remapping mechanism in the following manner: if given an entry +@foo
and there is no netgroup named 'foo,' try searching for a regular
user group called 'foo' and build the cache using the members of
group 'foo' instead. If both a netgroup 'foo' and a user group 'foo'
exist, the 'foo' netgroup takes precedence, since we're primarily
interested in netgroup matching anyway.
This allows access control schemes based on ordinary user groups
(which are also available via NIS) rather than netgroups, since
netgroups on some systems are limited in really brain-damaged ways.
ypserv to do a yp_match() with an a null or empty key causes much havok.
(Note that this could be construed as a denial of service attack if used
maliciously.)
my network because setnetgrent() was trying to do a lookup on group "".
It seems that an attempt to do a yp_match() (and possible yp_next())
on a null or empty key causes Sun's ypserv in SunOS 4.1.3 to exit
suddenly (and without warning). Our ypserv behaves badly in this
situation too, thoush it doesn't appear to crash. In any event, getpwent,
getnetgrent and yp_match() and yp_next() are now extra careful not to
accidentally pass on null or empty arguments.
Also made a small change to getpwent.c to allow +::::::::: wildcarding,
which I had disabled previously.
- Have the +@netgroup/-@netgroup caches handle the +user/-user cases too.
- Clean up getpwent() to take advantage of the improved +user/-user handling.
Submitted by: Sebastian Strollo <seb@erix.ericsson.se>
- In /usr/src/lib/libc/yp/yplib.c, function yp_first when clnt_call
fails with (r != RPC_SUCCESS) ysd->dom_vers should be set to 0! This
ensures that /var/yp/bindings/dom.vers will be read again on retry.
What happens now is that when our server is down and someone tries to
use yp they will continue to try until kingdom come. So:
if(r != RPC_SUCCESS) {
clnt_perror(ysd->dom_client, "yp_first: clnt_call");
ysd->dom_vers = -1;
^^^^ change to 0
goto again;
}
that everyone else does: you can now use +host/-host, +user,-user and
+@netgroup/-@netgroup in /etc/hosts.equiv, /.rhosts, /etc/hosts.lpd and
~/.rhosts. Previously, __ivaliduser would only do host/user matches,
which was lame. This affects all the r-commands, lpd, and any other
program/service that uses ruserok().
An example of the usefullness of this feature would be a hosts.equiv
file that looks like this:
+@equiv-hosts
Since the netgroup database can now be accessed via NIS, this lets you
set up client machines once and then never have to worry about them
again: all hosts.equiv changes can now be done through NIS. Once I
finish with getpwent.c, we'll be able to do similar wacky things
with login authentication too. (Our password field substitution
will finally be on par with everyone else's, and I'll finally be
able to fully integrate my FreeBSD machine into my network without
having to worry about the grad students sneaking into it when I'm
not looking. :)
Danger Will Robinson! I tested this thing every which way I could, but
Murphy's Law applies! If anybody spots a potential security problem with
the way my matching algorithm works, tell me immediately! I don't want
crackers snickering and calling me names behind my back. :)
work because parse_netgrp() doesn't recurse properly. Fixed by
changing
if (parse_netgrp(spos))
return(1);
to
if (parse_netgrp(spos))
continue;
inside parse_netgrp(). (Lucky for me I happen to have a fairly complex
'live' netgroup database to test this stuff with.)
- Added support for reading netgroups from NIS/YP in addition to the
local /etc/netgroups file. (Note that SunOS and many other systems only
support reading netgroups via NIS, which is a bit odd.)
- Fix Evil Null Pointer Dereferences From Hell (tm) that caused
parse_netgrp() to SEGV when expanding netgroups that include
references to other netgroups. Funny how nobody else noticed this.
This is the first step in implimenting +@netgroup substitution in
getpwent.c and any other places that could use it and don't already
support it (which is probably everywhere).
by heading off possible null pointer dereferences in grscan(). Also
change getgrnam() slightly to properly handle the change: if grscan()
returns an rval of 1 and leaves a '+' in the gr_name field and YP is
enabled, poll the YP group.byname map before giving up. This should
insure that we make every effort to find a match in the local and
YP group databases before bailing out.
commit by bde.
Fix bugs in floating point formatting. The 4.4lite version is similar
to revision 1.3 in old-cvs and is missing all of jtc's fixes in revision
1.4 in old-cvs. Revision 1.2 in ncvs fixed one of the old bugs but
introduced at least one new one (for %.0e).
old-cvs log:
revision 1.4
date: 1993/11/04 19:38:22; author: jtc; state: Exp; lines: +33 -20
My work from NetBSD to make printf() & friends ANSI C compliant.
Fixes several bugs in floating point formatting:
1. Trailing zeros were being stripped with %e format.
2. %g/%G formats incorrect.
3. Lots of other nits.
the copy built from here was overwritten by the other copy and the other
copy was put in library-building command lines twice. ld now objects to
duplicated modules.
from the code in strftime.c . This affects both the library code
and all the commands using it (e.g. date +%s).
Note that %s is not required by ANSI, but we've already got it in 1.1.5.1.
Suggested by: luigi@labinfo.iet.unipi.it (Luigi Rizzo)
in an (unlikely) border case (maxgroups==1 and the user is on
an /etc/group line for the same group and that group only ...).
Now this case is dealt with as before ...
Add a missing apostrophe that suggests inverting the frequency to get
tick size. It read better before because `CLK_TCK' suggests a tick
size although it is actually a frequency.
as an NIS client. The pw_breakout_yp routines that are used to populate the
_pw_passwd structire only do anything if the bits in the pw_fields member
_pw_passwd are cleared. Unfortunately, we can get into a state where
pw_fields has garbage in it right before the YP lookup functions are
called, which causes the breakout functions to screw up in a big way.
Here's how to duplicate the problem:
- Configure FreeBSD as an NIS client
- Log in as a user who's password database records reside only in
the NIS passwd maps.
- Type ps -aux
Result: your processes appear to be owned by 'root' or 'deamon.'
/bin/ls can exhibit the same problem.
The reason this happens:
- When ps(1) needs to match a username to a UID, it calls getpwuid().
- root is in the local password file, so getpwuid() calls __hashpw()
and __hashpw() populates the _pw_passwd struct, including the pw_fields
member. This happens before NIS lookups take place because, by coincidence,
ps(1) tends to display processes owned by root before it happens upon
a proccess owned by you.
- When your UID comes up, __hashpw() fails to find your entry in the
local password database, so it bails out, BUT THE BITS IN THE pw_fields
STRUCTURE OF _pw_passwd ARE NEVER CLEARED AND STILL CONTAIN INFORMATION
FROM THE PREVIOUS CALL TO __hash_pw()!!
- If we have NIS enabled, the NIS lookup functions are called.
- The pw_breakout_yp routines see that the pw_fields bits are set and
decline to place the data retrieved from the NIS passwd maps into the
_pw_passwd structure.
- getpwuid() returns the results of the last __hashpw() lookup instead
of the valid NIS data.
- Hijinxs ensue when user_from_uid() caches this bogus information and
starts handing out the wrong usernames.
AAAARRRRRRRRRGGGGGGHHHHHHHHHH!!!
*Please* don't tell me I'm the only person to have noticed this.
Fixed by having __hashpw() check the state of pw_fields just before
bailing out on a failed lookup and clearing away any leftover garbage.
What a fun way to spend an afternoon.
- FreeBSD's NIS server can supply a master.passwd map, which has
more fields in it than a standard passwd map, so we need a
_master_pw_breakout() fuction.
- When doing passwd map lookups, look for master.passwd.* by attempting
a _yp_first() on master.passwd.byname. If it exists, we're being served
by a FreeBSD NIS server and we should use this map.
- If we aren't the superuser, retrieve only the standard passwd maps.
If we're being served by a FreeBSD system, then the passwd map has
no passwords in it, and it won't serve us the master.passwd map unless
we're superuser anyway.
There's a small speed hit for the superuser inherent in the check for
the master.passwd map, but this lets us dynamically decide what to do
rather than rely on a non-standard config file somewhere. Since all
of this is bypassed for normal users, they shouldn't notice the
difference.
1) Changed LIB_SCCS and SYSLIB_SCCS to LIB_RCS and SYSLIB_RCS.
2) Changed sccsid[] variables to rcsid[]
3) Moved all RCSID strings into .text
4) Converted all SCCSID's to RCS $Id$'s
5) Added missing $Id$'s after copyright.