freebsd-nq/gnu/usr.sbin/ypserv/Makefile

21 lines
549 B
Makefile
Raw Normal View History

# $Id: Makefile,v 1.7 1995/07/12 16:28:10 wpaul Exp $
Obtained from: The NYS project This is a hacked-up port of the ypserv-0.11 server from the NYS project written by Peter Eriksson. The original package included some map creating and dumping tools and was based on GDBM. This version has been modified in the following ways: - GDBM replaced with DB and many weird hacks made to the read_database() function because of this. - implimented the ypxfr service (using ypxfr from the yps-0.21 package, aso from the NYS project) - added code to check the TCP port from which NIS requests originate: the server will refuse to serve the master.passwd.{byname|byuid} maps if the request doesn't come from a privileged port. Normally, only the superuser can issue such a request. Requests for the passwd.{bynam|byuid} maps aren't affected. There will be a small change made to getpwent.c in libc to complement this. - added code to do DNS lookups via actual resolver queries instead of relying on gethostbyname() and friends. The author noted in the original documentation that a loop condition could arise where the server would query itself for hostsname lookups. Using direct DNS lookups prevents this from happening. - added code to properly fork() the server into the background unless invoked with the -debug flag. - Added combined syslog/perror function. - fixed a few bugs (which were probably introduced by all the other changes) - Created a bmake Makefile. Note that this package can be linked against the tcp_wrapper package to provide address-based authentication, but this isn't done by default since the tcp_wrapper package isn't part of FreeBSD.
1995-01-31 08:58:57 +00:00
# From: @(#)Makefile 8.3 (Berkeley) 4/2/94
PROG= ypserv
ypserv performance improvements: - There are two cases where the server can potentially block for a long time while servicing a request: when handling a yp_all() request, which could take a while to complete if the map being transfered is large (e.g. 'ypcat passwd' where passwd.byname has 10,000 entries in it), and while doing DNS lookups when in SunOS compat mode (with the -dns flag), since some DNS lookups can take a long time to complete. While ypserv is blocked, other clients making requests to the server will also block. To fix this, we fork() ypall and DNS lookups into subprocesses and let the parent ypserv process go on servicing other incoming requests. We place a cap on the number of simultaneous processes that ypserv can fork (set at 20 for now) and go back to 'linear mode' if it hits the limit (which just means it won't fork() anymore until the number of simultaneous processes drops under 20 again). The cap does not apply to fork()s done as a result of ypxfr calls, since we want to do our best to insure that map transfers from master servers succeed. To make this work, we need our own special copy of svc_run() so that we can properly terminate child processes once the RPC dispatch functions have run. (I have no idea what SunOS does in this situation. The only other possibility I can think of is async socket I/O, but that seems like a headache and a half to implement.) - Do the politically correct thing and use sigaction() instead of signal() to install the SIGCHLD handler and to ignore SIGPIPEs. - Doing a yp_all() is sometimes slow due to the way read_database() is implemented. This is turn is due to a certain deficiency in the DB hash method: the R_CURSOR flag doesn't work, which means that when handed a key and asked to return the key/data pair for the _next_ key in the map, we have to reset the DB pointer to the start of the database, step through until we find the requested key, step one space ahead to the _next_ key, and then use that. (The original ypserv code used GDBM has a function called gdbm_nextkey() that does this for you.) This can get really slow for large maps. However, when doing a ypall, it seems that all database access are sequential, so we can forgo the first step (the 'search the database until we find the key') since the database should remain open and the cursor should be positioned at the right place until the yp_all() call finishes. We can't make this assumption for arbitrary yp_first()s and yp_next()s however (since we may have requests from several clients for different maps all arriving at different times) so those we have to handle the old way. (This would be much easier if R_CURSOR really worked. Maybe I should be using something other than the hash method.)
1995-07-12 16:28:13 +00:00
SRCS= dnslookup.c svc_run.c yp_svc.c yp_xdr.c server.c
Obtained from: The NYS project This is a hacked-up port of the ypserv-0.11 server from the NYS project written by Peter Eriksson. The original package included some map creating and dumping tools and was based on GDBM. This version has been modified in the following ways: - GDBM replaced with DB and many weird hacks made to the read_database() function because of this. - implimented the ypxfr service (using ypxfr from the yps-0.21 package, aso from the NYS project) - added code to check the TCP port from which NIS requests originate: the server will refuse to serve the master.passwd.{byname|byuid} maps if the request doesn't come from a privileged port. Normally, only the superuser can issue such a request. Requests for the passwd.{bynam|byuid} maps aren't affected. There will be a small change made to getpwent.c in libc to complement this. - added code to do DNS lookups via actual resolver queries instead of relying on gethostbyname() and friends. The author noted in the original documentation that a loop condition could arise where the server would query itself for hostsname lookups. Using direct DNS lookups prevents this from happening. - added code to properly fork() the server into the background unless invoked with the -debug flag. - Added combined syslog/perror function. - fixed a few bugs (which were probably introduced by all the other changes) - Created a bmake Makefile. Note that this package can be linked against the tcp_wrapper package to provide address-based authentication, but this isn't done by default since the tcp_wrapper package isn't part of FreeBSD.
1995-01-31 08:58:57 +00:00
CFLAGS+=-Wall -DTCP_WRAPPER=0 -DTCPW_FACILITY=LOG_AUTH
ypserv performance improvements: - There are two cases where the server can potentially block for a long time while servicing a request: when handling a yp_all() request, which could take a while to complete if the map being transfered is large (e.g. 'ypcat passwd' where passwd.byname has 10,000 entries in it), and while doing DNS lookups when in SunOS compat mode (with the -dns flag), since some DNS lookups can take a long time to complete. While ypserv is blocked, other clients making requests to the server will also block. To fix this, we fork() ypall and DNS lookups into subprocesses and let the parent ypserv process go on servicing other incoming requests. We place a cap on the number of simultaneous processes that ypserv can fork (set at 20 for now) and go back to 'linear mode' if it hits the limit (which just means it won't fork() anymore until the number of simultaneous processes drops under 20 again). The cap does not apply to fork()s done as a result of ypxfr calls, since we want to do our best to insure that map transfers from master servers succeed. To make this work, we need our own special copy of svc_run() so that we can properly terminate child processes once the RPC dispatch functions have run. (I have no idea what SunOS does in this situation. The only other possibility I can think of is async socket I/O, but that seems like a headache and a half to implement.) - Do the politically correct thing and use sigaction() instead of signal() to install the SIGCHLD handler and to ignore SIGPIPEs. - Doing a yp_all() is sometimes slow due to the way read_database() is implemented. This is turn is due to a certain deficiency in the DB hash method: the R_CURSOR flag doesn't work, which means that when handed a key and asked to return the key/data pair for the _next_ key in the map, we have to reset the DB pointer to the start of the database, step through until we find the requested key, step one space ahead to the _next_ key, and then use that. (The original ypserv code used GDBM has a function called gdbm_nextkey() that does this for you.) This can get really slow for large maps. However, when doing a ypall, it seems that all database access are sequential, so we can forgo the first step (the 'search the database until we find the key') since the database should remain open and the cursor should be positioned at the right place until the yp_all() call finishes. We can't make this assumption for arbitrary yp_first()s and yp_next()s however (since we may have requests from several clients for different maps all arriving at different times) so those we have to handle the old way. (This would be much easier if R_CURSOR really worked. Maybe I should be using something other than the hash method.)
