server.c: When 'securenets' (actually TCP_WRAPPERS) is enabled, don't

syslog connections unless they were rejected. This helps save wear and
tear on the syslog facility in large networks with many clienst systems.

yp_svc.c: Be a little smarter about using sigaction() -- set the SA_RESTART
flag.

svc_run: Be doubly paranoid about killing off child processes. Do a flag
chack and a pid check before letting child 'threads' self-destruct.

gnu/usr.sbin/ypserv/server.c

@@ -152,7 +152,7 @@ static int is_valid_host(struct sockaddr_in *sin)
 		       inet_ntoa(sin->sin_addr),
 		       "");
 
-    if (sin->sin_addr.s_addr != oldaddr || status != oldstatus ) {
+    if (!status && (sin->sin_addr.s_addr != oldaddr || status != oldstatus)) {
 	syslog(status?allow_severity:deny_severity,
 	       "%sconnect from %s\n",status?"":"refused ",
 	       h?h:inet_ntoa(sin->sin_addr));

gnu/usr.sbin/ypserv/svc_run.c

@@ -55,6 +55,10 @@ my_svc_run()
 #endif /* def FD_SETSIZE */
 	extern int errno;
 	extern int forked;
+	int pid;
+
+	/* Establish the identity of the parent ypserv process. */
+	pid = getpid();
 
 	for (;;) {
 #ifdef FD_SETSIZE
@@ -74,7 +78,7 @@ my_svc_run()
 			continue;
 		default:
 			svc_getreqset(&readfds);
-			if (forked)
+			if (forked && pid != getpid())
 				exit(0);
 		}
 	}

gnu/usr.sbin/ypserv/yp_svc.c

@@ -322,8 +322,12 @@ int main(int argc, char **argv)
      * Ignore SIGPIPEs. They can hurt us if someone does a ypcat
      * and then hits CTRL-C before it terminates.
      */
+    sigaction(SIGPIPE, NULL, &sa);
     sa.sa_handler = SIG_IGN;
+    sa.sa_flags |= SA_RESTART;
     sigaction(SIGPIPE, &sa, NULL);
+    sigaction(SIGCHLD, NULL, &sa);
+    sa.sa_flags |= SA_RESTART;
     sa.sa_handler = reapchild;
     sigaction(SIGCHLD, &sa, NULL);