[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Potential NIS storm fix

Here is a patch to the libc 5.2.18 to hopefully fix the NIS storms. I
could not test it since the debian source package for the libc does not
build its targets. Anyone know how to get the debian source package to
build? "debian.rules binary" or "debian.rules" both fail without ever
reaching the initgroups.c file

The patch has to be applied to the directory libc-5.2.18/grp
--- initgroups.c.orig   Wed May 31 22:08:15 1995
+++ initgroups.c        Thu Sep 26 12:10:32 1996
@@ -82,9 +82,10 @@
       else if (0 == strcmp(g->gr_name, "+"))
-          ypmode = 1;
-          g = __nis_getgrent(1, info);
-          if (NULL == g)
+# Disable exhaustive NIS searches
+#          ypmode = 1;
+#          g = __nis_getgrent(1, info);
+#          if (NULL == g)
 #endif /* YP */

Consequences of this patch:
- You loose NO functionality. I have never gotten /etc/groups to work
  across an NIS network. Miquel confirmed a while ago that the NIS stuff
  for /etc/group does not work.
- The users still have the group they are assigned to in /etc/passwd (or
  the NIS map)
- For The +:: stuff at the end of the /etc/group nothing will be done.
- You can still manually include a group with
- Exhaustive NIS searches are not performed anymore.

I reviewed the NIS code for /etc/passwd as well. The library contains an
extensive caching mechanism for those.

Reviewing what I just wrote: You might simply have the same effect by
removing the +:: line from etc groups .... <G>

{}    Snail Mail:   FTS Box 466, 135 N.Oakland Ave, Pasadena, CA 91182        {}
{}    FISH Internet System Administrator at Fuller Theological Seminary       {}
PGP Public Key  =  FB 9B 31 21 04 1E 3A 33  C7 62 2F C0 CD 81 CA B5 

Reply to: