Commit Graph

17 Commits

Author SHA1 Message Date
alfred
f67e4a8fc7 Bring in a hybrid of SunSoft's transport-independent RPC (TI-RPC) and
associated changes that had to happen to make this possible as well as
bugs fixed along the way.

  Bring in required TLI library routines to support this.

  Since we don't support TLI we've essentially copied what NetBSD
  has done, adding a thin layer to emulate direct the TLI calls
  into BSD socket calls.

  This is mostly from Sun's tirpc release that was made in 1994,
  however some fixes were backported from the 1999 release (supposedly
  only made available after this porting effort was underway).

  The submitter has agreed to continue on and bring us up to the
  1999 release.

  Several key features are introduced with this update:
    Client calls are thread safe. (1999 code has server side thread
    safe)
    Updated, a more modern interface.

  Many userland updates were done to bring the code up to par with
  the recent RPC API.

  There is an update to the pthreads library, a function
  pthread_main_np() was added to emulate a function of Sun's threads
  library.

  While we're at it, bring in NetBSD's lockd, it's been far too
  long of a wait.

  New rpcbind(8) replaces portmap(8) (supporting communication over
  an authenticated Unix-domain socket, and by default only allowing
  set and unset requests over that channel). It's much more secure
  than the old portmapper.

  Umount(8), mountd(8), mount_nfs(8), nfsd(8) have also been upgraded
  to support TI-RPC and to support IPV6.

  Umount(8) is also fixed to unmount pathnames longer than 80 chars,
  which are currently truncated by the Kernel statfs structure.

Submitted by: Martin Blapp <mb@imp.ch>
Manpage review: ru
Secure RPC implemented by: wpaul
2001-03-19 12:50:13 +00:00
asmodai
c3e5d07abf Remove unused include. 2000-04-29 12:47:03 +00:00
imp
1e1b2fb024 remove extern int errno; include errno.h 2000-04-14 06:49:16 +00:00
peter
efabb9ccb1 $Id$ -> $FreeBSD$ 1999-08-28 01:35:59 +00:00
brian
ac59e661be Host names are case-insensitive. 1999-03-16 01:23:09 +00:00
charnier
67de6ed0a2 Remove multiply defined Id string. Hide sccsid string. 1997-10-13 11:18:53 +00:00
wpaul
e0bb173182 Modify rpc.yppasswdd to use the new AF_LOCAL transport in the RPC library
instead of its own kludged up version. This makes the special 'superuser-only'
update procedure work just like a real RPC service.
1997-07-29 15:43:21 +00:00
imp
691010efad compare return value from getopt against -1 rather than EOF, per the final
posix standard on the topic.
1997-03-31 05:11:47 +00:00
peter
b782f4df30 Revert $FreeBSD$ to $Id$ 1997-02-22 16:15:28 +00:00
jkh
808a36ef65 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
peter
6926a0a5d1 Fix harmless bugs found while hunting for chpass nis failure 1996-11-15 14:13:51 +00:00
wpaul
f8eb2a9fb7 Make error messages more informative. 1996-10-23 15:42:37 +00:00
wpaul
37e1a46671 Two small changes that were in my development sources at home
but never made it here for some reason:

- 'u' option was missing from getopt string
- Use daemon() to become daemonic.
1996-10-22 14:58:10 +00:00
wpaul
46fc34c49c Whoops: had a couple of hardcoded instances of '/var/yp/' that shouldn't
have been there. Fixed to use yp_dir, which can be set on the command line.
1996-06-23 22:44:06 +00:00
wpaul
7afc912575 Added support for in-place updates:
If rpc.yppasswdd is invoked with the -i flag, password changes will
be made to the master.passwd template file and the hash map files
in-place, which means it won't have to run a complete map update.
Instead, it calls /var/yp/Makefile with the 'pushpw' target, which
just pushes the maps to the slaves and runs yp_mkdb -c to tell the
local ypserv to flush its database cache.

The server will check the passwd.byname and passwd.byuid maps to see
if they were built in 'insecure' or 'secure' mode (i.e. with real
encrypted passwords in them or without) and update them accordingly.

This combined with rpc.ypxfrd greatly reduces the amount of time it
takes to complete an NIS password change, especially with very large
passwd databases.
1996-06-05 06:13:09 +00:00
wpaul
abd2ed647c Add securenets support (uses same access control mechanism as ypserv,
also controlled by /var/yp/securenets).

Add -u flag to turn off the privileged port check done by yp_access();
some commercial systems (IRIX, Solaris 2.x, HP-UX, and probably others)
don't use a reserved port for submitting yppasswd updates. If we always
enforce the check, these client systems will be unable to submit updates
to us.

Document securenets support and -u flag in man page.

Like ypserv, you can compile rpc.yppasswdd to use the tcpwrapper package
instead of securenets if you want to.
1996-02-24 22:10:42 +00:00
wpaul
cddbdd03ca This commit was generated by cvs2svn to compensate for changes in r14062,
which included commits to RCS files with non-trunk default branches.
1996-02-12 15:09:01 +00:00