Date: Wed, 7 Jun 1995 17:02:03 -0400 (EDT) From: "House of Debuggin'" <wpaul@skynet.ctr.columbia.edu> To: rgrimes@gndrsh.aac.dev.com (Rodney W. Grimes) Cc: iznogood@iesd.auc.dk, hackers@freefall.cdrom.com Subject: Re: Automount and finger. Message-ID: <199506072102.RAA00225@skynet.ctr.columbia.edu> In-Reply-To: <199506071916.MAA02953@gndrsh.aac.dev.com> from "Rodney W. Grimes" at Jun 7, 95 12:16:51 pm
next in thread | previous in thread | raw e-mail | index | archive | help
They say this Rodney W. Grimes person was kidding when he wrote:
> > >> Hi,
> > >>
> > >> Is there anyway that I can avoid mounting ALL users when some fool
> > >> uses finger? Right now my machine is mounting 447 user
> > >> directories....
> >
> > > Yea, turn off the ``all user'' flag to fingerd: man 8 fingerd:
> > > -s Enable secure mode. Queries without a user name are
> > > rejected and forwarding of queries to other remote hosts is
> > > denied.
Bzzt! Sorry, that's incorrect, but thanks for playing.
> > Isn't that the default?
[stuff chopped]
>
> Humm... don't know what is going on then..
>
>
> --
> Rod Grimes rgrimes@gndrsh.aac.dev.com
> Accurate Automation Company Custom computers for FreeBSD
>
Then allow me to explain. (I was wondering when somebody else was
going to run afoul of this.)
The correct answer is:
Finger is brain damaged. One of the things it does is search for a
file in your home directory called '.nofinger' and it hides you from
finger attempts if it finds it. Unfortunately, the program logic
is organized in such a way that if you say:
% finger someuser@some.freebsd.machine
then it will run through the entire password database (using repeated
calls to getpwent()) end check *EVERY SINGLE USER'S HOME DIRECTORY*
for .nofinger files. I quote from /usr/src/usr.bin/finger/util.c:
/*
* Is this user hiding from finger?
* If ~<user>/.nofinger exists, return 1 (hide), else return 0 (nohide).
*/
int
hide(pw)
struct passwd *pw;
{
[yadda yadda yadda]
}
The fact that it checks everybody's directory even if you only
ask to finger one user is undoubtedly a bug. It's probably also
a BSD4.4-ism.
Believe me, I know how annoying this can be: I have about eight
different home filesystems and about 350 users. I noticed the
obnoxiously long delay a while ago, but never made the connection
until I noticed that amd was mounting _all_ of the home directory
filesystems whenever I fingered the machine. (I first noticed it
while testing out some NIS-related changes in libc too; for a while
there I thought I'd dome something horribly wrong. :)
Whoever added this little 'improvement' probably never realized
the implications it would have for systems running amd, or NFS
in general.
I had secret plans to deal with this thing at some point, and even
started hacking on it a little, but NIS hacking and my job sort of
got in the way.
A quick way to work around the automounter thrashing is to turn the
hide() function into a no-op. That doesn't change the fact that the
program logic is screwed up, however.
Somebody should put this in the TODO list for 2.1.
-Bill
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~T~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-Bill Paul (212) 854-6020 | System Manager
Work: wpaul@ctr.columbia.edu | Center for Telecommunications Research
Home: wpaul@skynet.ctr.columbia.edu | Columbia University, New York City
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The Møøse Illuminati: ignore it and be confused, or join it and be confusing!
~~~~~~~~~ FreeBSD 2.1: "We can kick your operating system's ass!" ~~~~~~~~~~
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199506072102.RAA00225>