NetBSD Problem Report #41896

From Wolfgang.Stukenbrock@nagler-company.com  Sun Aug 16 10:06:30 2009
Return-Path: <Wolfgang.Stukenbrock@nagler-company.com>
Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11])
	by www.NetBSD.org (Postfix) with ESMTP id 5DBFA63C284
	for <gnats-bugs@gnats.NetBSD.org>; Sun, 16 Aug 2009 10:06:30 +0000 (UTC)
Message-Id: <20090816100626.713CE4EA9FE@s012.nagler-company.com>
Date: Sun, 16 Aug 2009 12:06:26 +0200 (CEST)
From: Wolfgang.Stukenbrock@nagler-company.com
Reply-To: Wolfgang.Stukenbrock@nagler-company.com
To: gnats-bugs@gnats.NetBSD.org
Subject: yp-makefile ignores MINUSER setting for master.passwd file
X-Send-Pr-Version: 3.95

>Number:         41896
>Category:       bin
>Synopsis:       yp-makefile ignores MINUSER setting for master.passwd file
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    hauke
>State:          closed
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Aug 16 10:10:00 +0000 2009
>Closed-Date:    Fri Jul 19 11:46:01 +0000 2013
>Last-Modified:  Fri Jul 19 11:46:01 +0000 2013
>Originator:     Wolfgang Stukenbrock
>Release:        NetBSD 4.0
>Organization:
Dr. Nagler & Company GmbH

>Environment:


System: NetBSD s012 4.0 NetBSD 4.0 (NSW-S012) #9: Fri Mar 13 12:31:52 CET 2009 wgstuken@s012:/usr/src/sys/arch/amd64/compile/NSW-S012 amd64
Architecture: x86_64
Machine: amd64
>Description:
	The yp-makefile (/var/yp/Makefile.yp) has support to insert only user and group id's above a given value into the yp-maps.
	The required compare operateion is missing for the two master.passwd map files.
	It makes no sence to exclude theese ID's from the "normal" yp-map, but include it into the "root"-access only map.
	This can only end up with surprised users and inkonsisten system behaviour.

	The following fix will fix three other minor things too.
	The programs stdethers and stdhosts will output no comments lines at all. So it is useles to filter them out in a separate statement.
	The yp-makefile (/var/yp/Makefile.yp) has support to insert only user and group id's above a given value into the yp-maps.
	The required compare operateion is missing for the two master.passwd map files.
	It makes no sence to exclude theese ID's from the "normal" yp-map, but include it into the "root"-access only map.
	This can only end up with surprised users and inkonsisten system behaviour.

	The following fix will fix three other minor things too.
	The programs stdethers and stdhosts will output no comments lines at all. So it is useles to filter them out in a separate statement.
	It is even more senseless to to it for the .byaddr map and not for the .byname map or the other way round.
>How-To-Repeat:
	Setup a MINUID value and genere the password maps. The id's that should be excluded are still in the master.passwd maps.
>Fix:
	The following patch will fix the problem.
	Even in master.passwd.xx maps all uid's less MINUID gets excluded.
	The useless sed statemens for comment-filtereing are removed too.

--- Makefile.yp 2009/08/16 10:28:08     1.1
+++ Makefile.yp 2009/08/16 10:52:13
@@ -112,12 +112,14 @@   
 			${MAKEDBM} - passwd.byuid; \
 		fi; \
 		${CAT} ${.ALLSRC} | \
-		${AWK} 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \
-		{ print $$1, $$0 }' - | ${SORT} | \
+		${AWK} -v minuid=${MINUID} \
+		'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \
+		{ if (minuid <= $$3) print $$1, $$0 }' - | ${SORT} | \
 		${MAKEDBM_S} - master.passwd.byname; \
 		${CAT} ${.ALLSRC} | \
-		${AWK} 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \
-		{ print $$3, $$0 }' - | ${SORT} | \
+		${AWK} -v minuid=${MINUID} \
+		'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \
+		{ if (minuid <= $$3) print $$3, $$0 }' - | ${SORT} | \
 		${MAKEDBM_S} - master.passwd.byuid; \
 		${TOUCH} ${.TARGET}; \
 		${ECHO} "updated passwd"; \
@@ -198,7 +200,7 @@

 ethers.time: ${DIR}/ethers
 	-@if [ -f ${.ALLSRC} ]; then \
-		${STDETHERS} ${.ALLSRC} | ${SED} -e s/#.*$$// | \
+		${STDETHERS} ${.ALLSRC} | \
 		${AWK} 'BEGIN { FS="\t"; OFS="\t"; } { print $$1, $$0 }' | \
 		${SORT} | ${MAKEDBM} - ethers.byaddr; \
 		${STDETHERS} ${.ALLSRC} | \
@@ -257,7 +259,7 @@
 #
 hosts.time: ${DIR}/hosts
 	-@if [ -f ${.ALLSRC} ]; then \
-		${STDHOSTS} ${.ALLSRC} | ${SED} -e s/#.*$$// | \
+		${STDHOSTS} ${.ALLSRC} | \
 		${AWK} '{for (i = 2; i <= NF; i++) print $$i, $$0 }' | \
 		${SORT} | ${MAKEDBM} - hosts.byname; \
 		${STDHOSTS} ${.ALLSRC} | \
@@ -279,7 +281,7 @@

 ipnodes.time: ${DIR}/hosts
 	-@if [ -f ${.ALLSRC} ]; then \
-		${STDHOSTS} -n ${.ALLSRC} | ${SED} -e s/#.*$$// | \
+		${STDHOSTS} -n ${.ALLSRC} | \
 		${AWK} '{for (i = 2; i <= NF; i++) print $$i, $$0 }' | \
 		${SORT} | ${MAKEDBM} - ipnodes.byname; \
 		${STDHOSTS} -n ${.ALLSRC} | \

>Release-Note:

>Audit-Trail:

Responsible-Changed-From-To: bin-bug-people->hauke
Responsible-Changed-By: hauke@NetBSD.org
Responsible-Changed-When: Fri, 19 Jul 2013 11:39:53 +0000
Responsible-Changed-Why:
"I'll take this, my lad."


From: "Hauke Fath" <hauke@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/41896 CVS commit: src/usr.sbin/ypserv/ypinit
Date: Fri, 19 Jul 2013 11:44:51 +0000

 Module Name:	src
 Committed By:	hauke
 Date:		Fri Jul 19 11:44:51 UTC 2013

 Modified Files:
 	src/usr.sbin/ypserv/ypinit: Makefile.yp

 Log Message:
 Commit the patches in Wolfgang Stukenbrock's PR bin/41896.

 (1) Do not serve UIDs below MINUID in master.passwd.* maps,
 just like in passwd.* maps.

 (2) Since stdethers(8) and stdhosts(8) strip comments, we do
 not have to do it here, much less inconsistently.


 To generate a diff of this commit:
 cvs rdiff -u -r1.21 -r1.22 src/usr.sbin/ypserv/ypinit/Makefile.yp

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

State-Changed-From-To: open->closed
State-Changed-By: hauke@NetBSD.org
State-Changed-When: Fri, 19 Jul 2013 11:46:01 +0000
State-Changed-Why:
I committed the patch in the PR.

Thanks for submitting this PR!


>Unformatted:

Home	PR Database Search