Bug#240836: libc6: Duplicated group-id's breaks NFS-access
I encounter the same problem using ldap authentication with parallel db
cache for offline work.
nsswitch.conf has
group: compat ldap [!unavail=return] db
While the [!unavail=return] construct works for getgrent, the initgroups
call does not return and collects all groups twice.
Since there is no use for duplicate groups in the initgroups list, I
suggest a small patch to the compat_call in initgroups.c.
Regards,
Sebastian
--
Sebastian Hetze Linux Information Systems AG
Mitglied des Vorstands Fon +49 (0)30 72 62 38-0 Ehrenbergstr. 19
s.hetze@linux-ag.com Fax +49 (0)30 72 62 38-99 D-10245 Berlin
The Migration Company. ____________________________________ www.linux-ag.com __
#! /bin/sh -e
# DP: Make initgroups compat_call insert only new groups into the list
if [ $# -ne 2 ]; then
echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
exit 1
fi
case "$1" in
-patch) patch -d "$2" -f --no-backup-if-mismatch -p1 < $0;;
-unpatch) patch -d "$2" -f --no-backup-if-mismatch -R -p1 < $0;;
*)
echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
exit 1
esac
exit 0
--- glibc-2.3.2/grp/initgroups.c.dist 2005-11-21 23:50:26.000000000 +0100
+++ glibc-2.3.2/grp/initgroups.c 2005-11-22 08:34:29.439904644 +0100
@@ -98,6 +98,16 @@
for (m = grpbuf.gr_mem; *m != NULL; ++m)
if (strcmp (*m, user) == 0)
{
+ long int i;
+ int alhere = 0;
+
+ /* Do not insert a group that already is in the list. */
+ for (i = 0; i < *start; i++)
+ if (groups[i] == grpbuf.gr_gid)
+ alhere=1;
+ if (alhere == 1)
+ break;
+
/* Matches user. Insert this group. */
if (__builtin_expect (*start == *size, 0))
{
Reply to: