blob: fb0d1c0b422bc2561210d1229965c2ed28c622eb (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
* write more unit tests
* add sanity checking code (e.g. not too large buffer allocation and checking
that host, user, etc do not contain funky characters) in all server modules
* log some statistics: "passwd=100 shadow=10 host=20 rpc=10" (10 req/minute)
* add an option to create an extra socket somewhere (so it may be used in
chroot jails)
* make I/O timeout between NSS lib and daemon configurable with configure
* protocols/rpc: the description attribute should be used as an alias?
* review changes in nss_ldap and merge any useful changes
* maybe rate-limit LDAP entry warnings
* setnetgrent() may need to return an error if the netgroup is undefined
* handle repeated calls to getent() better
(see http://bugzilla.padl.com/show_bug.cgi?id=376)
* make it possible to start nslcd real early in the boot process and have
it become available when it determines it can (other timeout/retry mechanism
on startup)
* implement requesting and handling password policy information when binding
as a user
* implement nested groups
* implement other services in nslcd: sudo and autofs are candidates
* restart unscd on postinst, just like nscd (or perhaps do nscd -i <MAP>)
* instead of library symbol, use environment variable to disable NSS module
* properly test Solaris support
* fix buffer handling in read_**string() functions (Solaris support)
* complete pynslcd implementation
* implement chsh and chfn in nslcd PAM code and make chsh.ldap and chfn.ldap
binaries
* have nslcd flush the nscd caches when reconnecting to the LDAP server after
an error
* have PAM code support password policy of server (see pam_ldap)
* also add a max uid option for PAM module
|