From owner-freebsd-bugs Wed Jun 18 08:55:48 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id IAA23654 for bugs-outgoing; Wed, 18 Jun 1997 08:55:48 -0700 (PDT) Received: from polaris.we.lc.ehu.es (polaris.we.lc.ehu.es [158.227.6.43]) by hub.freebsd.org (8.8.5/8.8.5) with SMTP id IAA23588; Wed, 18 Jun 1997 08:53:19 -0700 (PDT) Received: from cygnus-x1.we.lc.ehu.es by polaris.we.lc.ehu.es (SMI-8.6/SMI-SVR4) id RAA18033; Wed, 18 Jun 1997 17:52:49 +0200 From: jose@we.lc.ehu.es (Jose M. Alcaide) Received: by cygnus-x1.we.lc.ehu.es (SMI-8.6/SMI-SVR4) id RAA15011; Wed, 18 Jun 1997 17:53:09 +0200 Date: Wed, 18 Jun 1997 17:53:09 +0200 Message-Id: <199706181553.RAA15011@cygnus-x1.we.lc.ehu.es> To: FreeBSD-gnats@FreeBSD.ORG, freebsd-bugs@FreeBSD.ORG Subject: Re: bin/3891: NIS-only netgroup lookups don't work X-Sun-Charset: US-ASCII Sender: owner-bugs@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk I have been working a bit more on this problem. After a closer look to the function innetgr() in getnetgrent.c, I'm turning to think that there is a problem with a call to yp_match() (see getnetgrent.c, lines 349 to 352). I have been trying the command "ypmatch" on several hosts at our network (some of them are SPARCs running SunOS 4.1.3, others are SGIs running IRIX 6.x, and also FreeBSD 2.2.1 boxes). For example, jose@tiburon[~]: ypmatch -k trusted netgroup trusted (polaris,-,) (sirius,-,) (vega,-,) ...... Well, this works. However, jose@tiburon[~]: ypmatch -k polaris netgroup.byhost Can't match key polaris in map netgroup.byhost. Reason: no such map in server's domain I get this message on all NIS (YP) clients, whatever the OS they run. Now, I think that the NIS server does not export any maps "netgroup.byXXX". I must say that our NIS server is, actually, an NIS+ server running in YP compatibility mode; perhaps this is the source of the problem. Unfortunately, I have no access to a "true" NIS server. In any case, the innetgr() implemented by other UNIXes (SunOS 4.x, IRIX 6.x, Linux, etc.) do work. Perhaps, the FreeBSD's netgroup scheme, which tries to optimize NIS-only lookups, _needs_ the "netgroup.byhost" map; on the contrary, other UNIXes may perform a sequential lookup in the "netgroup" map, and this method does not need "netgroup.byhost". I have seen in the innetgr() code a "CHARITABLE" flag which, if turned on, forces a "standard mode" lookup if the "NIS-exclusive mode" fails. I think that a recompilation of getnetgrent.c with -DCHARITABLE will solve (more precisely, will _dissolve_) this innetgr() problem. Greetings, --JM ------------------------------------------------------------------------ Jose M. Alcaide | E-mail: Universidad del Pais Vasco | WWW: Dpto. de Electricidad y Electronica | http://www.we.lc.ehu.es/~jose Facultad de Ciencias - Campus de Lejona | Phone: +34-4-4647700 x2624 48940 Lejona (Vizcaya) - SPAIN | Fax: +34-4-4858139 ------------------------------------------------------------------------