On 10/19/2015 10:00 AM, Tom Horsley wrote:
But why would it hang? The server wasn't just having trouble, it was completely offline. Shouldn't something have noticed it was utterly impossible to talk to the server and fallen back to local lookups (certainly absolutely all of the "system" users are locally defined - NIS is used only for "normal" users and ssh login type stuff).
No. NIS is a UDP protocol. The client simply retries forever. This is one of the reasons that NIS is no longer widely used. LDAP (especially with Kerberos) is vastly better.
As long as you use NIS, make sure you have a redundant server. See if you can use sssd to cache user information for outages. Long term, look at migrating to LDAP+Krb5. FreeIPA is a great place to start.
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
