From owner-freebsd-bugs Tue Jun 17 09:30:06 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id JAA21649 for bugs-outgoing; Tue, 17 Jun 1997 09:30:06 -0700 (PDT) Received: (from gnats@localhost) by hub.freebsd.org (8.8.5/8.8.5) id JAA21628; Tue, 17 Jun 1997 09:30:02 -0700 (PDT) Resent-Date: Tue, 17 Jun 1997 09:30:02 -0700 (PDT) Resent-Message-Id: <199706171630.JAA21628@hub.freebsd.org> Resent-From: gnats (GNATS Management) Resent-To: freebsd-bugs Resent-Reply-To: FreeBSD-gnats@FreeBSD.ORG, jose@we.lc.ehu.es Received: (from nobody@localhost) by hub.freebsd.org (8.8.5/8.8.5) id JAA21362; Tue, 17 Jun 1997 09:22:22 -0700 (PDT) Message-Id: <199706171622.JAA21362@hub.freebsd.org> Date: Tue, 17 Jun 1997 09:22:22 -0700 (PDT) From: jose@we.lc.ehu.es To: freebsd-gnats-submit@FreeBSD.ORG X-Send-Pr-Version: www-1.0 Subject: bin/3891: NIS-only netgroup lookups don't work Sender: owner-bugs@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk >Number: 3891 >Category: bin >Synopsis: NIS-only netgroup lookups don't work >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Jun 17 09:30:01 PDT 1997 >Last-Modified: >Originator: Jose M. Alcaide >Organization: Univ. Pais Vasco - Dept. Electronica >Release: FreeBSD 2.2.1-RELEASE i386 >Environment: FreeBSD tiburon.we.lc.ehu.es 2.2.1-RELEASE FreeBSD 2.2.1-RELEASE #0: Wed May 28 17:05:27 CEST 1997 root@tiburon.we.lc.ehu.es:/usr/src/sys/compile/TIBURON i386 >Description: innetgr() fails when a NIS-only lookup is performed, i.e., when /etc/netgroup doesn't exist, is empty, or contains only "+". However, when /etc/netgroup contains a direct netgroup specification followed by a "+", then innetgr() works. >How-To-Repeat: An NIS server must exist in the LAN exporting one or more netgroups. In my case, there is only one netgroup: trusted (polaris,-,) (sirius,-,) (vega,-,) .... and so on The system running FreeBSD must have NIS enabled, ypbind running, etc. Check that NIS maps are readable using "ypcat". Check that /etc/netgroup doesn't exist. Then a simple program like this shows the problem (substitute for your netgroup, host and NIS domain). --------------------------------------- #include main() { printf("%d\n", innetgr("trusted", "polaris", NULL, "we.lc.ehu.es")); } -------------------------------------- This program prints "0": innetgr() fails. Now, create a /etc/netgroup file containing something like this: null (-,-,) + Then, if you run the same program, it will print "1", showing that innetgr() finds the host in the netgroup. >Fix: None. I examined /usr/src/lib/libc/gen/getnetgrent.c, but it's difficult to find the problem without debugging. There is an obvious workaround: create /etc/netgroup containing a dummy netgroup and a "+" entry. However, netgroup(5) says that this is the least efficient configuration. >Audit-Trail: >Unformatted: