From owner-freebsd-bugs Mon Jun 16 09:20:05 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id JAA13841 for bugs-outgoing; Mon, 16 Jun 1997 09:20:05 -0700 (PDT) Received: (from gnats@localhost) by hub.freebsd.org (8.8.5/8.8.5) id JAA13803; Mon, 16 Jun 1997 09:20:02 -0700 (PDT) Resent-Date: Mon, 16 Jun 1997 09:20:02 -0700 (PDT) Resent-Message-Id: <199706161620.JAA13803@hub.freebsd.org> Resent-From: gnats (GNATS Management) Resent-To: freebsd-bugs Resent-Reply-To: FreeBSD-gnats@FreeBSD.ORG, Dominic.Froud@dcs.qmw.ac.uk Received: (from nobody@localhost) by hub.freebsd.org (8.8.5/8.8.5) id JAA13613; Mon, 16 Jun 1997 09:15:11 -0700 (PDT) Message-Id: <199706161615.JAA13613@hub.freebsd.org> Date: Mon, 16 Jun 1997 09:15:11 -0700 (PDT) From: Dominic.Froud@dcs.qmw.ac.uk To: freebsd-gnats-submit@FreeBSD.ORG X-Send-Pr-Version: www-1.0 Subject: misc/3883: @+netgroup entries break +NIS-user entries in passwd when using getpwent(3) Sender: owner-bugs@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk >Number: 3883 >Category: misc >Synopsis: @+netgroup entries break +NIS-user entries in passwd when using getpwent(3) >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-bugs >State: open >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon Jun 16 09:20:01 PDT 1997 >Last-Modified: >Originator: Dominic Froud >Organization: Queen Mary & Westfield College >Release: 2.2-STABLE >Environment: FreeBSD iron.dcs.qmw.ac.uk 2.2-STABLE FreeBSD 2.2-STABLE #1: Fri Jun 6 09:49:02 GMT 1997 md@iron.dcs.qmw.ac.uk:/usr/src/sys/compile/IRON i386 >Description: When getpwent(3) encounters a +@netgroup entry in the /etc/passwd file, it sets a flag (_pw_stepping_yp) to 1. This short-circuits successive calls to getpwent() so that they jump to 'grabbing the next NIS entry'. This flag isn't reset when all the netgroup members have been retrieved. This causes a problem when another NIS-style entry (specifically named NIS users) is mentioned because getpwent() is permanently locked to retrieving the same user entry (and hence loops based around getpwent() never return). >How-To-Repeat: Add lines in the following format to the end of /etc/passwd (using vipw): +@netgroup-that-exists::::::::: +NIS-user-that-exists::::::::: +:::::::::/bin/true Try: finger NIS-added-user-not-included-above finger(1) will hang and a kernel trace will show a NIS lookup in passwd.byname for NIS-user-that-exists followed by a successful return of their passwd entry. After that, the trace is filled with nothing but gettimeofday(2) calls. >Fix: Non-rebuild workaround: Place all +user entries before any +@netgroup entries in /etc/passwd if possible. I don't think inserting a local user between the two entries will work. Software fix: amend /usr/src/lib/libc/gen/getpwent.c as follows, and rebuild libc: *** getpwent.c Mon Jun 16 17:04:57 1997 --- fixed-getpwent.c Mon Jun 16 16:36:17 1997 *************** *** 409,414 **** --- 409,415 ---- endgrent(); latch = 0; gr = NULL; + _pw_stepping_yp = 0; /* DOM */ return(0); } } >Audit-Trail: >Unformatted: