2017-08-29 Steve Ellcey * grp/initgroups.c: Include config.h. (DEFAULT_CONFIG): New macro. (internal_getgrouplist): Use DEFAULT_CONFIG. * nscd/initgrcache.c (addinitgroupsX): Likewise. * nss/nsswitch.c (__nss_disable_nscd): Likewise. (DEFAULT_DEFCONFIG): New macro. (__nss_database_lookup): Use DEFAULT_DEFCONFIG. * nss/grp-lookup.c: Include config.h (DEFAULT_CONFIG): Set definition based on LINK_OBSOLETE_NSL. * nss/pwd-lookup.c (DEFAULT_CONFIG): Likewise. * nss/spwd-lookup.c (DEFAULT_CONFIG): Likewise. * manual/nss.texi: Update default values section. Index: glibc-2.26/grp/initgroups.c =================================================================== --- glibc-2.26.orig/grp/initgroups.c +++ glibc-2.26/grp/initgroups.c @@ -26,10 +26,16 @@ #include #include #include +#include #include "../nscd/nscd-client.h" #include "../nscd/nscd_proto.h" +#ifdef LINK_OBSOLETE_NSL +# define DEFAULT_CONFIG "compat [NOTFOUND=return] files" +#else +# define DEFAULT_CONFIG "files" +#endif /* Type of the lookup function. */ typedef enum nss_status (*initgroups_dyn_function) (const char *, gid_t, @@ -84,7 +90,7 @@ internal_getgrouplist (const char *user, &__nss_initgroups_database) < 0) { if (__nss_group_database == NULL) - no_more = __nss_database_lookup ("group", NULL, "compat files", + no_more = __nss_database_lookup ("group", NULL, DEFAULT_CONFIG, &__nss_group_database); __nss_initgroups_database = __nss_group_database; Index: glibc-2.26/manual/nss.texi =================================================================== --- glibc-2.26.orig/manual/nss.texi +++ glibc-2.26/manual/nss.texi @@ -318,13 +318,17 @@ The @code{passwd}, @code{group}, and @co traditionally handled in a special way. The appropriate files in the @file{/etc} directory are read but if an entry with a name starting with a @code{+} character is found NIS is used. This kind of lookup -remains possible by using the special lookup service @code{compat} -and the default value for the three databases above is -@code{compat [NOTFOUND=return] files}. +remains possible if @theglibc{} was configured with the +@code{--enable-obsolete-nsl} option and the special lookup service +@code{compat} is used. If @theglibc{} was configured with the +@code{--enable-obsolete-nsl} option the default value for the three +databases above is @code{compat [NOTFOUND=return] files}. If the +@code{--enable-obsolete-nsl} option was not used the default value +for the services is @code{files}. -For all other databases the default value is -@code{nis [NOTFOUND=return] files}. This solution gives the best -chance to be correct since NIS and file based lookups are used. +For all other databases the default value is @code{files} unless +@theglibc{} was configured with @code{--enable-obsolete-rpc} option, in +which case it the default value is @code{nis [NOTFOUND=return] files}. @cindex optimizing NSS A second point is that the user should try to optimize the lookup Index: glibc-2.26/nscd/initgrcache.c =================================================================== --- glibc-2.26.orig/nscd/initgrcache.c +++ glibc-2.26/nscd/initgrcache.c @@ -25,6 +25,7 @@ #include #include #include +#include #include "dbg_log.h" #include "nscd.h" @@ -34,6 +35,11 @@ #include "../nss/nsswitch.h" +#ifdef LINK_OBSOLETE_NSL +# define DEFAULT_CONFIG "compat [NOTFOUND=return] files" +#else +# define DEFAULT_CONFIG "files" +#endif /* Type