rpm/glibc
SHA256
1
0
Fork 0
forked from pool/glibc
Code Pull Requests Activity
787f325423
glibc/remove-nss-nis-compat.patch
Andreas Schwab 657e98f770 Accepting request 519891 from home:Andreas_Schwab:Factory 
- Disable obsolete libnsl and NIS support
- remove-nss-nis-compat.patch: remove nis and compat from default NSS
  configs
- nsswitch.conf: Likewise

OBS-URL: https://build.opensuse.org/request/show/519891
OBS-URL: https://build.opensuse.org/package/show/Base:System/glibc?expand=0&rev=473
2017-08-31 09:37:22 +00:00

208 lines
7.1 KiB
Diff
Raw Blame History

2017-08-29 Steve Ellcey <sellcey@cavium.com>
* grp/initgroups.c: Include config.h.
(DEFAULT_CONFIG): New macro.
(internal_getgrouplist): Use DEFAULT_CONFIG.
* nscd/initgrcache.c (addinitgroupsX): Likewise.
* nss/nsswitch.c (__nss_disable_nscd): Likewise.
(DEFAULT_DEFCONFIG): New macro.
(__nss_database_lookup): Use DEFAULT_DEFCONFIG.
* nss/grp-lookup.c: Include config.h
(DEFAULT_CONFIG): Set definition based on LINK_OBSOLETE_NSL.
* nss/pwd-lookup.c (DEFAULT_CONFIG): Likewise.
* nss/spwd-lookup.c (DEFAULT_CONFIG): Likewise.
* manual/nss.texi: Update default values section.
Index: glibc-2.26/grp/initgroups.c
===================================================================
--- glibc-2.26.orig/grp/initgroups.c
+++ glibc-2.26/grp/initgroups.c
@@ -26,10 +26,16 @@
#include <sys/types.h>
#include <nsswitch.h>
#include <scratch_buffer.h>
+#include <config.h>
#include "../nscd/nscd-client.h"
#include "../nscd/nscd_proto.h"
+#ifdef LINK_OBSOLETE_NSL
+# define DEFAULT_CONFIG "compat [NOTFOUND=return] files"
+#else
+# define DEFAULT_CONFIG "files"
+#endif
/* Type of the lookup function. */
typedef enum nss_status (*initgroups_dyn_function) (const char *, gid_t,
@@ -84,7 +90,7 @@ internal_getgrouplist (const char *user,
&__nss_initgroups_database) < 0)
{
if (__nss_group_database == NULL)
- no_more = __nss_database_lookup ("group", NULL, "compat files",
+ no_more = __nss_database_lookup ("group", NULL, DEFAULT_CONFIG,
&__nss_group_database);
__nss_initgroups_database = __nss_group_database;
Index: glibc-2.26/manual/nss.texi
===================================================================
--- glibc-2.26.orig/manual/nss.texi
+++ glibc-2.26/manual/nss.texi
@@ -318,13 +318,17 @@ The @code{passwd}, @code{group}, and @co
traditionally handled in a special way. The appropriate files in the
@file{/etc} directory are read but if an entry with a name starting
with a @code{+} character is found NIS is used. This kind of lookup
-remains possible by using the special lookup service @code{compat}
-and the default value for the three databases above is
-@code{compat [NOTFOUND=return] files}.
+remains possible if @theglibc{} was configured with the
+@code{--enable-obsolete-nsl} option and the special lookup service
+@code{compat} is used. If @theglibc{} was configured with the
+@code{--enable-obsolete-nsl} option the default value for the three
+databases above is @code{compat [NOTFOUND=return] files}. If the
+@code{--enable-obsolete-nsl} option was not used the default value
+for the services is @code{files}.
-For all other databases the default value is
-@code{nis [NOTFOUND=return] files}. This solution gives the best
-chance to be correct since NIS and file based lookups are used.
+For all other databases the default value is @code{files} unless
+@theglibc{} was configured with @code{--enable-obsolete-rpc} option, in
+which case it the default value is @code{nis [NOTFOUND=return] files}.
@cindex optimizing NSS
A second point is that the user should try to optimize the lookup
Index: glibc-2.26/nscd/initgrcache.c
===================================================================
--- glibc-2.26.orig/nscd/initgrcache.c
+++ glibc-2.26/nscd/initgrcache.c
@@ -25,6 +25,7 @@
#include <unistd.h>
#include <sys/mman.h>
#include <scratch_buffer.h>
+#include <config.h>
#include "dbg_log.h"
#include "nscd.h"
@@ -34,6 +35,11 @@
#include "../nss/nsswitch.h"
+#ifdef LINK_OBSOLETE_NSL
+# define DEFAULT_CONFIG "compat [NOTFOUND=return] files"
+#else
+# define DEFAULT_CONFIG "files"
+#endif
/* Type of the lookup function. */
typedef enum nss_status (*initgroups_dyn_function) (const char *, gid_t,
@@ -85,8 +91,7 @@ addinitgroupsX (struct database_dyn *db,
int no_more;
if (group_database == NULL)
- no_more = __nss_database_lookup ("group", NULL,
- "compat [NOTFOUND=return] files",
+ no_more = __nss_database_lookup ("group", NULL, DEFAULT_CONFIG,
&group_database);
else
no_more = 0;
Index: glibc-2.26/nss/grp-lookup.c
===================================================================
--- glibc-2.26.orig/nss/grp-lookup.c
+++ glibc-2.26/nss/grp-lookup.c
@@ -16,7 +16,13 @@
License along with the GNU C Library; if not, see
<http://www.gnu.org/licenses/>. */
+#include <config.h>
+
#define DATABASE_NAME group
-#define DEFAULT_CONFIG "compat [NOTFOUND=return] files"
+#ifdef LINK_OBSOLETE_NSL
+# define DEFAULT_CONFIG "compat [NOTFOUND=return] files"
+#else
+# define DEFAULT_CONFIG "files"
+#endif
#include "XXX-lookup.c"
Index: glibc-2.26/nss/nsswitch.c
===================================================================
--- glibc-2.26.orig/nss/nsswitch.c
+++ glibc-2.26/nss/nsswitch.c
@@ -40,6 +40,15 @@
#include "nsswitch.h"
#include "../nscd/nscd_proto.h"
#include <sysdep.h>
+#include <config.h>
+
+#ifdef LINK_OBSOLETE_NSL
+# define DEFAULT_CONFIG "compat [NOTFOUND=return] files"
+# define DEFAULT_DEFCONFIG "nis [NOTFOUND=return] files"
+#else
+# define DEFAULT_CONFIG "files"
+# define DEFAULT_DEFCONFIG "files"
+#endif
/* Prototypes for the local functions. */
static name_database *nss_parse_file (const char *fname) internal_function;
@@ -151,8 +160,7 @@ __nss_database_lookup (const char *datab
or null to use the most common default. */
if (*ni == NULL)
{
- *ni = nss_parse_service_list (defconfig
- ?: "nis [NOTFOUND=return] files");
+ *ni = nss_parse_service_list (defconfig ?: DEFAULT_DEFCONFIG);
if (*ni != NULL)
{
/* Record the memory we've just allocated in defconfig_entries list,
@@ -848,8 +856,8 @@ __nss_disable_nscd (void (*cb) (size_t,
is_nscd = true;
/* Find all the relevant modules so that the init functions are called. */
- nss_load_all_libraries ("passwd", "compat [NOTFOUND=return] files");
- nss_load_all_libraries ("group", "compat [NOTFOUND=return] files");
+ nss_load_all_libraries ("passwd", DEFAULT_CONFIG);
+ nss_load_all_libraries ("group", DEFAULT_CONFIG);
nss_load_all_libraries ("hosts", "dns [!UNAVAIL=return] files");
nss_load_all_libraries ("services", NULL);
Index: glibc-2.26/nss/pwd-lookup.c
===================================================================
--- glibc-2.26.orig/nss/pwd-lookup.c
+++ glibc-2.26/nss/pwd-lookup.c
@@ -16,7 +16,13 @@
License along with the GNU C Library; if not, see
<http://www.gnu.org/licenses/>. */
+#include <config.h>
+
#define DATABASE_NAME passwd
-#define DEFAULT_CONFIG "compat [NOTFOUND=return] files"
+#ifdef LINK_OBSOLETE_NSL
+# define DEFAULT_CONFIG "compat [NOTFOUND=return] files"
+#else
+# define DEFAULT_CONFIG "files"
+#endif
#include "XXX-lookup.c"
Index: glibc-2.26/nss/spwd-lookup.c
===================================================================
--- glibc-2.26.orig/nss/spwd-lookup.c
+++ glibc-2.26/nss/spwd-lookup.c
@@ -16,8 +16,14 @@
License along with the GNU C Library; if not, see
<http://www.gnu.org/licenses/>. */
+#include <config.h>
+
#define DATABASE_NAME shadow
#define ALTERNATE_NAME passwd
-#define DEFAULT_CONFIG "compat [NOTFOUND=return] files"
+#ifdef LINK_OBSOLETE_NSL
+# define DEFAULT_CONFIG "compat [NOTFOUND=return] files"
+#else
+# define DEFAULT_CONFIG "files"
+#endif
#include "XXX-lookup.c"
View Git Blame Copy Permalink