violated
nsscash has an extensive test suite for both the Go and C part testing general
-requirements and various corner cases.
+requirements and various corner cases. See TODO.adoc for a list of known
+issues and possible improvements.
nsscash is licensed under AGPL version 3 or later.
--- /dev/null
+= TODOs
+
+- Currently, all files are fetched first and then updated one-by-one. This
+ protects against partial updates if the server has issues, but won't help if
+ the disk is full. In that case it's possible that only passwd is updated but
+ then group cannot be written and now the system uses an inconsistent state.
+ To prevent this, write to temporary files for all files first and then
+ rename them all in one step. +
+ However, most of the time passwd and group are not directly linked in a way
+ that an inconsistent state will create problematic issues.
+
+- Implement a push mechanism to reduce the traffic generated by regular runs
+ of `nsscash fetch` (e.g. via cron). +
+ However, for most setups even minutely updates won't generate any noticeable
+ traffic due to `If-Modified-Since`.
+
+- Implement an improved file format for passwd/group nsscash to perform even
+ faster lookups. At the moment `mmap(2)` is the bottleneck. However,
+ switching to `read(2)` is problematic with a large number of users. A new
+ format using a B-tree like structure could use `read(2)` and thus improve
+ the performance, at the cost of increased complexity.
ruderich.org/simon / nsscash / nsscash.git / commitdiff