Date: Wed, 2 Oct 2002 11:15:26 +0400 (MSD) From: Maxim Konovalov <maxim@FreeBSD.org> To: Robert Watson <rwatson@FreeBSD.org> Cc: current@FreeBSD.org Subject: Re: NIS broken by pw_scan.c commits? Message-ID: <20021002110703.W72260-100000@news1.macomnet.ru> In-Reply-To: <Pine.NEB.3.96L.1021001233831.38726H-100000@fledge.watson.org> References: <Pine.NEB.3.96L.1021001233831.38726H-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello,
On 07:43+0400, Oct 2, 2002, Robert Watson wrote:
>
> It looks like someone has broken support for NIS in /etc/master.passwd by
> tightening the formatting rules for the file incorrectly. Whereas a
> perfectly valid NIS password file used to work a month or so ago, it now
> generates a syntax error:
>
> www:*:80:80::0:0:World Wide Web Owner:/nonexistent:/sbin/nologin
> nobody:*:65534:65534::0:0:Unprivileged user:/nonexistent:/sbin/nologin
> +:::::::::
>
> cboss# pwd_mkdb -p /etc/master.passwd
> pwd_mkdb: uid is incorrect
> pwd_mkdb: at line #22
> pwd_mkdb: /etc/master.passwd: Inappropriate file type or format
>
> (line 22 is the +::... line)
>
> If whoever did this could please *undo* the change, it would appreciate
> it: breaking services like NIS is not a good idea. I won't have a chance
> to investigate more tonight, but I strongly suspect pw_scan.c:1.22 by
> Maxim. It could be another commit; I'll try backing this out tomorrow
Yes, it is my bug, fixed in rev. 1.23, sorry for inconvenience.
By the way, there is still an issue: pw_scan() allows an empty GID in
non-NIS entries too. Any objections to a patch below?
Index: libc/gen/pw_scan.c
===================================================================
RCS file: /home/ncvs/src/lib/libc/gen/pw_scan.c,v
retrieving revision 1.22
diff -u -r1.22 pw_scan.c
--- libc/gen/pw_scan.c 25 Sep 2002 08:49:19 -0000 1.22
+++ libc/gen/pw_scan.c 2 Oct 2002 07:04:42 -0000
@@ -124,6 +124,13 @@
goto fmt;
if (p[0])
pw->pw_fields |= _PWF_GID;
+ else {
+ if (pw->pw_name[0] != '+' && pw->pw_name[0] != '-') {
+ if (flags & _PWSCAN_WARN)
+ warnx("no gid for user %s", pw->pw_name);
+ return (0);
+ }
+ }
id = strtoul(p, &ep, 10);
if (errno == ERANGE) {
if (flags & _PWSCAN_WARN)
%%%
[ Note: this bug is not my :-) ]
> morning and see if things start working. Requiring a valid integer value
> is bogus in the case where the field is filled in from NIS.
>
> Robert N M Watson FreeBSD Core Team, TrustedBSD Projects
> robert@fledge.watson.org Network Associates Laboratories
>
>
--
Maxim Konovalov, maxim@FreeBSD.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021002110703.W72260-100000>