1995-07-12 16:28:13 +00:00
CFLAGS+=-DMAX_CHILDREN=20 -DINSTDIR='"/usr/libexec"'
Obtained from: The NYS project This is a hacked-up port of the ypserv-0.11 server from the NYS project written by Peter Eriksson. The original package included some map creating and dumping tools and was based on GDBM. This version has been modified in the following ways: - GDBM replaced with DB and many weird hacks made to the read_database() function because of this. - implimented the ypxfr service (using ypxfr from the yps-0.21 package, aso from the NYS project) - added code to check the TCP port from which NIS requests originate: the server will refuse to serve the master.passwd.{byname|byuid} maps if the request doesn't come from a privileged port. Normally, only the superuser can issue such a request. Requests for the passwd.{bynam|byuid} maps aren't affected. There will be a small change made to getpwent.c in libc to complement this. - added code to do DNS lookups via actual resolver queries instead of relying on gethostbyname() and friends. The author noted in the original documentation that a loop condition could arise where the server would query itself for hostsname lookups. Using direct DNS lookups prevents this from happening. - added code to properly fork() the server into the background unless invoked with the -debug flag. - Added combined syslog/perror function. - fixed a few bugs (which were probably introduced by all the other changes) - Created a bmake Makefile. Note that this package can be linked against the tcp_wrapper package to provide address-based authentication, but this isn't done by default since the tcp_wrapper package isn't part of FreeBSD.
1995-01-31 08:58:57 +00:00
MAN8= ypserv.8
Obtained from: The NYS project This is a hacked-up port of the ypserv-0.11 server from the NYS project written by Peter Eriksson. The original package included some map creating and dumping tools and was based on GDBM. This version has been modified in the following ways: - GDBM replaced with DB and many weird hacks made to the read_database() function because of this. - implimented the ypxfr service (using ypxfr from the yps-0.21 package, aso from the NYS project) - added code to check the TCP port from which NIS requests originate: the server will refuse to serve the master.passwd.{byname|byuid} maps if the request doesn't come from a privileged port. Normally, only the superuser can issue such a request. Requests for the passwd.{bynam|byuid} maps aren't affected. There will be a small change made to getpwent.c in libc to complement this. - added code to do DNS lookups via actual resolver queries instead of relying on gethostbyname() and friends. The author noted in the original documentation that a loop condition could arise where the server would query itself for hostsname lookups. Using direct DNS lookups prevents this from happening. - added code to properly fork() the server into the background unless invoked with the -debug flag. - Added combined syslog/perror function. - fixed a few bugs (which were probably introduced by all the other changes) - Created a bmake Makefile. Note that this package can be linked against the tcp_wrapper package to provide address-based authentication, but this isn't done by default since the tcp_wrapper package isn't part of FreeBSD.
1995-01-31 08:58:57 +00:00
afterinstall:
${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m 444 \
${.CURDIR}/Makefile.yp \
${DESTDIR}/var/yp/Makefile
${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m ${BINMODE} \
${.CURDIR}/mknetid \
${DESTDIR}/usr/libexec/mknetid
Obtained from: The NYS project This is a hacked-up port of the ypserv-0.11 server from the NYS project written by Peter Eriksson. The original package included some map creating and dumping tools and was based on GDBM. This version has been modified in the following ways: - GDBM replaced with DB and many weird hacks made to the read_database() function because of this. - implimented the ypxfr service (using ypxfr from the yps-0.21 package, aso from the NYS project) - added code to check the TCP port from which NIS requests originate: the server will refuse to serve the master.passwd.{byname|byuid} maps if the request doesn't come from a privileged port. Normally, only the superuser can issue such a request. Requests for the passwd.{bynam|byuid} maps aren't affected. There will be a small change made to getpwent.c in libc to complement this. - added code to do DNS lookups via actual resolver queries instead of relying on gethostbyname() and friends. The author noted in the original documentation that a loop condition could arise where the server would query itself for hostsname lookups. Using direct DNS lookups prevents this from happening. - added code to properly fork() the server into the background unless invoked with the -debug flag. - Added combined syslog/perror function. - fixed a few bugs (which were probably introduced by all the other changes) - Created a bmake Makefile. Note that this package can be linked against the tcp_wrapper package to provide address-based authentication, but this isn't done by default since the tcp_wrapper package isn't part of FreeBSD.
1995-01-31 08:58:57 +00:00
.include <bsd.prog.mk>