"If it's stupid and it works...it ain't stupid!"
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com -
- VitalStream, Inc. http://www.vitalstream.com -
- -
- When in doubt, mumble. -
----------------------------------------------------------------------
More information about the Redhat-install-list
mailing list