1 files changed, 35 insertions, 19 deletions
diff --git a/chapter08/glibc.xml b/chapter08/glibc.xml
index 7eac93dbb..06cda8a71 100644
--- a/chapter08/glibc.xml
+++ b/chapter08/glibc.xml
@@ -50,10 +50,10 @@
 
 <screen><userinput remap="pre">patch -Np1 -i ../&glibc-fhs-patch;</userinput></screen>
 
-    <para>Now fix a regression causing the posix_memalign() function 
-    to be very slow in some conditions:</para>
+    <para>Now fix two security vulnerabilities and a regression causing the
+    posix_memalign() function very slow in some conditions:</para>
 
-<screen><userinput remap="pre">patch -Np1 -i ../&glibc-memalign-patch;</userinput></screen>
+<screen><userinput remap="pre">patch -Np1 -i ../&glibc-upstream-fixes-patch;</userinput></screen>
 
     <para>The Glibc documentation recommends building Glibc
     in a dedicated build directory:</para>
@@ -74,6 +74,7 @@ cd       build</userinput></screen>
              --enable-kernel=&min-kernel;                     \
              --enable-stack-protector=strong          \
              --with-headers=/usr/include              \
+             --disable-nscd                           \
              libc_cv_slibdir=/usr/lib</userinput></screen>
 
     <variablelist>
@@ -115,6 +116,14 @@ cd       build</userinput></screen>
       </varlistentry>
 
       <varlistentry>
+        <term><parameter>--disable-nscd</parameter></term>
+        <listitem>
+          <para>Do not build the name service cache daemon which is no 
+          longer used.</para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
         <term><parameter>libc_cv_slibdir=/usr/lib</parameter></term>
         <listitem>
           <para>This variable sets the correct library for all
@@ -206,7 +215,7 @@ esac</userinput></screen>
     <command>ldd</command> script:</para>
 
 <screen><userinput remap="install">sed '/RTLDLIST=/s@/usr@@g' -i /usr/bin/ldd</userinput></screen>
-
+<!--
     <para>Install the configuration file and runtime directory for
     <command>nscd</command>:</para>
 
@@ -218,7 +227,7 @@ mkdir -pv /var/cache/nscd</userinput></screen>
 
     <screen revision="systemd"><userinput remap="install">install -v -Dm644 ../nscd/nscd.tmpfiles /usr/lib/tmpfiles.d/nscd.conf
 install -v -Dm644 ../nscd/nscd.service /usr/lib/systemd/system/nscd.service</userinput></screen>
-
+-->
     <para>Next, install the locales that can make the system respond in a
     different language.  None of these locales are required, but if some of them
     are missing, the test suites of some packages will skip important
@@ -320,7 +329,7 @@ localedef -i ja_JP -f SHIFT_JIS ja_JP.SJIS 2> /dev/null || true</userinput></scr
     <para>Create a new file <filename>/etc/nsswitch.conf</filename> by running the
     following:</para>
 
-<screen><userinput>cat &gt; /etc/nsswitch.conf &lt;&lt; "EOF"
+<screen revision='sysv'><userinput>cat &gt; /etc/nsswitch.conf &lt;&lt; "EOF"
 <literal># Begin /etc/nsswitch.conf
 
 passwd: files
@@ -338,6 +347,24 @@ rpc: files
 # End /etc/nsswitch.conf</literal>
 EOF</userinput></screen>
 
+<screen revision='systemd'><userinput>cat &gt; /etc/nsswitch.conf &lt;&lt; "EOF"
+<literal># Begin /etc/nsswitch.conf
+
+passwd: files systemd
+group: files systemd
+shadow: files systemd
+
+hosts: mymachines resolve [!UNAVAIL=return] files myhostname dns
+networks: files
+
+protocols: files
+services: files
+ethers: files
+rpc: files
+
+# End /etc/nsswitch.conf</literal>
+EOF</userinput></screen>
+
     </sect3>
 
     <sect3>
@@ -480,7 +507,7 @@ mkdir -pv /etc/ld.so.conf.d</userinput></screen>
         <seg>gencat, getconf, getent, iconv, iconvconfig, ldconfig,
         ldd, lddlibc4,
         ld.so (symlink to ld-linux-aarch64[_be].so.1),
-        locale, localedef, makedb, mtrace, nscd,
+        locale, localedef, makedb, mtrace,
         pcprofiledump, pldd, sln, sotruss, sprof, tzselect, xtrace,
         zdump, and zic</seg>
         <seg>ld-linux-aarch64[_be].so.1,
@@ -500,7 +527,7 @@ mkdir -pv /etc/ld.so.conf.d</userinput></screen>
         /usr/include/protocols, /usr/include/rpc,
         /usr/include/sys, /usr/lib/audit, /usr/lib/gconv, /usr/lib/locale,
         /usr/libexec/getconf, /usr/share/i18n, /usr/share/zoneinfo,
-        /var/cache/nscd, and /var/lib/nss_db</seg>
+        and /var/lib/nss_db</seg>
       </seglistitem>
     </segmentedlist>
 
@@ -634,17 +661,6 @@ mkdir -pv /etc/ld.so.conf.d</userinput></screen>
         </listitem>
       </varlistentry>
 
-      <varlistentry id="nscd">
-        <term><command>nscd</command></term>
-        <listitem>
-          <para>A daemon that provides a cache for the most common name
-          service requests</para>
-          <indexterm zone="ch-system-glibc nscd">
-            <primary sortas="b-nscd">nscd</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
       <varlistentry id="pcprofiledump">
         <term><command>pcprofiledump</command></term>
         <listitem>