of the lookup function. */ typedef enum nss_status (*initgroups_dyn_function) (const char *, gid_t, @@ -85,8 +91,7 @@ addinitgroupsX (struct database_dyn *db, int no_more; if (group_database == NULL) - no_more = __nss_database_lookup ("group", NULL, - "compat [NOTFOUND=return] files", + no_more = __nss_database_lookup ("group", NULL, DEFAULT_CONFIG, &group_database); else no_more = 0; Index: glibc-2.26/nss/grp-lookup.c =================================================================== --- glibc-2.26.orig/nss/grp-lookup.c +++ glibc-2.26/nss/grp-lookup.c @@ -16,7 +16,13 @@ License along with the GNU C Library; if not, see . */ +#include + #define DATABASE_NAME group -#define DEFAULT_CONFIG "compat [NOTFOUND=return] files" +#ifdef LINK_OBSOLETE_NSL +# define DEFAULT_CONFIG "compat [NOTFOUND=return] files" +#else +# define DEFAULT_CONFIG "files" +#endif #include "XXX-lookup.c" Index: glibc-2.26/nss/nsswitch.c =================================================================== --- glibc-2.26.orig/nss/nsswitch.c +++ glibc-2.26/nss/nsswitch.c @@ -40,6 +40,15 @@ #include "nsswitch.h" #include "../nscd/nscd_proto.h" #include +#include + +#ifdef LINK_OBSOLETE_NSL +# define DEFAULT_CONFIG "compat [NOTFOUND=return] files" +# define DEFAULT_DEFCONFIG "nis [NOTFOUND=return] files" +#else +# define DEFAULT_CONFIG "files" +# define DEFAULT_DEFCONFIG "files" +#endif /* Prototypes for the local functions. */ static name_database *nss_parse_file (const char *fname) internal_function; @@ -151,8 +160,7 @@ __nss_database_lookup (const char *datab or null to use the most common default. */ if (*ni == NULL) { - *ni = nss_parse_service_list (defconfig - ?: "nis [NOTFOUND=return] files"); + *ni = nss_parse_service_list (defconfig ?: DEFAULT_DEFCONFIG); if (*ni != NULL) { /* Record the memory we've just allocated in defconfig_entries list, @@ -848,8 +856,8 @@ __nss_disable_nscd (void (*cb) (size_t, is_nscd = true; /* Find all the relevant modules so that the init functions are called. */ - nss_load_all_libraries ("passwd", "compat [NOTFOUND=return] files"); - nss_load_all_libraries ("group", "compat [NOTFOUND=return] files"); + nss_load_all_libraries ("passwd", DEFAULT_CONFIG); + nss_load_all_libraries ("group", DEFAULT_CONFIG); nss_load_all_libraries ("hosts", "dns [!UNAVAIL=return] files"); nss_load_all_libraries ("services", NULL); Index: glibc-2.26/nss/pwd-lookup.c =================================================================== --- glibc-2.26.orig/nss/pwd-lookup.c +++ glibc-2.26/nss/pwd-lookup.c @@ -16,7 +16,13 @@ License along with the GNU C Library; if not, see . */ +#include + #define DATABASE_NAME passwd -#define DEFAULT_CONFIG "compat [NOTFOUND=return] files" +#ifdef LINK_OBSOLETE_NSL +# define DEFAULT_CONFIG "compat [NOTFOUND=return] files" +#else +# define DEFAULT_CONFIG "files" +#endif #include "XXX-lookup.c" Index: glibc-2.26/nss/spwd-lookup.c =================================================================== --- glibc-2.26.orig/nss/spwd-lookup.c +++ glibc-2.26/nss/spwd-lookup.c @@ -16,8 +16,14 @@ License along with the GNU C Library; if not, see . */ +#include + #define DATABASE_NAME shadow #define ALTERNATE_NAME passwd -#define DEFAULT_CONFIG "compat [NOTFOUND=return] files" +#ifdef LINK_OBSOLETE_NSL +# define DEFAULT_CONFIG "compat [NOTFOUND=return] files" +#else +# define DEFAULT_CONFIG "files" +#endif #include "XXX-lookup.c"