GNU bug report logs - #41575
Container with openssh-service requires sshd user on the host

Previous Next

Package: guix;

Reported by: Edouard Klein <edk <at> beaver-labs.com>

Date: Thu, 28 May 2020 09:21:01 UTC

Severity: normal

Full log

Message #32 received at 41575 <at> debbugs.gnu.org (full text, mbox):

From: Ludovic Courtès <ludo <at> gnu.org>
To: conjaroy <conjaroy <at> gmail.com>
Cc: 43371 <at> debbugs.gnu.org, edk <at> beaver-labs.com, 41575 <at> debbugs.gnu.org
Subject: Re: [bug#43371] [PATCH] doc: prevent host/container nscd mismatch
Date: Mon, 14 Sep 2020 09:26:47 +0200

Hi,

conjaroy <conjaroy <at> gmail.com> skribis:

> A separate nscd per container also seems like a reasonable option. However,
> for the sake of machines hosting many long-lived containers, perhaps we
> should consider reducing the cache size: currently it's 32MB for each name
> service type, with an expiration of 12-24 hours:
>
> https://git.savannah.gnu.org/cgit/guix.git/tree/gnu/services/base.scm?id=1042d269a723360a02b19a2baafef1e24a3bfc73#n1115

Good point.

In that case, we can have ‘containerized-operating-system’ provide its
own NSS configuration with a reduced cache size (or without cache since
there’s caching happening on the host for host name lookups, for
instance).

WDYT?  Would you like to give it a try?

Thanks,
Ludo’.
This bug report was last modified 4 years and 253 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.