Minimal statements #94
Conversation
|
|
Could you expand on what the use case is? With this patch applied nss-mdns still installs all those modules so the number of modules isn't exactly reduced. I think it would be great to split the PR move the commits unrelated to that change to their own PRs. The license change has nothing to do with the other changes for example. Either way I think it would make sense to set up the CI first: #91 (comment) |
|
Moved license change to #95. I have not removed anything built yet. But these changes should make it possible when tested properly. I would not remove all built artifacts straight away. We should make first at least basic man page describing syntax of the file and how to use it for desired results. |
Do not use previous cocaine.local. name if we can get local machine hostname. Use it by default. Allow still overriding the name from command line.
Support few more configuration options for the plugin. When domain starts with % character, it is checked for special meaning. It allows single compiled plugin to work like all variants. %minimal - Enables minimal behaviour of normal plugin %ipv4 - Behave like mdns4 or mdns4_minimal plugin %ipv6 - Behave like mdns6 or mdns6_minimal plugin %any - Behave like mdns or mdns_minimal plugin. These are allowed only once per line. Minimal can be combined with address type specification. If multiple address specification is present, the last one wins.
Prepare for new version of package also.
Do not repeatedly compute name string length. Instead make it just one time and pass it into required functions.
Make strlen passed even for suffix tested with ends_with.
Check reverse mode and consult mdns.allow even in that case. If minimal mode is enabled, then send also reverse addresses to mdns resolution.
Even for reverse addresses consider missing config as indication of minimal mode.
pemensik
force-pushed
the
minimal-statements
branch
from
a043cf9 to
32a7801
Compare
I don't think they should be removed. nss-mdns has always shipped them so it would be wrong to just drop them. I think it would make sense to make it configurable though with something like |
As far as I can see SPDX IDs were added and as far as I understand the license text is no longer necessary in every file. I wonder if it would be possible for it to be reviewed by RH/Fedora legal to make sure it's all done correctly? |
|
Main use-case were to simplify configuration of authselect on Fedora. It needs to support explicitly each variant of plugin. There are multiple variants now, which can be configured only in nsswitch.conf. This would make it possible to has only one variant built and modify /etc/mdns.allow to get each variant possible. With slight disadvantage it would make file access to /etc/mdns.allow on each name query. I would therefore suggest having only two variants: mdns and mdns_minimal. Which would just change the default. There is related Fedora bug: https://bugzilla.redhat.com/show_bug.cgi?id=2103903 |
I took a quick look and it seems to me it would be better to address those things in avahi first. For example https://www.rfc-editor.org/rfc/rfc6762#section-6.1 should prevent it from timing out when A and AAAA queries are issued. It could be I misread it but it seems it boils down to that and nss-mdns is used to get around avahi limitations. |
Attempt to extend the plugin with special configuration statements in /etc/mdns.allow:
%minimal- sets mdns plugin into mdns_minimal mode.%ipv4- sets plugin into mdns4 or mdns4_minimal mode.%ipv6- sets plugin into mdns6 or mdns6_minimal mode.%any- clears %ipv4 and %ipv6, explicitly enable both.This should reduce number of separate plugins required. Just one mdns plugin should be enough with this change. If /etc/mdns.allow does not exist, work like minimal plugin. If address restriction should be used, use multiple statements.
This should work like mdns4_minimal:
This should work like mdns6_minimal:
This should work like mdns_minimal:
or just missing /etc/mdns.allow.