[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

name service switch interface broken + incompatible

From: matthias . andree
Subject: name service switch interface broken + incompatible
Date: Wed, 8 Jan 2003 13:29:59 +0100 (CET)

>Submitter-Id:  net
>Originator:    Matthias Andree
  Matthias Andree
>Confidential:  no
>Synopsis:      name service switch interface broken + incompatible
>Severity:      critical 
>Priority:      medium 
>Category:      libc
>Class:         sw-bug 
>Release:       libc-2.2.5
Host type: i486-suse-linux-gnu
System: Linux merlin 2.4.19-4GB #1 Wed Nov 27 00:56:53 UTC 2002 i686 unknown
Architecture: i686

Addons: db db2 linuxthreads noversion
Build CFLAGS: -O2 -mcpu=i686 -march=i686 -g
Build CC: gcc
Compiler version: 3.2
Kernel headers: 2.4.19
Symbol versioning: yes
Build static: yes
Build shared: yes
Build pic-default: no
Build profile: yes
Build omitfp: no
Build bounded: no
Build static-nss: no
Stdio: libio

The name service switch interface and configuration file are broken and
not compatible with Solaris', it does not offer the "forever" action. (I
only looked at Solaris 8.)

glibc offers name service queries for several types of data, among this
the user data base, and allows for NIS service. NIS services can fail at
any time when the ypbind client is down or has lost its binding because
the NIS server is down.

However, the nsswitch.conf interface only allows to configure "continue"
and "return" actions, it does not not support the Solaris "forever"
actions which would be needed for RELIABLE nis operation.

The problem is that applications using getpwnam(3) get back a "not
found" result when in fact the result should be "unknown". From the
application's point of view, these are false negatives, and can for
example give cause to FALSE mail bounces in mail software such as
sendmail or Postfix.

The getpwnam() function must only return ultimate and permanent results,
it must not return temporary results because the interface only supports
permanent results.

See the how-to-repeat section for more "description".

A fix suggestion is below.

Set up a NIS environment, have a user "example" that is only available in NIS
passwd.by* but not in the local /etc/passwd or in other services, kill
nscd, and query for the user:

$ id example
uid=12345(example) gid=12345(example)

Then kill the NIS server and retry:

$ id example
do_ypcall: clnt_call: RPC: Unable to receive; errno = Connection refused
id: nbin: No such user

On Solaris, the latter will wait until the NIS server is back up.
The fix (credits to Wietse Venema and to Solaris' nsswitch.conf(4) man
page) is a two-stage approach:

1. extend the nsswitch.conf configuration so it allows for a "forever" action

2. make TRYAGAIN=forever the default for "compat", "nis" and "nisplus"
   and similar services.

This will enhance Solaris 8 compatibility.

This way, temporary errors ("soft errors") will never get propagated to
the application, but the application will always have proper results and
no false negatives, so for example mail software will never cause false
mail bounces because the NIS server is down. Think "NFS hard mount" if
you like.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]