io_getevents appears to be a syscall - maybe it will behave correctly.
  - aio_suspend
- investigate io_setup instead of aio_*.
  - aio seems to lockup ocassionally too - maybe libc lock?
    (in aio_suspend)
  - inspection of sysdeps/pthread/aio_suspend.c shows the use
    of pthread locks

- gdb + uml time?

Overhaul for new design:
- root-memcached
- system-memcached
- unpriv-memcached

# -S = SO_PEERCRED, -R = read-only except for uid
memcached -S /var/run/nss_cache_root.sock -R 0

memcached -S /var/run/nss_cache_sys.sock
chgrp system /var/run/nss_cache_sys.sock
chmod 660 /var/run/nss_cache_sys.sock

# -P - prefix with UIDs
memcached -S /var/run/nss_cache_users.sock -P


nss_memcache config;
server => 0, /var/run/nss_cache_root.sock
server => 1, /var/run/nss_cache_sys.sock
server => 2, /var/run/nss_cache.sock
allow-user-override => 1
user-override-env => NSS_CACHE_SERVER


nss_memcache will then:
- query all servers with higher priority/trust
- attempt to update all servers
- this allows for N servers and support future network support.
  (e.g. read-only from root, then net, then per-user, etc)
- per-user allows for cachedumps to be useful

memcached patches:
- so_peercred
- make prefixing separate
- add read-only mode for all but "owner uid" -- e.g. root


-- other ideas
- uid-range for server lists, etc