Date: Mon, 19 Jan 2009 15:57:34 GMT From: Andrey Zonov <andrey.zonov@gmail.com> To: freebsd-gnats-submit@FreeBSD.org Subject: kern/130749: [libc] nscache.c/nscachedcli.c - return error if string of /etc/group is long Message-ID: <200901191557.n0JFvYPq089925@www.freebsd.org> Resent-Message-ID: <200901191600.n0JG09qr083519@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 130749
>Category: kern
>Synopsis: [libc] nscache.c/nscachedcli.c - return error if string of /etc/group is long
>Confidential: no
>Severity: critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Mon Jan 19 16:00:09 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator: Andrey Zonov
>Release: 7.1-RELEASE-p2
>Organization:
>Environment:
FreeBSD {sorry,cut}.ru 7.1-RELEASE-p2 FreeBSD 7.1-RELEASE-p2 #0: Sun Jan 18 16:15:29 MSK 2009 root@{sorry,cut}.ru:/usr/obj/usr/src/sys/FBSD7_AMD64_ULE amd64
>Description:
nscd return error if string of /etc/group is long and return groups directly from /etc/group, really my problem with NIS long group, but with long group from /etc/group bug as affected.
I thing bug in src/lib/libc/net/nscachedcli.c. safe_read() return rec_error_code=848338984, then try read long group.
>How-To-Repeat:
1. Add in /etc/group:
strangegroup:*:9999:aa,ab,ac,ad,ae,af,ag,ah,ai,aj,ak,al,am,an,ao,ap,aq,ar,as,at,au,av,aw,ax,ay,az,ba,bb,bc,bd,be,bf,bg,bh,bi,bj,bk,bl,bm,bn,bo,bp,bq,br,bs,bt,bu,bv,bw,bx,by,bz,ca,cb,cc,cd,ce,cf,cg,ch,ci,cj,ck,cl,cm,cn,co,cp,cq,cr,cs,ct,cu,cv,cw,cx,cy,cz,da,db,dc,dd,de,df,dg,dh,di,dj,dk,dl,dm,dn,do
2. Edit /etc/nsswitch.conf:
group: cache compat
3. $ getent group | wc -l
378
4. Run "nscd -t -n -s"
5. And run "getent group"
$ getent group | wc -l
378
$ getent group | wc -l
442
$ getent group | wc -l
442
For local groups this is not critical, but for NIS (and other network management) is critical.
nscd show debug:
M1 from main: request agents registered successfully
M2 from cache: cache was successfully initialized
M2 from runtime environment: using socket /var/run/nscd
M2 from runtime environment: successfully initialized
M1 from main: working in single-threaded mode
E3 from on_mp_read_session_read_response_write1: write failed
>Fix:
Only workaround.
1. For nscd
--- src/lib/libc/net/nscache.c.orig 2009-01-11 22:30:47.000000000 +0300
+++ src/lib/libc/net/nscache.c 2009-01-12 13:23:45.000000000 +0300
@@ -39,7 +39,7 @@
#define NSS_CACHE_KEY_INITIAL_SIZE (256)
#define NSS_CACHE_KEY_SIZE_LIMIT (NSS_CACHE_KEY_INITIAL_SIZE << 4)
-#define NSS_CACHE_BUFFER_INITIAL_SIZE (1024)
+#define NSS_CACHE_BUFFER_INITIAL_SIZE (4096)
#define NSS_CACHE_BUFFER_SIZE_LIMIT (NSS_CACHE_BUFFER_INITIAL_SIZE << 8)
#define CACHED_SOCKET_PATH "/var/run/nscd"
2. And for NIS work this patch - http://www.freebsd.org/cgi/query-pr.cgi?pr=bin/96840
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200901191557.n0JFvYPq089925>