Date: Tue, 17 Jun 1997 09:22:22 -0700 (PDT) From: jose@we.lc.ehu.es To: freebsd-gnats-submit@FreeBSD.ORG Subject: bin/3891: NIS-only netgroup lookups don't work Message-ID: <199706171622.JAA21362@hub.freebsd.org> Resent-Message-ID: <199706171630.JAA21628@hub.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 3891 >Category: bin >Synopsis: NIS-only netgroup lookups don't work >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Jun 17 09:30:01 PDT 1997 >Last-Modified: >Originator: Jose M. Alcaide >Organization: Univ. Pais Vasco - Dept. Electronica >Release: FreeBSD 2.2.1-RELEASE i386 >Environment: FreeBSD tiburon.we.lc.ehu.es 2.2.1-RELEASE FreeBSD 2.2.1-RELEASE #0: Wed May 28 17:05:27 CEST 1997 root@tiburon.we.lc.ehu.es:/usr/src/sys/compile/TIBURON i386 >Description: innetgr() fails when a NIS-only lookup is performed, i.e., when /etc/netgroup doesn't exist, is empty, or contains only "+". However, when /etc/netgroup contains a direct netgroup specification followed by a "+", then innetgr() works. >How-To-Repeat: An NIS server must exist in the LAN exporting one or more netgroups. In my case, there is only one netgroup: trusted (polaris,-,) (sirius,-,) (vega,-,) .... and so on The system running FreeBSD must have NIS enabled, ypbind running, etc. Check that NIS maps are readable using "ypcat". Check that /etc/netgroup doesn't exist. Then a simple program like this shows the problem (substitute for your netgroup, host and NIS domain). --------------------------------------- #include <stdio.h> main() { printf("%d\n", innetgr("trusted", "polaris", NULL, "we.lc.ehu.es")); } -------------------------------------- This program prints "0": innetgr() fails. Now, create a /etc/netgroup file containing something like this: null (-,-,) + Then, if you run the same program, it will print "1", showing that innetgr() finds the host in the netgroup. >Fix: None. I examined /usr/src/lib/libc/gen/getnetgrent.c, but it's difficult to find the problem without debugging. There is an obvious workaround: create /etc/netgroup containing a dummy netgroup and a "+" entry. However, netgroup(5) says that this is the least efficient configuration. >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199706171622.JAA21362>