Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 17 Jun 1997 09:22:22 -0700 (PDT)
From:      jose@we.lc.ehu.es
To:        freebsd-gnats-submit@FreeBSD.ORG
Subject:   bin/3891: NIS-only netgroup lookups don't work
Message-ID:  <199706171622.JAA21362@hub.freebsd.org>
Resent-Message-ID: <199706171630.JAA21628@hub.freebsd.org>
next in thread | raw e-mail | index | archive | help 


>Number:         3891
>Category:       bin
>Synopsis:       NIS-only netgroup lookups don't work
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Jun 17 09:30:01 PDT 1997
>Last-Modified:
>Originator:     Jose M. Alcaide
>Organization:
Univ. Pais Vasco - Dept. Electronica
>Release:        FreeBSD 2.2.1-RELEASE i386
>Environment:
FreeBSD tiburon.we.lc.ehu.es 2.2.1-RELEASE FreeBSD 2.2.1-RELEASE #0: Wed May 28 17:05:27 CEST 1997     root@tiburon.we.lc.ehu.es:/usr/src/sys/compile/TIBURON  i386
>Description:
innetgr() fails when a NIS-only lookup is performed, i.e., when
/etc/netgroup doesn't exist, is empty, or contains only "+".
However, when /etc/netgroup contains a direct netgroup specification
followed by a "+", then innetgr() works.
>How-To-Repeat:
An NIS server must exist in the LAN exporting one or more netgroups.
In my case, there is only one netgroup:
	trusted (polaris,-,) (sirius,-,) (vega,-,) .... and so on

The system running FreeBSD must have NIS enabled, ypbind running, etc.
Check that NIS maps are readable using "ypcat". Check that /etc/netgroup
doesn't exist.

Then a simple program like this shows the problem (substitute for your
netgroup, host and NIS domain).

---------------------------------------
#include <stdio.h>

main()
{
  printf("%d\n", innetgr("trusted", "polaris", NULL, "we.lc.ehu.es"));
}
--------------------------------------

This program prints "0": innetgr() fails.

Now, create a /etc/netgroup file containing something like this:

	null (-,-,)
	+

Then, if you run the same program, it will print "1", showing that
innetgr() finds the host in the netgroup.
>Fix:
None. I examined /usr/src/lib/libc/gen/getnetgrent.c, but it's
difficult to find the problem without debugging.

There is an obvious workaround: create /etc/netgroup containing
a dummy netgroup and a "+" entry. However, netgroup(5) says that
this is the least efficient configuration.
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199706171622.JAA21362>